From 887e2a70f3001b072bcd74e35630601d18e66033 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Mar 2021 23:00:22 +0100 Subject: [PATCH 0001/1065] Separate issue templates for bugs and enhancements Mostly reuse the existing issue template, but with separate template for bug reports and feature requests. I made some minor tweaks to the presentation which should hopefully reduce the propensity of users to side-step the template rather than fill it in. In particular, most users should usually not need to remove any parts. I removed specific mentions of Mbed OS since the Mbed TLS project is no longer tightly associated with Mbed OS. I removed "Peer device TLS stack and version" because that's rarely relevant and, in my experience, is mentioned when relevant. Signed-off-by: Gilles Peskine --- .github/ISSUE_TEMPLATE/bug_report.md | 35 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 17 +++++++++++ 2 files changed, 52 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000000..b9f146808a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,35 @@ +--- +name: Bug report +about: To report a bug, please fill this form. +title: '' +labels: '' +assignees: '' + +--- + +### Summary + + + +### System information + +Mbed TLS version (number or commit id): +Operating system and version: +Configuration (if not default, please attach `config.h`): +Compiler and options (if you used a pre-built binary, please indicate how you obtained it): +Additional environment information: + +### Expected behavior + + + +### Actual behavior + + + +### Steps to reproduce + + + +### Additional information + diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000000..3b515137b2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,17 @@ +--- +name: Enhancement request +about: To request an enhancement, please fill this form. +title: '' +labels: '' +assignees: '' + +--- + +### Suggested enhancement + + + +### Justification + +Mbed TLS needs this because + From 49c700a026d4dce2fc626494d027b0b49a7c34dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Mar 2021 23:05:17 +0100 Subject: [PATCH 0002/1065] Mandate the use of a template Signed-off-by: Gilles Peskine --- .github/ISSUE_TEMPLATE/config.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/ISSUE_TEMPLATE/config.yml diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000000..3ba13e0cec --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1 @@ +blank_issues_enabled: false From 32b73c5052bda8832ac6652f094cc5fc575de188 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Mar 2021 23:05:38 +0100 Subject: [PATCH 0003/1065] Add contact links for reporting a vulnerability and for support Signed-off-by: Gilles Peskine --- .github/ISSUE_TEMPLATE/config.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 3ba13e0cec..63076f4057 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1 +1,8 @@ blank_issues_enabled: false +contact_links: + - name: Mbed TLS security team + url: mailto:mbed-tls-security@lists.trustedfirmware.org + about: Report a security vulnerability. + - name: Mbed TLS mailing list + url: https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls + about: Mbed TLS community support and general discussion. From 07cdaf11f2f865eb15907e1199710406d73ebcff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Mar 2021 23:07:47 +0100 Subject: [PATCH 0004/1065] Remove the old issue template We have separate templates for bug reports and feature requests now. Signed-off-by: Gilles Peskine --- .github/issue_template.md | 46 --------------------------------------- 1 file changed, 46 deletions(-) delete mode 100644 .github/issue_template.md diff --git a/.github/issue_template.md b/.github/issue_template.md deleted file mode 100644 index 370066f486..0000000000 --- a/.github/issue_template.md +++ /dev/null @@ -1,46 +0,0 @@ -_Note:_ this is a template, please remove the parts that are not -applicable (these initial notes, and the "Bug" section for a Feature request -and vice-versa). - -**Note:** to report a security vulnerability, see -[SECURITY.md](../SECURITY.md). Please do not use github issues for -vulnerabilities. - -_Note:_ to get support, see [SUPPORT.md](../SUPPORT.md). Please do not use -github issues for questions. - ---------------------------------------------------------------- -### Description -- Type: Bug | Enhancement / Feature Request -- Priority: Blocker | Major | Minor - ---------------------------------------------------------------- -## Bug - -**OS** -Mbed OS|linux|windows| - -**mbed TLS build:** -Version: x.x.x or git commit id -OS version: x.x.x -Configuration: please attach config.h file where possible -Compiler and options (if you used a pre-built binary, please indicate how you obtained it): -Additional environment information: - -**Peer device TLS stack and version** -OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other -Version: - -**Expected behavior** - -**Actual behavior** - -**Steps to reproduce** - ----------------------------------------------------------------- -## Enhancement / Feature Request - -**Suggested enhancement** - -**Justification - why does the library need this feature?** - From 494dc71de8aa461fb44ba7af7f44eecc3a6dd02a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 15:08:51 +0100 Subject: [PATCH 0005/1065] Remove mbedtls_ssl_get_session_pointer() Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 18 ------------------ library/ssl_tls.c | 8 -------- programs/ssl/ssl_client2.c | 21 ++++++++++++++++++--- 3 files changed, 18 insertions(+), 29 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b9b2e045f3..98b873beae 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2433,7 +2433,6 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, * of session cache or session tickets. * * \see mbedtls_ssl_session_load() - * \see mbedtls_ssl_get_session_pointer() * * \param session The session structure to be saved. * \param buf The buffer to write the serialized data to. It must be a @@ -2456,23 +2455,6 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, size_t buf_len, size_t *olen ); -/** - * \brief Get a pointer to the current session structure, for example - * to serialize it. - * - * \warning Ownership of the session remains with the SSL context, and - * the returned pointer is only guaranteed to be valid until - * the next API call operating on the same \p ssl context. - * - * \see mbedtls_ssl_session_save() - * - * \param ssl The SSL context. - * - * \return A pointer to the current session if successful. - * \return \c NULL if no session is active. - */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); - /** * \brief Set the list of allowed ciphersuites and the preference * order. First in the list has the highest preference. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..1decc9fce5 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4801,14 +4801,6 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_CLI_C */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ) -{ - if( ssl == NULL ) - return( NULL ); - - return( ssl->session ); -} - /* * Define ticket header determining Mbed TLS version * and structure of the ticket. diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 24c859e388..eac6356255 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2224,6 +2224,8 @@ int main( int argc, char *argv[] ) if( opt.reco_mode == 1 ) { + mbedtls_ssl_session exported_session; + /* free any previously saved data */ if( session_data != NULL ) { @@ -2232,27 +2234,40 @@ int main( int argc, char *argv[] ) session_data = NULL; } + mbedtls_ssl_session_init( &exported_session ); + ret = mbedtls_ssl_get_session( &ssl, &exported_session ); + if( ret != 0 ) + { + mbedtls_printf( + "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n", + (unsigned) -ret ); + goto exit; + } + /* get size of the buffer needed */ - mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - NULL, 0, &session_data_len ); + mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len ); session_data = mbedtls_calloc( 1, session_data_len ); if( session_data == NULL ) { mbedtls_printf( " failed\n ! alloc %u bytes for session data\n", (unsigned) session_data_len ); + mbedtls_ssl_session_free( &exported_session ); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } /* actually save session data */ - if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), + if( ( ret = mbedtls_ssl_session_save( &exported_session, session_data, session_data_len, &session_data_len ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", (unsigned int) -ret ); + mbedtls_ssl_session_free( &exported_session ); goto exit; } + + mbedtls_ssl_session_free( &exported_session ); } else { From e810bbc1aca89b9775f7a78535f21eb154026fa6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 16:01:05 +0100 Subject: [PATCH 0006/1065] Implement 3.0-semantics for mbedtls_ssl_{get,set}_session() mbedtls_ssl_{get,set}_session() exhibited idempotent behaviour in Mbed TLS 2.x. Multiple calls to those functions are not useful in TLS 1.2, and the idempotent nature is unsuitable for support of TLS 1.3 which introduces the availabilty to offer multiple tickets for resumption, as well as receive multiple tickets. In preparation for TLS 1.3 support, this commit relaxes the semantics of `mbedtls_ssl_{get,set}_session()` by allowing implementations to fail gracefully, and leveraging this freedom by modifying the existing TLS 1.2 implementation to only accept one call to `mbedtls_ssl_{get,set}_session()` per context, and non-fatally failing all subsequent invocations. For TLS 1.3, it will be leveraged by making multiple calls to `mbedtls_ssl_get_session()` issue one ticket a time until no more tickets are available, and by using multiple calls to `mbedtls_ssl_set_session()` to allow the client to offer multiple tickets to the server. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 96 +++++++++++++++++++++++++++++++------------ library/ssl_tls.c | 27 +++++++++++- 2 files changed, 95 insertions(+), 28 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 98b873beae..6fa380d499 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -897,6 +897,8 @@ struct mbedtls_ssl_session unsigned char id[32]; /*!< session identifier */ unsigned char master[48]; /*!< the master secret */ + unsigned char exported; + #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ @@ -2373,18 +2375,49 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_CLI_C) /** - * \brief Request resumption of session (client-side only) - * Session data is copied from presented session structure. + * \brief Load a session for session resumption. * - * \param ssl SSL context - * \param session session context + * Sessions loaded through this call will be considered + * for session resumption in the next handshake. * - * \return 0 if successful, - * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid + * \note Even if this call succeeds, it is not guaranteed that + * the next handshake will indeed be shortened through the + * use of session resumption: The server is always free + * to reject any attempt for resumption and fall back to + * a full handshake. + * + * \note The mechanism of session resumption is opaque to this + * call: For TLS 1.2, both session ID-based resumption and + * ticket-based resumption will be considered. For TLS 1.3, + * once implemented, sessions equate to tickets, and loading + * one or more sessions via this call will lead to their + * corresponding tickets being advertised as resumption PSKs + * by the client. + * + * \note Calling this function multiple times will only be useful + * once TLS 1.3 is supported. For TLS 1.2 connections, this + * function should be called at most once. + * + * \param ssl The SSL context representing the connection which should + * be attempted to be setup using session resumption. This + * must be initialized via mbedtls_ssl_init() and bound to + * an SSL configuration via mbedtls_ssl_setup(), but + * the handshake must not yet have been started. + * \param session The session to be considered for session resumption. + * This must be a session previously exported via + * mbedtls_ssl_get_session(), and potentially serialized and + * deserialized through mbedtls_ssl_session_save() and + * mbedtls_ssl_session_load() in the meantime. + * + * \return \c 0 if successful. + * \return \c MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the session + * could not be loaded because of an implementation limitation. + * This error is non-fatal, and has no observable effect on + * the SSL context or the session that was attempted to be loaded. + * \return Another negative error code on other kinds of failure. * * \sa mbedtls_ssl_get_session() + * \sa mbedtls_ssl_session_load() */ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); #endif /* MBEDTLS_SSL_CLI_C */ @@ -3677,32 +3710,41 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss #if defined(MBEDTLS_SSL_CLI_C) /** - * \brief Save session in order to resume it later (client-side only) - * Session data is copied to presented session structure. + * \brief Export a session in order to resume it later. * + * \param ssl The SSL context representing the connection for which to + * to export a session structure for later resumption. + * \param session The target structure in which to store the exported session. + * This must have been initialized with mbedtls_ssl_init_session() + * but otherwise be unused. * - * \param ssl SSL context - * \param session session context + * \note The mechanism of session resumption is opaque to this + * call: For TLS 1.2, both session ID-based resumption and + * ticket-based resumption will be considered. For TLS 1.3, + * once implemented, sessions equate to tickets, and calling + * this function multiple times will export the available + * tickets one a time until no further tickets are available, + * in which case MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE will + * be returned. * - * \return 0 if successful, - * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid. + * \note Calling this function multiple times will only be useful + * once TLS 1.3 is supported. For TLS 1.2 connections, this + * function should be called at most once. * - * \note Only the server certificate is copied, and not the full chain, - * so you should not attempt to validate the certificate again - * by calling \c mbedtls_x509_crt_verify() on it. - * Instead, you should use the results from the verification - * in the original handshake by calling \c mbedtls_ssl_get_verify_result() - * after loading the session again into a new SSL context - * using \c mbedtls_ssl_set_session(). - * - * \note Once the session object is not needed anymore, you should - * free it by calling \c mbedtls_ssl_session_free(). + * \return \c 0 if successful. In this case, \p session can be used for + * session resumption by passing it to mbedtls_ssl_set_session(), + * and serialized for storage via mbedtls_ssl_session_save(). + * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no further session + * is available for export. + * This error is a non-fatal, and has no observable effect on + * the SSL context or the destination session. + * \return Another negative error code on other kinds of failure. * * \sa mbedtls_ssl_set_session() + * \sa mbedtls_ssl_session_save() */ -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); +int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, + mbedtls_ssl_session *session ); #endif /* MBEDTLS_SSL_CLI_C */ /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1decc9fce5..6e32b564ed 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3788,6 +3788,9 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } + if( ssl->handshake->resume == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate, session ) ) != 0 ) return( ret ); @@ -4789,6 +4792,8 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *dst ) { + int ret; + if( ssl == NULL || dst == NULL || ssl->session == NULL || @@ -4797,7 +4802,27 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - return( mbedtls_ssl_session_copy( dst, ssl->session ) ); + /* Since Mbed TLS 3.0, mbedtls_ssl_get_session() is no longer + * idempotent: Each session can only be exported once. + * + * (This is in preparation for TLS 1.3 support where we will + * need the ability to export multiple sessions (aka tickets), + * which will be achieved by calling mbedtls_ssl_get_session() + * multiple times until it fails.) + * + * Check whether we have already exported the current session, + * and fail if so. + */ + if( ssl->session->exported == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + ret = mbedtls_ssl_session_copy( dst, ssl->session ); + if( ret != 0 ) + return( ret ); + + /* Remember that we've exported the session. */ + ssl->session->exported = 1; + return( 0 ); } #endif /* MBEDTLS_SSL_CLI_C */ From 548b136e8f974f0fdee4a27f3c266beea0349535 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 16:09:15 +0100 Subject: [PATCH 0007/1065] Add migration guide for removal of mbedtls_ssl_get_session_pointer() Signed-off-by: Hanno Becker --- .../remove-ssl-get-session_pointer.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md diff --git a/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md new file mode 100644 index 0000000000..a4a4895a8f --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md @@ -0,0 +1,23 @@ +Remove the SSL API mbedtls_ssl_get_session_pointer() +----------------------------------------------------------------- + +This affects two classes of users: + +1. Users who manually inspect parts of the current session through + direct structure field access. + +2. Users of session resumption who query the current session + via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting + it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`, + respectively. + +Migration paths: + +1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many + other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no + longer part of the public API in Mbed TLS 3.0, and direct structure field + access is no longer supported. Please see the corresponding migration guide. + +2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by + calls to `mbedtls_ssl_get_session()` as demonstrated in the example + program `programs/ssl/ssl_client2.c`. From 699d4d7df75161dc5b35d67db9ebbbaaee9cae6e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 16:21:36 +0100 Subject: [PATCH 0008/1065] Add migration guide for new SSL ticket API Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/ssl-ticket-api.md | 30 ++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 docs/3.0-migration-guide.d/ssl-ticket-api.md diff --git a/docs/3.0-migration-guide.d/ssl-ticket-api.md b/docs/3.0-migration-guide.d/ssl-ticket-api.md new file mode 100644 index 0000000000..ce95e2f24b --- /dev/null +++ b/docs/3.0-migration-guide.d/ssl-ticket-api.md @@ -0,0 +1,30 @@ +Modified semantics of mbedtls_ssl_{get,set}_session() +----------------------------------------------------------------- + +This affects users who call `mbedtls_ssl_get_session()` or +`mbedtls_ssl_session_set()` multiple times on the same SSL context +representing an established TLS 1.2 connection. +Those users will now observe the second call to fail with +`MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`. + +Migration path: +- Exporting the same TLS 1.2 connection multiple times via + `mbedtls_ssl_get_session()` leads to multiple copies of + the same session. This use of `mbedtls_ssl_get_session()` + is discouraged, and the following should be considered: + * If the various session copies are later loaded into + fresh SSL contexts via `mbedtls_ssl_set_session()`, + export via `mbedtls_ssl_get_session()` only once and + load the same session into different contexts via + `mbedtls_ssl_set_session()`. Since `mbedtls_ssl_set_session()` + makes a copy of the session that's being loaded, this + is functionally equivalent. + * If the various session copies are later serialized + via `mbedtls_ssl_session_save()`, export and serialize + the session only once via `mbedtls_ssl_get_session()` and + `mbedtls_ssl_session_save()` and make copies of the raw + data instead. +- Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x + is not useful since subsequent calls overwrite the effect of previous + calls. Applications achieve equivalent functional behaviour by + issuing only the very last call to `mbedtls_ssl_set_session()`. From 5ca21db813894628586568fc6d53e08fa5cbafa5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 17 May 2021 12:28:08 +0200 Subject: [PATCH 0009/1065] Fix misuse of MD API in SSL constant-flow HMAC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The sequence of calls starts-update-starts-update-finish is not a guaranteed valid way to abort an operation and start a new one. Our software implementation just happens to support it, but alt implementations may very well not support it. Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/fix-ssl-cf-hmac-alt.txt | 5 +++++ library/ssl_msg.c | 3 +++ 2 files changed, 8 insertions(+) create mode 100644 ChangeLog.d/fix-ssl-cf-hmac-alt.txt diff --git a/ChangeLog.d/fix-ssl-cf-hmac-alt.txt b/ChangeLog.d/fix-ssl-cf-hmac-alt.txt new file mode 100644 index 0000000000..57ffa02e2a --- /dev/null +++ b/ChangeLog.d/fix-ssl-cf-hmac-alt.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites + (when the encrypt-then-MAC extension is not in use) with some ALT + implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing + the affected side to wrongly reject valid messages. Fixes #4118. diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 3956a67d27..55623ccb30 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -1164,6 +1164,9 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac( MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) ); } + /* The context needs to finish() before it starts() again */ + MD_CHK( mbedtls_md_finish( ctx, aux_out ) ); + /* Now compute HASH(okey + inner_hash) */ MD_CHK( mbedtls_md_starts( ctx ) ); MD_CHK( mbedtls_md_update( ctx, okey, block_size ) ); From 2c09c9bca97dcbe42e0b8f2d6f5c00f1c94099c4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 14 May 2021 22:20:10 +0200 Subject: [PATCH 0010/1065] Introduce MBEDTLS_PRIVATE macro. Public structs members are considered private and should not be used by users application. MBEDTLS_PRIVATE(member) macro is intended to clearly indicate which members are private. Signed-off-by: Mateusz Starzyk --- include/mbedtls/private_access.h | 32 +++++++++++++++++++++++ library/common.h | 7 +++++ library/psa_crypto_driver_wrappers.c | 1 + tests/include/test/helpers.h | 2 ++ tests/src/drivers/test_driver_aead.c | 2 ++ tests/src/drivers/test_driver_cipher.c | 2 ++ tests/src/drivers/test_driver_signature.c | 2 ++ tests/suites/helpers.function | 2 ++ tests/suites/main_test.function | 8 ------ 9 files changed, 50 insertions(+), 8 deletions(-) create mode 100644 include/mbedtls/private_access.h diff --git a/include/mbedtls/private_access.h b/include/mbedtls/private_access.h new file mode 100644 index 0000000000..98d3419f66 --- /dev/null +++ b/include/mbedtls/private_access.h @@ -0,0 +1,32 @@ + /** + * \file private_access.h + * + * \brief Macro wrapper for struct's memebrs. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_PRIVATE_ACCESS_H +#define MBEDTLS_PRIVATE_ACCESS_H + +#ifndef MBEDTLS_ALLOW_PRIVATE_ACCESS +#define MBEDTLS_PRIVATE(member) private_##member +#else +#define MBEDTLS_PRIVATE(member) member +#endif + +#endif /* MBEDTLS_PRIVATE_ACCESS_H */ diff --git a/library/common.h b/library/common.h index 5845766ac1..c31ac1e1c6 100644 --- a/library/common.h +++ b/library/common.h @@ -50,4 +50,11 @@ #define MBEDTLS_STATIC_TESTABLE static #endif +/** Allow library to access it's structs' private members. + * + * Although structs defined in header files are publicly available, + * their members are private and should not be accessed by the user. + */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index f61e5ebbe6..19260c45ef 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -19,6 +19,7 @@ * limitations under the License. */ +#include "common.h" #include "psa_crypto_aead.h" #include "psa_crypto_cipher.h" #include "psa_crypto_core.h" diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 9bfe08547c..0f82a90406 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -25,6 +25,8 @@ #ifndef TEST_HELPERS_H #define TEST_HELPERS_H +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 25396c92f5..a147163241 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -23,6 +23,8 @@ #include MBEDTLS_CONFIG_FILE #endif +#include + #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_aead.h" diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index a415dd812b..4827946b07 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -24,6 +24,8 @@ #include MBEDTLS_CONFIG_FILE #endif +#include + #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_cipher.h" diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 14de8318e9..fdfba165fa 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -25,6 +25,8 @@ #include MBEDTLS_CONFIG_FILE #endif +#include + #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 2ef07fa62b..ca03532ba2 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -2,6 +2,8 @@ /*----------------------------------------------------------------------------*/ /* Headers */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include #include diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index ac00f45e57..62a6678219 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -29,14 +29,6 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_TEST_HOOKS) -#include "mbedtls/error.h" -#endif - /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is From 0d41abbde61e40ab00ac512f16340262640ba6fb Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 12 May 2021 14:48:40 +0200 Subject: [PATCH 0011/1065] Introduce scripts automating wrapping structs members with MBEDTLS_PRIVATE. Usage: run setup_and_run_MBEDTLS_PRIVATE.sh Signed-off-by: Mateusz Starzyk --- apply_MBEDTLS_PRIVATE.py | 84 ++++++++++++++++++++++++++++++++ setup_and_run_MBEDTLS_PRIVATE.sh | 10 ++++ 2 files changed, 94 insertions(+) create mode 100644 apply_MBEDTLS_PRIVATE.py create mode 100755 setup_and_run_MBEDTLS_PRIVATE.sh diff --git a/apply_MBEDTLS_PRIVATE.py b/apply_MBEDTLS_PRIVATE.py new file mode 100644 index 0000000000..4160287f22 --- /dev/null +++ b/apply_MBEDTLS_PRIVATE.py @@ -0,0 +1,84 @@ +import re +import fileinput +import glob +import pprint +import os +import xml.etree.ElementTree as ET + + +files_to_visit = {} + +struct_files = glob.glob("apidoc/xml/structmbedtls*.xml") + glob.glob("apidoc/xml/structpsa*.xml") + +for struct_file in struct_files: + struct_file_tree = ET.parse(struct_file) + all_struct_members_definitions = struct_file_tree.getroot().findall(".//memberdef[@kind='variable']") + + # Create dictionary with following structre + # "filepath" : { "variable_name1": (1, 2, 40, 61), # line numbers + # "variable_name2": (60, 64), + # } + for struct_member_def in all_struct_members_definitions: + # find file path for this variable + member_id = struct_member_def.attrib["id"] + location = struct_member_def.find("location") + file_path = location.attrib["file"] + variable_name = struct_member_def.find("name").text + # if path not yet in dictionary, create empty record to initialize + if file_path not in files_to_visit: + files_to_visit[file_path] = {} + # if variable is not yet in this file's dictionary, create empty set to initialize + if variable_name not in files_to_visit[file_path]: + files_to_visit[file_path][variable_name] = set() + + # add variable definition + files_to_visit[file_path][variable_name].add(int(location.attrib["line"])) + + # check where the variable was referenced + references = struct_member_def.findall("referencedby") + for reference in references: + refid = reference.attrib["refid"] + # assuming that compound name is related to header's xml file + header_file = "apidoc/xml/" + reference.attrib["compoundref"] + ".xml" + header_file_tree = ET.parse(header_file) + # check if this reference is created by static inline function + static_inline_function_definition = header_file_tree.getroot().find(f".//memberdef[@id='{refid}'][@kind='function'][@static='yes'][@inline='yes']") + if static_inline_function_definition: + static_inline_function_file_path = static_inline_function_definition.find("location").attrib["file"] + # if path not yet in dictionary, create empty record to initialize. + # This could happen if reference is inside header file which was not yet processed in search for variable definitions + if static_inline_function_file_path not in files_to_visit: + files_to_visit[static_inline_function_file_path] = {} + # if variable is not yet in this file's dictionary, create empty set to initialize + if variable_name not in files_to_visit[static_inline_function_file_path]: + files_to_visit[static_inline_function_file_path][variable_name] = set() + # function block scope + function_lines_from = int(reference.attrib["startline"]) + function_lines_to = int(reference.attrib["endline"]) + # find codelines referencing struct's variable + codelines_xml = header_file_tree.getroot().findall(f".//ref[@refid='{member_id}']/../..") + # filter by function's scope + codelines = [int(line.attrib["lineno"]) for line in codelines_xml if int(line.attrib["lineno"]) >= function_lines_from and int(line.attrib["lineno"]) <= function_lines_to] + # add variable reference + files_to_visit[static_inline_function_file_path][variable_name].update(codelines) + +pp = pprint.PrettyPrinter(indent=4) +pp.pprint(files_to_visit) + +for file_path, variables in files_to_visit.items(): + with fileinput.FileInput(file_path, inplace=True) as file: + output_line_number = 1 + re_include_guard = re.compile(r"^#define.*{name}$".format(name=os.path.basename(file_path).replace('.','_').upper())) + for line in file: + insert_allow_private_include = False + if re_include_guard.match(line): + insert_allow_private_include = True + for variable, var_lines in variables.items(): + for var_line in var_lines: + if output_line_number == var_line: + line = re.sub(r"(^.*?\W+)({var})(\W+.*$)".format(var=variable), r"\1MBEDTLS_PRIVATE(\2)\3", line) + output_line_number += 1 + print(line, end='') # fileinput redirects stdout to the target file + if insert_allow_private_include: + insert_allow_private_include = False + print("#include \"mbedtls/private_access.h\"") diff --git a/setup_and_run_MBEDTLS_PRIVATE.sh b/setup_and_run_MBEDTLS_PRIVATE.sh new file mode 100755 index 0000000000..9a0e599790 --- /dev/null +++ b/setup_and_run_MBEDTLS_PRIVATE.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +make clean +sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile +scripts/config.py full +cd doxygen +doxygen mbedtls.doxyfile +cd .. +python3 apply_MBEDTLS_PRIVATE.py +git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile From 846f021de291c105c18031fa5d5c466917cb3cad Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 19:44:07 +0200 Subject: [PATCH 0012/1065] Run MBEDTLS_PRIVATE wrapping script on the library. Signed-off-by: Mateusz Starzyk --- include/mbedtls/aes.h | 11 +- include/mbedtls/arc4.h | 7 +- include/mbedtls/aria.h | 5 +- include/mbedtls/asn1.h | 25 +- include/mbedtls/bignum.h | 7 +- include/mbedtls/blowfish.h | 5 +- include/mbedtls/camellia.h | 5 +- include/mbedtls/ccm.h | 3 +- include/mbedtls/chacha20.h | 7 +- include/mbedtls/chachapoly.h | 13 +- include/mbedtls/cipher.h | 73 +++--- include/mbedtls/cmac.h | 7 +- include/mbedtls/ctr_drbg.h | 19 +- include/mbedtls/des.h | 5 +- include/mbedtls/dhm.h | 23 +- include/mbedtls/ecdh.h | 19 +- include/mbedtls/ecjpake.h | 25 +- include/mbedtls/ecp.h | 51 ++-- include/mbedtls/entropy.h | 23 +- include/mbedtls/gcm.h | 19 +- include/mbedtls/hmac_drbg.h | 19 +- include/mbedtls/md.h | 7 +- include/mbedtls/md2.h | 9 +- include/mbedtls/md4.h | 7 +- include/mbedtls/md5.h | 7 +- include/mbedtls/net_sockets.h | 3 +- include/mbedtls/nist_kw.h | 3 +- include/mbedtls/oid.h | 9 +- include/mbedtls/pem.h | 7 +- include/mbedtls/pk.h | 15 +- include/mbedtls/platform.h | 3 +- include/mbedtls/poly1305.h | 11 +- include/mbedtls/psa_util.h | 3 +- include/mbedtls/ripemd160.h | 7 +- include/mbedtls/rsa.h | 37 +-- include/mbedtls/sha1.h | 7 +- include/mbedtls/sha256.h | 9 +- include/mbedtls/sha512.h | 11 +- include/mbedtls/ssl.h | 327 ++++++++++++------------ include/mbedtls/ssl_cache.h | 21 +- include/mbedtls/ssl_ciphersuites.h | 17 +- include/mbedtls/ssl_cookie.h | 7 +- include/mbedtls/ssl_ticket.h | 19 +- include/mbedtls/threading.h | 5 +- include/mbedtls/timing.h | 7 +- include/mbedtls/x509.h | 5 +- include/mbedtls/x509_crl.h | 43 ++-- include/mbedtls/x509_crt.h | 117 ++++----- include/mbedtls/x509_csr.h | 31 +-- include/mbedtls/xtea.h | 3 +- include/psa/crypto_builtin_composites.h | 15 +- include/psa/crypto_builtin_primitives.h | 29 ++- include/psa/crypto_extra.h | 29 ++- include/psa/crypto_se_driver.h | 91 +++---- include/psa/crypto_struct.h | 155 +++++------ 55 files changed, 751 insertions(+), 696 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index da741c8e81..e23b9ca94a 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -39,6 +39,7 @@ #ifndef MBEDTLS_AES_H #define MBEDTLS_AES_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -78,9 +79,9 @@ extern "C" { */ typedef struct mbedtls_aes_context { - int nr; /*!< The number of rounds. */ - uint32_t *rk; /*!< AES round keys. */ - uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can + int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */ + uint32_t *MBEDTLS_PRIVATE(rk); /*!< AES round keys. */ + uint32_t MBEDTLS_PRIVATE(buf)[68]; /*!< Unaligned data buffer. This buffer can hold 32 extra Bytes, which can be used for one of the following purposes:
  • Alignment if VIA padlock is @@ -97,9 +98,9 @@ mbedtls_aes_context; */ typedef struct mbedtls_aes_xts_context { - mbedtls_aes_context crypt; /*!< The AES context to use for AES block + mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block encryption or decryption. */ - mbedtls_aes_context tweak; /*!< The AES context used for tweak + mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak computation. */ } mbedtls_aes_xts_context; #endif /* MBEDTLS_CIPHER_MODE_XTS */ diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h index ada6083e06..6313651207 100644 --- a/include/mbedtls/arc4.h +++ b/include/mbedtls/arc4.h @@ -25,6 +25,7 @@ */ #ifndef MBEDTLS_ARC4_H #define MBEDTLS_ARC4_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -51,9 +52,9 @@ extern "C" { */ typedef struct mbedtls_arc4_context { - int x; /*!< permutation index */ - int y; /*!< permutation index */ - unsigned char m[256]; /*!< permutation table */ + int MBEDTLS_PRIVATE(x); /*!< permutation index */ + int MBEDTLS_PRIVATE(y); /*!< permutation index */ + unsigned char MBEDTLS_PRIVATE(m)[256]; /*!< permutation table */ } mbedtls_arc4_context; diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7dd960f29a..cd15c706fd 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -28,6 +28,7 @@ #ifndef MBEDTLS_ARIA_H #define MBEDTLS_ARIA_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -64,9 +65,9 @@ extern "C" { */ typedef struct mbedtls_aria_context { - unsigned char nr; /*!< The number of rounds (12, 14 or 16) */ + unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */ /*! The ARIA round keys. */ - uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; + uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; } mbedtls_aria_context; diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index d2162fe12f..66119810f8 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_ASN1_H #define MBEDTLS_ASN1_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -148,9 +149,9 @@ extern "C" { */ typedef struct mbedtls_asn1_buf { - int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ - size_t len; /**< ASN1 length, in octets. */ - unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ + int MBEDTLS_PRIVATE(tag); /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ + size_t MBEDTLS_PRIVATE(len); /**< ASN1 length, in octets. */ + unsigned char *MBEDTLS_PRIVATE(p); /**< ASN1 data, e.g. in ASCII. */ } mbedtls_asn1_buf; @@ -159,9 +160,9 @@ mbedtls_asn1_buf; */ typedef struct mbedtls_asn1_bitstring { - size_t len; /**< ASN1 length, in octets. */ - unsigned char unused_bits; /**< Number of unused bits at the end of the string */ - unsigned char *p; /**< Raw ASN1 data for the bit string */ + size_t MBEDTLS_PRIVATE(len); /**< ASN1 length, in octets. */ + unsigned char MBEDTLS_PRIVATE(unused_bits); /**< Number of unused bits at the end of the string */ + unsigned char *MBEDTLS_PRIVATE(p); /**< Raw ASN1 data for the bit string */ } mbedtls_asn1_bitstring; @@ -170,8 +171,8 @@ mbedtls_asn1_bitstring; */ typedef struct mbedtls_asn1_sequence { - mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ - struct mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */ + mbedtls_asn1_buf MBEDTLS_PRIVATE(buf); /**< Buffer containing the given ASN.1 item. */ + struct mbedtls_asn1_sequence *MBEDTLS_PRIVATE(next); /**< The next entry in the sequence. */ } mbedtls_asn1_sequence; @@ -180,10 +181,10 @@ mbedtls_asn1_sequence; */ typedef struct mbedtls_asn1_named_data { - mbedtls_asn1_buf oid; /**< The object identifier. */ - mbedtls_asn1_buf val; /**< The named value. */ - struct mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */ - unsigned char next_merged; /**< Merge next item into the current one? */ + mbedtls_asn1_buf MBEDTLS_PRIVATE(oid); /**< The object identifier. */ + mbedtls_asn1_buf MBEDTLS_PRIVATE(val); /**< The named value. */ + struct mbedtls_asn1_named_data *MBEDTLS_PRIVATE(next); /**< The next entry in the sequence. */ + unsigned char MBEDTLS_PRIVATE(next_merged); /**< Merge next item into the current one? */ } mbedtls_asn1_named_data; diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 073b4a40c9..47768fc6f9 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_BIGNUM_H #define MBEDTLS_BIGNUM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -183,9 +184,9 @@ extern "C" { */ typedef struct mbedtls_mpi { - int s; /*!< Sign: -1 if the mpi is negative, 1 otherwise */ - size_t n; /*!< total # of limbs */ - mbedtls_mpi_uint *p; /*!< pointer to limbs */ + int MBEDTLS_PRIVATE(s); /*!< Sign: -1 if the mpi is negative, 1 otherwise */ + size_t MBEDTLS_PRIVATE(n); /*!< total # of limbs */ + mbedtls_mpi_uint *MBEDTLS_PRIVATE(p); /*!< pointer to limbs */ } mbedtls_mpi; diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h index 1ade1fc7e2..e54d4914dc 100644 --- a/include/mbedtls/blowfish.h +++ b/include/mbedtls/blowfish.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_BLOWFISH_H #define MBEDTLS_BLOWFISH_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -57,8 +58,8 @@ extern "C" { */ typedef struct mbedtls_blowfish_context { - uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ - uint32_t S[4][256]; /*!< key dependent S-boxes */ + uint32_t MBEDTLS_PRIVATE(P)[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ + uint32_t MBEDTLS_PRIVATE(S)[4][256]; /*!< key dependent S-boxes */ } mbedtls_blowfish_context; diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index dee5c3e2c0..d2d4f61b10 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_CAMELLIA_H #define MBEDTLS_CAMELLIA_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -53,8 +54,8 @@ extern "C" { */ typedef struct mbedtls_camellia_context { - int nr; /*!< number of rounds */ - uint32_t rk[68]; /*!< CAMELLIA round keys */ + int MBEDTLS_PRIVATE(nr); /*!< number of rounds */ + uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */ } mbedtls_camellia_context; diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index f63e61be50..2fa4b5b142 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -46,6 +46,7 @@ #ifndef MBEDTLS_CCM_H #define MBEDTLS_CCM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -72,7 +73,7 @@ extern "C" { */ typedef struct mbedtls_ccm_context { - mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ } mbedtls_ccm_context; diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index a6a8cda74e..441aaa4c87 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -31,6 +31,7 @@ #ifndef MBEDTLS_CHACHA20_H #define MBEDTLS_CHACHA20_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -51,9 +52,9 @@ extern "C" { typedef struct mbedtls_chacha20_context { - uint32_t state[16]; /*! The state (before round operations). */ - uint8_t keystream8[64]; /*! Leftover keystream bytes. */ - size_t keystream_bytes_used; /*! Number of keystream bytes already used. */ + uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */ + uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */ + size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */ } mbedtls_chacha20_context; diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 1007f95bbb..7c36739857 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -31,6 +31,7 @@ #ifndef MBEDTLS_CHACHAPOLY_H #define MBEDTLS_CHACHAPOLY_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -61,12 +62,12 @@ mbedtls_chachapoly_mode_t; typedef struct mbedtls_chachapoly_context { - mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */ - mbedtls_poly1305_context poly1305_ctx; /**< The Poly1305 context. */ - uint64_t aad_len; /**< The length (bytes) of the Additional Authenticated Data. */ - uint64_t ciphertext_len; /**< The length (bytes) of the ciphertext. */ - int state; /**< The current state of the context. */ - mbedtls_chachapoly_mode_t mode; /**< Cipher mode (encrypt or decrypt). */ + mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */ + mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */ + uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */ + uint64_t MBEDTLS_PRIVATE(ciphertext_len); /**< The length (bytes) of the ciphertext. */ + int MBEDTLS_PRIVATE(state); /**< The current state of the context. */ + mbedtls_chachapoly_mode_t MBEDTLS_PRIVATE(mode); /**< Cipher mode (encrypt or decrypt). */ } mbedtls_chachapoly_context; diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index ffb20a676a..97aa16c838 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -26,6 +26,7 @@ #ifndef MBEDTLS_CIPHER_H #define MBEDTLS_CIPHER_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -267,37 +268,37 @@ typedef struct mbedtls_cipher_info_t /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ - mbedtls_cipher_type_t type; + mbedtls_cipher_type_t MBEDTLS_PRIVATE(type); /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ - mbedtls_cipher_mode_t mode; + mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode); /** The cipher key length, in bits. This is the * default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ - unsigned int key_bitlen; + unsigned int MBEDTLS_PRIVATE(key_bitlen); /** Name of the cipher. */ - const char * name; + const char * MBEDTLS_PRIVATE(name); /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, * this is the recommended size. */ - unsigned int iv_size; + unsigned int MBEDTLS_PRIVATE(iv_size); /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the * cipher supports variable IV or variable key sizes, respectively. */ - int flags; + int MBEDTLS_PRIVATE(flags); /** The block size, in Bytes. */ - unsigned int block_size; + unsigned int MBEDTLS_PRIVATE(block_size); /** Struct for base cipher information and functions. */ - const mbedtls_cipher_base_t *base; + const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); } mbedtls_cipher_info_t; @@ -307,43 +308,43 @@ typedef struct mbedtls_cipher_info_t typedef struct mbedtls_cipher_context_t { /** Information about the associated cipher. */ - const mbedtls_cipher_info_t *cipher_info; + const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info); /** Key length to use. */ - int key_bitlen; + int MBEDTLS_PRIVATE(key_bitlen); /** Operation that the key of the context has been * initialized for. */ - mbedtls_operation_t operation; + mbedtls_operation_t MBEDTLS_PRIVATE(operation); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** Padding functions to use, if relevant for * the specific cipher mode. */ - void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); - int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); + void (*MBEDTLS_PRIVATE(add_padding))( unsigned char *output, size_t olen, size_t data_len ); + int (*MBEDTLS_PRIVATE(get_padding))( unsigned char *input, size_t ilen, size_t *data_len ); #endif /** Buffer for input that has not been processed yet. */ - unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]; + unsigned char MBEDTLS_PRIVATE(unprocessed_data)[MBEDTLS_MAX_BLOCK_LENGTH]; /** Number of Bytes that have not been processed yet. */ - size_t unprocessed_len; + size_t MBEDTLS_PRIVATE(unprocessed_len); /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number * for XTS-mode. */ - unsigned char iv[MBEDTLS_MAX_IV_LENGTH]; + unsigned char MBEDTLS_PRIVATE(iv)[MBEDTLS_MAX_IV_LENGTH]; /** IV size in Bytes, for ciphers with variable-length IVs. */ - size_t iv_size; + size_t MBEDTLS_PRIVATE(iv_size); /** The cipher-specific context. */ - void *cipher_ctx; + void *MBEDTLS_PRIVATE(cipher_ctx); #if defined(MBEDTLS_CMAC_C) /** CMAC-specific context. */ - mbedtls_cmac_context_t *cmac_ctx; + mbedtls_cmac_context_t *MBEDTLS_PRIVATE(cmac_ctx); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -354,7 +355,7 @@ typedef struct mbedtls_cipher_context_t * mbedtls_cipher_setup(), and set if it was established through * mbedtls_cipher_setup_psa(). */ - unsigned char psa_enabled; + unsigned char MBEDTLS_PRIVATE(psa_enabled); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } mbedtls_cipher_context_t; @@ -495,10 +496,10 @@ static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return 0; - return ctx->cipher_info->block_size; + return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); } /** @@ -514,10 +515,10 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return MBEDTLS_MODE_NONE; - return ctx->cipher_info->mode; + return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); } /** @@ -534,13 +535,13 @@ static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return 0; - if( ctx->iv_size != 0 ) - return (int) ctx->iv_size; + if( ctx->MBEDTLS_PRIVATE(iv_size) != 0 ) + return (int) ctx->MBEDTLS_PRIVATE(iv_size); - return (int) ctx->cipher_info->iv_size; + return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size); } /** @@ -556,10 +557,10 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_CIPHER_NONE ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return MBEDTLS_CIPHER_NONE; - return ctx->cipher_info->type; + return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); } /** @@ -575,10 +576,10 @@ static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return 0; - return ctx->cipher_info->name; + return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name); } /** @@ -595,10 +596,10 @@ static inline int mbedtls_cipher_get_key_bitlen( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return MBEDTLS_KEY_LENGTH_NONE; - return (int) ctx->cipher_info->key_bitlen; + return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen); } /** @@ -614,10 +615,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_OPERATION_NONE ); - if( ctx->cipher_info == NULL ) + if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) return MBEDTLS_OPERATION_NONE; - return ctx->operation; + return ctx->MBEDTLS_PRIVATE(operation); } /** diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index a0563b1eff..65c831c870 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -25,6 +25,7 @@ #ifndef MBEDTLS_CMAC_H #define MBEDTLS_CMAC_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -55,14 +56,14 @@ extern "C" { struct mbedtls_cmac_context_t { /** The internal state of the CMAC algorithm. */ - unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX]; /** Unprocessed data - either data that was not block aligned and is still * pending processing, or the final block. */ - unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char MBEDTLS_PRIVATE(unprocessed_block)[MBEDTLS_CIPHER_BLKSIZE_MAX]; /** The length of data pending processing. */ - size_t unprocessed_len; + size_t MBEDTLS_PRIVATE(unprocessed_len); }; #else /* !MBEDTLS_CMAC_ALT */ diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 0f2c5510f7..6a8d5c688b 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -40,6 +40,7 @@ #ifndef MBEDTLS_CTR_DRBG_H #define MBEDTLS_CTR_DRBG_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -168,8 +169,8 @@ extern "C" { */ typedef struct mbedtls_ctr_drbg_context { - unsigned char counter[16]; /*!< The counter (V). */ - int reseed_counter; /*!< The reseed counter. + unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */ + int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter. * This is the number of requests that have * been made since the last (re)seeding, * minus one. @@ -179,25 +180,25 @@ typedef struct mbedtls_ctr_drbg_context * or -1 if no nonce length has been explicitly * set (see mbedtls_ctr_drbg_set_nonce_len()). */ - int prediction_resistance; /*!< This determines whether prediction + int MBEDTLS_PRIVATE(prediction_resistance); /*!< This determines whether prediction resistance is enabled, that is whether to systematically reseed before each random generation. */ - size_t entropy_len; /*!< The amount of entropy grabbed on each + size_t MBEDTLS_PRIVATE(entropy_len); /*!< The amount of entropy grabbed on each seed or reseed operation, in bytes. */ - int reseed_interval; /*!< The reseed interval. + int MBEDTLS_PRIVATE(reseed_interval); /*!< The reseed interval. * This is the maximum number of requests * that can be made between reseedings. */ - mbedtls_aes_context aes_ctx; /*!< The AES context. */ + mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */ /* * Callbacks (Entropy) */ - int (*f_entropy)(void *, unsigned char *, size_t); + int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< The entropy callback function. */ - void *p_entropy; /*!< The context for the entropy function. */ + void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */ #if defined(MBEDTLS_THREADING_C) /* Invariant: the mutex is initialized if and only if f_entropy != NULL. @@ -207,7 +208,7 @@ typedef struct mbedtls_ctr_drbg_context * Note that this invariant may change without notice. Do not rely on it * and do not access the mutex directly in application code. */ - mbedtls_threading_mutex_t mutex; + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); #endif } mbedtls_ctr_drbg_context; diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 92da73f08b..24d2402833 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -26,6 +26,7 @@ */ #ifndef MBEDTLS_DES_H #define MBEDTLS_DES_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -60,7 +61,7 @@ extern "C" { */ typedef struct mbedtls_des_context { - uint32_t sk[32]; /*!< DES subkeys */ + uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */ } mbedtls_des_context; @@ -69,7 +70,7 @@ mbedtls_des_context; */ typedef struct mbedtls_des3_context { - uint32_t sk[96]; /*!< 3DES subkeys */ + uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */ } mbedtls_des3_context; diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 0e8892e0f7..6c8ca037c5 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -62,6 +62,7 @@ #ifndef MBEDTLS_DHM_H #define MBEDTLS_DHM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -95,17 +96,17 @@ extern "C" { */ typedef struct mbedtls_dhm_context { - size_t len; /*!< The size of \p P in Bytes. */ - mbedtls_mpi P; /*!< The prime modulus. */ - mbedtls_mpi G; /*!< The generator. */ - mbedtls_mpi X; /*!< Our secret value. */ - mbedtls_mpi GX; /*!< Our public key = \c G^X mod \c P. */ - mbedtls_mpi GY; /*!< The public key of the peer = \c G^Y mod \c P. */ - mbedtls_mpi K; /*!< The shared secret = \c G^(XY) mod \c P. */ - mbedtls_mpi RP; /*!< The cached value = \c R^2 mod \c P. */ - mbedtls_mpi Vi; /*!< The blinding value. */ - mbedtls_mpi Vf; /*!< The unblinding value. */ - mbedtls_mpi pX; /*!< The previous \c X. */ + size_t MBEDTLS_PRIVATE(len); /*!< The size of \p P in Bytes. */ + mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus. */ + mbedtls_mpi MBEDTLS_PRIVATE(G); /*!< The generator. */ + mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< Our secret value. */ + mbedtls_mpi MBEDTLS_PRIVATE(GX); /*!< Our public key = \c G^X mod \c P. */ + mbedtls_mpi MBEDTLS_PRIVATE(GY); /*!< The public key of the peer = \c G^Y mod \c P. */ + mbedtls_mpi MBEDTLS_PRIVATE(K); /*!< The shared secret = \c G^(XY) mod \c P. */ + mbedtls_mpi MBEDTLS_PRIVATE(RP); /*!< The cached value = \c R^2 mod \c P. */ + mbedtls_mpi MBEDTLS_PRIVATE(Vi); /*!< The blinding value. */ + mbedtls_mpi MBEDTLS_PRIVATE(Vf); /*!< The unblinding value. */ + mbedtls_mpi MBEDTLS_PRIVATE(pX); /*!< The previous \c X. */ } mbedtls_dhm_context; diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 05855cdf10..874b4ee129 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -31,6 +31,7 @@ #ifndef MBEDTLS_ECDH_H #define MBEDTLS_ECDH_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -104,15 +105,15 @@ typedef struct mbedtls_ecdh_context_mbed typedef struct mbedtls_ecdh_context { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_ecp_group grp; /*!< The elliptic curve used. */ - mbedtls_mpi d; /*!< The private key. */ - mbedtls_ecp_point Q; /*!< The public key. */ - mbedtls_ecp_point Qp; /*!< The value of the public key of the peer. */ - mbedtls_mpi z; /*!< The shared secret. */ - int point_format; /*!< The format of point export in TLS messages. */ - mbedtls_ecp_point Vi; /*!< The blinding value. */ - mbedtls_ecp_point Vf; /*!< The unblinding value. */ - mbedtls_mpi _d; /*!< The previous \p d. */ + mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ + mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Qp); /*!< The value of the public key of the peer. */ + mbedtls_mpi MBEDTLS_PRIVATE(z); /*!< The shared secret. */ + int MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Vi); /*!< The blinding value. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Vf); /*!< The unblinding value. */ + mbedtls_mpi MBEDTLS_PRIVATE(_d); /*!< The previous \p d. */ #if defined(MBEDTLS_ECP_RESTARTABLE) int restart_enabled; /*!< The flag for restartable mode. */ mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 891705d8c4..0c8e8c9274 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_ECJPAKE_H #define MBEDTLS_ECJPAKE_H +#include "mbedtls/private_access.h" /* * J-PAKE is a password-authenticated key exchange that allows deriving a @@ -73,21 +74,21 @@ typedef enum { */ typedef struct mbedtls_ecjpake_context { - const mbedtls_md_info_t *md_info; /**< Hash to use */ - mbedtls_ecp_group grp; /**< Elliptic curve */ - mbedtls_ecjpake_role role; /**< Are we client or server? */ - int point_format; /**< Format for point export */ + const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); /**< Hash to use */ + mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */ + mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */ + int MBEDTLS_PRIVATE(point_format); /**< Format for point export */ - mbedtls_ecp_point Xm1; /**< My public key 1 C: X1, S: X3 */ - mbedtls_ecp_point Xm2; /**< My public key 2 C: X2, S: X4 */ - mbedtls_ecp_point Xp1; /**< Peer public key 1 C: X3, S: X1 */ - mbedtls_ecp_point Xp2; /**< Peer public key 2 C: X4, S: X2 */ - mbedtls_ecp_point Xp; /**< Peer public key C: Xs, S: Xc */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Xm1); /**< My public key 1 C: X1, S: X3 */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Xm2); /**< My public key 2 C: X2, S: X4 */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Xp1); /**< Peer public key 1 C: X3, S: X1 */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Xp2); /**< Peer public key 2 C: X4, S: X2 */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Xp); /**< Peer public key C: Xs, S: Xc */ - mbedtls_mpi xm1; /**< My private key 1 C: x1, S: x3 */ - mbedtls_mpi xm2; /**< My private key 2 C: x2, S: x4 */ + mbedtls_mpi MBEDTLS_PRIVATE(xm1); /**< My private key 1 C: x1, S: x3 */ + mbedtls_mpi MBEDTLS_PRIVATE(xm2); /**< My private key 2 C: x2, S: x4 */ - mbedtls_mpi s; /**< Pre-shared secret (passphrase) */ + mbedtls_mpi MBEDTLS_PRIVATE(s); /**< Pre-shared secret (passphrase) */ } mbedtls_ecjpake_context; #else /* MBEDTLS_ECJPAKE_ALT */ diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index dd400a0186..913e323f12 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -33,6 +33,7 @@ #ifndef MBEDTLS_ECP_H #define MBEDTLS_ECP_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -142,10 +143,10 @@ typedef enum */ typedef struct mbedtls_ecp_curve_info { - mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ - uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ - uint16_t bit_size; /*!< The curve size in bits. */ - const char *name; /*!< A human-friendly name. */ + mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id); /*!< An internal identifier. */ + uint16_t MBEDTLS_PRIVATE(tls_id); /*!< The TLS NamedCurve identifier. */ + uint16_t MBEDTLS_PRIVATE(bit_size); /*!< The curve size in bits. */ + const char *MBEDTLS_PRIVATE(name); /*!< A human-friendly name. */ } mbedtls_ecp_curve_info; /** @@ -161,9 +162,9 @@ typedef struct mbedtls_ecp_curve_info */ typedef struct mbedtls_ecp_point { - mbedtls_mpi X; /*!< The X coordinate of the ECP point. */ - mbedtls_mpi Y; /*!< The Y coordinate of the ECP point. */ - mbedtls_mpi Z; /*!< The Z coordinate of the ECP point. */ + mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */ + mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */ + mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */ } mbedtls_ecp_point; @@ -210,26 +211,26 @@ mbedtls_ecp_point; */ typedef struct mbedtls_ecp_group { - mbedtls_ecp_group_id id; /*!< An internal group identifier. */ - mbedtls_mpi P; /*!< The prime modulus of the base field. */ - mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For + mbedtls_ecp_group_id MBEDTLS_PRIVATE(id); /*!< An internal group identifier. */ + mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus of the base field. */ + mbedtls_mpi MBEDTLS_PRIVATE(A); /*!< For Short Weierstrass: \p A in the equation. For Montgomery curves: (A + 2) / 4. */ - mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation. + mbedtls_mpi MBEDTLS_PRIVATE(B); /*!< For Short Weierstrass: \p B in the equation. For Montgomery curves: unused. */ - mbedtls_ecp_point G; /*!< The generator of the subgroup used. */ - mbedtls_mpi N; /*!< The order of \p G. */ - size_t pbits; /*!< The number of bits in \p P.*/ - size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P. + mbedtls_ecp_point MBEDTLS_PRIVATE(G); /*!< The generator of the subgroup used. */ + mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The order of \p G. */ + size_t MBEDTLS_PRIVATE(pbits); /*!< The number of bits in \p P.*/ + size_t MBEDTLS_PRIVATE(nbits); /*!< For Short Weierstrass: The number of bits in \p P. For Montgomery curves: the number of bits in the private keys. */ - unsigned int h; /*!< \internal 1 if the constants are static. */ - int (*modp)(mbedtls_mpi *); /*!< The function for fast pseudo-reduction + unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */ + int (*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction mod \p P (see above).*/ - int (*t_pre)(mbedtls_ecp_point *, void *); /*!< Unused. */ - int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */ - void *t_data; /*!< Unused. */ - mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */ - size_t T_size; /*!< The number of pre-computed points. */ + int (*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */ + int (*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */ + void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */ + mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */ + size_t MBEDTLS_PRIVATE(T_size); /*!< The number of pre-computed points. */ } mbedtls_ecp_group; @@ -369,9 +370,9 @@ typedef void mbedtls_ecp_restart_ctx; */ typedef struct mbedtls_ecp_keypair { - mbedtls_ecp_group grp; /*!< Elliptic curve and base point */ - mbedtls_mpi d; /*!< our secret value */ - mbedtls_ecp_point Q; /*!< our public value */ + mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */ + mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */ } mbedtls_ecp_keypair; diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index c51e64164b..d707bddf02 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_ENTROPY_H #define MBEDTLS_ENTROPY_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -104,11 +105,11 @@ typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, s */ typedef struct mbedtls_entropy_source_state { - mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ - void * p_source; /**< The callback data pointer */ - size_t size; /**< Amount received in bytes */ - size_t threshold; /**< Minimum bytes required before release */ - int strong; /**< Is the source strong? */ + mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */ + void * MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */ + size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */ + size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */ + int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */ } mbedtls_entropy_source_state; @@ -117,21 +118,21 @@ mbedtls_entropy_source_state; */ typedef struct mbedtls_entropy_context { - int accumulator_started; /* 0 after init. + int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init. * 1 after the first update. * -1 after free. */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_context accumulator; + mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator); #else mbedtls_sha256_context accumulator; #endif - int source_count; /* Number of entries used in source. */ - mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES]; + int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */ + mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES]; #if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; /*!< mutex */ + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< mutex */ #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) - int initial_entropy_run; + int MBEDTLS_PRIVATE(initial_entropy_run); #endif } mbedtls_entropy_context; diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index a2fc2ab4a9..c8e384ad89 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -30,6 +30,7 @@ #ifndef MBEDTLS_GCM_H #define MBEDTLS_GCM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -58,15 +59,15 @@ extern "C" { */ typedef struct mbedtls_gcm_context { - mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ - uint64_t HL[16]; /*!< Precalculated HTable low. */ - uint64_t HH[16]; /*!< Precalculated HTable high. */ - uint64_t len; /*!< The total length of the encrypted data. */ - uint64_t add_len; /*!< The total length of the additional data. */ - unsigned char base_ectr[16]; /*!< The first ECTR for tag. */ - unsigned char y[16]; /*!< The Y working value. */ - unsigned char buf[16]; /*!< The buf working value. */ - int mode; /*!< The operation to perform: + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ + uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ + uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ + uint64_t MBEDTLS_PRIVATE(len); /*!< The total length of the encrypted data. */ + uint64_t MBEDTLS_PRIVATE(add_len); /*!< The total length of the additional data. */ + unsigned char MBEDTLS_PRIVATE(base_ectr)[16]; /*!< The first ECTR for tag. */ + unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working value. */ + unsigned char MBEDTLS_PRIVATE(buf)[16]; /*!< The buf working value. */ + int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: #MBEDTLS_GCM_ENCRYPT or #MBEDTLS_GCM_DECRYPT. */ } diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 1ab3422529..2f81158b00 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -25,6 +25,7 @@ */ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -86,19 +87,19 @@ typedef struct mbedtls_hmac_drbg_context { /* Working state: the key K is not stored explicitly, * but is implied by the HMAC context */ - mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */ - unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */ - int reseed_counter; /*!< reseed counter */ + mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */ + unsigned char MBEDTLS_PRIVATE(V)[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */ + int MBEDTLS_PRIVATE(reseed_counter); /*!< reseed counter */ /* Administrative state */ - size_t entropy_len; /*!< entropy bytes grabbed on each (re)seed */ - int prediction_resistance; /*!< enable prediction resistance (Automatic + size_t MBEDTLS_PRIVATE(entropy_len); /*!< entropy bytes grabbed on each (re)seed */ + int MBEDTLS_PRIVATE(prediction_resistance); /*!< enable prediction resistance (Automatic reseed before every random generation) */ - int reseed_interval; /*!< reseed interval */ + int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */ /* Callbacks */ - int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */ - void *p_entropy; /*!< context for the entropy function */ + int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */ + void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */ #if defined(MBEDTLS_THREADING_C) /* Invariant: the mutex is initialized if and only if @@ -109,7 +110,7 @@ typedef struct mbedtls_hmac_drbg_context * Note that this invariant may change without notice. Do not rely on it * and do not access the mutex directly in application code. */ - mbedtls_threading_mutex_t mutex; + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); #endif } mbedtls_hmac_drbg_context; diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index fbc3b47855..21dc7c4aa5 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -24,6 +24,7 @@ #ifndef MBEDTLS_MD_H #define MBEDTLS_MD_H +#include "mbedtls/private_access.h" #include @@ -93,13 +94,13 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t; typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ - const mbedtls_md_info_t *md_info; + const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); /** The digest-specific context. */ - void *md_ctx; + void *MBEDTLS_PRIVATE(md_ctx); /** The HMAC part of the context. */ - void *hmac_ctx; + void *MBEDTLS_PRIVATE(hmac_ctx); } mbedtls_md_context_t; /** diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h index 950afa241b..8d8d1e5389 100644 --- a/include/mbedtls/md2.h +++ b/include/mbedtls/md2.h @@ -26,6 +26,7 @@ */ #ifndef MBEDTLS_MD2_H #define MBEDTLS_MD2_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -53,10 +54,10 @@ extern "C" { */ typedef struct mbedtls_md2_context { - unsigned char cksum[16]; /*!< checksum of the data block */ - unsigned char state[48]; /*!< intermediate digest state */ - unsigned char buffer[16]; /*!< data block being processed */ - size_t left; /*!< amount of data in buffer */ + unsigned char MBEDTLS_PRIVATE(cksum)[16]; /*!< checksum of the data block */ + unsigned char MBEDTLS_PRIVATE(state)[48]; /*!< intermediate digest state */ + unsigned char MBEDTLS_PRIVATE(buffer)[16]; /*!< data block being processed */ + size_t MBEDTLS_PRIVATE(left); /*!< amount of data in buffer */ } mbedtls_md2_context; diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h index f9e3987496..ac28d29048 100644 --- a/include/mbedtls/md4.h +++ b/include/mbedtls/md4.h @@ -26,6 +26,7 @@ */ #ifndef MBEDTLS_MD4_H #define MBEDTLS_MD4_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -54,9 +55,9 @@ extern "C" { */ typedef struct mbedtls_md4_context { - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ + uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ + uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */ + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ } mbedtls_md4_context; diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 71a41dc0e7..27bc409719 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -25,6 +25,7 @@ */ #ifndef MBEDTLS_MD5_H #define MBEDTLS_MD5_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -53,9 +54,9 @@ extern "C" { */ typedef struct mbedtls_md5_context { - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ + uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ + uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */ + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ } mbedtls_md5_context; diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 319f4be53d..502b9f453d 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -37,6 +37,7 @@ */ #ifndef MBEDTLS_NET_SOCKETS_H #define MBEDTLS_NET_SOCKETS_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -84,7 +85,7 @@ extern "C" { */ typedef struct mbedtls_net_context { - int fd; /**< The underlying file descriptor */ + int MBEDTLS_PRIVATE(fd); /**< The underlying file descriptor */ } mbedtls_net_context; diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 7f3e64a525..c537b589ac 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -34,6 +34,7 @@ #ifndef MBEDTLS_NIST_KW_H #define MBEDTLS_NIST_KW_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -65,7 +66,7 @@ typedef enum * Don't make any assumptions on this context! */ typedef struct { - mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ } mbedtls_nist_kw_context; #else /* MBEDTLS_NIST_key wrapping_ALT */ diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 4198eb1071..dd3ade6b11 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_OID_H #define MBEDTLS_OID_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -439,11 +440,11 @@ extern "C" { */ typedef struct mbedtls_oid_descriptor_t { - const char *asn1; /*!< OID ASN.1 representation */ - size_t asn1_len; /*!< length of asn1 */ + const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */ + size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */ #if !defined(MBEDTLS_X509_REMOVE_INFO) - const char *name; /*!< official name (e.g. from RFC) */ - const char *description; /*!< human friendly description */ + const char *MBEDTLS_PRIVATE(name); /*!< official name (e.g. from RFC) */ + const char *MBEDTLS_PRIVATE(description); /*!< human friendly description */ #endif } mbedtls_oid_descriptor_t; diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index 4769bec5fb..9242da6b16 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -57,9 +58,9 @@ extern "C" { */ typedef struct mbedtls_pem_context { - unsigned char *buf; /*!< buffer for decoded data */ - size_t buflen; /*!< length of the buffer */ - unsigned char *info; /*!< buffer for extra header information */ + unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */ + size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */ + unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */ } mbedtls_pem_context; diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 093b3bc6d6..06da076fbb 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -22,6 +22,7 @@ #ifndef MBEDTLS_PK_H #define MBEDTLS_PK_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -91,8 +92,8 @@ typedef enum { */ typedef struct mbedtls_pk_rsassa_pss_options { - mbedtls_md_type_t mgf1_hash_id; - int expected_salt_len; + mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id); + int MBEDTLS_PRIVATE(expected_salt_len); } mbedtls_pk_rsassa_pss_options; @@ -163,9 +164,9 @@ typedef enum */ typedef struct mbedtls_pk_debug_item { - mbedtls_pk_debug_type type; - const char *name; - void *value; + mbedtls_pk_debug_type MBEDTLS_PRIVATE(type); + const char *MBEDTLS_PRIVATE(name); + void *MBEDTLS_PRIVATE(value); } mbedtls_pk_debug_item; /** Maximum number of item send for debugging, plus 1 */ @@ -181,8 +182,8 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; */ typedef struct mbedtls_pk_context { - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * pk_ctx; /**< Underlying public key context */ + const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ + void * MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ } mbedtls_pk_context; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index c944732fbd..c50d7d211d 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -30,6 +30,7 @@ */ #ifndef MBEDTLS_PLATFORM_H #define MBEDTLS_PLATFORM_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -367,7 +368,7 @@ int mbedtls_platform_set_nv_seed( */ typedef struct mbedtls_platform_context { - char dummy; /**< A placeholder member, as empty structs are not portable. */ + char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */ } mbedtls_platform_context; diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 1767f5863e..4d253858e1 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -31,6 +31,7 @@ #ifndef MBEDTLS_POLY1305_H #define MBEDTLS_POLY1305_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -51,11 +52,11 @@ extern "C" { typedef struct mbedtls_poly1305_context { - uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */ - uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */ - uint32_t acc[5]; /** The accumulator number. */ - uint8_t queue[16]; /** The current partial block of data. */ - size_t queue_len; /** The number of bytes stored in 'queue'. */ + uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */ + uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */ + uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */ + uint8_t MBEDTLS_PRIVATE(queue)[16]; /** The current partial block of data. */ + size_t MBEDTLS_PRIVATE(queue_len); /** The number of bytes stored in 'queue'. */ } mbedtls_poly1305_context; diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 75fcdac93a..d5feecb9b8 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -25,6 +25,7 @@ #ifndef MBEDTLS_PSA_UTIL_H #define MBEDTLS_PSA_UTIL_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -380,7 +381,7 @@ static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( if( curve_info == NULL ) return( 0 ); return( PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) ); + mbedtls_ecc_group_to_psa( curve_info->MBEDTLS_PRIVATE(grp_id), bits ) ) ); } #endif /* MBEDTLS_ECP_C */ diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index 1c72d60fc6..62570c2a21 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_RIPEMD160_H #define MBEDTLS_RIPEMD160_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -44,9 +45,9 @@ extern "C" { */ typedef struct mbedtls_ripemd160_context { - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[5]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ + uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ + uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */ + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ } mbedtls_ripemd160_context; diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index a54ac4dd09..945050c3ca 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -27,6 +27,7 @@ */ #ifndef MBEDTLS_RSA_H #define MBEDTLS_RSA_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -90,41 +91,41 @@ extern "C" { */ typedef struct mbedtls_rsa_context { - int ver; /*!< Reserved for internal purposes. + int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes. * Do not set this field in application * code. Its meaning might change without * notice. */ - size_t len; /*!< The size of \p N in Bytes. */ + size_t MBEDTLS_PRIVATE(len); /*!< The size of \p N in Bytes. */ - mbedtls_mpi N; /*!< The public modulus. */ - mbedtls_mpi E; /*!< The public exponent. */ + mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The public modulus. */ + mbedtls_mpi MBEDTLS_PRIVATE(E); /*!< The public exponent. */ - mbedtls_mpi D; /*!< The private exponent. */ - mbedtls_mpi P; /*!< The first prime factor. */ - mbedtls_mpi Q; /*!< The second prime factor. */ + mbedtls_mpi MBEDTLS_PRIVATE(D); /*!< The private exponent. */ + mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The first prime factor. */ + mbedtls_mpi MBEDTLS_PRIVATE(Q); /*!< The second prime factor. */ - mbedtls_mpi DP; /*!< D % (P - 1). */ - mbedtls_mpi DQ; /*!< D % (Q - 1). */ - mbedtls_mpi QP; /*!< 1 / (Q % P). */ + mbedtls_mpi MBEDTLS_PRIVATE(DP); /*!< D % (P - 1). */ + mbedtls_mpi MBEDTLS_PRIVATE(DQ); /*!< D % (Q - 1). */ + mbedtls_mpi MBEDTLS_PRIVATE(QP); /*!< 1 / (Q % P). */ - mbedtls_mpi RN; /*!< cached R^2 mod N. */ + mbedtls_mpi MBEDTLS_PRIVATE(RN); /*!< cached R^2 mod N. */ - mbedtls_mpi RP; /*!< cached R^2 mod P. */ - mbedtls_mpi RQ; /*!< cached R^2 mod Q. */ + mbedtls_mpi MBEDTLS_PRIVATE(RP); /*!< cached R^2 mod P. */ + mbedtls_mpi MBEDTLS_PRIVATE(RQ); /*!< cached R^2 mod Q. */ - mbedtls_mpi Vi; /*!< The cached blinding value. */ - mbedtls_mpi Vf; /*!< The cached un-blinding value. */ + mbedtls_mpi MBEDTLS_PRIVATE(Vi); /*!< The cached blinding value. */ + mbedtls_mpi MBEDTLS_PRIVATE(Vf); /*!< The cached un-blinding value. */ - int padding; /*!< Selects padding mode: + int MBEDTLS_PRIVATE(padding); /*!< Selects padding mode: #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ - int hash_id; /*!< Hash identifier of mbedtls_md_type_t type, + int MBEDTLS_PRIVATE(hash_id); /*!< Hash identifier of mbedtls_md_type_t type, as specified in md.h for use in the MGF mask generating function used in the EME-OAEP and EMSA-PSS encodings. */ #if defined(MBEDTLS_THREADING_C) /* Invariant: the mutex is initialized iff ver != 0. */ - mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex. */ + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< Thread-safety mutex. */ #endif } mbedtls_rsa_context; diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 56ff9487e3..5a42e5c237 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -28,6 +28,7 @@ */ #ifndef MBEDTLS_SHA1_H #define MBEDTLS_SHA1_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -58,9 +59,9 @@ extern "C" { */ typedef struct mbedtls_sha1_context { - uint32_t total[2]; /*!< The number of Bytes processed. */ - uint32_t state[5]; /*!< The intermediate digest state. */ - unsigned char buffer[64]; /*!< The data block being processed. */ + uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ + uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */ + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ } mbedtls_sha1_context; diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 22c2c7d7eb..2b982ff9b6 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -24,6 +24,7 @@ */ #ifndef MBEDTLS_SHA256_H #define MBEDTLS_SHA256_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -53,10 +54,10 @@ extern "C" { */ typedef struct mbedtls_sha256_context { - uint32_t total[2]; /*!< The number of Bytes processed. */ - uint32_t state[8]; /*!< The intermediate digest state. */ - unsigned char buffer[64]; /*!< The data block being processed. */ - int is224; /*!< Determines which function to use: + uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ + uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ + int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use: 0: Use SHA-256, or 1: Use SHA-224. */ } mbedtls_sha256_context; diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 04222f4a4f..3f1af17b14 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -23,6 +23,7 @@ */ #ifndef MBEDTLS_SHA512_H #define MBEDTLS_SHA512_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -52,12 +53,12 @@ extern "C" { */ typedef struct mbedtls_sha512_context { - uint64_t total[2]; /*!< The number of Bytes processed. */ - uint64_t state[8]; /*!< The intermediate digest state. */ - unsigned char buffer[128]; /*!< The data block being processed. */ + uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ + uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ + unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */ #if defined(MBEDTLS_SHA384_C) - int is384; /*!< Determines which function to use: - 0: Use SHA-512, or 1: Use SHA-384. */ + int MBEDTLS_PRIVATE(is384); /*!< Determines which function to use: + 0: Use SHA-512, or 1: Use SHA-384. */ #endif } mbedtls_sha512_context; diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 88a599c18c..e6a3ff5819 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_SSL_H #define MBEDTLS_SSL_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -912,11 +913,11 @@ typedef uint16_t mbedtls_ssl_srtp_profile; typedef struct mbedtls_dtls_srtp_info_t { /*! The SRTP profile that was negotiated. */ - mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile; + mbedtls_ssl_srtp_profile MBEDTLS_PRIVATE(chosen_dtls_srtp_profile); /*! The length of mki_value. */ - uint16_t mki_len; + uint16_t MBEDTLS_PRIVATE(mki_len); /*! The mki_value used, with max size of 256 bytes. */ - unsigned char mki_value[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH]; + unsigned char MBEDTLS_PRIVATE(mki_value)[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH]; } mbedtls_dtls_srtp_info; @@ -936,17 +937,17 @@ mbedtls_dtls_srtp_info; struct mbedtls_ssl_session { #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t start; /*!< starting time */ + mbedtls_time_t MBEDTLS_PRIVATE(start); /*!< starting time */ #endif - int ciphersuite; /*!< chosen ciphersuite */ - int compression; /*!< chosen compression */ - size_t id_len; /*!< session id length */ - unsigned char id[32]; /*!< session identifier */ - unsigned char master[48]; /*!< the master secret */ + int MBEDTLS_PRIVATE(ciphersuite); /*!< chosen ciphersuite */ + int MBEDTLS_PRIVATE(compression); /*!< chosen compression */ + size_t MBEDTLS_PRIVATE(id_len); /*!< session id length */ + unsigned char MBEDTLS_PRIVATE(id)[32]; /*!< session identifier */ + unsigned char MBEDTLS_PRIVATE(master)[48]; /*!< the master secret */ #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ + mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */ #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /*! The digest of the peer's end-CRT. This must be kept to detect CRT * changes during renegotiation, mitigating the triple handshake attack. */ @@ -955,24 +956,24 @@ struct mbedtls_ssl_session mbedtls_md_type_t peer_cert_digest_type; #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - uint32_t verify_result; /*!< verification result */ + uint32_t MBEDTLS_PRIVATE(verify_result); /*!< verification result */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - unsigned char *ticket; /*!< RFC 5077 session ticket */ - size_t ticket_len; /*!< session ticket length */ - uint32_t ticket_lifetime; /*!< ticket lifetime hint */ + unsigned char *MBEDTLS_PRIVATE(ticket); /*!< RFC 5077 session ticket */ + size_t MBEDTLS_PRIVATE(ticket_len); /*!< session ticket length */ + uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< ticket lifetime hint */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ + unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int trunc_hmac; /*!< flag for truncated hmac activation */ + int MBEDTLS_PRIVATE(trunc_hmac); /*!< flag for truncated hmac activation */ #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - int encrypt_then_mac; /*!< flag for EtM activation */ + int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */ #endif }; @@ -990,114 +991,114 @@ struct mbedtls_ssl_config /** Allowed ciphersuites per version. To access list's elements, please use * \c mbedtls_ssl_get_protocol_version_ciphersuites */ - const int *ciphersuite_list[3]; + const int *MBEDTLS_PRIVATE(ciphersuite_list)[3]; /** Callback for printing debug output */ - void (*f_dbg)(void *, int, const char *, int, const char *); - void *p_dbg; /*!< context for the debug function */ + void (*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *); + void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */ /** Callback for getting (pseudo-)random numbers */ - int (*f_rng)(void *, unsigned char *, size_t); - void *p_rng; /*!< context for the RNG function */ + int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t); + void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */ /** Callback to retrieve a session from the cache */ - mbedtls_ssl_cache_get_t *f_get_cache; + mbedtls_ssl_cache_get_t *MBEDTLS_PRIVATE(f_get_cache); /** Callback to store a session into the cache */ - mbedtls_ssl_cache_set_t *f_set_cache; - void *p_cache; /*!< context for cache callbacks */ + mbedtls_ssl_cache_set_t *MBEDTLS_PRIVATE(f_set_cache); + void *MBEDTLS_PRIVATE(p_cache); /*!< context for cache callbacks */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) /** Callback for setting cert according to SNI extension */ - int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); - void *p_sni; /*!< context for SNI callback */ + int (*MBEDTLS_PRIVATE(f_sni))(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *MBEDTLS_PRIVATE(p_sni); /*!< context for SNI callback */ #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) /** Callback to customize X.509 certificate chain verification */ - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); - void *p_vrfy; /*!< context for X.509 verify calllback */ + int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *); + void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify calllback */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /** Callback to retrieve PSK key from identity */ - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); - void *p_psk; /*!< context for PSK callback */ + int (*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *MBEDTLS_PRIVATE(p_psk); /*!< context for PSK callback */ #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /** Callback to create & write a cookie for ClientHello veirifcation */ - int (*f_cookie_write)( void *, unsigned char **, unsigned char *, + int (*MBEDTLS_PRIVATE(f_cookie_write))( void *, unsigned char **, unsigned char *, const unsigned char *, size_t ); /** Callback to verify validity of a ClientHello cookie */ - int (*f_cookie_check)( void *, const unsigned char *, size_t, + int (*MBEDTLS_PRIVATE(f_cookie_check))( void *, const unsigned char *, size_t, const unsigned char *, size_t ); - void *p_cookie; /*!< context for the cookie callbacks */ + void *MBEDTLS_PRIVATE(p_cookie); /*!< context for the cookie callbacks */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) /** Callback to create & write a session ticket */ - int (*f_ticket_write)( void *, const mbedtls_ssl_session *, + int (*MBEDTLS_PRIVATE(f_ticket_write))( void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t * ); /** Callback to parse a session ticket into a session structure */ - int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); - void *p_ticket; /*!< context for the ticket callbacks */ + int (*MBEDTLS_PRIVATE(f_ticket_parse))( void *, mbedtls_ssl_session *, unsigned char *, size_t); + void *MBEDTLS_PRIVATE(p_ticket); /*!< context for the ticket callbacks */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** Callback to export key block and master secret */ - int (*f_export_keys)( void *, const unsigned char *, + int (*MBEDTLS_PRIVATE(f_export_keys))( void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t ); /** Callback to export key block, master secret, * tls_prf and random bytes. Should replace f_export_keys */ - int (*f_export_keys_ext)( void *, const unsigned char *, + int (*MBEDTLS_PRIVATE(f_export_keys_ext))( void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types ); - void *p_export_keys; /*!< context for key export callback */ + void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - size_t cid_len; /*!< The length of CIDs for incoming DTLS records. */ + size_t MBEDTLS_PRIVATE(cid_len); /*!< The length of CIDs for incoming DTLS records. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_X509_CRT_PARSE_C) - const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */ - mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */ - mbedtls_x509_crt *ca_chain; /*!< trusted CAs */ - mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */ + const mbedtls_x509_crt_profile *MBEDTLS_PRIVATE(cert_profile); /*!< verification profile */ + mbedtls_ssl_key_cert *MBEDTLS_PRIVATE(key_cert); /*!< own certificate/key pair(s) */ + mbedtls_x509_crt *MBEDTLS_PRIVATE(ca_chain); /*!< trusted CAs */ + mbedtls_x509_crl *MBEDTLS_PRIVATE(ca_crl); /*!< trusted CAs CRLs */ #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - mbedtls_x509_crt_ca_cb_t f_ca_cb; - void *p_ca_cb; + mbedtls_x509_crt_ca_cb_t MBEDTLS_PRIVATE(f_ca_cb); + void *MBEDTLS_PRIVATE(p_ca_cb); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) #if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_ssl_async_sign_t *f_async_sign_start; /*!< start asynchronous signature operation */ - mbedtls_ssl_async_decrypt_t *f_async_decrypt_start; /*!< start asynchronous decryption operation */ + mbedtls_ssl_async_sign_t *MBEDTLS_PRIVATE(f_async_sign_start); /*!< start asynchronous signature operation */ + mbedtls_ssl_async_decrypt_t *MBEDTLS_PRIVATE(f_async_decrypt_start); /*!< start asynchronous decryption operation */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */ - mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */ - void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */ + mbedtls_ssl_async_resume_t *MBEDTLS_PRIVATE(f_async_resume); /*!< resume asynchronous operation */ + mbedtls_ssl_async_cancel_t *MBEDTLS_PRIVATE(f_async_cancel); /*!< cancel asynchronous operation */ + void *MBEDTLS_PRIVATE(p_async_config_data); /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */ #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - const int *sig_hashes; /*!< allowed signature hashes */ + const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */ #endif #if defined(MBEDTLS_ECP_C) - const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ + const mbedtls_ecp_group_id *MBEDTLS_PRIVATE(curve_list); /*!< allowed curves */ #endif #if defined(MBEDTLS_DHM_C) - mbedtls_mpi dhm_P; /*!< prime modulus for DHM */ - mbedtls_mpi dhm_G; /*!< generator for DHM */ + mbedtls_mpi MBEDTLS_PRIVATE(dhm_P); /*!< prime modulus for DHM */ + mbedtls_mpi MBEDTLS_PRIVATE(dhm_G); /*!< generator for DHM */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_id_t psk_opaque; /*!< PSA key slot holding opaque PSK. This field + psa_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field * should only be set via * mbedtls_ssl_conf_psk_opaque(). * If either no PSK or a raw PSK have been @@ -1105,22 +1106,22 @@ struct mbedtls_ssl_config */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ - unsigned char *psk; /*!< The raw pre-shared key. This field should + unsigned char *MBEDTLS_PRIVATE(psk); /*!< The raw pre-shared key. This field should * only be set via mbedtls_ssl_conf_psk(). * If either no PSK or an opaque PSK * have been configured, this has value NULL. */ - size_t psk_len; /*!< The length of the raw pre-shared key. + size_t MBEDTLS_PRIVATE(psk_len); /*!< The length of the raw pre-shared key. * This field should only be set via * mbedtls_ssl_conf_psk(). * Its value is non-zero if and only if * \c psk is not \c NULL. */ - unsigned char *psk_identity; /*!< The PSK identity for PSK negotiation. + unsigned char *MBEDTLS_PRIVATE(psk_identity); /*!< The PSK identity for PSK negotiation. * This field should only be set via * mbedtls_ssl_conf_psk(). * This is set if and only if either * \c psk or \c psk_opaque are set. */ - size_t psk_identity_len;/*!< The length of PSK identity. + size_t MBEDTLS_PRIVATE(psk_identity_len);/*!< The length of PSK identity. * This field should only be set via * mbedtls_ssl_conf_psk(). * Its value is non-zero if and only if @@ -1129,279 +1130,279 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) - const char **alpn_list; /*!< ordered list of protocols */ + const char **MBEDTLS_PRIVATE(alpn_list); /*!< ordered list of protocols */ #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) /*! ordered list of supported srtp profile */ - const mbedtls_ssl_srtp_profile *dtls_srtp_profile_list; + const mbedtls_ssl_srtp_profile *MBEDTLS_PRIVATE(dtls_srtp_profile_list); /*! number of supported profiles */ - size_t dtls_srtp_profile_list_len; + size_t MBEDTLS_PRIVATE(dtls_srtp_profile_list_len); #endif /* MBEDTLS_SSL_DTLS_SRTP */ /* * Numerical settings (int then char) */ - uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ + uint32_t MBEDTLS_PRIVATE(read_timeout); /*!< timeout for mbedtls_ssl_read (ms) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - uint32_t hs_timeout_min; /*!< initial value of the handshake + uint32_t MBEDTLS_PRIVATE(hs_timeout_min); /*!< initial value of the handshake retransmission timeout (ms) */ - uint32_t hs_timeout_max; /*!< maximum value of the handshake + uint32_t MBEDTLS_PRIVATE(hs_timeout_max); /*!< maximum value of the handshake retransmission timeout (ms) */ #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - int renego_max_records; /*!< grace period for renegotiation */ - unsigned char renego_period[8]; /*!< value of the record counters + int MBEDTLS_PRIVATE(renego_max_records); /*!< grace period for renegotiation */ + unsigned char MBEDTLS_PRIVATE(renego_period)[8]; /*!< value of the record counters that triggers renegotiation */ #endif #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - unsigned int badmac_limit; /*!< limit of records with a bad MAC */ + unsigned int MBEDTLS_PRIVATE(badmac_limit); /*!< limit of records with a bad MAC */ #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) - unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ + unsigned int MBEDTLS_PRIVATE(dhm_min_bitlen); /*!< min. bit length of the DHM prime */ #endif - unsigned char max_major_ver; /*!< max. major version used */ - unsigned char max_minor_ver; /*!< max. minor version used */ - unsigned char min_major_ver; /*!< min. major version used */ - unsigned char min_minor_ver; /*!< min. minor version used */ + unsigned char MBEDTLS_PRIVATE(max_major_ver); /*!< max. major version used */ + unsigned char MBEDTLS_PRIVATE(max_minor_ver); /*!< max. minor version used */ + unsigned char MBEDTLS_PRIVATE(min_major_ver); /*!< min. major version used */ + unsigned char MBEDTLS_PRIVATE(min_minor_ver); /*!< min. minor version used */ /* * Flags (bitfields) */ - unsigned int endpoint : 1; /*!< 0: client, 1: server */ - unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ - unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ + unsigned int MBEDTLS_PRIVATE(endpoint) : 1; /*!< 0: client, 1: server */ + unsigned int MBEDTLS_PRIVATE(transport) : 1; /*!< stream (TLS) or datagram (DTLS) */ + unsigned int MBEDTLS_PRIVATE(authmode) : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ - unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ + unsigned int MBEDTLS_PRIVATE(allow_legacy_renegotiation) : 2 ; /*!< MBEDTLS_LEGACY_XXX */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned int mfl_code : 3; /*!< desired fragment length */ + unsigned int MBEDTLS_PRIVATE(mfl_code) : 3; /*!< desired fragment length */ #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ + unsigned int MBEDTLS_PRIVATE(encrypt_then_mac) : 1 ; /*!< negotiate encrypt-then-mac? */ #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ + unsigned int MBEDTLS_PRIVATE(extended_ms) : 1; /*!< negotiate extended master secret? */ #endif #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - unsigned int anti_replay : 1; /*!< detect and prevent replay? */ + unsigned int MBEDTLS_PRIVATE(anti_replay) : 1; /*!< detect and prevent replay? */ #endif #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ + unsigned int MBEDTLS_PRIVATE(cbc_record_splitting) : 1; /*!< do cbc record splitting */ #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ + unsigned int MBEDTLS_PRIVATE(disable_renegotiation) : 1; /*!< disable renegotiation? */ #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ + unsigned int MBEDTLS_PRIVATE(trunc_hmac) : 1; /*!< negotiate truncated hmac? */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - unsigned int session_tickets : 1; /*!< use session tickets? */ + unsigned int MBEDTLS_PRIVATE(session_tickets) : 1; /*!< use session tickets? */ #endif #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) - unsigned int fallback : 1; /*!< is this a fallback? */ + unsigned int MBEDTLS_PRIVATE(fallback) : 1; /*!< is this a fallback? */ #endif #if defined(MBEDTLS_SSL_SRV_C) - unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in + unsigned int MBEDTLS_PRIVATE(cert_req_ca_list) : 1; /*!< enable sending CA list in Certificate Request messages? */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS + unsigned int MBEDTLS_PRIVATE(ignore_unexpected_cid) : 1; /*!< Determines whether DTLS * record with unexpected CID * should lead to failure. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - unsigned int dtls_srtp_mki_support : 1; /* support having mki_value + unsigned int MBEDTLS_PRIVATE(dtls_srtp_mki_support) : 1; /* support having mki_value in the use_srtp extension */ #endif }; struct mbedtls_ssl_context { - const mbedtls_ssl_config *conf; /*!< configuration information */ + const mbedtls_ssl_config *MBEDTLS_PRIVATE(conf); /*!< configuration information */ /* * Miscellaneous */ - int state; /*!< SSL handshake: current state */ + int MBEDTLS_PRIVATE(state); /*!< SSL handshake: current state */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - int renego_status; /*!< Initial, in progress, pending? */ - int renego_records_seen; /*!< Records since renego request, or with DTLS, + int MBEDTLS_PRIVATE(renego_status); /*!< Initial, in progress, pending? */ + int MBEDTLS_PRIVATE(renego_records_seen); /*!< Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0 */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ - int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ - int minor_ver; /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ + int MBEDTLS_PRIVATE(major_ver); /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ + int MBEDTLS_PRIVATE(minor_ver); /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - unsigned badmac_seen; /*!< records with a bad MAC received */ + unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_X509_CRT_PARSE_C) /** Callback to customize X.509 certificate chain verification */ - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); - void *p_vrfy; /*!< context for X.509 verify callback */ + int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *); + void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify callback */ #endif - mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ - mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ - mbedtls_ssl_recv_timeout_t *f_recv_timeout; + mbedtls_ssl_send_t *MBEDTLS_PRIVATE(f_send); /*!< Callback for network send */ + mbedtls_ssl_recv_t *MBEDTLS_PRIVATE(f_recv); /*!< Callback for network receive */ + mbedtls_ssl_recv_timeout_t *MBEDTLS_PRIVATE(f_recv_timeout); /*!< Callback for network receive with timeout */ - void *p_bio; /*!< context for I/O operations */ + void *MBEDTLS_PRIVATE(p_bio); /*!< context for I/O operations */ /* * Session layer */ - mbedtls_ssl_session *session_in; /*!< current session data (in) */ - mbedtls_ssl_session *session_out; /*!< current session data (out) */ - mbedtls_ssl_session *session; /*!< negotiated session data */ - mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ + mbedtls_ssl_session *MBEDTLS_PRIVATE(session_in); /*!< current session data (in) */ + mbedtls_ssl_session *MBEDTLS_PRIVATE(session_out); /*!< current session data (out) */ + mbedtls_ssl_session *MBEDTLS_PRIVATE(session); /*!< negotiated session data */ + mbedtls_ssl_session *MBEDTLS_PRIVATE(session_negotiate); /*!< session data in negotiation */ - mbedtls_ssl_handshake_params *handshake; /*!< params required only during + mbedtls_ssl_handshake_params *MBEDTLS_PRIVATE(handshake); /*!< params required only during the handshake process */ /* * Record layer transformations */ - mbedtls_ssl_transform *transform_in; /*!< current transform params (in) */ - mbedtls_ssl_transform *transform_out; /*!< current transform params (in) */ - mbedtls_ssl_transform *transform; /*!< negotiated transform params */ - mbedtls_ssl_transform *transform_negotiate; /*!< transform params in negotiation */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (in) */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation */ /* * Timers */ - void *p_timer; /*!< context for the timer callbacks */ + void *MBEDTLS_PRIVATE(p_timer); /*!< context for the timer callbacks */ - mbedtls_ssl_set_timer_t *f_set_timer; /*!< set timer callback */ - mbedtls_ssl_get_timer_t *f_get_timer; /*!< get timer callback */ + mbedtls_ssl_set_timer_t *MBEDTLS_PRIVATE(f_set_timer); /*!< set timer callback */ + mbedtls_ssl_get_timer_t *MBEDTLS_PRIVATE(f_get_timer); /*!< get timer callback */ /* * Record layer (incoming data) */ - unsigned char *in_buf; /*!< input buffer */ - unsigned char *in_ctr; /*!< 64-bit incoming message counter + unsigned char *MBEDTLS_PRIVATE(in_buf); /*!< input buffer */ + unsigned char *MBEDTLS_PRIVATE(in_ctr); /*!< 64-bit incoming message counter TLS: maintained by us DTLS: read from peer */ - unsigned char *in_hdr; /*!< start of record header */ + unsigned char *MBEDTLS_PRIVATE(in_hdr); /*!< start of record header */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned char *in_cid; /*!< The start of the CID; + unsigned char *MBEDTLS_PRIVATE(in_cid); /*!< The start of the CID; * (the end is marked by in_len). */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - unsigned char *in_len; /*!< two-bytes message length field */ - unsigned char *in_iv; /*!< ivlen-byte IV */ - unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ - unsigned char *in_offt; /*!< read offset in application data */ + unsigned char *MBEDTLS_PRIVATE(in_len); /*!< two-bytes message length field */ + unsigned char *MBEDTLS_PRIVATE(in_iv); /*!< ivlen-byte IV */ + unsigned char *MBEDTLS_PRIVATE(in_msg); /*!< message contents (in_iv+ivlen) */ + unsigned char *MBEDTLS_PRIVATE(in_offt); /*!< read offset in application data */ - int in_msgtype; /*!< record header: message type */ - size_t in_msglen; /*!< record header: message length */ - size_t in_left; /*!< amount of data read so far */ + int MBEDTLS_PRIVATE(in_msgtype); /*!< record header: message type */ + size_t MBEDTLS_PRIVATE(in_msglen); /*!< record header: message length */ + size_t MBEDTLS_PRIVATE(in_left); /*!< amount of data read so far */ #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - size_t in_buf_len; /*!< length of input buffer */ + size_t MBEDTLS_PRIVATE(in_buf_len); /*!< length of input buffer */ #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - uint16_t in_epoch; /*!< DTLS epoch for incoming records */ - size_t next_record_offset; /*!< offset of the next record in datagram + uint16_t MBEDTLS_PRIVATE(in_epoch); /*!< DTLS epoch for incoming records */ + size_t MBEDTLS_PRIVATE(next_record_offset); /*!< offset of the next record in datagram (equal to in_left if none) */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - uint64_t in_window_top; /*!< last validated record seq_num */ - uint64_t in_window; /*!< bitmask for replay detection */ + uint64_t MBEDTLS_PRIVATE(in_window_top); /*!< last validated record seq_num */ + uint64_t MBEDTLS_PRIVATE(in_window); /*!< bitmask for replay detection */ #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - size_t in_hslen; /*!< current handshake message length, + size_t MBEDTLS_PRIVATE(in_hslen); /*!< current handshake message length, including the handshake header */ - int nb_zero; /*!< # of 0-length encrypted messages */ + int MBEDTLS_PRIVATE(nb_zero); /*!< # of 0-length encrypted messages */ - int keep_current_message; /*!< drop or reuse current message + int MBEDTLS_PRIVATE(keep_current_message); /*!< drop or reuse current message on next call to record layer? */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - uint8_t disable_datagram_packing; /*!< Disable packing multiple records + uint8_t MBEDTLS_PRIVATE(disable_datagram_packing); /*!< Disable packing multiple records * within a single datagram. */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* * Record layer (outgoing data) */ - unsigned char *out_buf; /*!< output buffer */ - unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ - unsigned char *out_hdr; /*!< start of record header */ + unsigned char *MBEDTLS_PRIVATE(out_buf); /*!< output buffer */ + unsigned char *MBEDTLS_PRIVATE(out_ctr); /*!< 64-bit outgoing message counter */ + unsigned char *MBEDTLS_PRIVATE(out_hdr); /*!< start of record header */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned char *out_cid; /*!< The start of the CID; + unsigned char *MBEDTLS_PRIVATE(out_cid); /*!< The start of the CID; * (the end is marked by in_len). */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - unsigned char *out_len; /*!< two-bytes message length field */ - unsigned char *out_iv; /*!< ivlen-byte IV */ - unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ + unsigned char *MBEDTLS_PRIVATE(out_len); /*!< two-bytes message length field */ + unsigned char *MBEDTLS_PRIVATE(out_iv); /*!< ivlen-byte IV */ + unsigned char *MBEDTLS_PRIVATE(out_msg); /*!< message contents (out_iv+ivlen) */ - int out_msgtype; /*!< record header: message type */ - size_t out_msglen; /*!< record header: message length */ - size_t out_left; /*!< amount of data not yet written */ + int MBEDTLS_PRIVATE(out_msgtype); /*!< record header: message type */ + size_t MBEDTLS_PRIVATE(out_msglen); /*!< record header: message length */ + size_t MBEDTLS_PRIVATE(out_left); /*!< amount of data not yet written */ #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - size_t out_buf_len; /*!< length of output buffer */ + size_t MBEDTLS_PRIVATE(out_buf_len); /*!< length of output buffer */ #endif - unsigned char cur_out_ctr[8]; /*!< Outgoing record sequence number. */ + unsigned char MBEDTLS_PRIVATE(cur_out_ctr)[8]; /*!< Outgoing record sequence number. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ + uint16_t MBEDTLS_PRIVATE(mtu); /*!< path mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - signed char split_done; /*!< current record already splitted? */ + signed char MBEDTLS_PRIVATE(split_done); /*!< current record already splitted? */ #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * PKI layer */ - int client_auth; /*!< flag for client auth. */ + int MBEDTLS_PRIVATE(client_auth); /*!< flag for client auth. */ /* * User settings */ #if defined(MBEDTLS_X509_CRT_PARSE_C) - char *hostname; /*!< expected peer CN for verification + char *MBEDTLS_PRIVATE(hostname); /*!< expected peer CN for verification (and SNI if available) */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_ALPN) - const char *alpn_chosen; /*!< negotiated protocol */ + const char *MBEDTLS_PRIVATE(alpn_chosen); /*!< negotiated protocol */ #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) /* * use_srtp extension */ - mbedtls_dtls_srtp_info dtls_srtp_info; + mbedtls_dtls_srtp_info MBEDTLS_PRIVATE(dtls_srtp_info); #endif /* MBEDTLS_SSL_DTLS_SRTP */ /* * Information for DTLS hello verify */ #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - unsigned char *cli_id; /*!< transport-level ID of the client */ - size_t cli_id_len; /*!< length of cli_id */ + unsigned char *MBEDTLS_PRIVATE(cli_id); /*!< transport-level ID of the client */ + size_t MBEDTLS_PRIVATE(cli_id_len); /*!< length of cli_id */ #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ /* * Secure renegotiation */ /* needed to know when to send extension on server */ - int secure_renegotiation; /*!< does peer support legacy or + int MBEDTLS_PRIVATE(secure_renegotiation); /*!< does peer support legacy or secure renegotiation */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - size_t verify_data_len; /*!< length of verify data stored */ - char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ - char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ + size_t MBEDTLS_PRIVATE(verify_data_len); /*!< length of verify data stored */ + char MBEDTLS_PRIVATE(own_verify_data)[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ + char MBEDTLS_PRIVATE(peer_verify_data)[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) @@ -1411,9 +1412,9 @@ struct mbedtls_ssl_context * all subsequent handshakes. This may be different from the * CID currently used in case the user has re-configured the CID * after an initial handshake. */ - unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ]; - uint8_t own_cid_len; /*!< The length of \c own_cid. */ - uint8_t negotiate_cid; /*!< This indicates whether the CID extension should + unsigned char MBEDTLS_PRIVATE(own_cid)[ MBEDTLS_SSL_CID_IN_LEN_MAX ]; + uint8_t MBEDTLS_PRIVATE(own_cid_len); /*!< The length of \c own_cid. */ + uint8_t MBEDTLS_PRIVATE(negotiate_cid); /*!< This indicates whether the CID extension should * be negotiated in the next handshake or not. * Possible values are #MBEDTLS_SSL_CID_ENABLED * and #MBEDTLS_SSL_CID_DISABLED. */ diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index ac7b77cfbb..d995f8f6d5 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -65,16 +66,16 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; struct mbedtls_ssl_cache_entry { #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t timestamp; /*!< entry timestamp */ + mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */ #endif - unsigned char session_id[32]; /*!< session ID */ - size_t session_id_len; + unsigned char MBEDTLS_PRIVATE(session_id)[32]; /*!< session ID */ + size_t MBEDTLS_PRIVATE(session_id_len); - unsigned char *session; /*!< serialized session */ - size_t session_len; + unsigned char *MBEDTLS_PRIVATE(session); /*!< serialized session */ + size_t MBEDTLS_PRIVATE(session_len); - mbedtls_ssl_cache_entry *next; /*!< chain pointer */ + mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(next); /*!< chain pointer */ }; /** @@ -82,11 +83,11 @@ struct mbedtls_ssl_cache_entry */ struct mbedtls_ssl_cache_context { - mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ - int timeout; /*!< cache entry timeout */ - int max_entries; /*!< maximum entries */ + mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */ + int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */ + int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */ #if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; /*!< mutex */ + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< mutex */ #endif }; diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 3eacfb5a3e..093238c0b8 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -405,7 +406,7 @@ int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: @@ -424,7 +425,7 @@ static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: @@ -442,7 +443,7 @@ static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: @@ -456,7 +457,7 @@ static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersui static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: @@ -473,7 +474,7 @@ static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ci static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: @@ -492,7 +493,7 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: @@ -507,7 +508,7 @@ static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuit #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: @@ -523,7 +524,7 @@ static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersu #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) { - switch( info->key_exchange ) + switch( info->MBEDTLS_PRIVATE(key_exchange) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 0a238708e5..6806dbddd6 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -56,15 +57,15 @@ extern "C" { */ typedef struct mbedtls_ssl_cookie_ctx { - mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ + mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */ #if !defined(MBEDTLS_HAVE_TIME) unsigned long serial; /*!< serial number for expiration */ #endif - unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, + unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME, or in number of tickets issued */ #if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); #endif } mbedtls_ssl_cookie_ctx; diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index a882eed23b..871eec3791 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -50,9 +51,9 @@ extern "C" { */ typedef struct mbedtls_ssl_ticket_key { - unsigned char name[4]; /*!< random key identifier */ - uint32_t generation_time; /*!< key generation timestamp (seconds) */ - mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ + unsigned char MBEDTLS_PRIVATE(name)[4]; /*!< random key identifier */ + uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */ } mbedtls_ssl_ticket_key; @@ -61,17 +62,17 @@ mbedtls_ssl_ticket_key; */ typedef struct mbedtls_ssl_ticket_context { - mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ - unsigned char active; /*!< index of the currently active key */ + mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */ + unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */ - uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */ + uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */ /** Callback for getting (pseudo-)random numbers */ - int (*f_rng)(void *, unsigned char *, size_t); - void *p_rng; /*!< context for the RNG function */ + int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t); + void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */ #if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); #endif } mbedtls_ssl_ticket_context; diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 1047f8f356..fae96c2d0c 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_THREADING_H #define MBEDTLS_THREADING_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -41,11 +42,11 @@ extern "C" { #include typedef struct mbedtls_threading_mutex_t { - pthread_mutex_t mutex; + pthread_mutex_t MBEDTLS_PRIVATE(mutex); /* is_valid is 0 after a failed init or a free, and nonzero after a * successful init. This field is not considered part of the public * API of Mbed TLS and may change without notice. */ - char is_valid; + char MBEDTLS_PRIVATE(is_valid); } mbedtls_threading_mutex_t; #endif diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index b7290cfcab..9a8b1e0116 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_TIMING_H #define MBEDTLS_TIMING_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -43,7 +44,7 @@ extern "C" { */ struct mbedtls_timing_hr_time { - unsigned char opaque[32]; + unsigned char MBEDTLS_PRIVATE(opaque)[32]; }; /** @@ -52,8 +53,8 @@ struct mbedtls_timing_hr_time typedef struct mbedtls_timing_delay_context { struct mbedtls_timing_hr_time timer; - uint32_t int_ms; - uint32_t fin_ms; + uint32_t MBEDTLS_PRIVATE(int_ms); + uint32_t MBEDTLS_PRIVATE(fin_ms); } mbedtls_timing_delay_context; #else /* MBEDTLS_TIMING_ALT */ diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 3091de1d1b..b7a969a3b2 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_X509_H #define MBEDTLS_X509_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -229,8 +230,8 @@ typedef mbedtls_asn1_sequence mbedtls_x509_sequence; /** Container for date and time (precision in seconds). */ typedef struct mbedtls_x509_time { - int year, mon, day; /**< Date. */ - int hour, min, sec; /**< Time. */ + int MBEDTLS_PRIVATE(year), MBEDTLS_PRIVATE(mon), MBEDTLS_PRIVATE(day); /**< Date. */ + int MBEDTLS_PRIVATE(hour), MBEDTLS_PRIVATE(min), MBEDTLS_PRIVATE(sec); /**< Time. */ } mbedtls_x509_time; diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index fcaa1495d2..440da12166 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -49,15 +50,15 @@ extern "C" { */ typedef struct mbedtls_x509_crl_entry { - mbedtls_x509_buf raw; + mbedtls_x509_buf MBEDTLS_PRIVATE(raw); - mbedtls_x509_buf serial; + mbedtls_x509_buf MBEDTLS_PRIVATE(serial); - mbedtls_x509_time revocation_date; + mbedtls_x509_time MBEDTLS_PRIVATE(revocation_date); - mbedtls_x509_buf entry_ext; + mbedtls_x509_buf MBEDTLS_PRIVATE(entry_ext); - struct mbedtls_x509_crl_entry *next; + struct mbedtls_x509_crl_entry *MBEDTLS_PRIVATE(next); } mbedtls_x509_crl_entry; @@ -67,30 +68,30 @@ mbedtls_x509_crl_entry; */ typedef struct mbedtls_x509_crl { - mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ - mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(raw); /**< The raw certificate data (DER). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(tbs); /**< The raw certificate body (DER). The part that is To Be Signed. */ - int version; /**< CRL version (1=v1, 2=v2) */ - mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */ + int MBEDTLS_PRIVATE(version); /**< CRL version (1=v1, 2=v2) */ + mbedtls_x509_buf MBEDTLS_PRIVATE(sig_oid); /**< CRL signature type identifier */ - mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(issuer_raw); /**< The raw issuer data (DER). */ - mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ + mbedtls_x509_name MBEDTLS_PRIVATE(issuer); /**< The parsed issuer data (named information object). */ - mbedtls_x509_time this_update; - mbedtls_x509_time next_update; + mbedtls_x509_time MBEDTLS_PRIVATE(this_update); + mbedtls_x509_time MBEDTLS_PRIVATE(next_update); - mbedtls_x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ + mbedtls_x509_crl_entry MBEDTLS_PRIVATE(entry); /**< The CRL entries containing the certificate revocation times for this CA. */ - mbedtls_x509_buf crl_ext; + mbedtls_x509_buf MBEDTLS_PRIVATE(crl_ext); - mbedtls_x509_buf sig_oid2; - mbedtls_x509_buf sig; - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf MBEDTLS_PRIVATE(sig_oid2); + mbedtls_x509_buf MBEDTLS_PRIVATE(sig); + mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - struct mbedtls_x509_crl *next; + struct mbedtls_x509_crl *MBEDTLS_PRIVATE(next); } mbedtls_x509_crl; diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 23a20d10be..015962c7ca 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_X509_CRT_H #define MBEDTLS_X509_CRT_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -51,50 +52,50 @@ extern "C" { */ typedef struct mbedtls_x509_crt { - int own_buffer; /**< Indicates if \c raw is owned + int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned * by the structure or not. */ - mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ - mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(raw); /**< The raw certificate data (DER). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(tbs); /**< The raw certificate body (DER). The part that is To Be Signed. */ - int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ - mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ - mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ + int MBEDTLS_PRIVATE(version); /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ + mbedtls_x509_buf MBEDTLS_PRIVATE(serial); /**< Unique id for certificate issued by a specific CA. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(sig_oid); /**< Signature algorithm, e.g. sha1RSA */ - mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ - mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(issuer_raw); /**< The raw issuer data (DER). Used for quick comparison. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(subject_raw); /**< The raw subject data (DER). Used for quick comparison. */ - mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ - mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ + mbedtls_x509_name MBEDTLS_PRIVATE(issuer); /**< The parsed issuer data (named information object). */ + mbedtls_x509_name MBEDTLS_PRIVATE(subject); /**< The parsed subject data (named information object). */ - mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ - mbedtls_x509_time valid_to; /**< End time of certificate validity. */ + mbedtls_x509_time MBEDTLS_PRIVATE(valid_from); /**< Start time of certificate validity. */ + mbedtls_x509_time MBEDTLS_PRIVATE(valid_to); /**< End time of certificate validity. */ - mbedtls_x509_buf pk_raw; - mbedtls_pk_context pk; /**< Container for the public key context. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(pk_raw); + mbedtls_pk_context MBEDTLS_PRIVATE(pk); /**< Container for the public key context. */ - mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ - mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ - mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ - mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(issuer_id); /**< Optional X.509 v2/v3 issuer unique identifier. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(subject_id); /**< Optional X.509 v2/v3 subject unique identifier. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(v3_ext); /**< Optional X.509 v3 extensions. */ + mbedtls_x509_sequence MBEDTLS_PRIVATE(subject_alt_names); /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */ - mbedtls_x509_sequence certificate_policies; /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */ + mbedtls_x509_sequence MBEDTLS_PRIVATE(certificate_policies); /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */ - int ext_types; /**< Bit string containing detected and parsed extensions */ - int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ - int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ + int MBEDTLS_PRIVATE(ext_types); /**< Bit string containing detected and parsed extensions */ + int MBEDTLS_PRIVATE(ca_istrue); /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ + int MBEDTLS_PRIVATE(max_pathlen); /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ - unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ + unsigned int MBEDTLS_PRIVATE(key_usage); /**< Optional key usage extension value: See the values in x509.h */ - mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ + mbedtls_x509_sequence MBEDTLS_PRIVATE(ext_key_usage); /**< Optional list of extended key usage OIDs. */ - unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ + unsigned char MBEDTLS_PRIVATE(ns_cert_type); /**< Optional Netscape certificate type extension value: See the values in x509.h */ - mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf MBEDTLS_PRIVATE(sig); /**< Signature: hash of the tbs part signed with the private key. */ + mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */ + struct mbedtls_x509_crt *MBEDTLS_PRIVATE(next); /**< Next certificate in the CA-chain. */ } mbedtls_x509_crt; @@ -111,7 +112,7 @@ typedef struct mbedtls_x509_san_other_name * To check the value of the type id, you should use * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. */ - mbedtls_x509_buf type_id; /**< The type id. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(type_id); /**< The type id. */ union { /** @@ -122,12 +123,12 @@ typedef struct mbedtls_x509_san_other_name */ struct { - mbedtls_x509_buf oid; /**< The object identifier. */ - mbedtls_x509_buf val; /**< The named value. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(oid); /**< The object identifier. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(val); /**< The named value. */ } - hardware_module_name; + MBEDTLS_PRIVATE(hardware_module_name); } - value; + MBEDTLS_PRIVATE(value); } mbedtls_x509_san_other_name; @@ -136,12 +137,12 @@ mbedtls_x509_san_other_name; */ typedef struct mbedtls_x509_subject_alternative_name { - int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ + int MBEDTLS_PRIVATE(type); /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ union { - mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ - mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */ + mbedtls_x509_san_other_name MBEDTLS_PRIVATE(other_name); /**< The otherName supported type. */ + mbedtls_x509_buf MBEDTLS_PRIVATE(unstructured_name); /**< The buffer for the un constructed types. Only dnsName currently supported */ } - san; /**< A union of the supported SAN types */ + MBEDTLS_PRIVATE(san); /**< A union of the supported SAN types */ } mbedtls_x509_subject_alternative_name; @@ -158,10 +159,10 @@ mbedtls_x509_subject_alternative_name; */ typedef struct mbedtls_x509_crt_profile { - uint32_t allowed_mds; /**< MDs for signatures */ - uint32_t allowed_pks; /**< PK algs for signatures */ - uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ - uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ + uint32_t MBEDTLS_PRIVATE(allowed_mds); /**< MDs for signatures */ + uint32_t MBEDTLS_PRIVATE(allowed_pks); /**< PK algs for signatures */ + uint32_t MBEDTLS_PRIVATE(allowed_curves); /**< Elliptic curves for ECDSA */ + uint32_t MBEDTLS_PRIVATE(rsa_min_bitlen); /**< Minimum size for RSA keys */ } mbedtls_x509_crt_profile; @@ -249,16 +250,16 @@ mbedtls_x509_crt_profile; */ typedef struct mbedtls_x509write_cert { - int version; - mbedtls_mpi serial; - mbedtls_pk_context *subject_key; - mbedtls_pk_context *issuer_key; - mbedtls_asn1_named_data *subject; - mbedtls_asn1_named_data *issuer; - mbedtls_md_type_t md_alg; - char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; - char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; - mbedtls_asn1_named_data *extensions; + int MBEDTLS_PRIVATE(version); + mbedtls_mpi MBEDTLS_PRIVATE(serial); + mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key); + mbedtls_pk_context *MBEDTLS_PRIVATE(issuer_key); + mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject); + mbedtls_asn1_named_data *MBEDTLS_PRIVATE(issuer); + mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg); + char MBEDTLS_PRIVATE(not_before)[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + char MBEDTLS_PRIVATE(not_after)[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + mbedtls_asn1_named_data *MBEDTLS_PRIVATE(extensions); } mbedtls_x509write_cert; @@ -266,8 +267,8 @@ mbedtls_x509write_cert; * Item in a verification chain: cert and flags for it */ typedef struct { - mbedtls_x509_crt *crt; - uint32_t flags; + mbedtls_x509_crt *MBEDTLS_PRIVATE(crt); + uint32_t MBEDTLS_PRIVATE(flags); } mbedtls_x509_crt_verify_chain_item; /** @@ -280,15 +281,15 @@ typedef struct { */ typedef struct { - mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; - unsigned len; + mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; + unsigned MBEDTLS_PRIVATE(len); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /* This stores the list of potential trusted signers obtained from * the CA callback used for the CRT verification, if configured. * We must track it somewhere because the callback passes its * ownership to the caller. */ - mbedtls_x509_crt *trust_ca_cb_result; + mbedtls_x509_crt *MBEDTLS_PRIVATE(trust_ca_cb_result); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ } mbedtls_x509_crt_verify_chain; diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 07a3717298..fa98394e89 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_X509_CSR_H #define MBEDTLS_X509_CSR_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -48,21 +49,21 @@ extern "C" { */ typedef struct mbedtls_x509_csr { - mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ - mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(raw); /**< The raw CSR data (DER). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(cri); /**< The raw CertificateRequestInfo body (DER). */ - int version; /**< CSR version (1=v1). */ + int MBEDTLS_PRIVATE(version); /**< CSR version (1=v1). */ - mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). */ - mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ + mbedtls_x509_buf MBEDTLS_PRIVATE(subject_raw); /**< The raw subject data (DER). */ + mbedtls_x509_name MBEDTLS_PRIVATE(subject); /**< The parsed subject data (named information object). */ - mbedtls_pk_context pk; /**< Container for the public key context. */ + mbedtls_pk_context MBEDTLS_PRIVATE(pk); /**< Container for the public key context. */ - mbedtls_x509_buf sig_oid; - mbedtls_x509_buf sig; - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf MBEDTLS_PRIVATE(sig_oid); + mbedtls_x509_buf MBEDTLS_PRIVATE(sig); + mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ } mbedtls_x509_csr; @@ -71,10 +72,10 @@ mbedtls_x509_csr; */ typedef struct mbedtls_x509write_csr { - mbedtls_pk_context *key; - mbedtls_asn1_named_data *subject; - mbedtls_md_type_t md_alg; - mbedtls_asn1_named_data *extensions; + mbedtls_pk_context *MBEDTLS_PRIVATE(key); + mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject); + mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg); + mbedtls_asn1_named_data *MBEDTLS_PRIVATE(extensions); } mbedtls_x509write_csr; diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h index 5ce2fe48c4..72c998edfd 100644 --- a/include/mbedtls/xtea.h +++ b/include/mbedtls/xtea.h @@ -21,6 +21,7 @@ */ #ifndef MBEDTLS_XTEA_H #define MBEDTLS_XTEA_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -49,7 +50,7 @@ extern "C" { */ typedef struct mbedtls_xtea_context { - uint32_t k[4]; /*!< key */ + uint32_t MBEDTLS_PRIVATE(k)[4]; /*!< key */ } mbedtls_xtea_context; diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 1d11b003e4..b05660f7e1 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -32,6 +32,7 @@ #ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H #define PSA_CRYPTO_BUILTIN_COMPOSITES_H +#include "mbedtls/private_access.h" #include @@ -47,11 +48,11 @@ typedef struct { /** The HMAC algorithm in use */ - psa_algorithm_t alg; + psa_algorithm_t MBEDTLS_PRIVATE(alg); /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; + uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } mbedtls_psa_hmac_operation_t; #define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}} @@ -61,17 +62,17 @@ typedef struct typedef struct { - psa_algorithm_t alg; + psa_algorithm_t MBEDTLS_PRIVATE(alg); union { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ + unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) - mbedtls_psa_hmac_operation_t hmac; + mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac); #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || defined(PSA_CRYPTO_DRIVER_TEST) - mbedtls_cipher_context_t cmac; + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cmac); #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ - } ctx; + } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_mac_operation_t; #define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 75801a1789..674c7d060d 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -32,6 +32,7 @@ #ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H #define PSA_CRYPTO_BUILTIN_PRIMITIVES_H +#include "mbedtls/private_access.h" #include @@ -61,32 +62,32 @@ typedef struct { - psa_algorithm_t alg; + psa_algorithm_t MBEDTLS_PRIVATE(alg); union { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ + unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; + mbedtls_md2_context MBEDTLS_PRIVATE(md2); #endif #if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; + mbedtls_md4_context MBEDTLS_PRIVATE(md4); #endif #if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; + mbedtls_md5_context MBEDTLS_PRIVATE(md5); #endif #if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; + mbedtls_ripemd160_context MBEDTLS_PRIVATE(ripemd160); #endif #if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; + mbedtls_sha1_context MBEDTLS_PRIVATE(sha1); #endif #if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; + mbedtls_sha256_context MBEDTLS_PRIVATE(sha256); #endif #if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; + mbedtls_sha512_context MBEDTLS_PRIVATE(sha512); #endif - } ctx; + } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_hash_operation_t; #define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} @@ -110,10 +111,10 @@ typedef struct typedef struct { /* Context structure for the Mbed TLS cipher implementation. */ - psa_algorithm_t alg; - uint8_t iv_length; - uint8_t block_length; - mbedtls_cipher_context_t cipher; + psa_algorithm_t MBEDTLS_PRIVATE(alg); + uint8_t MBEDTLS_PRIVATE(iv_length); + uint8_t MBEDTLS_PRIVATE(block_length); + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); } mbedtls_psa_cipher_operation_t; #define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a7b4ab5994..3611c4136f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -27,6 +27,7 @@ #ifndef PSA_CRYPTO_EXTRA_H #define PSA_CRYPTO_EXTRA_H +#include "mbedtls/private_access.h" #include "mbedtls/platform_util.h" @@ -71,7 +72,7 @@ static inline void psa_set_key_enrollment_algorithm( psa_key_attributes_t *attributes, psa_algorithm_t alg2) { - attributes->core.policy.alg2 = alg2; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2; } /** Retrieve the enrollment algorithm policy from key attributes. @@ -83,7 +84,7 @@ static inline void psa_set_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg2 ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) ); } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -141,8 +142,8 @@ static inline void psa_set_key_slot_number( psa_key_attributes_t *attributes, psa_key_slot_number_t slot_number ) { - attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; - attributes->slot_number = slot_number; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; + attributes->MBEDTLS_PRIVATE(slot_number) = slot_number; } /** Remove the slot number attribute from a key attribute structure. @@ -154,7 +155,7 @@ static inline void psa_set_key_slot_number( static inline void psa_clear_key_slot_number( psa_key_attributes_t *attributes ) { - attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; } /** Register a key that is already present in a secure element. @@ -226,26 +227,26 @@ void mbedtls_psa_crypto_free( void ); typedef struct mbedtls_psa_stats_s { /** Number of slots containing key material for a volatile key. */ - size_t volatile_slots; + size_t MBEDTLS_PRIVATE(volatile_slots); /** Number of slots containing key material for a key which is in * internal persistent storage. */ - size_t persistent_slots; + size_t MBEDTLS_PRIVATE(persistent_slots); /** Number of slots containing a reference to a key in a * secure element. */ - size_t external_slots; + size_t MBEDTLS_PRIVATE(external_slots); /** Number of slots which are occupied, but do not contain * key material yet. */ - size_t half_filled_slots; + size_t MBEDTLS_PRIVATE(half_filled_slots); /** Number of slots that contain cache data. */ - size_t cache_slots; + size_t MBEDTLS_PRIVATE(cache_slots); /** Number of slots that are not used for anything. */ - size_t empty_slots; + size_t MBEDTLS_PRIVATE(empty_slots); /** Number of slots that are locked. */ - size_t locked_slots; + size_t MBEDTLS_PRIVATE(locked_slots); /** Largest key id value among open keys in internal persistent storage. */ - psa_key_id_t max_open_internal_key_id; + psa_key_id_t MBEDTLS_PRIVATE(max_open_internal_key_id); /** Largest key id value among open keys in secure elements. */ - psa_key_id_t max_open_external_key_id; + psa_key_id_t MBEDTLS_PRIVATE(max_open_external_key_id); } mbedtls_psa_stats_t; /** \brief Get statistics about diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 1dc8f9b5c4..91a6d0beeb 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -33,6 +33,7 @@ */ #ifndef PSA_CRYPTO_SE_DRIVER_H #define PSA_CRYPTO_SE_DRIVER_H +#include "mbedtls/private_access.h" #include "crypto_driver_common.h" @@ -97,21 +98,21 @@ typedef struct { * - psa_destroy_key() causes a call to * psa_drv_se_key_management_t::p_destroy. */ - const void *const persistent_data; + const void *const MBEDTLS_PRIVATE(persistent_data); /** The size of \c persistent_data in bytes. * * This is always equal to the value of the `persistent_data_size` field * of the ::psa_drv_se_t structure when the driver is registered. */ - const size_t persistent_data_size; + const size_t MBEDTLS_PRIVATE(persistent_data_size); /** Driver transient data. * * The core initializes this value to 0 and does not read or modify it * afterwards. The driver may store whatever it wants in this field. */ - uintptr_t transient_data; + uintptr_t MBEDTLS_PRIVATE(transient_data); } psa_drv_se_context_t; /** \brief A driver initialization function. @@ -323,28 +324,28 @@ typedef struct { /**The size in bytes of the hardware-specific secure element MAC context * structure */ - size_t context_size; + size_t MBEDTLS_PRIVATE(context_size); /** Function that performs a MAC setup operation */ - psa_drv_se_mac_setup_t p_setup; + psa_drv_se_mac_setup_t MBEDTLS_PRIVATE(p_setup); /** Function that performs a MAC update operation */ - psa_drv_se_mac_update_t p_update; + psa_drv_se_mac_update_t MBEDTLS_PRIVATE(p_update); /** Function that completes a MAC operation */ - psa_drv_se_mac_finish_t p_finish; + psa_drv_se_mac_finish_t MBEDTLS_PRIVATE(p_finish); /** Function that completes a MAC operation with a verify check */ - psa_drv_se_mac_finish_verify_t p_finish_verify; + psa_drv_se_mac_finish_verify_t MBEDTLS_PRIVATE(p_finish_verify); /** Function that aborts a previoustly started MAC operation */ - psa_drv_se_mac_abort_t p_abort; + psa_drv_se_mac_abort_t MBEDTLS_PRIVATE(p_abort); /** Function that performs a MAC operation in one call */ - psa_drv_se_mac_generate_t p_mac; + psa_drv_se_mac_generate_t MBEDTLS_PRIVATE(p_mac); /** Function that performs a MAC and verify operation in one call */ - psa_drv_se_mac_verify_t p_mac_verify; + psa_drv_se_mac_verify_t MBEDTLS_PRIVATE(p_mac_verify); } psa_drv_se_mac_t; /**@}*/ @@ -510,22 +511,22 @@ typedef struct { /** The size in bytes of the hardware-specific secure element cipher * context structure */ - size_t context_size; + size_t MBEDTLS_PRIVATE(context_size); /** Function that performs a cipher setup operation */ - psa_drv_se_cipher_setup_t p_setup; + psa_drv_se_cipher_setup_t MBEDTLS_PRIVATE(p_setup); /** Function that sets a cipher IV (if necessary) */ - psa_drv_se_cipher_set_iv_t p_set_iv; + psa_drv_se_cipher_set_iv_t MBEDTLS_PRIVATE(p_set_iv); /** Function that performs a cipher update operation */ - psa_drv_se_cipher_update_t p_update; + psa_drv_se_cipher_update_t MBEDTLS_PRIVATE(p_update); /** Function that completes a cipher operation */ - psa_drv_se_cipher_finish_t p_finish; + psa_drv_se_cipher_finish_t MBEDTLS_PRIVATE(p_finish); /** Function that aborts a cipher operation */ - psa_drv_se_cipher_abort_t p_abort; + psa_drv_se_cipher_abort_t MBEDTLS_PRIVATE(p_abort); /** Function that performs ECB mode for a cipher operation * (Danger: ECB mode should not be used directly by clients of the PSA * Crypto Client API) */ - psa_drv_se_cipher_ecb_t p_ecb; + psa_drv_se_cipher_ecb_t MBEDTLS_PRIVATE(p_ecb); } psa_drv_se_cipher_t; /**@}*/ @@ -681,13 +682,13 @@ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *dr */ typedef struct { /** Function that performs an asymmetric sign operation */ - psa_drv_se_asymmetric_sign_t p_sign; + psa_drv_se_asymmetric_sign_t MBEDTLS_PRIVATE(p_sign); /** Function that performs an asymmetric verify operation */ - psa_drv_se_asymmetric_verify_t p_verify; + psa_drv_se_asymmetric_verify_t MBEDTLS_PRIVATE(p_verify); /** Function that performs an asymmetric encrypt operation */ - psa_drv_se_asymmetric_encrypt_t p_encrypt; + psa_drv_se_asymmetric_encrypt_t MBEDTLS_PRIVATE(p_encrypt); /** Function that performs an asymmetric decrypt operation */ - psa_drv_se_asymmetric_decrypt_t p_decrypt; + psa_drv_se_asymmetric_decrypt_t MBEDTLS_PRIVATE(p_decrypt); } psa_drv_se_asymmetric_t; /**@}*/ @@ -798,9 +799,9 @@ typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_drv_se_context_t *drv_cont */ typedef struct { /** Function that performs the AEAD encrypt operation */ - psa_drv_se_aead_encrypt_t p_encrypt; + psa_drv_se_aead_encrypt_t MBEDTLS_PRIVATE(p_encrypt); /** Function that performs the AEAD decrypt operation */ - psa_drv_se_aead_decrypt_t p_decrypt; + psa_drv_se_aead_decrypt_t MBEDTLS_PRIVATE(p_decrypt); } psa_drv_se_aead_t; /**@}*/ @@ -1120,19 +1121,19 @@ typedef psa_status_t (*psa_drv_se_generate_key_t)( */ typedef struct { /** Function that allocates a slot for a key. */ - psa_drv_se_allocate_key_t p_allocate; + psa_drv_se_allocate_key_t MBEDTLS_PRIVATE(p_allocate); /** Function that checks the validity of a slot for a key. */ - psa_drv_se_validate_slot_number_t p_validate_slot_number; + psa_drv_se_validate_slot_number_t MBEDTLS_PRIVATE(p_validate_slot_number); /** Function that performs a key import operation */ - psa_drv_se_import_key_t p_import; + psa_drv_se_import_key_t MBEDTLS_PRIVATE(p_import); /** Function that performs a generation */ - psa_drv_se_generate_key_t p_generate; + psa_drv_se_generate_key_t MBEDTLS_PRIVATE(p_generate); /** Function that performs a key destroy operation */ - psa_drv_se_destroy_key_t p_destroy; + psa_drv_se_destroy_key_t MBEDTLS_PRIVATE(p_destroy); /** Function that performs a key export operation */ - psa_drv_se_export_key_t p_export; + psa_drv_se_export_key_t MBEDTLS_PRIVATE(p_export); /** Function that performs a public key export operation */ - psa_drv_se_export_key_t p_export_public; + psa_drv_se_export_key_t MBEDTLS_PRIVATE(p_export_public); } psa_drv_se_key_management_t; /**@}*/ @@ -1263,16 +1264,16 @@ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context, */ typedef struct { /** The driver-specific size of the key derivation context */ - size_t context_size; + size_t MBEDTLS_PRIVATE(context_size); /** Function that performs a key derivation setup */ - psa_drv_se_key_derivation_setup_t p_setup; + psa_drv_se_key_derivation_setup_t MBEDTLS_PRIVATE(p_setup); /** Function that sets key derivation collateral */ - psa_drv_se_key_derivation_collateral_t p_collateral; + psa_drv_se_key_derivation_collateral_t MBEDTLS_PRIVATE(p_collateral); /** Function that performs a final key derivation step */ - psa_drv_se_key_derivation_derive_t p_derive; + psa_drv_se_key_derivation_derive_t MBEDTLS_PRIVATE(p_derive); /** Function that perforsm a final key derivation or agreement and * exports the key */ - psa_drv_se_key_derivation_export_t p_export; + psa_drv_se_key_derivation_export_t MBEDTLS_PRIVATE(p_export); } psa_drv_se_key_derivation_t; /**@}*/ @@ -1293,7 +1294,7 @@ typedef struct { * a different version of this specification. * Use #PSA_DRV_SE_HAL_VERSION. */ - uint32_t hal_version; + uint32_t MBEDTLS_PRIVATE(hal_version); /** The size of the driver's persistent data in bytes. * @@ -1303,7 +1304,7 @@ typedef struct { * for more information about why and how a driver can use * persistent data. */ - size_t persistent_data_size; + size_t MBEDTLS_PRIVATE(persistent_data_size); /** The driver initialization function. * @@ -1315,14 +1316,14 @@ typedef struct { * If this field is \c NULL, it is equivalent to a function that does * nothing and returns #PSA_SUCCESS. */ - psa_drv_se_init_t p_init; + psa_drv_se_init_t MBEDTLS_PRIVATE(p_init); - const psa_drv_se_key_management_t *key_management; - const psa_drv_se_mac_t *mac; - const psa_drv_se_cipher_t *cipher; - const psa_drv_se_aead_t *aead; - const psa_drv_se_asymmetric_t *asymmetric; - const psa_drv_se_key_derivation_t *derivation; + const psa_drv_se_key_management_t *MBEDTLS_PRIVATE(key_management); + const psa_drv_se_mac_t *MBEDTLS_PRIVATE(mac); + const psa_drv_se_cipher_t *MBEDTLS_PRIVATE(cipher); + const psa_drv_se_aead_t *MBEDTLS_PRIVATE(aead); + const psa_drv_se_asymmetric_t *MBEDTLS_PRIVATE(asymmetric); + const psa_drv_se_key_derivation_t *MBEDTLS_PRIVATE(derivation); } psa_drv_se_t; /** The current version of the secure element driver HAL. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 47012fdd00..b07ced8bde 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -60,6 +60,7 @@ #ifndef PSA_CRYPTO_STRUCT_H #define PSA_CRYPTO_STRUCT_H +#include "mbedtls/private_access.h" #ifdef __cplusplus extern "C" { @@ -88,8 +89,8 @@ struct psa_hash_operation_s * ID values are auto-generated in psa_driver_wrappers.h. * ID value zero means the context is not valid or not assigned to * any driver (i.e. the driver context is not active, in use). */ - unsigned int id; - psa_driver_hash_context_t ctx; + unsigned int MBEDTLS_PRIVATE(id); + psa_driver_hash_context_t MBEDTLS_PRIVATE(ctx); }; #define PSA_HASH_OPERATION_INIT {0, {0}} @@ -107,14 +108,14 @@ struct psa_cipher_operation_s * ID values are auto-generated in psa_crypto_driver_wrappers.h * ID value zero means the context is not valid or not assigned to * any driver (i.e. none of the driver contexts are active). */ - unsigned int id; + unsigned int MBEDTLS_PRIVATE(id); - unsigned int iv_required : 1; - unsigned int iv_set : 1; + unsigned int MBEDTLS_PRIVATE(iv_required) : 1; + unsigned int MBEDTLS_PRIVATE(iv_set) : 1; - uint8_t default_iv_length; + uint8_t MBEDTLS_PRIVATE(default_iv_length); - psa_driver_cipher_context_t ctx; + psa_driver_cipher_context_t MBEDTLS_PRIVATE(ctx); }; #define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}} @@ -136,10 +137,10 @@ struct psa_mac_operation_s * ID values are auto-generated in psa_driver_wrappers.h * ID value zero means the context is not valid or not assigned to * any driver (i.e. none of the driver contexts are active). */ - unsigned int id; - uint8_t mac_size; - unsigned int is_sign : 1; - psa_driver_mac_context_t ctx; + unsigned int MBEDTLS_PRIVATE(id); + uint8_t MBEDTLS_PRIVATE(mac_size); + unsigned int MBEDTLS_PRIVATE(is_sign) : 1; + psa_driver_mac_context_t MBEDTLS_PRIVATE(ctx); }; #define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}} @@ -151,16 +152,16 @@ static inline struct psa_mac_operation_s psa_mac_operation_init( void ) struct psa_aead_operation_s { - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_set : 1; - uint8_t iv_size; - uint8_t block_size; + psa_algorithm_t MBEDTLS_PRIVATE(alg); + unsigned int MBEDTLS_PRIVATE(key_set) : 1; + unsigned int MBEDTLS_PRIVATE(iv_set) : 1; + uint8_t MBEDTLS_PRIVATE(iv_size); + uint8_t MBEDTLS_PRIVATE(block_size); union { - unsigned dummy; /* Enable easier initializing of the union. */ - mbedtls_cipher_context_t cipher; - } ctx; + unsigned MBEDTLS_PRIVATE(dummy); /* Enable easier initializing of the union. */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); + } MBEDTLS_PRIVATE(ctx); }; #define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} @@ -173,18 +174,18 @@ static inline struct psa_aead_operation_s psa_aead_operation_init( void ) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) typedef struct { - uint8_t *info; - size_t info_length; - psa_mac_operation_t hmac; - uint8_t prk[PSA_HASH_MAX_SIZE]; - uint8_t output_block[PSA_HASH_MAX_SIZE]; + uint8_t *MBEDTLS_PRIVATE(info); + size_t MBEDTLS_PRIVATE(info_length); + psa_mac_operation_t MBEDTLS_PRIVATE(hmac); + uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE]; + uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif - uint8_t offset_in_block; - uint8_t block_number; - unsigned int state : 2; - unsigned int info_set : 1; + uint8_t MBEDTLS_PRIVATE(offset_in_block); + uint8_t MBEDTLS_PRIVATE(block_number); + unsigned int MBEDTLS_PRIVATE(state) : 2; + unsigned int MBEDTLS_PRIVATE(info_set) : 1; } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ @@ -207,45 +208,45 @@ typedef struct psa_tls12_prf_key_derivation_s /* Indicates how many bytes in the current HMAC block have * not yet been read by the user. */ - uint8_t left_in_block; + uint8_t MBEDTLS_PRIVATE(left_in_block); /* The 1-based number of the block. */ - uint8_t block_number; + uint8_t MBEDTLS_PRIVATE(block_number); - psa_tls12_prf_key_derivation_state_t state; + psa_tls12_prf_key_derivation_state_t MBEDTLS_PRIVATE(state); - uint8_t *secret; - size_t secret_length; - uint8_t *seed; - size_t seed_length; - uint8_t *label; - size_t label_length; + uint8_t *MBEDTLS_PRIVATE(secret); + size_t MBEDTLS_PRIVATE(secret_length); + uint8_t *MBEDTLS_PRIVATE(seed); + size_t MBEDTLS_PRIVATE(seed_length); + uint8_t *MBEDTLS_PRIVATE(label); + size_t MBEDTLS_PRIVATE(label_length); - uint8_t Ai[PSA_HASH_MAX_SIZE]; + uint8_t MBEDTLS_PRIVATE(Ai)[PSA_HASH_MAX_SIZE]; /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t output_block[PSA_HASH_MAX_SIZE]; + uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; } psa_tls12_prf_key_derivation_t; #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ struct psa_key_derivation_s { - psa_algorithm_t alg; - unsigned int can_output_key : 1; - size_t capacity; + psa_algorithm_t MBEDTLS_PRIVATE(alg); + unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; + size_t MBEDTLS_PRIVATE(capacity); union { /* Make the union non-empty even with no supported algorithms. */ - uint8_t dummy; + uint8_t MBEDTLS_PRIVATE(dummy); #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - psa_hkdf_key_derivation_t hkdf; + psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf); #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - psa_tls12_prf_key_derivation_t tls12_prf; + psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf); #endif - } ctx; + } MBEDTLS_PRIVATE(ctx); }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ @@ -258,9 +259,9 @@ static inline struct psa_key_derivation_s psa_key_derivation_operation_init( voi struct psa_key_policy_s { - psa_key_usage_t usage; - psa_algorithm_t alg; - psa_algorithm_t alg2; + psa_key_usage_t MBEDTLS_PRIVATE(usage); + psa_algorithm_t MBEDTLS_PRIVATE(alg); + psa_algorithm_t MBEDTLS_PRIVATE(alg2); }; typedef struct psa_key_policy_s psa_key_policy_t; @@ -309,24 +310,24 @@ typedef uint16_t psa_key_attributes_flag_t; typedef struct { - psa_key_type_t type; - psa_key_bits_t bits; - psa_key_lifetime_t lifetime; - mbedtls_svc_key_id_t id; - psa_key_policy_t policy; - psa_key_attributes_flag_t flags; + psa_key_type_t MBEDTLS_PRIVATE(type); + psa_key_bits_t MBEDTLS_PRIVATE(bits); + psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); + mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id); + psa_key_policy_t MBEDTLS_PRIVATE(policy); + psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags); } psa_core_key_attributes_t; #define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0} struct psa_key_attributes_s { - psa_core_key_attributes_t core; + psa_core_key_attributes_t MBEDTLS_PRIVATE(core); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - psa_key_slot_number_t slot_number; + psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - void *domain_parameters; - size_t domain_parameters_size; + void *MBEDTLS_PRIVATE(domain_parameters); + size_t MBEDTLS_PRIVATE(domain_parameters_size); }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -344,13 +345,13 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline void psa_set_key_id( psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key ) { - psa_key_lifetime_t lifetime = attributes->core.lifetime; + psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime) = attributes->MBEDTLS_PRIVATE(core).lifetime; - attributes->core.id = key; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key; if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { - attributes->core.lifetime = + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_LIFETIME_PERSISTENT, PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); @@ -360,7 +361,7 @@ static inline void psa_set_key_id( psa_key_attributes_t *attributes, static inline mbedtls_svc_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { - return( attributes->core.id ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) ); } #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER @@ -374,13 +375,13 @@ static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { - attributes->core.lifetime = lifetime; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime; if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - attributes->core.id.key_id = 0; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).key_id = 0; #else - attributes->core.id = 0; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = 0; #endif } } @@ -388,31 +389,31 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { - return( attributes->core.lifetime ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) ); } static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags) { - attributes->core.policy.usage = usage_flags; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; } static inline psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.usage ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) ); } static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg) { - attributes->core.policy.alg = alg; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg; } static inline psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) ); } /* This function is declared in crypto_extra.h, which comes after this @@ -425,10 +426,10 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { - if( attributes->domain_parameters == NULL ) + if( attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL ) { /* Common case: quick path */ - attributes->core.type = type; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type; } else { @@ -443,22 +444,22 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes, static inline psa_key_type_t psa_get_key_type( const psa_key_attributes_t *attributes) { - return( attributes->core.type ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) ); } static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { if( bits > PSA_MAX_KEY_BITS ) - attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE; else - attributes->core.bits = (psa_key_bits_t) bits; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits; } static inline size_t psa_get_key_bits( const psa_key_attributes_t *attributes) { - return( attributes->core.bits ); + return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) ); } #ifdef __cplusplus From 88fa17d1e9fc312d848aad38f2411413a288f722 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 17:32:14 +0200 Subject: [PATCH 0013/1065] Add missing 'common.h' include. Signed-off-by: Mateusz Starzyk --- library/psa_crypto_storage.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 773d3aaafc..0ef041d18f 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -18,6 +18,8 @@ * limitations under the License. */ +#include "common.h" + #if defined(MBEDTLS_CONFIG_FILE) #include MBEDTLS_CONFIG_FILE #else From 363eb29d4b94c000c0215dc1bdcf89c85ab89627 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 17:32:44 +0200 Subject: [PATCH 0014/1065] Fix MBEDTLS_PRIVATE wrapping in the library's headers. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ecdh.h | 26 +++++++++++++------------- include/mbedtls/ecdsa.h | 8 ++++---- include/mbedtls/ecp.h | 8 ++++---- include/mbedtls/pk.h | 8 ++++---- include/mbedtls/ssl_ciphersuites.h | 20 ++++++++++---------- include/mbedtls/x509_crt.h | 16 ++++++++-------- include/psa/crypto_struct.h | 6 +++--- include/psa/crypto_types.h | 5 +++-- include/psa/crypto_values.h | 11 ++++++----- 9 files changed, 55 insertions(+), 53 deletions(-) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 874b4ee129..af4b273bf9 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -84,13 +84,13 @@ typedef enum */ typedef struct mbedtls_ecdh_context_mbed { - mbedtls_ecp_group grp; /*!< The elliptic curve used. */ - mbedtls_mpi d; /*!< The private key. */ - mbedtls_ecp_point Q; /*!< The public key. */ - mbedtls_ecp_point Qp; /*!< The value of the public key of the peer. */ - mbedtls_mpi z; /*!< The shared secret. */ + mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ + mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Qp); /*!< The value of the public key of the peer. */ + mbedtls_mpi MBEDTLS_PRIVATE(z); /*!< The shared secret. */ #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ + mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(rs); /*!< The restart context for EC computations. */ #endif } mbedtls_ecdh_context_mbed; #endif @@ -119,21 +119,21 @@ typedef struct mbedtls_ecdh_context mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ #endif /* MBEDTLS_ECP_RESTARTABLE */ #else - uint8_t point_format; /*!< The format of point export in TLS messages + uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages as defined in RFC 4492. */ - mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */ - mbedtls_ecdh_variant var; /*!< The ECDH implementation/structure used. */ + mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */ + mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */ union { - mbedtls_ecdh_context_mbed mbed_ecdh; + mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh); #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - mbedtls_ecdh_context_everest everest_ecdh; + mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh); #endif - } ctx; /*!< Implementation-specific context. The + } MBEDTLS_PRIVATE(ctx); /*!< Implementation-specific context. The context in use is specified by the \c var field. */ #if defined(MBEDTLS_ECP_RESTARTABLE) - uint8_t restart_enabled; /*!< The flag for restartable mode. Functions of + uint8_t MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. Functions of an alternative implementation not supporting restartable mode must return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 525de5da1b..cf063a0b52 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -107,12 +107,12 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx; */ typedef struct { - mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and + mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and shared administrative info */ - mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */ - mbedtls_ecdsa_restart_sig_ctx *sig; /*!< ecdsa_sign() sub-context */ + mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */ + mbedtls_ecdsa_restart_sig_ctx *MBEDTLS_PRIVATE(sig); /*!< ecdsa_sign() sub-context */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - mbedtls_ecdsa_restart_det_ctx *det; /*!< ecdsa_sign_det() sub-context */ + mbedtls_ecdsa_restart_det_ctx *MBEDTLS_PRIVATE(det); /*!< ecdsa_sign_det() sub-context */ #endif } mbedtls_ecdsa_restart_ctx; diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 913e323f12..a3b4424780 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -317,10 +317,10 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx; */ typedef struct { - unsigned ops_done; /*!< current ops count */ - unsigned depth; /*!< call depth (0 = top-level) */ - mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */ - mbedtls_ecp_restart_muladd_ctx *ma; /*!< ecp_muladd() sub-context */ + unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */ + unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */ + mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */ + mbedtls_ecp_restart_muladd_ctx *MBEDTLS_PRIVATE(ma); /*!< ecp_muladd() sub-context */ } mbedtls_ecp_restart_ctx; /* diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 06da076fbb..6f88db43a2 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -192,8 +192,8 @@ typedef struct mbedtls_pk_context */ typedef struct { - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * rs_ctx; /**< Underlying restart context */ + const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ + void * MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */ } mbedtls_pk_restart_ctx; #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* Now we can declare functions that take a pointer to that */ @@ -209,7 +209,7 @@ typedef void mbedtls_pk_restart_ctx; */ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) { - return( (mbedtls_rsa_context *) (pk).pk_ctx ); + return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); } #endif /* MBEDTLS_RSA_C */ @@ -222,7 +222,7 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) */ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) { - return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); + return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); } #endif /* MBEDTLS_ECP_C */ diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 093238c0b8..00a1aaec98 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -375,19 +375,19 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; */ struct mbedtls_ssl_ciphersuite_t { - int id; - const char * name; + int MBEDTLS_PRIVATE(id); + const char * MBEDTLS_PRIVATE(name); - mbedtls_cipher_type_t cipher; - mbedtls_md_type_t mac; - mbedtls_key_exchange_type_t key_exchange; + mbedtls_cipher_type_t MBEDTLS_PRIVATE(cipher); + mbedtls_md_type_t MBEDTLS_PRIVATE(mac); + mbedtls_key_exchange_type_t MBEDTLS_PRIVATE(key_exchange); - int min_major_ver; - int min_minor_ver; - int max_major_ver; - int max_minor_ver; + int MBEDTLS_PRIVATE(min_major_ver); + int MBEDTLS_PRIVATE(min_minor_ver); + int MBEDTLS_PRIVATE(max_major_ver); + int MBEDTLS_PRIVATE(max_minor_ver); - unsigned char flags; + unsigned char MBEDTLS_PRIVATE(flags); }; const int *mbedtls_ssl_list_ciphersuites( void ); diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 015962c7ca..f25db44551 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -301,23 +301,23 @@ typedef struct typedef struct { /* for check_signature() */ - mbedtls_pk_restart_ctx pk; + mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk); /* for find_parent_in() */ - mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ - mbedtls_x509_crt *fallback_parent; - int fallback_signature_is_good; + mbedtls_x509_crt *MBEDTLS_PRIVATE(parent); /* non-null iff parent_in in progress */ + mbedtls_x509_crt *MBEDTLS_PRIVATE(fallback_parent); + int MBEDTLS_PRIVATE(fallback_signature_is_good); /* for find_parent() */ - int parent_is_trusted; /* -1 if find_parent is not in progress */ + int MBEDTLS_PRIVATE(parent_is_trusted); /* -1 if find_parent is not in progress */ /* for verify_chain() */ enum { x509_crt_rs_none, x509_crt_rs_find_parent, - } in_progress; /* none if no operation is in progress */ - int self_cnt; - mbedtls_x509_crt_verify_chain ver_chain; + } MBEDTLS_PRIVATE(in_progress); /* none if no operation is in progress */ + int MBEDTLS_PRIVATE(self_cnt); + mbedtls_x509_crt_verify_chain MBEDTLS_PRIVATE(ver_chain); } mbedtls_x509_crt_restart_ctx; diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b07ced8bde..598a9a7747 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -345,7 +345,7 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline void psa_set_key_id( psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key ) { - psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime) = attributes->MBEDTLS_PRIVATE(core).lifetime; + psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime); attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key; @@ -368,7 +368,7 @@ static inline mbedtls_svc_key_id_t psa_get_key_id( static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, mbedtls_key_owner_id_t owner ) { - attributes->core.id.owner = owner; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner; } #endif @@ -379,7 +379,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).key_id = 0; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0; #else attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = 0; #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 386c7d794b..2cf965d81b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -32,6 +32,7 @@ #ifndef PSA_CRYPTO_TYPES_H #define PSA_CRYPTO_TYPES_H +#include "mbedtls/private_access.h" #include "crypto_platform.h" @@ -234,8 +235,8 @@ typedef psa_key_id_t mbedtls_svc_key_id_t; */ typedef struct { - psa_key_id_t key_id; - mbedtls_key_owner_id_t owner; + psa_key_id_t MBEDTLS_PRIVATE(key_id); + mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner); } mbedtls_svc_key_id_t; #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 497bd8f01f..31a64647e3 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -33,6 +33,7 @@ #ifndef PSA_CRYPTO_VALUES_H #define PSA_CRYPTO_VALUES_H +#include "mbedtls/private_access.h" /** \defgroup error Error codes * @{ @@ -2124,8 +2125,8 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) { - return( (mbedtls_svc_key_id_t){ .key_id = key_id, - .owner = owner_id } ); + return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id, + .MBEDTLS_PRIVATE(owner) = owner_id } ); } /** Compare two key identifiers. @@ -2138,8 +2139,8 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2 ) { - return( ( id1.key_id == id2.key_id ) && - mbedtls_key_owner_id_equal( id1.owner, id2.owner ) ); + return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) && + mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) ); } /** Check whether a key identifier is null. @@ -2150,7 +2151,7 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, */ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) { - return( ( key.key_id == 0 ) && ( key.owner == 0 ) ); + return( ( key.MBEDTLS_PRIVATE(key_id) == 0 ) && ( key.MBEDTLS_PRIVATE(owner) == 0 ) ); } #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ From 6c2e9b6048cc688b33bd59c5ae5472e4838021a5 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 17:54:54 +0200 Subject: [PATCH 0015/1065] Add MBEDTLS_ALLOW_PRIVATE_ACCESS to test programs Signed-off-by: Mateusz Starzyk --- programs/fuzz/fuzz_client.c | 2 ++ programs/fuzz/fuzz_dtlsclient.c | 2 ++ programs/fuzz/fuzz_dtlsserver.c | 2 ++ programs/fuzz/fuzz_privkey.c | 2 ++ programs/fuzz/fuzz_pubkey.c | 2 ++ programs/fuzz/fuzz_server.c | 2 ++ programs/fuzz/fuzz_x509crl.c | 2 ++ programs/fuzz/fuzz_x509crt.c | 2 ++ programs/fuzz/fuzz_x509csr.c | 2 ++ programs/ssl/ssl_client2.c | 2 ++ programs/ssl/ssl_context_info.c | 2 ++ programs/ssl/ssl_server2.c | 2 ++ programs/ssl/ssl_test_lib.c | 2 ++ programs/test/benchmark.c | 2 ++ programs/test/selftest.c | 2 ++ programs/test/udp_proxy.c | 2 ++ 16 files changed, 32 insertions(+) diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index 618eda2656..40ca90a919 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" diff --git a/programs/fuzz/fuzz_dtlsclient.c b/programs/fuzz/fuzz_dtlsclient.c index 29c8672f75..16f601470a 100644 --- a/programs/fuzz/fuzz_dtlsclient.c +++ b/programs/fuzz/fuzz_dtlsclient.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include #include diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index b6dc52ed66..34ff63ede4 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include #include diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index 6c968fd54c..f76afd1c51 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include #include "mbedtls/pk.h" diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c index 9e8035045e..655d5d615a 100644 --- a/programs/fuzz/fuzz_pubkey.c +++ b/programs/fuzz/fuzz_pubkey.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include #include "mbedtls/pk.h" diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index 16b800c997..5480e3e876 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 15affb59b8..65fc37fb37 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include "mbedtls/x509_crl.h" diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index dbc153c499..bd8bdffdb2 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include "mbedtls/x509_crt.h" diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index a270742a97..a9205be53a 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -1,3 +1,5 @@ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include "mbedtls/x509_csr.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 2ce8588373..80b0ce0ee9 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "ssl_test_lib.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index ec24fa8e0e..bc9c6bd522 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1ff27fb8b0..f7a424a5a6 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "ssl_test_lib.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 1bb9d6162f..04e127a85e 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -20,6 +20,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "ssl_test_lib.h" #if defined(MBEDTLS_TEST_HOOKS) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3e4ac8b616..3320bbf7d5 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/test/selftest.c b/programs/test/selftest.c index e160febe18..a3e306ce91 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index afe0118d07..91c231f9b5 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -23,6 +23,8 @@ * example of good general usage. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else From 5dd4f6e9ceaa5d7f1af77db770d1108ca208b81d Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 19:35:35 +0200 Subject: [PATCH 0016/1065] Add MBEDTLS_PRIVATE wrapping to sample programs. Signed-off-by: Mateusz Starzyk --- programs/aes/crypt_and_hash.c | 8 ++++---- programs/pkey/dh_client.c | 14 +++++++------- programs/pkey/dh_server.c | 16 ++++++++-------- programs/pkey/ecdh_curve25519.c | 30 +++++++++++++++--------------- programs/pkey/ecdsa.c | 10 +++++----- programs/pkey/gen_key.c | 18 +++++++++--------- programs/pkey/key_app.c | 14 +++++++------- programs/pkey/key_app_writer.c | 14 +++++++------- programs/pkey/rsa_decrypt.c | 2 +- programs/pkey/rsa_encrypt.c | 2 +- programs/pkey/rsa_sign.c | 2 +- programs/pkey/rsa_verify.c | 8 ++++---- programs/ssl/dtls_client.c | 2 ++ programs/ssl/dtls_server.c | 2 ++ programs/ssl/mini_client.c | 2 ++ programs/ssl/ssl_client1.c | 2 ++ programs/ssl/ssl_fork_server.c | 2 ++ programs/ssl/ssl_mail_client.c | 3 +++ programs/ssl/ssl_server.c | 2 ++ programs/ssl/ssl_server2.c | 4 ++-- programs/x509/cert_app.c | 2 +- programs/x509/cert_write.c | 8 ++++---- 22 files changed, 91 insertions(+), 76 deletions(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 63a12480fd..0f97867fad 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -128,7 +128,7 @@ int main( int argc, char *argv[] ) while( *list ) { cipher_info = mbedtls_cipher_info_from_type( *list ); - mbedtls_printf( " %s\n", cipher_info->name ); + mbedtls_printf( " %s\n", cipher_info->MBEDTLS_PRIVATE(name) ); list++; } @@ -313,7 +313,7 @@ int main( int argc, char *argv[] ) } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, + if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->MBEDTLS_PRIVATE(key_bitlen), MBEDTLS_ENCRYPT ) != 0 ) { mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n"); @@ -412,7 +412,7 @@ int main( int argc, char *argv[] ) /* * Check the file size. */ - if( cipher_info->mode != MBEDTLS_MODE_GCM && + if( cipher_info->MBEDTLS_PRIVATE(mode) != MBEDTLS_MODE_GCM && ( ( filesize - mbedtls_md_get_size( md_info ) ) % mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 ) { @@ -452,7 +452,7 @@ int main( int argc, char *argv[] ) mbedtls_md_finish( &md_ctx, digest ); } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, + if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->MBEDTLS_PRIVATE(key_bitlen), MBEDTLS_DECRYPT ) != 0 ) { mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n" ); diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index d6e4990a9b..f37df4a9f6 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -127,15 +127,15 @@ int main( void ) mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) + if( ( ret = mbedtls_mpi_read_file( &rsa.MBEDTLS_PRIVATE(N), 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &rsa.MBEDTLS_PRIVATE(E), 16, f ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); fclose( f ); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.MBEDTLS_PRIVATE(len) = ( mbedtls_mpi_bitlen( &rsa.MBEDTLS_PRIVATE(N) ) + 7 ) >> 3; fclose( f ); @@ -193,7 +193,7 @@ int main( void ) goto exit; } - if( dhm.len < 64 || dhm.len > 512 ) + if( dhm.MBEDTLS_PRIVATE(len) < 64 || dhm.MBEDTLS_PRIVATE(len) > 512 ) { mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); goto exit; @@ -208,7 +208,7 @@ int main( void ) p += 2; - if( ( n = (size_t) ( end - p ) ) != rsa.len ) + if( ( n = (size_t) ( end - p ) ) != rsa.MBEDTLS_PRIVATE(len) ) { mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); goto exit; @@ -233,8 +233,8 @@ int main( void ) mbedtls_printf( "\n . Sending own public value to server" ); fflush( stdout ); - n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, + n = dhm.MBEDTLS_PRIVATE(len); + if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.MBEDTLS_PRIVATE(len), buf, n, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index dccf0951ca..d19ddad25a 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -173,8 +173,8 @@ int main( void ) goto exit; } - if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || - mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) + if( mbedtls_mpi_read_file( &dhm.MBEDTLS_PRIVATE(P), 16, f ) != 0 || + mbedtls_mpi_read_file( &dhm.MBEDTLS_PRIVATE(G), 16, f ) != 0 ) { mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); fclose( f ); @@ -210,7 +210,7 @@ int main( void ) memset( buf, 0, sizeof( buf ) ); - if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, + if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.MBEDTLS_PRIVATE(P) ), buf, &n, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); @@ -226,8 +226,8 @@ int main( void ) goto exit; } - buf[n ] = (unsigned char)( rsa.len >> 8 ); - buf[n + 1] = (unsigned char)( rsa.len ); + buf[n ] = (unsigned char)( rsa.MBEDTLS_PRIVATE(len) >> 8 ); + buf[n + 1] = (unsigned char)( rsa.MBEDTLS_PRIVATE(len) ); if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, 0, hash, buf + n + 2 ) ) != 0 ) @@ -236,7 +236,7 @@ int main( void ) goto exit; } - buflen = n + 2 + rsa.len; + buflen = n + 2 + rsa.MBEDTLS_PRIVATE(len); buf2[0] = (unsigned char)( buflen >> 8 ); buf2[1] = (unsigned char)( buflen ); @@ -255,14 +255,14 @@ int main( void ) memset( buf, 0, sizeof( buf ) ); - n = dhm.len; + n = dhm.MBEDTLS_PRIVATE(len); if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) { mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); goto exit; } - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) + if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.MBEDTLS_PRIVATE(len) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 67f136360c..1f4b8bc3f5 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -91,14 +91,14 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Setting up client context..." ); fflush( stdout ); - ret = mbedtls_ecp_group_load( &ctx_cli.grp, MBEDTLS_ECP_DP_CURVE25519 ); + ret = mbedtls_ecp_group_load( &ctx_cli.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_CURVE25519 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret ); goto exit; } - ret = mbedtls_ecdh_gen_public( &ctx_cli.grp, &ctx_cli.d, &ctx_cli.Q, + ret = mbedtls_ecdh_gen_public( &ctx_cli.MBEDTLS_PRIVATE(grp), &ctx_cli.MBEDTLS_PRIVATE(d), &ctx_cli.MBEDTLS_PRIVATE(Q), mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { @@ -106,7 +106,7 @@ int main( int argc, char *argv[] ) goto exit; } - ret = mbedtls_mpi_write_binary( &ctx_cli.Q.X, cli_to_srv, 32 ); + ret = mbedtls_mpi_write_binary( &ctx_cli.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), cli_to_srv, 32 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret ); @@ -121,14 +121,14 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Setting up server context..." ); fflush( stdout ); - ret = mbedtls_ecp_group_load( &ctx_srv.grp, MBEDTLS_ECP_DP_CURVE25519 ); + ret = mbedtls_ecp_group_load( &ctx_srv.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_CURVE25519 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret ); goto exit; } - ret = mbedtls_ecdh_gen_public( &ctx_srv.grp, &ctx_srv.d, &ctx_srv.Q, + ret = mbedtls_ecdh_gen_public( &ctx_srv.MBEDTLS_PRIVATE(grp), &ctx_srv.MBEDTLS_PRIVATE(d), &ctx_srv.MBEDTLS_PRIVATE(Q), mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { @@ -136,7 +136,7 @@ int main( int argc, char *argv[] ) goto exit; } - ret = mbedtls_mpi_write_binary( &ctx_srv.Q.X, srv_to_cli, 32 ); + ret = mbedtls_mpi_write_binary( &ctx_srv.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), srv_to_cli, 32 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret ); @@ -151,22 +151,22 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Server reading client key and computing secret..." ); fflush( stdout ); - ret = mbedtls_mpi_lset( &ctx_srv.Qp.Z, 1 ); + ret = mbedtls_mpi_lset( &ctx_srv.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(Z), 1 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret ); goto exit; } - ret = mbedtls_mpi_read_binary( &ctx_srv.Qp.X, cli_to_srv, 32 ); + ret = mbedtls_mpi_read_binary( &ctx_srv.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(X), cli_to_srv, 32 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret ); goto exit; } - ret = mbedtls_ecdh_compute_shared( &ctx_srv.grp, &ctx_srv.z, - &ctx_srv.Qp, &ctx_srv.d, + ret = mbedtls_ecdh_compute_shared( &ctx_srv.MBEDTLS_PRIVATE(grp), &ctx_srv.MBEDTLS_PRIVATE(z), + &ctx_srv.MBEDTLS_PRIVATE(Qp), &ctx_srv.MBEDTLS_PRIVATE(d), mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { @@ -182,22 +182,22 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Client reading server key and computing secret..." ); fflush( stdout ); - ret = mbedtls_mpi_lset( &ctx_cli.Qp.Z, 1 ); + ret = mbedtls_mpi_lset( &ctx_cli.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(Z), 1 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret ); goto exit; } - ret = mbedtls_mpi_read_binary( &ctx_cli.Qp.X, srv_to_cli, 32 ); + ret = mbedtls_mpi_read_binary( &ctx_cli.MBEDTLS_PRIVATE(Qp).MBEDTLS_PRIVATE(X), srv_to_cli, 32 ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret ); goto exit; } - ret = mbedtls_ecdh_compute_shared( &ctx_cli.grp, &ctx_cli.z, - &ctx_cli.Qp, &ctx_cli.d, + ret = mbedtls_ecdh_compute_shared( &ctx_cli.MBEDTLS_PRIVATE(grp), &ctx_cli.MBEDTLS_PRIVATE(z), + &ctx_cli.MBEDTLS_PRIVATE(Qp), &ctx_cli.MBEDTLS_PRIVATE(d), mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { @@ -213,7 +213,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Checking if both computed secrets are equal..." ); fflush( stdout ); - ret = mbedtls_mpi_cmp_mpi( &ctx_cli.z, &ctx_srv.z ); + ret = mbedtls_mpi_cmp_mpi( &ctx_cli.MBEDTLS_PRIVATE(z), &ctx_srv.MBEDTLS_PRIVATE(z) ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret ); diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 1bbf8268c4..3dacd75d31 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -55,7 +55,7 @@ #define ECPARAMS MBEDTLS_ECP_DP_SECP192R1 #if !defined(ECPARAMS) -#define ECPARAMS mbedtls_ecp_curve_list()->grp_id +#define ECPARAMS mbedtls_ecp_curve_list()->MBEDTLS_PRIVATE(grp_id) #endif #if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \ @@ -84,7 +84,7 @@ static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key ) unsigned char buf[300]; size_t len; - if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q, + if( mbedtls_ecp_point_write_binary( &key->MBEDTLS_PRIVATE(grp), &key->MBEDTLS_PRIVATE(Q), MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 ) { mbedtls_printf("internal error\n"); @@ -156,7 +156,7 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits ); + mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.MBEDTLS_PRIVATE(grp).MBEDTLS_PRIVATE(pbits) ); dump_pubkey( " + Public key: ", &ctx_sign ); @@ -204,13 +204,13 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Preparing verification context..." ); fflush( stdout ); - if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 ) + if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.MBEDTLS_PRIVATE(grp), &ctx_sign.MBEDTLS_PRIVATE(grp) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret ); goto exit; } - if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 ) + if( ( ret = mbedtls_ecp_copy( &ctx_verify.MBEDTLS_PRIVATE(Q), &ctx_sign.MBEDTLS_PRIVATE(Q) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret ); goto exit; diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 63cc11ed5b..9ad1190fc7 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -90,7 +90,7 @@ int dev_random_entropy_poll( void *data, unsigned char *output, #endif #if defined(MBEDTLS_ECP_C) -#define DFL_EC_CURVE mbedtls_ecp_curve_list()->grp_id +#define DFL_EC_CURVE mbedtls_ecp_curve_list()->MBEDTLS_PRIVATE(grp_id) #else #define DFL_EC_CURVE 0 #endif @@ -223,9 +223,9 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_ECP_C) mbedtls_printf( " available ec_curve values:\n" ); curve_info = mbedtls_ecp_curve_list(); - mbedtls_printf( " %s (default)\n", curve_info->name ); - while( ( ++curve_info )->name != NULL ) - mbedtls_printf( " %s\n", curve_info->name ); + mbedtls_printf( " %s (default)\n", curve_info->MBEDTLS_PRIVATE(name) ); + while( ( ++curve_info )->MBEDTLS_PRIVATE(name) != NULL ) + mbedtls_printf( " %s\n", curve_info->MBEDTLS_PRIVATE(name) ); #endif /* MBEDTLS_ECP_C */ goto exit; } @@ -274,7 +274,7 @@ int main( int argc, char *argv[] ) { if( ( curve_info = mbedtls_ecp_curve_info_from_name( q ) ) == NULL ) goto usage; - opt.ec_curve = curve_info->grp_id; + opt.ec_curve = curve_info->MBEDTLS_PRIVATE(grp_id); } #endif else if( strcmp( p, "filename" ) == 0 ) @@ -395,10 +395,10 @@ int main( int argc, char *argv[] ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); mbedtls_printf( "curve: %s\n", - mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); - mbedtls_mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &ecp->d , 16, NULL ); + mbedtls_ecp_curve_info_from_grp_id( ecp->MBEDTLS_PRIVATE(grp).MBEDTLS_PRIVATE(id) )->MBEDTLS_PRIVATE(name) ); + mbedtls_mpi_write_file( "X_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ); + mbedtls_mpi_write_file( "Y_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ); + mbedtls_mpi_write_file( "D: ", &ecp->MBEDTLS_PRIVATE(d) , 16, NULL ); } else #endif diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 7f39e5ce37..7bd93c72b5 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -222,10 +222,10 @@ int main( int argc, char *argv[] ) if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->MBEDTLS_PRIVATE(d) , 16, NULL ) ); } else #endif @@ -273,9 +273,9 @@ int main( int argc, char *argv[] ) if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL ) ); } else #endif diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 6a4d0e4ce6..4b65262d0d 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -335,10 +335,10 @@ int main( int argc, char *argv[] ) if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); - mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ); + mbedtls_mpi_write_file( "Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ); + mbedtls_mpi_write_file( "Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ); + mbedtls_mpi_write_file( "Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL ); + mbedtls_mpi_write_file( "D : ", &ecp->MBEDTLS_PRIVATE(d) , 16, NULL ); } else #endif @@ -389,9 +389,9 @@ int main( int argc, char *argv[] ) if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); + mbedtls_mpi_write_file( "Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ); + mbedtls_mpi_write_file( "Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ); + mbedtls_mpi_write_file( "Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL ); } else #endif diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 1ba8c735db..b13bb310e3 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -164,7 +164,7 @@ int main( int argc, char *argv[] ) fclose( f ); - if( i != rsa.len ) + if( i != rsa.MBEDTLS_PRIVATE(len) ) { mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); goto exit; diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index ba01201729..03a6e894f9 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -161,7 +161,7 @@ int main( int argc, char *argv[] ) goto exit; } - for( i = 0; i < rsa.len; i++ ) + for( i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++ ) mbedtls_fprintf( f, "%02X%s", buf[i], ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index c9522c8c26..8e657a7928 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -164,7 +164,7 @@ int main( int argc, char *argv[] ) goto exit; } - for( i = 0; i < rsa.len; i++ ) + for( i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++ ) mbedtls_fprintf( f, "%02X%s", buf[i], ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index fbc0779b2c..e7e347c70f 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -89,15 +89,15 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) + if( ( ret = mbedtls_mpi_read_file( &rsa.MBEDTLS_PRIVATE(N), 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &rsa.MBEDTLS_PRIVATE(E), 16, f ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); fclose( f ); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.MBEDTLS_PRIVATE(len) = ( mbedtls_mpi_bitlen( &rsa.MBEDTLS_PRIVATE(N) ) + 7 ) >> 3; fclose( f ); @@ -119,7 +119,7 @@ int main( int argc, char *argv[] ) fclose( f ); - if( i != rsa.len ) + if( i != rsa.MBEDTLS_PRIVATE(len) ) { mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); goto exit; diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 1e97795336..c3c73bb14c 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index bd2dc12de3..34419db7c6 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 0a9cc284dd..a067a8fd5e 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -18,6 +18,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 6624224af4..3e479d00af 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index d181c01dac..38a68831ec 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 428c643626..5d395c25fa 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -20,6 +20,9 @@ /* Enable definition of gethostname() even when compiling with -std=c99. Must * be set before config.h, which pulls in glibc's features.h indirectly. * Harmless on other platforms. */ + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #define _POSIX_C_SOURCE 200112L #define _XOPEN_SOURCE 600 diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 11147b092b..8458a22b43 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index f7a424a5a6..da145a92cf 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -805,7 +805,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); } - cur = cur->next; + cur = cur->MBEDTLS_PRIVATE(next); } return( -1 ); @@ -921,7 +921,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl, return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); } - cur = cur->next; + cur = cur->MBEDTLS_PRIVATE(next); } return( -1 ); diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index fb2484337c..2adef3904b 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -335,7 +335,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( "%s\n", buf ); - cur = cur->next; + cur = cur->MBEDTLS_PRIVATE(next); } /* diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 18174d8049..ff7cf98074 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -518,7 +518,7 @@ int main( int argc, char *argv[] ) } ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name), - &issuer_crt.subject ); + &issuer_crt.MBEDTLS_PRIVATE(subject) ); if( ret < 0 ) { mbedtls_strerror( ret, buf, 1024 ); @@ -552,7 +552,7 @@ int main( int argc, char *argv[] ) } ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name), - &csr.subject ); + &csr.MBEDTLS_PRIVATE(subject) ); if( ret < 0 ) { mbedtls_strerror( ret, buf, 1024 ); @@ -562,7 +562,7 @@ int main( int argc, char *argv[] ) } opt.subject_name = subject_name; - subject_key = &csr.pk; + subject_key = &csr.MBEDTLS_PRIVATE(pk); mbedtls_printf( " ok\n" ); } @@ -606,7 +606,7 @@ int main( int argc, char *argv[] ) // if( strlen( opt.issuer_crt ) ) { - if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 ) + if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key ) != 0 ) { mbedtls_printf( " failed\n ! issuer_key does not match " "issuer certificate\n\n" ); From beb95b4d251f2072b2f4f15357f7b85f831f05f9 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 20 May 2021 14:41:22 +0200 Subject: [PATCH 0017/1065] Adjust doxyfile to expand MBEDTLS_PRIVATE macro. Signed-off-by: Mateusz Starzyk --- doxygen/mbedtls.doxyfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 0205dcfefd..dd84c2871d 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1577,13 +1577,13 @@ ENABLE_PREPROCESSING = YES # compilation will be performed. Macro expansion can be done in a controlled # way by setting EXPAND_ONLY_PREDEF to YES. -MACRO_EXPANSION = NO +MACRO_EXPANSION = YES # If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES # then the macro expansion is limited to the macros specified with the # PREDEFINED and EXPAND_AS_DEFINED tags. -EXPAND_ONLY_PREDEF = NO +EXPAND_ONLY_PREDEF = YES # If the SEARCH_INCLUDES tag is set to YES (the default) the includes files # pointed to by INCLUDE_PATH will be searched when a #include is found. @@ -1630,7 +1630,7 @@ PREDEFINED = WIN32 \ # Use the PREDEFINED tag if you want to use a different macro definition that # overrules the definition found in the source code. -EXPAND_AS_DEFINED = +EXPAND_AS_DEFINED = MBEDTLS_PRIVATE # If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then # doxygen's preprocessor will remove all references to function-like macros From f2b11a9a77ca2b80952890e72ebe38de7169a441 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 21 May 2021 09:33:46 +0200 Subject: [PATCH 0018/1065] Add MBEDTLS_ALLOW_PRIVATE_ACCESS to tests drivers Signed-off-by: Mateusz Starzyk --- tests/src/drivers/hash.c | 2 ++ tests/src/drivers/platform_builtin_keys.c | 2 ++ tests/src/drivers/test_driver_aead.c | 2 ++ tests/src/drivers/test_driver_cipher.c | 2 ++ tests/src/drivers/test_driver_key_management.c | 2 ++ tests/src/drivers/test_driver_mac.c | 2 ++ tests/src/drivers/test_driver_signature.c | 2 ++ tests/src/drivers/test_driver_size.c | 2 ++ 8 files changed, 16 insertions(+) diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index f95aa6b617..a9c475a825 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 759fa78309..a3c5796da0 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -20,6 +20,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include #include diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index a147163241..c247bab08d 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 4827946b07..51c1abc1a4 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -18,6 +18,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 19e1033311..b1096cb6fb 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -18,6 +18,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 69af107809..439943cca6 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -17,6 +17,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index fdfba165fa..e486704152 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -19,6 +19,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c index d8bcaee381..af899c6898 100644 --- a/tests/src/drivers/test_driver_size.c +++ b/tests/src/drivers/test_driver_size.c @@ -18,6 +18,8 @@ * limitations under the License. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else From 28c8cce051fc90141453a85d16f84527926ffbf5 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 21 May 2021 09:48:03 +0200 Subject: [PATCH 0019/1065] Add conditional error.h include to test helpers function. `mbedtls_test_hook_error_add` is referenced inside main_test.function. Including the `error.h` is necessary to build suites which define both MBEDTLS_TEST_HOOKS and MBEDTLS_ERROR_C, such as: build_psa_accel_alg_ecdh Signed-off-by: Mateusz Starzyk --- tests/suites/helpers.function | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index ca03532ba2..ae1bc888d5 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -11,6 +11,9 @@ #include +#if defined (MBEDTLS_ERROR_C) +#include "mbedtls/error.h" +#endif #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else From 9752aadd85e61a58da6eaa7c59f6dd7ff47f78a7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 05:54:33 +0100 Subject: [PATCH 0020/1065] Make query API for state of MFL extension internal This commit makes the API - mbedtls_ssl_get_output_max_frag_len() - mbedtls_ssl_get_input_max_frag_len() - mbedtls_ssl_get__max_frag_len() for querying the state of the Maximum Fragment Length extension internal. Rationale: The value those APIs provide to the user is in upper bounds for the size of incoming and outgoing records, which can be used to size application data buffers apporpriately before passing them to mbedtls_ssl_{read,write}(). However, there are other factors which influence such upper bounds, such as the MTU or other extensions (specifically, the record_size_limit extension which is still to be implemented) which should be taken into account. There should be more general APIs for querying the maximum size of incoming and outgoing records. For the maximum size of outgoing records, we already have such, namely mbedtls_ssl_get_max_out_record_payload(). For the maximum size of incoming records, a new API will be added in a subsequent commit. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 33 --------------------------------- library/ssl_misc.h | 33 +++++++++++++++++++++++++++++++++ programs/ssl/ssl_client2.c | 7 ------- programs/ssl/ssl_server2.c | 7 ------- 4 files changed, 33 insertions(+), 47 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 88a599c18c..905b5679c2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3645,39 +3645,6 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); */ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -/** - * \brief Return the maximum fragment length (payload, in bytes) for - * the output buffer. For the client, this is the configured - * value. For the server, it is the minimum of two - the - * configured value and the negotiated one. - * - * \sa mbedtls_ssl_conf_max_frag_len() - * \sa mbedtls_ssl_get_max_record_payload() - * - * \param ssl SSL context - * - * \return Current maximum fragment length for the output buffer. - */ -size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the maximum fragment length (payload, in bytes) for - * the input buffer. This is the negotiated maximum fragment - * length, or, if there is none, MBEDTLS_SSL_IN_CONTENT_LEN. - * If it is not defined either, the value is 2^14. This function - * works as its predecessor, \c mbedtls_ssl_get_max_frag_len(). - * - * \sa mbedtls_ssl_conf_max_frag_len() - * \sa mbedtls_ssl_get_max_record_payload() - * - * \param ssl SSL context - * - * \return Current maximum fragment length for the output buffer. - */ -size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - /** * \brief Return the current maximum outgoing record payload in bytes. * This takes into account the config.h setting \c diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 180f4d8dc8..ecbeb8ba8c 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -270,6 +270,39 @@ + ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) ) #endif +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +/** + * \brief Return the maximum fragment length (payload, in bytes) for + * the output buffer. For the client, this is the configured + * value. For the server, it is the minimum of two - the + * configured value and the negotiated one. + * + * \sa mbedtls_ssl_conf_max_frag_len() + * \sa mbedtls_ssl_get_max_out_record_payload() + * + * \param ssl SSL context + * + * \return Current maximum fragment length for the output buffer. + */ +size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the maximum fragment length (payload, in bytes) for + * the input buffer. This is the negotiated maximum fragment + * length, or, if there is none, MBEDTLS_SSL_MAX_CONTENT_LEN. + * If it is not defined either, the value is 2^14. This function + * works as its predecessor, \c mbedtls_ssl_get_max_frag_len(). + * + * \sa mbedtls_ssl_conf_max_frag_len() + * \sa mbedtls_ssl_get_max_in_record_payload() + * + * \param ssl SSL context + * + * \return Current maximum fragment length for the output buffer. + */ +size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx ) { diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 2ce8588373..3cbf130003 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2083,13 +2083,6 @@ int main( int argc, char *argv[] ) else mbedtls_printf( " [ Record expansion is unknown ]\n" ); -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); -#endif - #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1ff27fb8b0..1ec8f09f77 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3164,13 +3164,6 @@ handshake: else mbedtls_printf( " [ Record expansion is unknown ]\n" ); -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); -#endif - #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { From be746949c4bf8f701a8a7c5c8cb44d61394bb5da Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 06:18:37 +0100 Subject: [PATCH 0021/1065] Relax documentation of mbedtls_ssl_get_max_out_record_payload() The previous documentation could be read as exhaustively listing the factors that go into computing the maximum outgoing record plaintext size -- we should give examples, but allow ourselves to add more factors in the future. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 905b5679c2..9583dcaf8d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3647,10 +3647,10 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); /** * \brief Return the current maximum outgoing record payload in bytes. - * This takes into account the config.h setting \c - * MBEDTLS_SSL_OUT_CONTENT_LEN, the configured and negotiated - * max fragment length extension if used, and for DTLS the - * path MTU as configured and current record expansion. + * This takes into account various factors, such as the config.h + * setting \c MBEDTLS_SSL_OUT_CONTENT_LEN, extensions such as the + * max fragment length or record size limit extension if used, and + * for DTLS the path MTU as configured and current record expansion. * * \note With DTLS, \c mbedtls_ssl_write() will return an error if * called with a larger length value. From 2d8e99b0972de4a88217911a4664fbec64d776a4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 06:19:50 +0100 Subject: [PATCH 0022/1065] Add API to query maximum plaintext size of incoming records Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 26 ++++++++++++++++++++++++++ library/ssl_tls.c | 18 ++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 9583dcaf8d..194aee5fa4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3671,6 +3671,32 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); */ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); +/** + * \brief Return the current maximum incoming record payload in bytes. + * This takes into account various factors, such as the + * config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions + * such as the max fragment length extension or record size limit + * extension if used, and the current record expansion. + * + * \note With DTLS, \c mbedtls_ssl_read() will return an error if + * called with a larger length value. + * With TLS, \c mbedtls_ssl_write() will fragment the input if + * necessary and return the number of bytes written; it is up + * to the caller to call \c mbedtls_ssl_write() again in + * order to send the remaining bytes if any. + * + * \sa mbedtls_ssl_set_mtu() + * \sa mbedtls_ssl_get_output_max_frag_len() + * \sa mbedtls_ssl_get_input_max_frag_len() + * \sa mbedtls_ssl_get_record_expansion() + * + * \param ssl SSL context + * + * \return Current maximum payload for an outgoing record, + * or a negative error code. + */ +int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl ); + #if defined(MBEDTLS_X509_CRT_PARSE_C) /** * \brief Return the peer certificate from the current connection. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 170d563bdb..fd6050c77d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4767,6 +4767,24 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) return( (int) max_len ); } +int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl ) +{ + size_t max_len = MBEDTLS_SSL_IN_CONTENT_LEN; + +#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + (void) ssl; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + const size_t mfl = mbedtls_ssl_get_input_max_frag_len( ssl ); + + if( max_len > mfl ) + max_len = mfl; +#endif + + return( (int) max_len ); +} + #if defined(MBEDTLS_X509_CRT_PARSE_C) const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) { From 80d163d496b66ca9e065a0a4f3a9e5a2ab85b9e1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 06:28:18 +0100 Subject: [PATCH 0023/1065] Remove Doxygen references to now-internal MFL query API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 194aee5fa4..83df117691 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3659,9 +3659,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * to the caller to call \c mbedtls_ssl_write() again in * order to send the remaining bytes if any. * - * \sa mbedtls_ssl_set_mtu() - * \sa mbedtls_ssl_get_output_max_frag_len() - * \sa mbedtls_ssl_get_input_max_frag_len() + * \sa mbedtls_ssl_get_max_out_record_payload() * \sa mbedtls_ssl_get_record_expansion() * * \param ssl SSL context @@ -3686,8 +3684,7 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); * order to send the remaining bytes if any. * * \sa mbedtls_ssl_set_mtu() - * \sa mbedtls_ssl_get_output_max_frag_len() - * \sa mbedtls_ssl_get_input_max_frag_len() + * \sa mbedtls_ssl_get_max_in_record_payload() * \sa mbedtls_ssl_get_record_expansion() * * \param ssl SSL context @@ -3995,7 +3992,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * or negotiated with the peer), then: * - with TLS, less bytes than requested are written. * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. - * \c mbedtls_ssl_get_output_max_frag_len() may be used to + * \c mbedtls_ssl_get_max_out_record_payload() may be used to * query the active maximum fragment length. * * \note Attempting to write 0 bytes will result in an empty TLS From b2efc4d4648082058461c664ca597cf661074902 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 15 May 2021 06:26:24 +0100 Subject: [PATCH 0024/1065] Add migration guide Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/max-record-payload-api.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 docs/3.0-migration-guide.d/max-record-payload-api.md diff --git a/docs/3.0-migration-guide.d/max-record-payload-api.md b/docs/3.0-migration-guide.d/max-record-payload-api.md new file mode 100644 index 0000000000..0b34915f40 --- /dev/null +++ b/docs/3.0-migration-guide.d/max-record-payload-api.md @@ -0,0 +1,11 @@ +Remove MaximumFragmentLength (MFL) query API +----------------------------------------------------------------- + +This affects users which use the MFL query APIs +`mbedtls_ssl_get_{input,output}_max_frag_len()` to +infer upper bounds on the plaintext size of incoming and +outgoing record. + +Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` +instead, which also provides such upper bounds but takes more factors +than just the MFL configuration into account. From 24628b69be04b547982f401fa48230a33a993df0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 15 May 2021 06:29:41 +0100 Subject: [PATCH 0025/1065] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/max-record-payload-api.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/max-record-payload-api.txt diff --git a/ChangeLog.d/max-record-payload-api.txt b/ChangeLog.d/max-record-payload-api.txt new file mode 100644 index 0000000000..af49fd96d6 --- /dev/null +++ b/ChangeLog.d/max-record-payload-api.txt @@ -0,0 +1,6 @@ +API changes + * Remove `mbedtls_ssl_get_{input,output}_max_frag_len()` + and add `mbedtls_ssl_get_max_in_record_payload()`, + complementing the existing `mbedtls_ssl_get_max_out_record_payload()`. + Uses of `mbedtls_ssl_get_{input,output}_max_frag_len()` + should be replaced by `mbedtls_ssl_get_max_{in,out}_record_payload()`. From ebd6ab7f6e1eb2d421b1441b25b12395d6a10da0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 05:59:46 +0100 Subject: [PATCH 0026/1065] Improve documentation of record expansion API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 83df117691..02cb6da91c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3647,10 +3647,13 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); /** * \brief Return the current maximum outgoing record payload in bytes. - * This takes into account various factors, such as the config.h - * setting \c MBEDTLS_SSL_OUT_CONTENT_LEN, extensions such as the - * max fragment length or record size limit extension if used, and - * for DTLS the path MTU as configured and current record expansion. + * + * \note The logic to determine the maximum outgoing record payload is + * version-specific. It takes into account various factors, such as + * the config.h setting \c MBEDTLS_SSL_OUT_CONTENT_LEN, extensions + * such as the max fragment length or record size limit extension if + * used, and for DTLS the path MTU as configured and current + * record expansion. * * \note With DTLS, \c mbedtls_ssl_write() will return an error if * called with a larger length value. @@ -3671,8 +3674,10 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); /** * \brief Return the current maximum incoming record payload in bytes. - * This takes into account various factors, such as the - * config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions + * + * \note The logic to determine the maximum outgoing record payload is + * version-specific. It takes into account various factors, such as + * the config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions * such as the max fragment length extension or record size limit * extension if used, and the current record expansion. * From 88f86f7f37092ede28c3e5647c29f44e4749e78d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 06:00:28 +0100 Subject: [PATCH 0027/1065] Remove copy-pasta from record API documentation Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 7 ------- 1 file changed, 7 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 02cb6da91c..cf3b44bc38 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3681,13 +3681,6 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); * such as the max fragment length extension or record size limit * extension if used, and the current record expansion. * - * \note With DTLS, \c mbedtls_ssl_read() will return an error if - * called with a larger length value. - * With TLS, \c mbedtls_ssl_write() will fragment the input if - * necessary and return the number of bytes written; it is up - * to the caller to call \c mbedtls_ssl_write() again in - * order to send the remaining bytes if any. - * * \sa mbedtls_ssl_set_mtu() * \sa mbedtls_ssl_get_max_in_record_payload() * \sa mbedtls_ssl_get_record_expansion() From fb1add76fdc62d857dcf43c74e231ea6415a4597 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 06:02:48 +0100 Subject: [PATCH 0028/1065] Don't use markdown formatting in ChangeLog Signed-off-by: Hanno Becker --- ChangeLog.d/max-record-payload-api.txt | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/max-record-payload-api.txt b/ChangeLog.d/max-record-payload-api.txt index af49fd96d6..02b47e4e1b 100644 --- a/ChangeLog.d/max-record-payload-api.txt +++ b/ChangeLog.d/max-record-payload-api.txt @@ -1,6 +1,9 @@ API changes - * Remove `mbedtls_ssl_get_{input,output}_max_frag_len()` - and add `mbedtls_ssl_get_max_in_record_payload()`, - complementing the existing `mbedtls_ssl_get_max_out_record_payload()`. - Uses of `mbedtls_ssl_get_{input,output}_max_frag_len()` - should be replaced by `mbedtls_ssl_get_max_{in,out}_record_payload()`. + * Remove the SSL APIs mbedtls_ssl_get_input_max_frag_len() and + mbedtls_ssl_get_output_max_frag_len(), and add a new API + mbedtls_ssl_get_max_in_record_payload(), complementing the existing + mbedtls_ssl_get_max_out_record_payload(). + Uses of mbedtls_ssl_get_input_max_frag_len() and + mbedtls_ssl_get_input_max_frag_len() should be replaced by + mbedtls_ssl_get_max_in_record_payload() and + mbedtls_ssl_get_max_out_record_payload(), respectively. From 3bbf4c058fed6b27a469ae50f779f8250b9b1ee6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 06:20:23 +0100 Subject: [PATCH 0029/1065] Fix typo in migration guide for ticket API change Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/ssl-ticket-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/ssl-ticket-api.md b/docs/3.0-migration-guide.d/ssl-ticket-api.md index ce95e2f24b..23c53d671d 100644 --- a/docs/3.0-migration-guide.d/ssl-ticket-api.md +++ b/docs/3.0-migration-guide.d/ssl-ticket-api.md @@ -2,7 +2,7 @@ Modified semantics of mbedtls_ssl_{get,set}_session() ----------------------------------------------------------------- This affects users who call `mbedtls_ssl_get_session()` or -`mbedtls_ssl_session_set()` multiple times on the same SSL context +`mbedtls_ssl_set_session()` multiple times on the same SSL context representing an established TLS 1.2 connection. Those users will now observe the second call to fail with `MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`. From ef5235bc2e611cf83457d857b4ea53e99387a518 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 06:39:41 +0100 Subject: [PATCH 0030/1065] Add TLS 1.3 second level key derivations This commit adds helper functions to ssl_tls13_keys.[ch] allowing to derive the secrets specific to each stage of a TLS 1.3 handshake (early, handshake, application) from the corresponding master secret (early secret, handshake secret, master secret). Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 219 +++++++++++++++++++++++++++++++++++++++ library/ssl_tls13_keys.h | 194 ++++++++++++++++++++++++++++++++++ 2 files changed, 413 insertions(+) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 4e8fb433b0..ce551f6fc9 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -24,6 +24,7 @@ #include "mbedtls/hkdf.h" #include "ssl_misc.h" #include "ssl_tls13_keys.h" +#include "mbedtls/debug.h" #include #include @@ -346,4 +347,222 @@ int mbedtls_ssl_tls1_3_evolve_secret( return( ret ); } +int mbedtls_ssl_tls1_3_derive_early_secrets( + mbedtls_md_type_t md_type, + unsigned char const *early_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_early_secrets *derived ) +{ + int ret; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + /* + * 0 + * | + * v + * PSK -> HKDF-Extract = Early Secret + * | + * +-----> Derive-Secret(., "ext binder" | "res binder", "") + * | = binder_key + * | + * +-----> Derive-Secret(., "c e traffic", ClientHello) + * | = client_early_traffic_secret + * | + * +-----> Derive-Secret(., "e exp master", ClientHello) + * | = early_exporter_master_secret + * v + */ + + /* Create client_early_traffic_secret */ + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + early_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_e_traffic ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_early_traffic_secret, + md_size ); + if( ret != 0 ) + return( ret ); + + /* Create early exporter */ + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + early_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( e_exp_master ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->early_exporter_master_secret, + md_size ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_ssl_tls1_3_derive_handshake_secrets( + mbedtls_md_type_t md_type, + unsigned char const *handshake_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_handshake_secrets *derived ) +{ + int ret; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + /* + * + * Handshake Secret + * | + * +-----> Derive-Secret( ., "c hs traffic", + * | ClientHello...ServerHello ) + * | = client_handshake_traffic_secret + * | + * +-----> Derive-Secret( ., "s hs traffic", + * | ClientHello...ServerHello ) + * | = server_handshake_traffic_secret + * + */ + + /* + * Compute client_handshake_traffic_secret with + * Derive-Secret( ., "c hs traffic", ClientHello...ServerHello ) + */ + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + handshake_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_hs_traffic ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_handshake_traffic_secret, + md_size ); + if( ret != 0 ) + return( ret ); + + /* + * Compute server_handshake_traffic_secret with + * Derive-Secret( ., "s hs traffic", ClientHello...ServerHello ) + */ + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + handshake_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_hs_traffic ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->server_handshake_traffic_secret, + md_size ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_ssl_tls1_3_derive_application_secrets( + mbedtls_md_type_t md_type, + unsigned char const *application_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_application_secrets *derived ) +{ + int ret; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + /* Generate {client,server}_application_traffic_secret_0 + * + * Master Secret + * | + * +-----> Derive-Secret( ., "c ap traffic", + * | ClientHello...server Finished ) + * | = client_application_traffic_secret_0 + * | + * +-----> Derive-Secret( ., "s ap traffic", + * | ClientHello...Server Finished ) + * | = server_application_traffic_secret_0 + * | + * +-----> Derive-Secret( ., "exp master", + * | ClientHello...server Finished) + * | = exporter_master_secret + * + */ + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + application_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( c_ap_traffic ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_application_traffic_secret_N, + md_size ); + if( ret != 0 ) + return( ret ); + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + application_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( s_ap_traffic ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->server_application_traffic_secret_N, + md_size ); + if( ret != 0 ) + return( ret ); + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + application_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( exp_master ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->exporter_master_secret, + md_size ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +/* Generate resumption_master_secret for use with the ticket exchange. + * + * This is not integrated with mbedtls_ssl_tls1_3_derive_application_secrets() + * because it uses the transcript hash up to and including ClientFinished. */ +int mbedtls_ssl_tls1_3_derive_resumption_master_secret( + mbedtls_md_type_t md_type, + unsigned char const *application_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_application_secrets *derived ) +{ + int ret; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + application_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_master ), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->resumption_master_secret, + md_size ); + + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 7089049ce2..cb45cc9099 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -70,6 +70,27 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN \ MBEDTLS_MD_MAX_SIZE +typedef struct +{ + unsigned char binder_key [ MBEDTLS_MD_MAX_SIZE ]; + unsigned char client_early_traffic_secret [ MBEDTLS_MD_MAX_SIZE ]; + unsigned char early_exporter_master_secret[ MBEDTLS_MD_MAX_SIZE ]; +} mbedtls_ssl_tls1_3_early_secrets; + +typedef struct +{ + unsigned char client_handshake_traffic_secret[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char server_handshake_traffic_secret[ MBEDTLS_MD_MAX_SIZE ]; +} mbedtls_ssl_tls1_3_handshake_secrets; + +typedef struct +{ + unsigned char client_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char server_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char exporter_master_secret [ MBEDTLS_MD_MAX_SIZE ]; + unsigned char resumption_master_secret [ MBEDTLS_MD_MAX_SIZE ]; +} mbedtls_ssl_tls1_3_application_secrets; + /* Maximum desired length for expanded key material generated * by HKDF-Expand-Label. * @@ -198,6 +219,179 @@ int mbedtls_ssl_tls1_3_derive_secret( int ctx_hashed, unsigned char *dstbuf, size_t buflen ); +/** + * \brief Derive TLS 1.3 early data key material from early secret. + * + * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret() + * with the appropriate labels. + * + * + * Early Secret + * | + * +-----> Derive-Secret(., "c e traffic", ClientHello) + * | = client_early_traffic_secret + * | + * +-----> Derive-Secret(., "e exp master", ClientHello) + * . = early_exporter_master_secret + * . + * . + * + * + * \note To obtain the actual key and IV for the early data traffic, + * the client secret derived by this function need to be + * further processed by mbedtls_ssl_tls1_3_make_traffic_keys(). + * + * \note The binder key, which is also generated from the early secret, + * is omitted here. Its calculation is part of the separate routine + * mbedtls_ssl_tls1_3_create_psk_binder(). + * + * \param md_type The hash algorithm associated with the PSK for which + * early data key material is being derived. + * \param early_secret The early secret from which the early data key material + * should be derived. This must be a readable buffer whose + * length is the digest size of the hash algorithm + * represented by \p md_size. + * \param transcript The transcript of the handshake so far, calculated with + * respect to \p md_type. This must be a readable buffer + * whose length is the digest size of the hash algorithm + * represented by \p md_size. + * \param derived The address of the structure in which to store + * the early data key material. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +int mbedtls_ssl_tls1_3_derive_early_secrets( + mbedtls_md_type_t md_type, + unsigned char const *early_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_early_secrets *derived ); + +/** + * \brief Derive TLS 1.3 handshake key material from the handshake secret. + * + * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret() + * with the appropriate labels from the standard. + * + * + * Handshake Secret + * | + * +-----> Derive-Secret( ., "c hs traffic", + * | ClientHello...ServerHello ) + * | = client_handshake_traffic_secret + * | + * +-----> Derive-Secret( ., "s hs traffic", + * . ClientHello...ServerHello ) + * . = server_handshake_traffic_secret + * . + * + * + * \note To obtain the actual key and IV for the encrypted handshake traffic, + * the client and server secret derived by this function need to be + * further processed by mbedtls_ssl_tls1_3_make_traffic_keys(). + * + * \param md_type The hash algorithm associated with the ciphersuite + * that's being used for the connection. + * \param handshake_secret The handshake secret from which the handshake key + * material should be derived. This must be a readable + * buffer whose length is the digest size of the hash + * algorithm represented by \p md_size. + * \param transcript The transcript of the handshake so far, calculated + * with respect to \p md_type. This must be a readable + * buffer whose length is the digest size of the hash + * algorithm represented by \p md_size. + * \param derived The address of the structure in which to + * store the handshake key material. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +int mbedtls_ssl_tls1_3_derive_handshake_secrets( + mbedtls_md_type_t md_type, + unsigned char const *handshake_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_handshake_secrets *derived ); + +/** + * \brief Derive TLS 1.3 application key material from the master secret. + * + * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret() + * with the appropriate labels from the standard. + * + * + * Master Secret + * | + * +-----> Derive-Secret( ., "c ap traffic", + * | ClientHello...server Finished ) + * | = client_application_traffic_secret_0 + * | + * +-----> Derive-Secret( ., "s ap traffic", + * | ClientHello...Server Finished ) + * | = server_application_traffic_secret_0 + * | + * +-----> Derive-Secret( ., "exp master", + * . ClientHello...server Finished) + * . = exporter_master_secret + * . + * + * + * \note To obtain the actual key and IV for the (0-th) application traffic, + * the client and server secret derived by this function need to be + * further processed by mbedtls_ssl_tls1_3_make_traffic_keys(). + * + * \param md_type The hash algorithm associated with the ciphersuite + * that's being used for the connection. + * \param master_secret The master secret from which the application key + * material should be derived. This must be a readable + * buffer whose length is the digest size of the hash + * algorithm represented by \p md_size. + * \param transcript The transcript of the handshake up to and including + * the ServerFinished message, calculated with respect + * to \p md_type. This must be a readable buffer whose + * length is the digest size of the hash algorithm + * represented by \p md_type. + * \param derived The address of the structure in which to + * store the application key material. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +int mbedtls_ssl_tls1_3_derive_application_secrets( + mbedtls_md_type_t md_type, + unsigned char const *master_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_application_secrets *derived ); + +/** + * \brief Derive TLS 1.3 resumption master secret from the master secret. + * + * This is a small wrapper invoking mbedtls_ssl_tls1_3_derive_secret() + * with the appropriate labels from the standard. + * + * \param md_type The hash algorithm used in the application for which + * key material is being derived. + * \param application_secret The application secret from which the resumption master + * secret should be derived. This must be a readable + * buffer whose length is the digest size of the hash + * algorithm represented by \p md_size. + * \param transcript The transcript of the handshake up to and including + * the ClientFinished message, calculated with respect + * to \p md_type. This must be a readable buffer whose + * length is the digest size of the hash algorithm + * represented by \p md_type. + * \param transcript_len The length of \p transcript in Bytes. + * \param derived The address of the structure in which to + * store the resumption master secret. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +int mbedtls_ssl_tls1_3_derive_resumption_master_secret( + mbedtls_md_type_t md_type, + unsigned char const *application_secret, + unsigned char const *transcript, size_t transcript_len, + mbedtls_ssl_tls1_3_application_secrets *derived ); + /** * \brief Compute the next secret in the TLS 1.3 key schedule * From a4f40a0f48990d4169494d4031947951f1c636b4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 06:42:11 +0100 Subject: [PATCH 0031/1065] Test TLS 1.3 second level key derivation helpers Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 16 ++++ tests/suites/test_suite_ssl.function | 120 +++++++++++++++++++++++++++ 2 files changed, 136 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index ab001306df..606034044f 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9241,6 +9241,22 @@ SSL TLS 1.3 Key schedule: Derive-Secret( ., "res master", hash) # Vector from RFC 8448 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406" +SSL TLS 1.3 Key schedule: Early secrets derivation helper +# Vector from RFC 8448 +ssl_tls1_3_derive_early_secrets:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62":"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df" + +SSL TLS 1.3 Key schedule: Handshake secrets derivation helper +# Vector from RFC 8448 +ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803" + +SSL TLS 1.3 Key schedule: Application secrets derivation helper +# Vector from RFC 8448 +ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" + +SSL TLS 1.3 Key schedule: Resumption secrets derivation helper +# Vector from RFC 8448 +ssl_tls1_3_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406" + SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d9261d1a2a..59fae70e2e 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3793,6 +3793,126 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_derive_early_secrets( int hash_alg, + data_t *secret, + data_t *transcript, + data_t *traffic_expected, + data_t *exporter_expected ) +{ + mbedtls_ssl_tls1_3_early_secrets secrets; + + /* Double-check that we've passed sane parameters. */ + mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + TEST_ASSERT( md_info != 0 && + secret->len == md_size && + transcript->len == md_size && + traffic_expected->len == md_size && + exporter_expected->len == md_size ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_derive_early_secrets( + md_type, secret->x, transcript->x, transcript->len, + &secrets ) == 0 ); + + ASSERT_COMPARE( secrets.client_early_traffic_secret, md_size, + traffic_expected->x, traffic_expected->len ); + ASSERT_COMPARE( secrets.early_exporter_master_secret, md_size, + exporter_expected->x, exporter_expected->len ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_derive_handshake_secrets( int hash_alg, + data_t *secret, + data_t *transcript, + data_t *client_expected, + data_t *server_expected ) +{ + mbedtls_ssl_tls1_3_handshake_secrets secrets; + + /* Double-check that we've passed sane parameters. */ + mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + TEST_ASSERT( md_info != 0 && + secret->len == md_size && + transcript->len == md_size && + client_expected->len == md_size && + server_expected->len == md_size ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_derive_handshake_secrets( + md_type, secret->x, transcript->x, transcript->len, + &secrets ) == 0 ); + + ASSERT_COMPARE( secrets.client_handshake_traffic_secret, md_size, + client_expected->x, client_expected->len ); + ASSERT_COMPARE( secrets.server_handshake_traffic_secret, md_size, + server_expected->x, server_expected->len ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_derive_application_secrets( int hash_alg, + data_t *secret, + data_t *transcript, + data_t *client_expected, + data_t *server_expected, + data_t *exporter_expected ) +{ + mbedtls_ssl_tls1_3_application_secrets secrets; + + /* Double-check that we've passed sane parameters. */ + mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + TEST_ASSERT( md_info != 0 && + secret->len == md_size && + transcript->len == md_size && + client_expected->len == md_size && + server_expected->len == md_size && + exporter_expected->len == md_size ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_derive_application_secrets( + md_type, secret->x, transcript->x, transcript->len, + &secrets ) == 0 ); + + ASSERT_COMPARE( secrets.client_application_traffic_secret_N, md_size, + client_expected->x, client_expected->len ); + ASSERT_COMPARE( secrets.server_application_traffic_secret_N, md_size, + server_expected->x, server_expected->len ); + ASSERT_COMPARE( secrets.exporter_master_secret, md_size, + exporter_expected->x, exporter_expected->len ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_derive_resumption_secrets( int hash_alg, + data_t *secret, + data_t *transcript, + data_t *resumption_expected ) +{ + mbedtls_ssl_tls1_3_application_secrets secrets; + + /* Double-check that we've passed sane parameters. */ + mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + TEST_ASSERT( md_info != 0 && + secret->len == md_size && + transcript->len == md_size && + resumption_expected->len == md_size ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_derive_resumption_master_secret( + md_type, secret->x, transcript->x, transcript->len, + &secrets ) == 0 ); + + ASSERT_COMPARE( secrets.resumption_master_secret, md_size, + resumption_expected->x, resumption_expected->len ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ void ssl_tls1_3_key_evolution( int hash_alg, data_t *secret, From b7d9bad6bedd147f45f1972a35d27e837ab1e565 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 06:44:14 +0100 Subject: [PATCH 0032/1065] Add helper function for calculation of TLS 1.3 PSK binder Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 132 +++++++++++++++++++++++++++++++++++++++ library/ssl_tls13_keys.h | 33 ++++++++++ 2 files changed, 165 insertions(+) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index ce551f6fc9..950d32cb93 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -565,4 +565,136 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret( return( 0 ); } +static int ssl_tls1_3_calc_finished_core( mbedtls_md_type_t md_type, + unsigned char const *base_key, + unsigned char const *transcript, + unsigned char *dst ) +{ + const mbedtls_md_info_t* const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + unsigned char finished_key[MBEDTLS_MD_MAX_SIZE]; + int ret; + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + /* TLS 1.3 Finished message + * + * struct { + * opaque verify_data[Hash.length]; + * } Finished; + * + * verify_data = + * HMAC( finished_key, + * Hash( Handshake Context + + * Certificate* + + * CertificateVerify* ) + * ) + * + * finished_key = + * HKDF-Expand-Label( BaseKey, "finished", "", Hash.length ) + */ + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label( + md_type, base_key, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( finished ), + NULL, 0, + finished_key, md_size ); + if( ret != 0 ) + goto exit; + + ret = mbedtls_md_hmac( md_info, finished_key, md_size, transcript, md_size, dst ); + if( ret != 0 ) + goto exit; + +exit: + + mbedtls_platform_zeroize( finished_key, sizeof( finished_key ) ); + return( ret ); +} + +int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl, + const mbedtls_md_type_t md_type, + unsigned char const *psk, size_t psk_len, + int psk_type, + unsigned char const *transcript, + unsigned char *result ) +{ + int ret = 0; + unsigned char binder_key[MBEDTLS_MD_MAX_SIZE]; + unsigned char early_secret[MBEDTLS_MD_MAX_SIZE]; + mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + + /* We should never call this function with an unknown hash, + * but add an assertion anyway. */ + if( md_info == 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + /* + * 0 + * | + * v + * PSK -> HKDF-Extract = Early Secret + * | + * +-----> Derive-Secret(., "ext binder" | "res binder", "") + * | = binder_key + * v + */ + + ret = mbedtls_ssl_tls1_3_evolve_secret( md_type, + NULL, /* Old secret */ + psk, psk_len, /* Input */ + early_secret ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_evolve_secret", ret ); + goto exit; + } + + if( psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION ) + { + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + early_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( res_binder ), + NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + binder_key, md_size ); + MBEDTLS_SSL_DEBUG_MSG( 4, ( "Derive Early Secret with 'res binder'" ) ); + } + else + { + ret = mbedtls_ssl_tls1_3_derive_secret( md_type, + early_secret, md_size, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( ext_binder ), + NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + binder_key, md_size ); + MBEDTLS_SSL_DEBUG_MSG( 4, ( "Derive Early Secret with 'ext binder'" ) ); + } + + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_derive_secret", ret ); + goto exit; + } + + /* + * The binding_value is computed in the same way as the Finished message + * but with the BaseKey being the binder_key. + */ + + ret = ssl_tls1_3_calc_finished_core( md_type, binder_key, transcript, result ); + if( ret != 0 ) + goto exit; + + MBEDTLS_SSL_DEBUG_BUF( 3, "psk binder", result, md_size ); + +exit: + + mbedtls_platform_zeroize( early_secret, sizeof( early_secret ) ); + mbedtls_platform_zeroize( binder_key, sizeof( binder_key ) ); + return( ret ); +} + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index cb45cc9099..4b9c68e725 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -465,4 +465,37 @@ int mbedtls_ssl_tls1_3_evolve_secret( const unsigned char *input, size_t input_len, unsigned char *secret_new ); +#define MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL 0 +#define MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION 1 + +/** + * \brief Calculate a TLS 1.3 PSK binder. + * + * \param ssl The SSL context. This is used for debugging only and may + * be \c NULL if MBEDTLS_DEBUG_C is disabled. + * \param md_type The hash algorithm associated to the PSK \p psk. + * \param psk The buffer holding the PSK for which to create a binder. + * \param psk_len The size of \p psk in bytes. + * \param is_external This indicates whether the PSK \p psk is externally + * provisioned (#MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL) or a + * resumption PSK (#MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION). + * \param transcript The handshake transcript up to the point where the + * PSK binder calculation happens. This must be readable, + * and its size must be equal to the digest size of + * the hash algorithm represented by \p md_type. + * \param result The address at which to store the PSK binder on success. + * This must be writable, and its size must be equal to the + * digest size of the hash algorithm represented by + * \p md_type. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl, + const mbedtls_md_type_t md_type, + unsigned char const *psk, size_t psk_len, + int psk_type, + unsigned char const *transcript, + unsigned char *result ); + #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ From 55bc2c53af7d3ec19b84399d2d0c1f7dfd331322 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 06:53:52 +0100 Subject: [PATCH 0033/1065] Test TLS 1.3 PSK binder calculation helper Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 6 ++++++ tests/suites/test_suite_ssl.function | 30 ++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 606034044f..abc33b125b 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9257,6 +9257,12 @@ SSL TLS 1.3 Key schedule: Resumption secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406" +SSL TLS 1.3 Key schedule: PSK binder +# Vector from RFC 8448 +# For the resumption PSK, see Section 3, 'generate resumption secret "tls13 resumption"' +# For all other data, see Section 4, 'construct a ClientHello handshake message:' +ssl_tls1_3_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d" + SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 59fae70e2e..d23949c5db 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3913,6 +3913,36 @@ void ssl_tls1_3_derive_resumption_secrets( int hash_alg, } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_create_psk_binder( int hash_alg, + data_t *psk, + int psk_type, + data_t *transcript, + data_t *binder_expected ) +{ + unsigned char binder[ MBEDTLS_MD_MAX_SIZE ]; + + /* Double-check that we've passed sane parameters. */ + mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg; + mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type ); + size_t const md_size = mbedtls_md_get_size( md_info ); + TEST_ASSERT( md_info != 0 && + transcript->len == md_size && + binder_expected->len == md_size ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_create_psk_binder( + NULL, /* SSL context for debugging only */ + md_type, + psk->x, psk->len, + psk_type, + transcript->x, + binder ) == 0 ); + + ASSERT_COMPARE( binder, md_size, + binder_expected->x, binder_expected->len ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ void ssl_tls1_3_key_evolution( int hash_alg, data_t *secret, From 266694ea42443d8f401ebad5b93037d6af4192b3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 20 May 2021 09:02:37 +0200 Subject: [PATCH 0034/1065] Define CCM multi-part API Define CCM multi-part API along the lines of the GCM multi-part API. The two APIs are not exactly the same as, contrary to GCM, CCM needs the size of the additional data and plaintext/ciphertext from the start. Signed-off-by: Ronald Cron --- ChangeLog.d/m-ccm-api.txt | 5 ++ include/mbedtls/ccm.h | 140 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 145 insertions(+) create mode 100644 ChangeLog.d/m-ccm-api.txt diff --git a/ChangeLog.d/m-ccm-api.txt b/ChangeLog.d/m-ccm-api.txt new file mode 100644 index 0000000000..7301e12e59 --- /dev/null +++ b/ChangeLog.d/m-ccm-api.txt @@ -0,0 +1,5 @@ +Features + * The CCM API now supports multi-part operations. Alternative + implementations can add multipart support according to the new multi-part + interface functions. The implementation of these functions in Mbed TLS + will be added in a future release. diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index f63e61be50..0fc8ae4505 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -55,6 +55,11 @@ #include "mbedtls/cipher.h" +#define MBEDTLS_CCM_DECRYPT 0 +#define MBEDTLS_CCM_ENCRYPT 1 +#define MBEDTLS_CCM_STAR_DECRYPT 2 +#define MBEDTLS_CCM_STAR_ENCRYPT 3 + #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ @@ -288,6 +293,141 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ); +/** + * \brief This function starts a CCM encryption or decryption + * operation. + * + * \param ctx The CCM context. This must be initialized. + * \param mode The operation to perform: #MBEDTLS_CCM_ENCRYPT or + * #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or + * #MBEDTLS_CCM_STAR_DECRYPT. + * \param iv The initialization vector. This must be a readable buffer of + * at least \p iv_len Bytes. + * \param iv_len The length of the IV. + * \param ad_len The length of the additional data in bytes. + * \param body_len The length of the data to encrypt or decrypt in bytes. + * + * \return \c 0 on success. + */ +int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + size_t ad_len, + size_t body_len ); + +/** + * \brief This function feeds an input buffer as associated data + * (authenticated but not encrypted data) in a CCM + * encryption or decryption operation. + * + * Call this function after mbedtls_ccm_starts() to pass + * the associated data. If the associated data is empty, + * you do not need to call this function. You may not + * call this function after calling mbedtls_ccm_update(). + * + * \note This function may be called several times per operation, + * passing the associated data in chunks. + * + * \param ctx The CCM context. This must have been started with + * mbedtls_ccm_starts() and must not have yet received + * any input with mbedtls_ccm_update(). + * \param add The buffer holding the additional data, or \c NULL + * if \p add_len is \c 0. + * \param add_len The length of the additional data. If \c 0, + * \p add may be \c NULL. + * + * \return \c 0 on success. + * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * total input length too long. + */ +int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, + const unsigned char *add, + size_t add_len ); + +/** + * \brief This function feeds an input buffer into an ongoing CCM + * encryption or decryption operation. + * + * You may call this function zero, one or more times + * to pass successive parts of the input: the plaintext to + * encrypt, or the ciphertext (not including the tag) to + * decrypt. After the last part of the input, call + * mbedtls_ccm_finish(). + * + * This function may produce output in one of the following + * ways: + * - Immediate output: the output length is always equal + * to the input length. + * - Buffered output: but for the last chunck of input data, + * the output consists of a whole number of 16-byte blocks. + * If the total input length so far (not including + * associated data) is 16 \* *B* + *A* with *A* < 16 then + * the total output length is 16 \* *B*. + * For the last chunck of input data, the output length is + * equal to the input length. The function uses the length + * in bytes of the body data passed in mbedtls_ccm_starts() + * to detect the last chunck of data to encrypt or decrypt. + * + * In particular: + * - It is always correct to call this function with + * \p output_size >= \p input_length + 15. + * - If \p input_length is a multiple of 16 for all the calls + * to this function during an operation (not necessary for + * the last one) then it is correct to use \p output_size + * =\p input_length. + * + * \note For decryption, the output buffer cannot be the same as + * the input buffer. If the buffers overlap, the output buffer + * must trail at least 8 Bytes behind the input buffer. + * + * \param ctx The CCM context. This must be initialized. + * \param input The buffer holding the input data. If \p input_length + * is greater than zero, this must be a readable buffer + * of at least \p input_length bytes. + * \param input_length The length of the input data in bytes. + * \param output The buffer for the output data. If \p output_size + * is greater than zero, this must be a writable buffer of + * at least \p output_size bytes. + * \param output_size The size of the output buffer in bytes. + * See the function description regarding the output size. + * \param output_length On success, \p *output_length contains the actual + * length of the output written in \p output. + * On failure, the content of \p *output_length is + * unspecified. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * total input length too long, + * unsupported input/output buffer overlap detected, + * or \p output_size too small. + */ +int mbedtls_ccm_update( mbedtls_ccm_context *ctx, + const unsigned char *input, size_t input_length, + unsigned char *output, size_t output_size, + size_t *output_length ); + +/** + * \brief This function finishes the CCM operation and generates + * the authentication tag. + * + * It wraps up the CCM stream, and generates the + * tag. The tag can have a maximum length of 16 Bytes. + * + * \param ctx The CCM context. This must be initialized. + * \param tag The buffer for holding the tag. If \p tag_len is greater + * than zero, this must be a writable buffer of at least \p + * tag_len Bytes. + * \param tag_len The length of the tag to generate. This must be at least + * four for CCM but can be equal to \c 0 for CCM*. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * invalid value of \p tag_len. + */ +int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, + unsigned char *tag, size_t tag_len ); + #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /** * \brief The CCM checkup routine. From c8d3ccd67b89f23307badb11f6d6f1409da21eab Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 26 May 2021 04:47:29 +0100 Subject: [PATCH 0035/1065] Fix Doxygen for TLS 1.3 PSK binder helper Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 4b9c68e725..3b96998aed 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -476,7 +476,7 @@ int mbedtls_ssl_tls1_3_evolve_secret( * \param md_type The hash algorithm associated to the PSK \p psk. * \param psk The buffer holding the PSK for which to create a binder. * \param psk_len The size of \p psk in bytes. - * \param is_external This indicates whether the PSK \p psk is externally + * \param psk_type This indicates whether the PSK \p psk is externally * provisioned (#MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL) or a * resumption PSK (#MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION). * \param transcript The handshake transcript up to the point where the From 28e5f1ed579b41d189a00f4a765f6e5a170db542 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 26 May 2021 09:29:49 +0100 Subject: [PATCH 0036/1065] Avoid unused variable warning in TLS 1.3 PSK binder calculation Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 950d32cb93..78a55812da 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -628,6 +628,11 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl, mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type( md_type ); size_t const md_size = mbedtls_md_get_size( md_info ); +#if !defined(MBEDTLS_DEBUG_C) + ssl = NULL; /* make sure we don't use it except for debug */ + ((void) ssl); +#endif + /* We should never call this function with an unknown hash, * but add an assertion anyway. */ if( md_info == 0 ) From 5905f91ba126936084b634d0127784b16670ce6a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 09:46:09 +0200 Subject: [PATCH 0037/1065] Improve mbedtls_ccm_starts() description Change from `body` to `input` to refer to the input data. Add prefix total_ to the new length parameters to ease refering to them in the documentation of the other multi-part APIs. Add error code documentation. Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 0fc8ae4505..acb1482f40 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -301,20 +301,25 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param mode The operation to perform: #MBEDTLS_CCM_ENCRYPT or * #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or * #MBEDTLS_CCM_STAR_DECRYPT. - * \param iv The initialization vector. This must be a readable buffer of - * at least \p iv_len Bytes. - * \param iv_len The length of the IV. - * \param ad_len The length of the additional data in bytes. - * \param body_len The length of the data to encrypt or decrypt in bytes. + * \param iv The initialization vector. This must be a readable buffer + * of at least \p iv_len Bytes. + * \param iv_len The length of the IV in bytes. + * \param total_ad_len The total length of additional data in bytes. + * \param total_input_len The total length of input data to encrypt or decrypt + * in bytes. * * \return \c 0 on success. + * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p iv_len is invalid (lower than \c 7 or greater than + * \c 13), + * \p total_ad_len is greater than \c 0xFF00. */ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, - size_t ad_len, - size_t body_len ); + size_t total_ad_len, + size_t total_input_len ); /** * \brief This function feeds an input buffer as associated data From d1a29a9687765871fc522ae0ac9eeaa65692346a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 09:49:11 +0200 Subject: [PATCH 0038/1065] Align mbedtls_ccm_update_ad() and mbedtls_ccm_update() descriptions Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index acb1482f40..7303aacff4 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -326,14 +326,13 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * (authenticated but not encrypted data) in a CCM * encryption or decryption operation. * - * Call this function after mbedtls_ccm_starts() to pass - * the associated data. If the associated data is empty, - * you do not need to call this function. You may not + * You may call this function zero, one or more times + * to pass successive parts of the additional data. The + * lengths \p add_len of the data parts should eventually add + * up exactly to the total length of additional data + * \c total_ad_len passed to mbedtls_ccm_starts(). You may not * call this function after calling mbedtls_ccm_update(). * - * \note This function may be called several times per operation, - * passing the associated data in chunks. - * * \param ctx The CCM context. This must have been started with * mbedtls_ccm_starts() and must not have yet received * any input with mbedtls_ccm_update(). @@ -358,7 +357,10 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * to pass successive parts of the input: the plaintext to * encrypt, or the ciphertext (not including the tag) to * decrypt. After the last part of the input, call - * mbedtls_ccm_finish(). + * mbedtls_ccm_finish(). The lengths \p input_length of the + * data parts should eventually add up exactly to the total + * length of input data \c total_input_len passed to + * mbedtls_ccm_starts(). * * This function may produce output in one of the following * ways: From 2d40b1031fbb7f829569d4086abc9b8e0b35d621 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 10:11:06 +0200 Subject: [PATCH 0039/1065] Fix mbedtls_ccm_update() buffered output description Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 7303aacff4..7ed4b594ba 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -366,15 +366,17 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * ways: * - Immediate output: the output length is always equal * to the input length. - * - Buffered output: but for the last chunck of input data, + * - Buffered output: but for the last part of input data, * the output consists of a whole number of 16-byte blocks. * If the total input length so far (not including * associated data) is 16 \* *B* + *A* with *A* < 16 then * the total output length is 16 \* *B*. - * For the last chunck of input data, the output length is - * equal to the input length. The function uses the length - * in bytes of the body data passed in mbedtls_ccm_starts() - * to detect the last chunck of data to encrypt or decrypt. + * For the last part of input data, the output length is + * equal to the input length plus the number of bytes (*A*) + * buffered in the previous call to the function (if any). + * The function uses the total length of input data + * \c total_input_len passed to mbedtls_ccm_starts() + * to detect the last part of input data. * * In particular: * - It is always correct to call this function with From 9ca25503ba02ec21744db349734f3b98192d645a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 10:22:06 +0200 Subject: [PATCH 0040/1065] Fix mbedtls_ccm_finish() error code description Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 7ed4b594ba..6287054b02 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -432,7 +432,15 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: - * invalid value of \p tag_len. + * invalid value of \p tag_len, + * the total amount of additional data passed to + * mbedtls_ccm_update_ad() was lower than the total length of + * additional data \c total_ad_len passed to + * mbedtls_ccm_starts(), + * the total amount of input data passed to + * mbedtls_ccm_update() was lower than the total length of + * input data \c total_input_len passed to + * mbedtls_ccm_starts(). */ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len ); From 4c2a3792804a0b45c2a961de7e783250806c49d3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 10:37:45 +0200 Subject: [PATCH 0041/1065] State explicitly that multi-part CCM is not implemented in Mbed TLS yet Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 6287054b02..45fe7f357e 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -297,6 +297,8 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \brief This function starts a CCM encryption or decryption * operation. * + * \note This function is not implemented in Mbed TLS yet. + * * \param ctx The CCM context. This must be initialized. * \param mode The operation to perform: #MBEDTLS_CCM_ENCRYPT or * #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or @@ -333,6 +335,8 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * \c total_ad_len passed to mbedtls_ccm_starts(). You may not * call this function after calling mbedtls_ccm_update(). * + * \note This function is not implemented in Mbed TLS yet. + * * \param ctx The CCM context. This must have been started with * mbedtls_ccm_starts() and must not have yet received * any input with mbedtls_ccm_update(). @@ -386,6 +390,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * the last one) then it is correct to use \p output_size * =\p input_length. * + * \note This function is not implemented in Mbed TLS yet. + * * \note For decryption, the output buffer cannot be the same as * the input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. @@ -423,6 +429,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * It wraps up the CCM stream, and generates the * tag. The tag can have a maximum length of 16 Bytes. * + * \note This function is not implemented in Mbed TLS yet. + * * \param ctx The CCM context. This must be initialized. * \param tag The buffer for holding the tag. If \p tag_len is greater * than zero, this must be a writable buffer of at least \p From eabc3afe69c96d43897d2e0fd6e30e896bbdeb78 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 26 May 2021 10:45:30 +0200 Subject: [PATCH 0042/1065] Align length and additional data shorthand in parameter names Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 45fe7f357e..4da50a2b53 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -306,7 +306,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param iv The initialization vector. This must be a readable buffer * of at least \p iv_len Bytes. * \param iv_len The length of the IV in bytes. - * \param total_ad_len The total length of additional data in bytes. + * \param total_add_len The total length of additional data in bytes. * \param total_input_len The total length of input data to encrypt or decrypt * in bytes. * @@ -314,13 +314,13 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: * \p iv_len is invalid (lower than \c 7 or greater than * \c 13), - * \p total_ad_len is greater than \c 0xFF00. + * \p total_add_len is greater than \c 0xFF00. */ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, - size_t total_ad_len, + size_t total_add_len, size_t total_input_len ); /** @@ -332,8 +332,8 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * to pass successive parts of the additional data. The * lengths \p add_len of the data parts should eventually add * up exactly to the total length of additional data - * \c total_ad_len passed to mbedtls_ccm_starts(). You may not - * call this function after calling mbedtls_ccm_update(). + * \c total_add_len passed to mbedtls_ccm_starts(). You may + * not call this function after calling mbedtls_ccm_update(). * * \note This function is not implemented in Mbed TLS yet. * @@ -361,7 +361,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * to pass successive parts of the input: the plaintext to * encrypt, or the ciphertext (not including the tag) to * decrypt. After the last part of the input, call - * mbedtls_ccm_finish(). The lengths \p input_length of the + * mbedtls_ccm_finish(). The lengths \p input_len of the * data parts should eventually add up exactly to the total * length of input data \c total_input_len passed to * mbedtls_ccm_starts(). @@ -384,11 +384,11 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * * In particular: * - It is always correct to call this function with - * \p output_size >= \p input_length + 15. - * - If \p input_length is a multiple of 16 for all the calls + * \p output_size >= \p input_len + 15. + * - If \p input_len is a multiple of 16 for all the calls * to this function during an operation (not necessary for * the last one) then it is correct to use \p output_size - * =\p input_length. + * =\p input_len. * * \note This function is not implemented in Mbed TLS yet. * @@ -397,18 +397,18 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * must trail at least 8 Bytes behind the input buffer. * * \param ctx The CCM context. This must be initialized. - * \param input The buffer holding the input data. If \p input_length + * \param input The buffer holding the input data. If \p input_len * is greater than zero, this must be a readable buffer - * of at least \p input_length bytes. - * \param input_length The length of the input data in bytes. + * of at least \p input_len bytes. + * \param input_len The length of the input data in bytes. * \param output The buffer for the output data. If \p output_size * is greater than zero, this must be a writable buffer of * at least \p output_size bytes. * \param output_size The size of the output buffer in bytes. * See the function description regarding the output size. - * \param output_length On success, \p *output_length contains the actual + * \param output_len On success, \p *output_len contains the actual * length of the output written in \p output. - * On failure, the content of \p *output_length is + * On failure, the content of \p *output_len is * unspecified. * * \return \c 0 on success. @@ -418,9 +418,9 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * or \p output_size too small. */ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, - const unsigned char *input, size_t input_length, + const unsigned char *input, size_t input_len, unsigned char *output, size_t output_size, - size_t *output_length ); + size_t *output_len ); /** * \brief This function finishes the CCM operation and generates @@ -443,7 +443,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * invalid value of \p tag_len, * the total amount of additional data passed to * mbedtls_ccm_update_ad() was lower than the total length of - * additional data \c total_ad_len passed to + * additional data \c total_add_len passed to * mbedtls_ccm_starts(), * the total amount of input data passed to * mbedtls_ccm_update() was lower than the total length of From e8dd7097c33f2420ea408e6f6106f615d7deb45d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 14:19:11 +0200 Subject: [PATCH 0043/1065] Combine MBEDTLS_SSL__PADDING_GRANULARITY options Signed-off-by: TRodziewicz --- ChangeLog.d/issue4335.txt | 4 ++++ include/mbedtls/config.h | 23 +++-------------------- include/mbedtls/ssl.h | 8 ++------ library/ssl_misc.h | 2 +- library/ssl_msg.c | 4 ++-- 5 files changed, 12 insertions(+), 29 deletions(-) create mode 100644 ChangeLog.d/issue4335.txt diff --git a/ChangeLog.d/issue4335.txt b/ChangeLog.d/issue4335.txt new file mode 100644 index 0000000000..66480264c2 --- /dev/null +++ b/ChangeLog.d/issue4335.txt @@ -0,0 +1,4 @@ +Changes + * Replace MBEDTLS_SSL_CID_PADDING_GRANULARITY and + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a single unified option + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY. Fixes #4335. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 715c73ada0..2670a2f1b0 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3497,27 +3497,10 @@ */ //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 -/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY +/** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY * * This option controls the use of record plaintext padding - * when using the Connection ID extension in DTLS 1.2. - * - * The padding will always be chosen so that the length of the - * padded plaintext is a multiple of the value of this option. - * - * Note: A value of \c 1 means that no padding will be used - * for outgoing records. - * - * Note: On systems lacking division instructions, - * a power of two should be preferred. - * - */ -//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16 - -/** \def MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY - * - * This option controls the use of record plaintext padding - * in TLS 1.3. + * when using the Connection ID extension in DTLS 1.2 and TLS 1.3. * * The padding will always be chosen so that the length of the * padded plaintext is a multiple of the value of this option. @@ -3528,7 +3511,7 @@ * Note: On systems lacking division instructions, * a power of two should be preferred. */ -//#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1 +//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index bdc2b4797a..78f1a8c9a9 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -257,12 +257,8 @@ #define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 #endif -#if !defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) -#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16 -#endif - -#if !defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) -#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1 +#if !defined(MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) +#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 #endif /* \} name SECTION: Module settings */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 1f1de2bfdf..73ffdef92e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -164,7 +164,7 @@ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY +#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY #else #define MBEDTLS_SSL_MAX_CID_EXPANSION 0 #endif diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a75b9190ba..d62df20d08 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -579,7 +579,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, { size_t padding = ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY ); + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ); if( ssl_build_inner_plaintext( data, &rec->data_len, post_avail, @@ -605,7 +605,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, { size_t padding = ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_CID_PADDING_GRANULARITY ); + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ); /* * Wrap plaintext into DTLSInnerPlaintext structure. * See ssl_build_inner_plaintext() for more information. From 5e3c398de20837ef99b7c5beb500b35689159ab6 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 17:58:51 +0200 Subject: [PATCH 0044/1065] A small change in ChangeLog just to restart Travis build Signed-off-by: TRodziewicz --- ChangeLog.d/issue4335.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/issue4335.txt b/ChangeLog.d/issue4335.txt index 66480264c2..fe9b7affa6 100644 --- a/ChangeLog.d/issue4335.txt +++ b/ChangeLog.d/issue4335.txt @@ -1,4 +1,4 @@ Changes * Replace MBEDTLS_SSL_CID_PADDING_GRANULARITY and - MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a single unified option + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a new single unified option MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY. Fixes #4335. From 0a02fbb783bbb24bcc8fca56d830331a13822dea Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 26 May 2021 15:57:50 +0200 Subject: [PATCH 0045/1065] Addition of the migration guide entry. Signed-off-by: TRodziewicz --- ...e_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md diff --git a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md new file mode 100644 index 0000000000..405d572a80 --- /dev/null +++ b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md @@ -0,0 +1,14 @@ +Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options +-- + +This change affects users who modified the default `config.h` padding granularity +settings, i.e. enabled at least one of the options. + +`config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and +`MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because +they used exactly the same padding mechanism and hence their respective padding +granularities can be used in exactly the same way. This change simplifies the +code maintenance. + +The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used +for both DTLS-CID and TLS 1.3. From 1e660edd82a66aec41b3b13609c15087aa3c559c Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 26 May 2021 17:08:54 +0200 Subject: [PATCH 0046/1065] Change the comment wording in config.h Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2670a2f1b0..044bbd7228 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3500,7 +3500,7 @@ /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY * * This option controls the use of record plaintext padding - * when using the Connection ID extension in DTLS 1.2 and TLS 1.3. + * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. * * The padding will always be chosen so that the length of the * padded plaintext is a multiple of the value of this option. From c0cc7ba51ed043407186ea42e92ff3299beb54dd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 08:47:09 +0200 Subject: [PATCH 0047/1065] Change from total_input_len to plaintext_len as parameter name plaintext_len conveys more information. Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 4da50a2b53..4d9ace547a 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -306,9 +306,10 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param iv The initialization vector. This must be a readable buffer * of at least \p iv_len Bytes. * \param iv_len The length of the IV in bytes. - * \param total_add_len The total length of additional data in bytes. - * \param total_input_len The total length of input data to encrypt or decrypt - * in bytes. + * \param total_add_len The total length of additional data in bytes. + * \param plaintext_len The length in bytes of the plaintext to encrypt or + * result of the decryption (thus not encompassing the + * additional data that are not encrypted). * * \return \c 0 on success. * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: @@ -321,7 +322,7 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, const unsigned char *iv, size_t iv_len, size_t total_add_len, - size_t total_input_len ); + size_t plaintext_len ); /** * \brief This function feeds an input buffer as associated data @@ -362,8 +363,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * encrypt, or the ciphertext (not including the tag) to * decrypt. After the last part of the input, call * mbedtls_ccm_finish(). The lengths \p input_len of the - * data parts should eventually add up exactly to the total - * length of input data \c total_input_len passed to + * data parts should eventually add up exactly to the + * plaintext length \c plaintext_len passed to * mbedtls_ccm_starts(). * * This function may produce output in one of the following @@ -378,8 +379,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * For the last part of input data, the output length is * equal to the input length plus the number of bytes (*A*) * buffered in the previous call to the function (if any). - * The function uses the total length of input data - * \c total_input_len passed to mbedtls_ccm_starts() + * The function uses the plaintext length + * \c plaintext_len passed to mbedtls_ccm_starts() * to detect the last part of input data. * * In particular: @@ -446,9 +447,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * additional data \c total_add_len passed to * mbedtls_ccm_starts(), * the total amount of input data passed to - * mbedtls_ccm_update() was lower than the total length of - * input data \c total_input_len passed to - * mbedtls_ccm_starts(). + * mbedtls_ccm_update() was lower than the plaintext length + * \c plaintext_len passed to mbedtls_ccm_starts(). */ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len ); From 0cc60f9985d424f440b47819597359e53953a535 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:01:25 +0200 Subject: [PATCH 0048/1065] Improve some length parameter descriptions Improve some length parameter descriptions, aligning them with the descriptions for the one-shot functions. Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 4d9ace547a..4cfb1e85cf 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -305,8 +305,11 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * #MBEDTLS_CCM_STAR_DECRYPT. * \param iv The initialization vector. This must be a readable buffer * of at least \p iv_len Bytes. - * \param iv_len The length of the IV in bytes. + * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, + * or 13. The length L of the message length field is + * 15 - \p iv_len. * \param total_add_len The total length of additional data in bytes. + * This must be less than `2^16 - 2^8`. * \param plaintext_len The length in bytes of the plaintext to encrypt or * result of the decryption (thus not encompassing the * additional data that are not encrypted). @@ -436,8 +439,9 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * \param tag The buffer for holding the tag. If \p tag_len is greater * than zero, this must be a writable buffer of at least \p * tag_len Bytes. - * \param tag_len The length of the tag to generate. This must be at least - * four for CCM but can be equal to \c 0 for CCM*. + * \param tag_len The length of the tag to generate in Bytes: + * 4, 6, 8, 10, 12, 14 or 16. + * For CCM*, zero is also valid. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: From 1c77edda15f244a32fae435cf061597623f39374 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 11:55:02 +0200 Subject: [PATCH 0049/1065] More explicit names for some bad-workflow key derivation tests Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ tests/suites/test_suite_psa_crypto.function | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cb0cb9cd44..4b20ba0784 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2897,16 +2897,16 @@ PSA key derivation: ECDH on P256 with HKDF-SHA256, key output depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS -PSA key derivation: HKDF invalid state (double generate + read past capacity) +PSA key derivation over capacity: HKDF depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256) +derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256) -PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity) +PSA key derivation over capacity: TLS 1.2 PRF depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF -test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) +derive_over_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) -PSA key derivation: invalid state (call read/get_capacity after init and abort) -test_derive_invalid_key_derivation_tests: +PSA key derivation: actions without setup +derive_actions_without_setup: PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5b5531f037..948c43707f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4086,7 +4086,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_key_derivation_state( int alg_arg ) +void derive_over_capacity( int alg_arg ) { psa_algorithm_t alg = alg_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4137,7 +4137,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_key_derivation_tests( ) +void derive_actions_without_setup( ) { uint8_t output_buffer[16]; size_t buffer_size = 16; From 284471c236f3edce4e2ccab6e77ad0e4893e5d6c Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 12:42:32 +0200 Subject: [PATCH 0050/1065] Clarify python script's comments Signed-off-by: Mateusz Starzyk --- apply_MBEDTLS_PRIVATE.py | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/apply_MBEDTLS_PRIVATE.py b/apply_MBEDTLS_PRIVATE.py index 4160287f22..4d87384ff5 100644 --- a/apply_MBEDTLS_PRIVATE.py +++ b/apply_MBEDTLS_PRIVATE.py @@ -6,32 +6,41 @@ import os import xml.etree.ElementTree as ET +# Create dictionary with following structre +# files_to_visit = { +# "filepath1" : { "variable_name1": (1, 2, 40, 61), # line numbers +# "variable_name2": (60, 64), +# }, +# "filepath2" : { "variable_name1": (1, 2, 40, 61), # line numbers +# "variable_name2": (60, 64), +# }, ... +# } files_to_visit = {} +# find xml models for structs parsed by doxygen struct_files = glob.glob("apidoc/xml/structmbedtls*.xml") + glob.glob("apidoc/xml/structpsa*.xml") for struct_file in struct_files: + # get all variables from currently processed struct struct_file_tree = ET.parse(struct_file) all_struct_members_definitions = struct_file_tree.getroot().findall(".//memberdef[@kind='variable']") - # Create dictionary with following structre - # "filepath" : { "variable_name1": (1, 2, 40, 61), # line numbers - # "variable_name2": (60, 64), - # } for struct_member_def in all_struct_members_definitions: - # find file path for this variable + # get unique id by which this variable is referenced member_id = struct_member_def.attrib["id"] + # find file path for this variable's definition location = struct_member_def.find("location") file_path = location.attrib["file"] + # get variable name variable_name = struct_member_def.find("name").text - # if path not yet in dictionary, create empty record to initialize + # if file path is not yet in dictionary, create empty sub-dictionary to initialize if file_path not in files_to_visit: files_to_visit[file_path] = {} # if variable is not yet in this file's dictionary, create empty set to initialize if variable_name not in files_to_visit[file_path]: files_to_visit[file_path][variable_name] = set() - # add variable definition + # add variable's definition line number files_to_visit[file_path][variable_name].add(int(location.attrib["line"])) # check where the variable was referenced @@ -39,13 +48,13 @@ for struct_file in struct_files: for reference in references: refid = reference.attrib["refid"] # assuming that compound name is related to header's xml file - header_file = "apidoc/xml/" + reference.attrib["compoundref"] + ".xml" - header_file_tree = ET.parse(header_file) + header_file_xml = "apidoc/xml/" + reference.attrib["compoundref"] + ".xml" + header_file_tree = ET.parse(header_file_xml) # check if this reference is created by static inline function static_inline_function_definition = header_file_tree.getroot().find(f".//memberdef[@id='{refid}'][@kind='function'][@static='yes'][@inline='yes']") if static_inline_function_definition: static_inline_function_file_path = static_inline_function_definition.find("location").attrib["file"] - # if path not yet in dictionary, create empty record to initialize. + # if file path not yet in dictionary, create empty sub-dictionary to initialize. # This could happen if reference is inside header file which was not yet processed in search for variable definitions if static_inline_function_file_path not in files_to_visit: files_to_visit[static_inline_function_file_path] = {} @@ -55,26 +64,30 @@ for struct_file in struct_files: # function block scope function_lines_from = int(reference.attrib["startline"]) function_lines_to = int(reference.attrib["endline"]) - # find codelines referencing struct's variable + # find codelines referencing currently processed variable. This is using the code listing inside header's xml model. codelines_xml = header_file_tree.getroot().findall(f".//ref[@refid='{member_id}']/../..") # filter by function's scope codelines = [int(line.attrib["lineno"]) for line in codelines_xml if int(line.attrib["lineno"]) >= function_lines_from and int(line.attrib["lineno"]) <= function_lines_to] - # add variable reference + # add lines referencing currently processed variable files_to_visit[static_inline_function_file_path][variable_name].update(codelines) pp = pprint.PrettyPrinter(indent=4) pp.pprint(files_to_visit) for file_path, variables in files_to_visit.items(): + # FileInput redirects stdout to to 'file', so every print in this block will be put inside 'file' with fileinput.FileInput(file_path, inplace=True) as file: output_line_number = 1 + # compile regex matching the header's include guard. re_include_guard = re.compile(r"^#define.*{name}$".format(name=os.path.basename(file_path).replace('.','_').upper())) for line in file: insert_allow_private_include = False if re_include_guard.match(line): insert_allow_private_include = True + # every line in file is checked against variables and lines in which they occur for variable, var_lines in variables.items(): for var_line in var_lines: + # wrap variable with MBEDTLS_PRIVATE(...) macro if output_line_number == var_line: line = re.sub(r"(^.*?\W+)({var})(\W+.*$)".format(var=variable), r"\1MBEDTLS_PRIVATE(\2)\3", line) output_line_number += 1 From 4023c0153d65d533f2e5ee00e2c1b1f2afbe496c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 13:21:20 +0200 Subject: [PATCH 0051/1065] Add bad-workflow key derivation tests Add HKDF tests where the sequence of inputs differs from the nominal case: missing step, duplicate step, step out of order, or invalid step. There were already similar tests for TLS 1.2 PRF. Add one with a key agreement which has slightly different code. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto.data | 84 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 10 ++- 2 files changed, 93 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4b20ba0784..c0146879df 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2777,6 +2777,22 @@ PSA key derivation: HKDF-SHA-256, good case, direct output depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +PSA key derivation: HKDF-SHA-256, good case, omitted salt +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, good case, info first +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, good case, info after salt +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:0:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS + PSA key derivation: HKDF-SHA-256, good case, key output depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS @@ -2833,6 +2849,54 @@ PSA key derivation: HKDF-SHA-256, DERIVE key as info depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE +PSA key derivation: HKDF-SHA-256, salt after secret +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, missing secret +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, missing info +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate salt step +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, direct) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, key) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate secret step (key, direct) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate info step (non-consecutive) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, duplicate info step (consecutive) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, reject label step +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, reject seed step +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS @@ -2841,6 +2905,10 @@ PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE +PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + PSA key derivation: TLS 1.2 PRF SHA-256, label first depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE @@ -2893,10 +2961,26 @@ PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: ECDH on P256 with HKDF-SHA256, info first +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + PSA key derivation: ECDH on P256 with HKDF-SHA256, key output depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS +PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + PSA key derivation over capacity: HKDF depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 948c43707f..7a774e51e1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -16,6 +16,9 @@ #include "test/psa_crypto_helpers.h" #include "test/psa_exercise_key.h" +/* If this comes up, it's a bug in the test code or in the test data. */ +#define UNUSED 0xdeadbeef + /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -4027,7 +4030,12 @@ void derive_input( int alg_arg, for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) { - if( key_types[i] != PSA_KEY_TYPE_NONE ) + mbedtls_test_set_step( i ); + if( steps[i] == 0 ) + { + /* Skip this step */ + } + else if( key_types[i] != PSA_KEY_TYPE_NONE ) { psa_set_key_type( &attributes, key_types[i] ); PSA_ASSERT( psa_import_key( &attributes, From cad24bb5d84ee842b58d9529fd918ede25f3debb Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 13:50:40 +0200 Subject: [PATCH 0052/1065] Make python script idempotent. Signed-off-by: Mateusz Starzyk --- apply_MBEDTLS_PRIVATE.py | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/apply_MBEDTLS_PRIVATE.py b/apply_MBEDTLS_PRIVATE.py index 4d87384ff5..d2bc7c06a2 100644 --- a/apply_MBEDTLS_PRIVATE.py +++ b/apply_MBEDTLS_PRIVATE.py @@ -74,24 +74,33 @@ for struct_file in struct_files: pp = pprint.PrettyPrinter(indent=4) pp.pprint(files_to_visit) +mbedtls_private_access_include = "#include \"mbedtls/private_access.h\"" + for file_path, variables in files_to_visit.items(): + # check if this file has "mbedtls/private_access.h" include + file_has_private_access_include = False + with open(file_path, 'r') as file: + for line in file: + if mbedtls_private_access_include in line: + file_has_private_access_include = True + break + # FileInput redirects stdout to to 'file', so every print in this block will be put inside 'file' with fileinput.FileInput(file_path, inplace=True) as file: output_line_number = 1 # compile regex matching the header's include guard. re_include_guard = re.compile(r"^#define.*{name}$".format(name=os.path.basename(file_path).replace('.','_').upper())) for line in file: - insert_allow_private_include = False + insert_private_access_include = False if re_include_guard.match(line): - insert_allow_private_include = True + insert_private_access_include = not file_has_private_access_include # every line in file is checked against variables and lines in which they occur for variable, var_lines in variables.items(): for var_line in var_lines: # wrap variable with MBEDTLS_PRIVATE(...) macro if output_line_number == var_line: - line = re.sub(r"(^.*?\W+)({var})(\W+.*$)".format(var=variable), r"\1MBEDTLS_PRIVATE(\2)\3", line) + line = re.sub(r"(^.*?\W+)((?!MBEDTLS_PRIVATE\(){var})(\W+.*$)".format(var=variable), r"\1MBEDTLS_PRIVATE(\2)\3", line) output_line_number += 1 print(line, end='') # fileinput redirects stdout to the target file - if insert_allow_private_include: - insert_allow_private_include = False + if insert_private_access_include: print("#include \"mbedtls/private_access.h\"") From 57d1d198ef5d4468ec555ef6c35542ed1d79cf86 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:39:53 +0200 Subject: [PATCH 0053/1065] Fix typo Signed-off-by: Mateusz Starzyk --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index c31ac1e1c6..0f61f94526 100644 --- a/library/common.h +++ b/library/common.h @@ -50,7 +50,7 @@ #define MBEDTLS_STATIC_TESTABLE static #endif -/** Allow library to access it's structs' private members. +/** Allow library to access its structs' private members. * * Although structs defined in header files are publicly available, * their members are private and should not be accessed by the user. From 03f00307a28efdd2cd40f9193180bf5b5d7aa623 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:40:40 +0200 Subject: [PATCH 0054/1065] Add missing common.h include. Remove obsolete config.h include when common.h is included. Signed-off-by: Mateusz Starzyk --- library/psa_crypto_storage.c | 6 ------ library/psa_its_file.c | 6 +----- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 0ef041d18f..575e9925af 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -20,12 +20,6 @@ #include "common.h" -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) #include diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 7798da615c..492be1c711 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -18,11 +18,7 @@ * limitations under the License. */ -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif +#include "common.h" #if defined(MBEDTLS_PSA_ITS_FILE_C) From 3911e70eaaf63d12aeb6e314598742507a07e64b Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:44:31 +0200 Subject: [PATCH 0055/1065] Remove obsolete MBEDTLS_ALLOW_PRIVATE_ACCESS from helpers function. MBEDTLS_ALLOW_PRIVATE_ACCESS is already defined inside test/helpers.h Signed-off-by: Mateusz Starzyk --- tests/suites/helpers.function | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index ae1bc888d5..2a7575217b 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -2,10 +2,8 @@ /*----------------------------------------------------------------------------*/ /* Headers */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#include #include +#include #include #include From b1982728a51fbaa7b912834d1bfc01b5efd1bc18 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:46:48 +0200 Subject: [PATCH 0056/1065] Document MBEDTLS_ALLOW_PRIVATE_ACCESS inside test/helpers.h. Signed-off-by: Mateusz Starzyk --- tests/include/test/helpers.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 0f82a90406..a1098c5558 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -25,6 +25,9 @@ #ifndef TEST_HELPERS_H #define TEST_HELPERS_H +/* Most fields of publicly available structs are private and are wrapped with + * MBEDTLS_PRIVATE macro. This define allows tests to access the private fields + * directly (without using the MBEDTLS_PRIVATE wrapper). */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS #if !defined(MBEDTLS_CONFIG_FILE) From b4a012929da8a3119caefa82fe25d673fefab2de Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:49:25 +0200 Subject: [PATCH 0057/1065] Add test/helpers include to test drivers. Remove config.h include. "test/helpers.h" defines MBEDTLS_ALLOW_PRIVATE_ACCESS. Drivers can include that header instead of defining the MBEDTLS_ALLOW_PRIVATE_ACCESS themselves. "test/helpers.h" includes config header as well. Remove obsolete config includes from src/drivers. Signed-off-by: Mateusz Starzyk --- tests/src/drivers/hash.c | 8 +------- tests/src/drivers/platform_builtin_keys.c | 2 +- tests/src/drivers/test_driver_aead.c | 8 -------- tests/src/drivers/test_driver_cipher.c | 8 -------- tests/src/drivers/test_driver_key_management.c | 8 +------- tests/src/drivers/test_driver_mac.c | 8 +------- tests/src/drivers/test_driver_signature.c | 8 -------- tests/src/drivers/test_driver_size.c | 8 +------- 8 files changed, 5 insertions(+), 53 deletions(-) diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index a9c475a825..b1880f778e 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -17,13 +17,7 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_hash.h" diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index a3c5796da0..da5865d869 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -20,7 +20,7 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS +#include #include #include diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index c247bab08d..ce9ce37795 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -17,14 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - #include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 51c1abc1a4..9c95cc8f8c 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -18,14 +18,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - #include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index b1096cb6fb..afa1fc261e 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -18,13 +18,7 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 439943cca6..3b766dcb53 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -17,13 +17,7 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_mac.h" diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index e486704152..2d58756aa5 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -19,14 +19,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - #include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c index af899c6898..033cf32de0 100644 --- a/tests/src/drivers/test_driver_size.c +++ b/tests/src/drivers/test_driver_size.c @@ -18,13 +18,7 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) From 55768f26fc999b560efc2b13b0d33faa43b24bbf Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 27 May 2021 14:57:03 +0200 Subject: [PATCH 0058/1065] Fix MBEDTLS_PRIVATE wrapping in tests and sample programs. Signed-off-by: Mateusz Starzyk --- programs/ssl/dtls_client.c | 2 -- programs/ssl/dtls_server.c | 4 +--- programs/ssl/mini_client.c | 6 ++---- programs/ssl/ssl_client1.c | 2 -- programs/ssl/ssl_fork_server.c | 4 +--- programs/ssl/ssl_mail_client.c | 2 -- programs/ssl/ssl_server.c | 4 +--- programs/ssl/ssl_server2.c | 4 ++-- 8 files changed, 7 insertions(+), 21 deletions(-) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index c3c73bb14c..1e97795336 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -17,8 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 34419db7c6..de47aab251 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -17,8 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -231,7 +229,7 @@ int main( void ) mbedtls_ssl_cache_set ); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL ); if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index a067a8fd5e..42dbeac9ed 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -18,8 +18,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -252,13 +250,13 @@ int main( void ) addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; ret = 0; - if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) + if( ( server_fd.MBEDTLS_PRIVATE(fd) = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) { ret = socket_failed; goto exit; } - if( connect( server_fd.fd, + if( connect( server_fd.MBEDTLS_PRIVATE(fd), (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) { ret = connect_failed; diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 3e479d00af..6624224af4 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -17,8 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 38a68831ec..573210870e 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -17,8 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -195,7 +193,7 @@ int main( void ) mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL ); if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 5d395c25fa..09bbc3d695 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -21,8 +21,6 @@ * be set before config.h, which pulls in glibc's features.h indirectly. * Harmless on other platforms. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #define _POSIX_C_SOURCE 200112L #define _XOPEN_SOURCE 600 diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 8458a22b43..42196ffc02 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -17,8 +17,6 @@ * limitations under the License. */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -217,7 +215,7 @@ int main( void ) mbedtls_ssl_cache_set ); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL ); if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index da145a92cf..f7a424a5a6 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -805,7 +805,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); } - cur = cur->MBEDTLS_PRIVATE(next); + cur = cur->next; } return( -1 ); @@ -921,7 +921,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl, return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); } - cur = cur->MBEDTLS_PRIVATE(next); + cur = cur->next; } return( -1 ); From 875b5fb7faaecfc9a9d516fae1b0f8e61a80a909 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 21 May 2021 08:50:00 +0200 Subject: [PATCH 0059/1065] Refactor optional parameter check tests Remove tests related to NULL pointers, keep tests related to invalid enum values. Remove test code related to MBEDTLS_CHECK_PARAMS. Signed-off-by: Ronald Cron Signed-off-by: TRodziewicz --- tests/include/test/helpers.h | 89 ----- tests/include/test/macros.h | 82 +---- tests/scripts/all.sh | 32 -- tests/src/helpers.c | 76 +---- tests/suites/helpers.function | 9 - tests/suites/main_test.function | 19 -- tests/suites/test_suite_aes.function | 189 +---------- tests/suites/test_suite_aes.rest.data | 4 +- tests/suites/test_suite_aria.function | 147 +-------- tests/suites/test_suite_blowfish.function | 121 +------ tests/suites/test_suite_camellia.function | 129 +------- tests/suites/test_suite_ccm.data | 3 - tests/suites/test_suite_ccm.function | 204 ------------ tests/suites/test_suite_chacha20.data | 3 - tests/suites/test_suite_chacha20.function | 46 --- tests/suites/test_suite_chachapoly.data | 3 - tests/suites/test_suite_chachapoly.function | 131 -------- tests/suites/test_suite_cipher.function | 293 +---------------- tests/suites/test_suite_dhm.data | 3 - tests/suites/test_suite_dhm.function | 107 ------ tests/suites/test_suite_ecdh.function | 119 +------ tests/suites/test_suite_ecdsa.data | 3 - tests/suites/test_suite_ecdsa.function | 197 ----------- tests/suites/test_suite_ecjpake.function | 80 +---- tests/suites/test_suite_ecp.function | 309 +---------------- tests/suites/test_suite_gcm.function | 147 +-------- tests/suites/test_suite_mpi.data | 3 - tests/suites/test_suite_mpi.function | 208 ------------ tests/suites/test_suite_pk.data | 3 - tests/suites/test_suite_pk.function | 269 --------------- tests/suites/test_suite_poly1305.data | 3 - tests/suites/test_suite_poly1305.function | 39 --- tests/suites/test_suite_rsa.data | 3 - tests/suites/test_suite_rsa.function | 346 -------------------- 34 files changed, 42 insertions(+), 3377 deletions(-) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 9bfe08547c..087f2de8db 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -175,95 +175,6 @@ unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen ); int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, uint32_t a_len, uint32_t b_len ); -#if defined(MBEDTLS_CHECK_PARAMS) - -typedef struct -{ - const char *failure_condition; - const char *file; - int line; -} -mbedtls_test_param_failed_location_record_t; - -/** - * \brief Get the location record of the last call to - * mbedtls_test_param_failed(). - * - * \note The call expectation is set up and active until the next call to - * mbedtls_test_param_failed_check_expected_call() or - * mbedtls_param_failed() that cancels it. - */ -void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ); - -/** - * \brief State that a call to mbedtls_param_failed() is expected. - * - * \note The call expectation is set up and active until the next call to - * mbedtls_test_param_failed_check_expected_call() or - * mbedtls_param_failed that cancel it. - */ -void mbedtls_test_param_failed_expect_call( void ); - -/** - * \brief Check whether mbedtls_param_failed() has been called as expected. - * - * \note Check whether mbedtls_param_failed() has been called between the - * last call to mbedtls_test_param_failed_expect_call() and the call - * to this function. - * - * \return \c 0 Since the last call to mbedtls_param_failed_expect_call(), - * mbedtls_param_failed() has been called. - * \c -1 Otherwise. - */ -int mbedtls_test_param_failed_check_expected_call( void ); - -/** - * \brief Get the address of the object of type jmp_buf holding the execution - * state information used by mbedtls_param_failed() to do a long jump. - * - * \note If a call to mbedtls_param_failed() is not expected in the sense - * that there is no call to mbedtls_test_param_failed_expect_call() - * preceding it, then mbedtls_param_failed() will try to restore the - * execution to the state stored in the jmp_buf object whose address - * is returned by the present function. - * - * \note This function is intended to provide the parameter of the - * setjmp() function to set-up where mbedtls_param_failed() should - * long-jump if it has to. It is foreseen to be used as: - * - * setjmp( mbedtls_test_param_failed_get_state_buf() ). - * - * \note The type of the returned value is not jmp_buf as jmp_buf is an - * an array type (C specification) and a function cannot return an - * array type. - * - * \note The type of the returned value is not jmp_buf* as then the return - * value couldn't be used by setjmp(), as its parameter's type is - * jmp_buf. - * - * \return Address of the object of type jmp_buf holding the execution state - * information used by mbedtls_param_failed() to do a long jump. - */ -void* mbedtls_test_param_failed_get_state_buf( void ); - -/** - * \brief Reset the execution state used by mbedtls_param_failed() to do a - * long jump. - * - * \note If a call to mbedtls_param_failed() is not expected in the sense - * that there is no call to mbedtls_test_param_failed_expect_call() - * preceding it, then mbedtls_param_failed() will try to restore the - * execution state that this function reset. - * - * \note It is recommended to reset the execution state when the state - * is not relevant anymore. That way an unexpected call to - * mbedtls_param_failed() will not trigger a long jump with - * undefined behavior but rather a long jump that will rather fault. - */ -void mbedtls_test_param_failed_reset_state( void ); -#endif /* MBEDTLS_CHECK_PARAMS */ - #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) #include "test/fake_external_rng_for_test.h" #endif diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 450bc2cc3b..cad39aacaa 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -58,10 +58,6 @@ * It allows a library function to return a value and return an error * code that can be tested. * - * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure - * callback, MBEDTLS_PARAM_FAILED(), will be assumed to be a test - * failure. - * * This macro is not suitable for negative parameter validation tests, * as it assumes the test step will not create an error. * @@ -182,70 +178,11 @@ } while( 0 ) #if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT) -/** - * \brief This macro tests the statement passed to it as a test step or - * individual test in a test case. The macro assumes the test will fail - * and will generate an error. - * - * It allows a library function to return a value and tests the return - * code on return to confirm the given error code was returned. - * - * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure - * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the - * expected failure, and the test will pass. - * - * This macro is intended for negative parameter validation tests, - * where the failing function may return an error value or call - * MBEDTLS_PARAM_FAILED() to indicate the error. - * - * \param PARAM_ERROR_VALUE The expected error code. - * - * \param TEST The test expression to be tested. - */ -#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \ - do { \ - mbedtls_test_param_failed_expect_call( ); \ - if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) || \ - ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - goto exit; \ - } \ - mbedtls_test_param_failed_check_expected_call( ); \ - } while( 0 ) +#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \ + do { if( ( TEST ) != ( PARAM_ERR_VALUE ) ) goto exit; } while( 0 ) -/** - * \brief This macro tests the statement passed to it as a test step or - * individual test in a test case. The macro assumes the test will fail - * and will generate an error. - * - * It assumes the library function under test cannot return a value and - * assumes errors can only be indicated byt calls to - * MBEDTLS_PARAM_FAILED(). - * - * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure - * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the - * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test - * can be made. - * - * This macro is intended for negative parameter validation tests, - * where the failing function can only return an error by calling - * MBEDTLS_PARAM_FAILED() to indicate the error. - * - * \param TEST The test expression to be tested. - */ -#define TEST_INVALID_PARAM( TEST ) \ - do { \ - memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ), \ - sizeof( jmp_tmp ) ); \ - if( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \ - { \ - TEST; \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - goto exit; \ - } \ - mbedtls_test_param_failed_reset_state( ); \ - } while( 0 ) +#define TEST_INVALID_PARAM( TEST ) \ + do { TEST; } while( 0 ) #endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */ /** @@ -256,11 +193,6 @@ * assumes errors can only be indicated by calls to * MBEDTLS_PARAM_FAILED(). * - * When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure - * callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the - * expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test - * can be made. - * * This macro is intended to test that functions returning void * accept all of the parameter values they're supposed to accept - eg * that they don't call MBEDTLS_PARAM_FAILED() when a parameter @@ -271,12 +203,6 @@ * accept is best done by using TEST_ASSERT() and checking the return * value as well. * - * Note: this macro is available even when #MBEDTLS_CHECK_PARAMS is - * disabled, as it makes sense to check that the functions accept all - * legal values even if this option is disabled - only in that case, - * the test is more about whether the function segfaults than about - * whether it invokes MBEDTLS_PARAM_FAILED(). - * * \param TEST The test expression to be tested. */ #define TEST_VALID_PARAM( TEST ) \ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8e163a9478..9b0d5fe4a6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1853,38 +1853,6 @@ component_build_psa_accel_key_type_rsa_public_key() { make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } -component_test_check_params_functionality () { - msg "build+test: MBEDTLS_CHECK_PARAMS functionality" - scripts/config.py full # includes CHECK_PARAMS - # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed(). - scripts/config.py unset MBEDTLS_CHECK_PARAMS_ASSERT - make CC=gcc CFLAGS='-Werror -O1' all test -} - -component_test_check_params_without_platform () { - msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C" - scripts/config.py full # includes CHECK_PARAMS - # Keep MBEDTLS_PARAM_FAILED as assert. - scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT - scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT - scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_MEMORY - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT - scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT - scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.py unset MBEDTLS_PLATFORM_C - make CC=gcc CFLAGS='-Werror -O1' all test -} - -component_test_check_params_silent () { - msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()" - scripts/config.py full # includes CHECK_PARAMS - # Set MBEDTLS_PARAM_FAILED to nothing. - sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H" - make CC=gcc CFLAGS='-Werror -O1' all test -} - component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file diff --git a/tests/src/helpers.c b/tests/src/helpers.c index b7c9867b05..ece0465139 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -19,27 +19,9 @@ #include #include -#if defined(MBEDTLS_CHECK_PARAMS) -#include -#endif - /*----------------------------------------------------------------------------*/ /* Static global variables */ -#if defined(MBEDTLS_CHECK_PARAMS) -typedef struct -{ - uint8_t expected_call; - uint8_t expected_call_happened; - - jmp_buf state; - - mbedtls_test_param_failed_location_record_t location_record; -} -param_failed_ctx_t; -static param_failed_ctx_t param_failed_ctx; -#endif - #if defined(MBEDTLS_PLATFORM_C) static mbedtls_platform_context platform_ctx; #endif @@ -222,66 +204,14 @@ int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, return ret; } -#if defined(MBEDTLS_CHECK_PARAMS) -void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ) -{ - *location_record = param_failed_ctx.location_record; -} - -void mbedtls_test_param_failed_expect_call( void ) -{ - param_failed_ctx.expected_call_happened = 0; - param_failed_ctx.expected_call = 1; -} - -int mbedtls_test_param_failed_check_expected_call( void ) -{ - param_failed_ctx.expected_call = 0; - - if( param_failed_ctx.expected_call_happened != 0 ) - return( 0 ); - - return( -1 ); -} - -void* mbedtls_test_param_failed_get_state_buf( void ) -{ - return ¶m_failed_ctx.state; -} - -void mbedtls_test_param_failed_reset_state( void ) -{ - memset( param_failed_ctx.state, 0, sizeof( param_failed_ctx.state ) ); -} - void mbedtls_param_failed( const char *failure_condition, const char *file, int line ) { - /* Record the location of the failure */ - param_failed_ctx.location_record.failure_condition = failure_condition; - param_failed_ctx.location_record.file = file; - param_failed_ctx.location_record.line = line; - - /* If we are testing the callback function... */ - if( param_failed_ctx.expected_call != 0 ) - { - param_failed_ctx.expected_call = 0; - param_failed_ctx.expected_call_happened = 1; - } - else - { - /* ...else try a long jump. If the execution state has not been set-up - * or reset then the long jump buffer is all zero's and the call will - * with high probability fault, emphasizing there is something to look - * at. - */ - - longjmp( param_failed_ctx.state, 1 ); - } + (void) failure_condition; + (void) file; + (void) line; } -#endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_TEST_HOOKS) void mbedtls_test_err_add_check( int high, int low, diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 2ef07fa62b..89ba0b093c 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -28,11 +28,6 @@ #include "mbedtls/memory_buffer_alloc.h" #endif -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -#include -#endif - #ifdef _MSC_VER #include typedef UINT8 uint8_t; @@ -78,10 +73,6 @@ typedef struct data_tag /*----------------------------------------------------------------------------*/ /* Global variables */ -#if defined(MBEDTLS_CHECK_PARAMS) -jmp_buf jmp_tmp; -#endif - /*----------------------------------------------------------------------------*/ /* Helper flags for complex dependencies */ diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index ac00f45e57..13d032c4a4 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -176,26 +176,7 @@ void execute_function_ptr(TestWrapper_t fp, void **params) mbedtls_test_enable_insecure_external_rng( ); #endif -#if defined(MBEDTLS_CHECK_PARAMS) - mbedtls_test_param_failed_location_record_t location_record; - - if ( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) - { - fp( params ); - } - else - { - /* Unexpected parameter validation error */ - mbedtls_test_param_failed_get_location_record( &location_record ); - mbedtls_test_fail( location_record.failure_condition, - location_record.line, - location_record.file ); - } - - mbedtls_test_param_failed_reset_state( ); -#else fp( params ); -#endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) mbedtls_test_mutex_usage_check( ); diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 754a167026..a740391035 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -360,193 +360,40 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void aes_check_params( ) +void aes_invalid_mode( ) { mbedtls_aes_context aes_ctx; -#if defined(MBEDTLS_CIPHER_MODE_XTS) - mbedtls_aes_xts_context xts_ctx; -#endif - const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; const unsigned char in[16] = { 0 }; unsigned char out[16]; - size_t size; - const int valid_mode = MBEDTLS_AES_ENCRYPT; const int invalid_mode = 42; - TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) ); -#if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) ); -#endif - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) ); - -#if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) ); -#endif - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( NULL, - valid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - invalid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, in, NULL ) ); + TEST_EQUAL( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb( &aes_ctx, invalid_mode, in, out ) ); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( NULL, - valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, in, NULL ) ); + TEST_EQUAL( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc( &aes_ctx, invalid_mode, 16, + out, in, out ) ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( NULL, - valid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - invalid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, in, NULL ) ); + mbedtls_aes_xts_context xts_ctx; + + TEST_EQUAL( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts( &xts_ctx, invalid_mode, 16, + in, in, out ) ); #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( NULL, - valid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - invalid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, in, NULL ) ); + size_t size; - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( NULL, - valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, - invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, - valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, - valid_mode, 16, - out, in, NULL ) ); + TEST_EQUAL( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128( &aes_ctx, invalid_mode, 16, + &size, out, in, out ) ); + TEST_EQUAL( MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8( &aes_ctx, invalid_mode, 16, + out, in, out ) ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( NULL, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, in, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( NULL, 16, &size, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, in, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ } /* END_CASE */ diff --git a/tests/suites/test_suite_aes.rest.data b/tests/suites/test_suite_aes.rest.data index 6a76b43eb8..3b43c90cd2 100644 --- a/tests/suites/test_suite_aes.rest.data +++ b/tests/suites/test_suite_aes.rest.data @@ -10,8 +10,8 @@ aes_encrypt_cbc:"000000000000000000000000000000000000000000000000000000000000000 AES-256-CBC Decrypt (Invalid input length) aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -AES - Optional Parameter Validation (MBEDTLS_CHECK_PARAMS) -aes_check_params: +AES - Mode Parameter Validation +aes_invalid_mode: AES - Mandatory Parameter Validation and Valid Parameters aes_misc_params: diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 6d6a203356..b24e4984ed 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -27,7 +27,6 @@ void aria_valid_param( ) void aria_invalid_param( ) { mbedtls_aria_context ctx; - unsigned char key[128 / 8] = { 0 }; unsigned char input[MBEDTLS_ARIA_BLOCKSIZE] = { 0 }; unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] = { 0 }; unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE] = { 0 }; @@ -36,77 +35,18 @@ void aria_invalid_param( ) ((void) iv_off); ((void) iv); - TEST_INVALID_PARAM( mbedtls_aria_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, input, NULL ) ); - #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, mbedtls_aria_crypt_cbc( &ctx, 42 /* invalid mode */, sizeof( input ), iv, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, mbedtls_aria_crypt_cfb128( &ctx, 42, /* invalid mode */ sizeof( input ), @@ -114,91 +54,8 @@ void aria_invalid_param( ) iv, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( NULL, - sizeof( input ), - &iv_off, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - NULL, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - input, - NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - exit: return; diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function index f89353ce95..5681a9e945 100644 --- a/tests/suites/test_suite_blowfish.function +++ b/tests/suites/test_suite_blowfish.function @@ -19,147 +19,32 @@ void blowfish_invalid_param( ) { mbedtls_blowfish_context ctx; unsigned char buf[16] = { 0 }; - size_t const valid_keylength = sizeof( buf ) * 8; - size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT; size_t invalid_mode = 42; size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_blowfish_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( NULL, - buf, - valid_keylength ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( &ctx, - NULL, - valid_keylength ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, mbedtls_blowfish_crypt_ecb( &ctx, invalid_mode, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( NULL, - valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, mbedtls_blowfish_crypt_cbc( &ctx, invalid_mode, sizeof( buf ), buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, mbedtls_blowfish_crypt_cfb64( &ctx, invalid_mode, sizeof( buf ), &off, buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - exit: return; } diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 312495c9ae..fb0a349177 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -19,155 +19,32 @@ void camellia_invalid_param( ) { mbedtls_camellia_context ctx; unsigned char buf[16] = { 0 }; - const size_t valid_keybits = 128; const int invalid_mode = 42; - const int valid_mode = MBEDTLS_CAMELLIA_ENCRYPT; size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_camellia_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, mbedtls_camellia_crypt_ecb( &ctx, invalid_mode, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( NULL, - valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, mbedtls_camellia_crypt_cbc( &ctx, invalid_mode, sizeof( buf ), buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, mbedtls_camellia_crypt_cfb128( &ctx, invalid_mode, sizeof( buf ), &off, buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - exit: return; } diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 4f83468ac4..63af5aa04a 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1,9 +1,6 @@ CCM self test mbedtls_ccm_self_test: -CCM - Invalid parameters -ccm_invalid_param: - CCM - Valid parameters ccm_valid_param: diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 5a3726e07b..1b00560ecf 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -292,210 +292,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ccm_invalid_param( ) -{ - struct mbedtls_ccm_context ctx; - unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; - mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; - int valid_len = sizeof(valid_buffer); - int valid_bitlen = valid_len * 8; - - mbedtls_ccm_init( &ctx ); - - /* mbedtls_ccm_init() */ - TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) ); - - /* mbedtls_ccm_setkey() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); - - /* mbedtls_ccm_encrypt_and_tag() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); - - /* mbedtls_ccm_star_encrypt_and_tag() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); - - /* mbedtls_ccm_auth_decrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); - - /* mbedtls_ccm_star_auth_decrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); - -exit: - mbedtls_ccm_free( &ctx ); - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void ccm_valid_param( ) { diff --git a/tests/suites/test_suite_chacha20.data b/tests/suites/test_suite_chacha20.data index 3f9033eeb2..86094604bf 100644 --- a/tests/suites/test_suite_chacha20.data +++ b/tests/suites/test_suite_chacha20.data @@ -22,8 +22,5 @@ chacha20_crypt:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 ChaCha20 RFC 7539 Test Vector #3 (Decrypt) chacha20_crypt:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000000000000000002":42:"62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1":"2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e" -ChaCha20 Paremeter Validation -chacha20_bad_params: - ChaCha20 Selftest chacha20_self_test: diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function index 67c8de2ec1..9afadb7738 100644 --- a/tests/suites/test_suite_chacha20.function +++ b/tests/suites/test_suite_chacha20.function @@ -66,52 +66,6 @@ void chacha20_crypt( data_t *key_str, } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void chacha20_bad_params() -{ - unsigned char key[32]; - unsigned char nonce[12]; - unsigned char src[1]; - unsigned char dst[1]; - uint32_t counter = 0; - size_t len = sizeof( src ); - mbedtls_chacha20_context ctx; - - TEST_INVALID_PARAM( mbedtls_chacha20_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chacha20_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( NULL, nonce, counter ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( &ctx, NULL, counter ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( NULL, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, src, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( NULL, nonce, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, NULL, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, src, NULL ) ); - -exit: - return; - -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void chacha20_self_test() { diff --git a/tests/suites/test_suite_chachapoly.data b/tests/suites/test_suite_chachapoly.data index 34cb568311..02c7bf3d21 100644 --- a/tests/suites/test_suite_chachapoly.data +++ b/tests/suites/test_suite_chachapoly.data @@ -19,9 +19,6 @@ mbedtls_chachapoly_dec:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc ChaCha20-Poly1305 State Flow chachapoly_state: -ChaCha20-Poly1305 Parameter Validation -chachapoly_bad_params: - ChaCha20-Poly1305 Selftest depends_on:MBEDTLS_SELF_TEST chachapoly_selftest: diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function index 96128e4ec3..2e1e7b2dcf 100644 --- a/tests/suites/test_suite_chachapoly.function +++ b/tests/suites/test_suite_chachapoly.function @@ -66,137 +66,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void chachapoly_bad_params() -{ - unsigned char key[32]; - unsigned char nonce[12]; - unsigned char aad[1]; - unsigned char input[1]; - unsigned char output[1]; - unsigned char mac[16]; - size_t input_len = sizeof( input ); - size_t aad_len = sizeof( aad ); - mbedtls_chachapoly_context ctx; - - memset( key, 0x00, sizeof( key ) ); - memset( nonce, 0x00, sizeof( nonce ) ); - memset( aad, 0x00, sizeof( aad ) ); - memset( input, 0x00, sizeof( input ) ); - memset( output, 0x00, sizeof( output ) ); - memset( mac, 0x00, sizeof( mac ) ); - - TEST_INVALID_PARAM( mbedtls_chachapoly_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chachapoly_free( NULL ) ); - - /* setkey */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( &ctx, NULL ) ); - - /* encrypt_and_tag */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( NULL, - 0, nonce, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, NULL, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - NULL, aad_len, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - NULL, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - input, NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - aad, 0, - input, output, NULL ) ); - - /* auth_decrypt */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( NULL, - 0, nonce, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, NULL, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - NULL, aad_len, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - aad, 0, - NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, input, NULL ) ); - - /* starts */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( NULL, nonce, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( &ctx, NULL, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); - - /* update_aad */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( NULL, aad, - aad_len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( &ctx, NULL, - aad_len ) ); - - /* update */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( NULL, input_len, - input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - input, NULL ) ); - - /* finish */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( &ctx, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void chachapoly_state() { diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 3d3f6a3292..ea5fa2e5e4 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -212,7 +212,6 @@ void cipher_invalid_param_conditional( ) { mbedtls_cipher_context_t valid_ctx; - mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT; mbedtls_operation_t invalid_operation = 100; mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; @@ -221,311 +220,21 @@ void cipher_invalid_param_conditional( ) const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) ); - size_t size_t_var; - (void)valid_mode; /* In some configurations this is unused */ /* mbedtls_cipher_init() */ TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) ); - TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) ); /* mbedtls_cipher_setup() */ TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setup( NULL, valid_info ) ); - /* mbedtls_cipher_get_block_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) ); - - /* mbedtls_cipher_get_cipher_mode() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_MODE_NONE, - mbedtls_cipher_get_cipher_mode( NULL ) ); - - /* mbedtls_cipher_get_iv_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) ); - - /* mbedtls_cipher_get_type() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_CIPHER_NONE, - mbedtls_cipher_get_type( NULL ) ); - - /* mbedtls_cipher_get_name() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) ); - - /* mbedtls_cipher_get_key_bitlen() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_KEY_LENGTH_NONE, - mbedtls_cipher_get_key_bitlen( NULL ) ); - - /* mbedtls_cipher_get_operation() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_OPERATION_NONE, - mbedtls_cipher_get_operation( NULL ) ); - - /* mbedtls_cipher_setkey() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( NULL, - valid_buffer, - valid_bitlen, - valid_operation ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( &valid_ctx, - NULL, - valid_bitlen, - valid_operation ) ); - TEST_INVALID_PARAM_RET( + TEST_EQUAL( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_setkey( &valid_ctx, valid_buffer, valid_bitlen, invalid_operation ) ); - /* mbedtls_cipher_set_iv() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( NULL, - valid_buffer, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( &valid_ctx, - NULL, - valid_size ) ); - - /* mbedtls_cipher_reset() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_reset( NULL ) ); - -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - /* mbedtls_cipher_update_ad() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( NULL, - valid_buffer, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( &valid_ctx, - NULL, - valid_size ) ); -#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ - -#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* mbedtls_cipher_set_padding_mode() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_padding_mode( NULL, valid_mode ) ); -#endif - - /* mbedtls_cipher_update() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( NULL, - valid_buffer, - valid_size, - valid_buffer, - &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - NULL, valid_size, - valid_buffer, - &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - NULL, - &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, - NULL ) ); - - /* mbedtls_cipher_finish() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( NULL, - valid_buffer, - &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - NULL, - &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - valid_buffer, - NULL ) ); - -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - /* mbedtls_cipher_write_tag() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( NULL, - valid_buffer, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( &valid_ctx, - NULL, - valid_size ) ); - - /* mbedtls_cipher_check_tag() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( NULL, - valid_buffer, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( &valid_ctx, - NULL, - valid_size ) ); -#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ - - /* mbedtls_cipher_crypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL ) ); - -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) - /* mbedtls_cipher_auth_encrypt_ext */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); - - /* mbedtls_cipher_auth_decrypt_ext */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); -#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ - - /* mbedtls_cipher_free() */ - TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) ); exit: TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) ); } diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index c4795b6d34..3b71c35694 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -1,6 +1,3 @@ -Diffie-Hellman parameter validation -dhm_invalid_params: - Diffie-Hellman full exchange #1 dhm_do_dhm:10:"23":10:"5":0 diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 1726b9eb75..2d54e8189f 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -7,113 +7,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void dhm_invalid_params( ) -{ - mbedtls_dhm_context ctx; - unsigned char buf[42] = { 0 }; - unsigned char *buf_null = NULL; - mbedtls_mpi X; - size_t const buflen = sizeof( buf ); - size_t len; - - TEST_INVALID_PARAM( mbedtls_dhm_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_dhm_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( NULL, - (unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, &buf_null, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, - (unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( NULL, buflen, - buf, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - NULL, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, &len, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( NULL, buflen, - buf, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - NULL, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - buf, buflen, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( NULL, buf, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, NULL, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, buf, buflen, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - -#if defined(MBEDTLS_ASN1_PARSE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( &ctx, NULL, buflen ) ); - -#if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( NULL, "" ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( &ctx, NULL ) ); -#endif /* MBEDTLS_FS_IO */ -#endif /* MBEDTLS_ASN1_PARSE_C */ - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void dhm_do_dhm( int radix_P, char *input_P, int radix_G, char *input_G, int result ) diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 3ab96fa111..5fced62d42 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -53,131 +53,14 @@ void ecdh_valid_param( ) /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ void ecdh_invalid_param( ) { - mbedtls_ecp_group grp; mbedtls_ecdh_context ctx; - mbedtls_mpi m; - mbedtls_ecp_point P; mbedtls_ecp_keypair kp; - size_t olen; - unsigned char buf[42] = { 0 }; - const unsigned char *buf_null = NULL; - size_t const buflen = sizeof( buf ); int invalid_side = 42; - mbedtls_ecp_group_id valid_grp = MBEDTLS_ECP_DP_SECP192R1; - TEST_INVALID_PARAM( mbedtls_ecdh_init( NULL ) ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdh_enable_restart( NULL ) ); -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, &P, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( NULL, &m, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, NULL, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, NULL, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, &P, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_setup( NULL, valid_grp ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( NULL, - (const unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, &buf_null, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, - (const unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( NULL, &kp, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( &ctx, NULL, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, mbedtls_ecdh_get_params( &ctx, &kp, invalid_side ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - exit: return; } diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index e510c504eb..95efc73a31 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -1,6 +1,3 @@ -ECDSA Parameter validation -ecdsa_invalid_param: - ECDSA primitive hash zero #1 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP192R1 diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 58cedc13c4..e066b14e99 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -7,203 +7,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecdsa_invalid_param( ) -{ - mbedtls_ecdsa_context ctx; - mbedtls_ecp_keypair key; - mbedtls_ecp_group grp; - mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1; - mbedtls_ecp_point P; - mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; - mbedtls_mpi m; - size_t slen; - unsigned char buf[42] = { 0 }; - - TEST_INVALID_PARAM( mbedtls_ecdsa_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_free( NULL ) ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdsa_restart_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_restart_free( NULL ) ); -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( NULL, &m, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, NULL, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, NULL, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, NULL, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - buf, sizeof( buf ), - NULL, NULL ) ); - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( NULL, &m, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, NULL, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, NULL, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, NULL, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, &m, - NULL, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( NULL, - buf, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - NULL, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - NULL, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( NULL, valid_md, buf, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, NULL, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - NULL, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - buf, NULL, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( NULL, valid_md, buf, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, NULL, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), NULL, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), buf, NULL, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( NULL, valid_group, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( &ctx, valid_group, - NULL, NULL ) ); - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( NULL, &key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( &ctx, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void ecdsa_prim_zero( int id ) { diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function index ab672a8dcb..2a6d8935ef 100644 --- a/tests/suites/test_suite_ecjpake.function +++ b/tests/suites/test_suite_ecjpake.function @@ -103,95 +103,17 @@ void ecjpake_invalid_param( ) { mbedtls_ecjpake_context ctx; unsigned char buf[42] = { 0 }; - size_t olen; size_t const len = sizeof( buf ); - mbedtls_ecjpake_role valid_role = MBEDTLS_ECJPAKE_SERVER; mbedtls_ecjpake_role invalid_role = (mbedtls_ecjpake_role) 42; mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1; - TEST_INVALID_PARAM( mbedtls_ecjpake_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecjpake_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( NULL, - valid_role, - valid_md, - valid_group, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, mbedtls_ecjpake_setup( &ctx, invalid_role, valid_md, valid_group, buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( &ctx, - valid_role, - valid_md, - valid_group, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_check( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, &olen, NULL, NULL ) ); exit: return; diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 6d23377f36..9b8ba8201e 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -42,327 +42,22 @@ exit: void ecp_invalid_param( ) { mbedtls_ecp_group grp; - mbedtls_ecp_keypair kp; mbedtls_ecp_point P; - mbedtls_mpi m; - const char *x = "deadbeef"; - int valid_fmt = MBEDTLS_ECP_PF_UNCOMPRESSED; int invalid_fmt = 42; size_t olen; unsigned char buf[42] = { 0 }; - const unsigned char *null_buf = NULL; - mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1; -#if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_ctx restart_ctx; -#endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM( mbedtls_ecp_point_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_keypair_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_group_init( NULL ) ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecp_restart_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_check_budget( NULL, &restart_ctx, 42 ) ); -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( NULL, &grp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( NULL, - &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - &m, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_set_zero( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_is_zero( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( NULL, 2, - x, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - NULL, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - x, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( NULL, &P, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, NULL, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, mbedtls_ecp_point_write_binary( &grp, &P, invalid_fmt, &olen, buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( NULL, &P, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, NULL, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( NULL, &P, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, &null_buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( NULL, &P, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, NULL, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, mbedtls_ecp_tls_write_point( &grp, &P, invalid_fmt, &olen, buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - NULL, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - &olen, - NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_load( NULL, valid_group ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, - &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( NULL, &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( NULL, &P, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, NULL, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, NULL, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, NULL, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( NULL, &P, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, NULL, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, NULL, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, NULL, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - NULL, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - &m, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( NULL, &kp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( &kp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, &P, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( NULL, - &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, &P, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, &kp, - NULL, NULL ) ); exit: return; diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 9733eb2356..35691f725f 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -187,158 +187,15 @@ void gcm_invalid_param( ) mbedtls_gcm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; - int valid_mode = MBEDTLS_GCM_ENCRYPT; - int valid_len = sizeof(valid_buffer); - int valid_bitlen = 128, invalid_bitlen = 1; - size_t olen; + int invalid_bitlen = 1; mbedtls_gcm_init( &ctx ); - /* mbedtls_gcm_init() */ - TEST_INVALID_PARAM( mbedtls_gcm_init( NULL ) ); - /* mbedtls_gcm_setkey */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); - TEST_INVALID_PARAM_RET( + TEST_EQUAL( MBEDTLS_ERR_GCM_BAD_INPUT, mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) ); - /* mbedtls_gcm_crypt_and_tag() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( NULL, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_len, valid_buffer ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_len, valid_buffer ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, NULL ) ); - - /* mbedtls_gcm_auth_decrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL) ); - - /* mbedtls_gcm_starts() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( NULL, valid_mode, - valid_buffer, valid_len ) ); - - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - NULL, valid_len ) ); - - /* mbedtls_gcm_update_ad() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update_ad( &ctx, - NULL, valid_len ) ); - - /* mbedtls_gcm_update() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( NULL, valid_buffer, valid_len, - valid_buffer, valid_len, &olen ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, NULL, valid_len, - valid_buffer, valid_len, &olen ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_buffer, valid_len, - NULL, valid_len, &olen ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_buffer, valid_len, - valid_buffer, valid_len, NULL ) ); - - /* mbedtls_gcm_finish() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( NULL, NULL, 0, valid_buffer, valid_len ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( &ctx, NULL, 0, NULL, valid_len ) ); - exit: mbedtls_gcm_free( &ctx ); } diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 59fd7824bb..8e09ee5bd0 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1,9 +1,6 @@ MPI - Valid parameters mpi_valid_param: -MPI - Invalid parameters -mpi_invalid_param: - Arguments with no value mpi_null: diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index c5bb5a678a..8c20258c59 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -78,214 +78,6 @@ void mpi_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void mpi_invalid_param( ) -{ - mbedtls_mpi X; - const char *s_in = "00101000101010"; - char s_out[16] = { 0 }; - unsigned char u_out[16] = { 0 }; - unsigned char u_in[16] = { 0 }; - size_t olen; - mbedtls_mpi_uint mpi_uint; - - TEST_INVALID_PARAM( mbedtls_mpi_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_grow( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( &X, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_mpi_swap( NULL, &X ) ); - TEST_INVALID_PARAM( mbedtls_mpi_swap( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_lset( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_get_bit( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_set_bit( NULL, 42, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( NULL, 2, s_in ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( &X, 2, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( NULL, 2, - s_out, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - NULL, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - s_out, sizeof( s_out ), - NULL ) ); - -#if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( NULL, 2, stdin ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( &X, 2, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_file( "", NULL, 2, NULL ) ); -#endif /* MBEDTLS_FS_IO */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( NULL, u_in, - sizeof( u_in ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( &X, NULL, - sizeof( u_in ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( NULL, u_out, - sizeof( u_out ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( &X, NULL, - sizeof( u_out ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_l( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_r( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_int( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_int( &X, &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( 0, mbedtls_mpi_lsb( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( &mpi_uint, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( NULL, &X, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, NULL, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, NULL, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, &X, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( NULL, 42, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( &X, 42, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, &X, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void mpi_null( ) { diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 9ebdc7e5f2..5eb145ddac 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -1,6 +1,3 @@ -PK invalid parameters -invalid_parameters: - PK valid parameters valid_parameters: diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index ddef83604e..06e40d8144 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -323,275 +323,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void invalid_parameters( ) -{ - size_t len; - unsigned char *null_buf = NULL; - unsigned char buf[1]; - unsigned char *p = buf; - char str[1] = {0}; - mbedtls_pk_context pk; - mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; - void *options = buf; - - (void) null_buf; - (void) p; - (void) str; - - mbedtls_pk_init( &pk ); - - TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) ); -#endif - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup( NULL, NULL ) ); - -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup_rsa_alt( NULL, buf, - NULL, NULL, NULL ) ); -#endif - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), - NULL, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), NULL, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( &pk, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_debug( NULL, NULL ) ); - -#if defined(MBEDTLS_PK_PARSE_C) -#if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( NULL, &p, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, NULL, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, &p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( NULL, str, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( NULL, str ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( &pk, NULL ) ); -#endif - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( &pk, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( &pk, - NULL, sizeof( buf ) ) ); -#endif /* MBEDTLS_PK_PARSE_C */ - -#if defined(MBEDTLS_PK_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( NULL, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &null_buf, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( &pk, - NULL, sizeof( buf ) ) ); - -#if defined(MBEDTLS_PEM_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( &pk, - NULL, sizeof( buf ) ) ); -#endif /* MBEDTLS_PEM_WRITE_C */ - -#endif /* MBEDTLS_PK_WRITE_C */ -} -/* END_CASE */ - /* BEGIN_CASE */ void pk_utils( int type, int parameter, int bitlen, int len, char * name ) { diff --git a/tests/suites/test_suite_poly1305.data b/tests/suites/test_suite_poly1305.data index 13912e997a..eb9712c49e 100644 --- a/tests/suites/test_suite_poly1305.data +++ b/tests/suites/test_suite_poly1305.data @@ -34,9 +34,6 @@ mbedtls_poly1305:"01000000000000000400000000000000000000000000000000000000000000 Poly1305 RFC 7539 Test Vector #11 mbedtls_poly1305:"0100000000000000040000000000000000000000000000000000000000000000":"13000000000000000000000000000000":"e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000" -Poly1305 Parameter validation -poly1305_bad_params: - Poly1305 Selftest depends_on:MBEDTLS_SELF_TEST poly1305_selftest: diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function index 4b8995b609..59e927734c 100644 --- a/tests/suites/test_suite_poly1305.function +++ b/tests/suites/test_suite_poly1305.function @@ -79,45 +79,6 @@ void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void poly1305_bad_params() -{ - unsigned char src[1]; - unsigned char key[32]; - unsigned char mac[16]; - size_t src_len = sizeof( src ); - mbedtls_poly1305_context ctx; - - TEST_INVALID_PARAM( mbedtls_poly1305_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_poly1305_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( NULL, src, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( &ctx, NULL, src_len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( NULL, src, 0, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, NULL, src_len, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, src, 0, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void poly1305_selftest() { diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index cc5a047790..2512ef24c6 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -1,6 +1,3 @@ -RSA parameter validation -rsa_invalid_param: - RSA init-free-free rsa_init_free:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index efea5c169a..9cf2fcf348 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -17,352 +17,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void rsa_invalid_param( ) -{ - mbedtls_rsa_context ctx; - const int valid_padding = MBEDTLS_RSA_PKCS_V21; - const int invalid_padding = 42; - unsigned char buf[42] = { 0 }; - size_t olen; - - TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) ); - TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) ); - - /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_complete( NULL ) ); - - /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL, - valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx, - invalid_padding, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( NULL, - mbedtls_test_rnd_std_rand, - NULL, 0, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( &ctx, NULL, - NULL, 0, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pubkey( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_privkey( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( NULL, NULL, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, - NULL, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, sizeof( buf ), - buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - NULL, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - buf, sizeof( buf ), - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - buf, sizeof( buf ), - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL, - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL, - NULL, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - NULL, sizeof( buf ), - NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - buf, sizeof( buf ), - &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - buf, sizeof( buf ), - &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - MBEDTLS_MD_SHA1, - 0, NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( NULL, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, - MBEDTLS_MD_SHA1, 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, - 0, sizeof( buf ), - buf, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( NULL, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - 0, sizeof( buf ), - NULL, 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - 0, sizeof( buf ), - buf, 0, 0, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - MBEDTLS_MD_SHA1, - 0, NULL, - 0, 0, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( &ctx, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void rsa_init_free( int reinit ) { From cc7074128a437cbca66dcc0f710c764d0021d0cd Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 15:08:04 +0200 Subject: [PATCH 0060/1065] Remove MBEDTLS_CHECK_PARAMS option Signed-off-by: TRodziewicz --- include/mbedtls/check_config.h | 4 ++ include/mbedtls/config.h | 102 --------------------------- include/mbedtls/platform_util.h | 68 ------------------ library/psa_crypto.c | 3 - library/psa_crypto_slot_management.c | 11 --- scripts/generate_query_config.pl | 1 - 6 files changed, 4 insertions(+), 185 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ae23602a07..5a39cb3a70 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -836,6 +836,10 @@ #error "MBEDTLS_SSL_PROTO_TLS1_1 (TLS v1.1 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" #endif +#if defined(MBEDTLS_CHECK_PARAMS) //no-check-names +#error "MBEDTLS_CHECK_PARAMS was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4313" +#endif + /* * Avoid warning from -pedantic. This is a convenient place for this * workaround since this is included by every single file before the diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 10140915e3..4669273499 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -255,72 +255,6 @@ */ //#define MBEDTLS_DEPRECATED_REMOVED -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - The pointer is checked to be non-NULL only if this option is enabled. - * - The content of the buffer is always validated. - * - * When this flag is defined, if a library function receives a parameter that - * is invalid: - * 1. The function will invoke the macro MBEDTLS_PARAM_FAILED(). - * 2. If MBEDTLS_PARAM_FAILED() did not terminate the program, the function - * will immediately return. If the function returns an Mbed TLS error code, - * the error code in this case is MBEDTLS_ERR_xxx_BAD_INPUT_DATA. - * - * When defining this flag, you also need to arrange a definition for - * MBEDTLS_PARAM_FAILED(). You can do this by any of the following methods: - * - By default, the library defines MBEDTLS_PARAM_FAILED() to call a - * function mbedtls_param_failed(), but the library does not define this - * function. If you do not make any other arrangements, you must provide - * the function mbedtls_param_failed() in your application. - * See `platform_util.h` for its prototype. - * - If you enable the macro #MBEDTLS_CHECK_PARAMS_ASSERT, then the - * library defines MBEDTLS_PARAM_FAILED(\c cond) to be `assert(cond)`. - * You can still supply an alternative definition of - * MBEDTLS_PARAM_FAILED(), which may call `assert`. - * - If you define a macro MBEDTLS_PARAM_FAILED() before including `config.h` - * or you uncomment the definition of MBEDTLS_PARAM_FAILED() in `config.h`, - * the library will call the macro that you defined and will not supply - * its own version. Note that if MBEDTLS_PARAM_FAILED() calls `assert`, - * you need to enable #MBEDTLS_CHECK_PARAMS_ASSERT so that library source - * files include ``. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/** - * \def MBEDTLS_CHECK_PARAMS_ASSERT - * - * Allow MBEDTLS_PARAM_FAILED() to call `assert`, and make it default to - * `assert`. This macro is only used if #MBEDTLS_CHECK_PARAMS is defined. - * - * If this macro is not defined, then MBEDTLS_PARAM_FAILED() defaults to - * calling a function mbedtls_param_failed(). See the documentation of - * #MBEDTLS_CHECK_PARAMS for details. - * - * Uncomment to allow MBEDTLS_PARAM_FAILED() to call `assert`. - */ -//#define MBEDTLS_CHECK_PARAMS_ASSERT - /* \} name SECTION: System support */ /** @@ -3385,42 +3319,6 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with #MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, the library provides - * a default definition. If the macro #MBEDTLS_CHECK_PARAMS_ASSERT - * is defined, the default definition is `assert(cond)`, - * otherwise the default definition calls a function - * mbedtls_param_failed(). This function is declared in - * `platform_util.h` for the benefit of the library, but - * you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * If you define this macro to call `assert`, also define - * #MBEDTLS_CHECK_PARAMS_ASSERT so that library source files - * include ``. - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - /* PSA options */ /** * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index fbc2a0d1c0..6d9cfecfa8 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -39,78 +39,10 @@ extern "C" { #endif -#if defined(MBEDTLS_CHECK_PARAMS) - -#if defined(MBEDTLS_CHECK_PARAMS_ASSERT) -/* Allow the user to define MBEDTLS_PARAM_FAILED to something like assert - * (which is what our config.h suggests). */ -#include -#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */ - -#if defined(MBEDTLS_PARAM_FAILED) -/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h. - * - * This flag can be used to check whether it is safe to assume that - * MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed(). - */ -#define MBEDTLS_PARAM_FAILED_ALT - -#elif defined(MBEDTLS_CHECK_PARAMS_ASSERT) -#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) -#define MBEDTLS_PARAM_FAILED_ALT - -#else /* MBEDTLS_PARAM_FAILED */ -#define MBEDTLS_PARAM_FAILED( cond ) \ - mbedtls_param_failed( #cond, __FILE__, __LINE__ ) - -/** - * \brief User supplied callback function for parameter validation failure. - * See #MBEDTLS_CHECK_PARAMS for context. - * - * This function will be called unless an alternative treatement - * is defined through the #MBEDTLS_PARAM_FAILED macro. - * - * This function can return, and the operation will be aborted, or - * alternatively, through use of setjmp()/longjmp() can resume - * execution in the application code. - * - * \param failure_condition The assertion that didn't hold. - * \param file The file where the assertion failed. - * \param line The line in the file where the assertion failed. - */ -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ); -#endif /* MBEDTLS_PARAM_FAILED */ - -/* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) \ - do { \ - if( !(cond) ) \ - { \ - MBEDTLS_PARAM_FAILED( cond ); \ - return( ret ); \ - } \ - } while( 0 ) - -/* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE( cond ) \ - do { \ - if( !(cond) ) \ - { \ - MBEDTLS_PARAM_FAILED( cond ); \ - return; \ - } \ - } while( 0 ) - -#else /* MBEDTLS_CHECK_PARAMS */ - /* Internal macros meant to be called only from within the library. */ #define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) #define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) -#endif /* MBEDTLS_CHECK_PARAMS */ - /* Internal helper macros for deprecating API constants. */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3fe2a883bc..552750ce39 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1028,9 +1028,6 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) */ if( slot->lock_count != 1 ) { -#ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count == 1 ); -#endif status = PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b1a3c1661..4cf32db2b1 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -409,17 +409,6 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } - /* - * As the return error code may not be handled in case of multiple errors, - * do our best to report if the lock counter is equal to zero: if - * available call MBEDTLS_PARAM_FAILED that may terminate execution (if - * called as part of the execution of a unit test suite this will stop the - * test suite execution). - */ -#ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count > 0 ); -#endif - return( PSA_ERROR_CORRUPTION_DETECTED ); } diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 8c8c1880e2..7276049822 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -50,7 +50,6 @@ unless( -f $config_file && -f $query_config_format_file ) { # throw errors. my @excluded = qw( MBEDTLS_SSL_CIPHERSUITES -MBEDTLS_PARAM_FAILED ); my $excluded_re = join '|', @excluded; From caf2ae04b885551ddc83e0ec4905fc012694b9fc Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 18 May 2021 12:49:59 +0200 Subject: [PATCH 0061/1065] ChangeLog and migration guide added. Signed-off-by: TRodziewicz --- ChangeLog.d/issue4313.txt | 25 ++++++++++ .../remove_mbedtls_check_params_option.md | 49 +++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 ChangeLog.d/issue4313.txt create mode 100644 docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md diff --git a/ChangeLog.d/issue4313.txt b/ChangeLog.d/issue4313.txt new file mode 100644 index 0000000000..026a190bd5 --- /dev/null +++ b/ChangeLog.d/issue4313.txt @@ -0,0 +1,25 @@ +Removals + * Remove the following macros: MBEDTLS_CHECK_PARAMS, + MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED, + MBEDTLS_PARAM_FAILED_ALT, TEST_INVALID_PARAM, TEST_INVALID_PARAM_RET, + the following macros have been inactivated MBEDTLS_INTERNAL_VALIDATE_RET + and MBEDTLS_INTERNAL_VALIDATE, structures: param_failed_ctx_t, + mbedtls_test_param_failed_location_record_t, functions: + mbedtls_test_param_failed_get_location_record(), + mbedtls_test_param_failed_expect_call(), + mbedtls_test_param_failed_check_expected_call(), + mbedtls_test_param_failed_get_state_buf(), + mbedtls_test_param_failed_reset_state(), + mbedtls_param_failed(). Remove the following functions from all.sh: + component_test_check_params_functionality(), + component_test_check_params_without_platform(), + component_test_check_params_silent(). + Remove the following test functions from test_suite_*.function files: + aes_check_params(), aria_invalid_param(), blowfish_invalid_param(), + camellia_invalid_param(), ccm_invalid_param(), chacha20_bad_params(), + chachapoly_bad_params(), cipher_invalid_param_conditional(), + dhm_invalid_params(), ecdh_invalid_param(), ecdsa_invalid_param(), + ecjpake_invalid_param(), ecp_invalid_param(), gcm_invalid_param(), + mpi_invalid_param(), invalid_parameters() (pk), poly1305_bad_params(), + rsa_invalid_param(), sha1_invalid_param(), sha256_invalid_param(), + sha512_invalid_param(). Fixes #4313. diff --git a/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md b/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md new file mode 100644 index 0000000000..146b1c7592 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md @@ -0,0 +1,49 @@ +Remove MBEDTLS_CHECK_PARAMS option +---------------------------------- + +This change affects the way of how parameters are validated. + +The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enables certain kinds of +“parameter validation”. It covers two kinds of validations: + +- In some functions that require a valid pointer, “parameter validation” checks +that the pointer is non-null. With the feature disabled, a null pointer is not +treated differently from any other invalid pointer, and typically leads to a +runtime crash. 90% of the uses of the feature are of this kind. +- In some functions that take an enum-like argument, “parameter validation” +checks that the value is a valid one. With the feature disabled, an invalid +value causes a silent default to one of the valid values. + +The default reaction to a failed check is to call a function mbedtls_param_failed +which the application must provide. If this function returns, its caller returns +an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. + +This feature is only used in some classic (non-PSA) cryptography modules. It is +not used in X.509, TLS or in PSA crypto, and it has not been implemented in all +classic crypto modules. + +Removal of `MBEDTLS_CHECK_PARAMS` and all dependent features means changing +code that does something like this: +``` +#if MBEDTLS_CHECK_PARAMS +#define VALIDATE(cond) do {if(cond) return BAD_INPUT_DATA;} while (0) +#else +#define VALIDATE(cond) do {} while (0) +#endif +... +VALIDATE(coin == HEADS || coin == TAILS); +VALIDATE(data != NULL); +if (coin == HEADS) heads(); +else tails(); +``` +to something like this: +``` +if (coin == HEADS) heads(); +else if (coin == TAILS) tails(); +else return BAD_INPUT_DATA; +``` + +Validation of enum-like values is somewhat useful, but not extremely important, +because the parameters concerned are usually constants in applications. + +For more information see issue #4313. From 062f353804db3faa67f49cc0f5b8bf10beba3a06 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 25 May 2021 15:15:57 +0200 Subject: [PATCH 0062/1065] Changes after code review Signed-off-by: TRodziewicz --- ChangeLog.d/issue4313.txt | 23 +--- .../remove_mbedtls_check_params_option.md | 40 ++----- library/psa_crypto.c | 5 +- tests/include/test/macros.h | 8 -- tests/suites/test_suite_aes.function | 5 +- tests/suites/test_suite_aria.function | 2 +- tests/suites/test_suite_blowfish.function | 2 +- tests/suites/test_suite_camellia.function | 2 +- tests/suites/test_suite_cipher.function | 2 +- tests/suites/test_suite_ecdh.function | 2 +- tests/suites/test_suite_ecjpake.function | 2 +- tests/suites/test_suite_ecp.function | 2 +- tests/suites/test_suite_gcm.function | 2 +- tests/suites/test_suite_shax.data | 3 - tests/suites/test_suite_shax.function | 108 +----------------- 15 files changed, 29 insertions(+), 179 deletions(-) diff --git a/ChangeLog.d/issue4313.txt b/ChangeLog.d/issue4313.txt index 026a190bd5..1fb61234be 100644 --- a/ChangeLog.d/issue4313.txt +++ b/ChangeLog.d/issue4313.txt @@ -1,25 +1,4 @@ Removals * Remove the following macros: MBEDTLS_CHECK_PARAMS, MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED, - MBEDTLS_PARAM_FAILED_ALT, TEST_INVALID_PARAM, TEST_INVALID_PARAM_RET, - the following macros have been inactivated MBEDTLS_INTERNAL_VALIDATE_RET - and MBEDTLS_INTERNAL_VALIDATE, structures: param_failed_ctx_t, - mbedtls_test_param_failed_location_record_t, functions: - mbedtls_test_param_failed_get_location_record(), - mbedtls_test_param_failed_expect_call(), - mbedtls_test_param_failed_check_expected_call(), - mbedtls_test_param_failed_get_state_buf(), - mbedtls_test_param_failed_reset_state(), - mbedtls_param_failed(). Remove the following functions from all.sh: - component_test_check_params_functionality(), - component_test_check_params_without_platform(), - component_test_check_params_silent(). - Remove the following test functions from test_suite_*.function files: - aes_check_params(), aria_invalid_param(), blowfish_invalid_param(), - camellia_invalid_param(), ccm_invalid_param(), chacha20_bad_params(), - chachapoly_bad_params(), cipher_invalid_param_conditional(), - dhm_invalid_params(), ecdh_invalid_param(), ecdsa_invalid_param(), - ecjpake_invalid_param(), ecp_invalid_param(), gcm_invalid_param(), - mpi_invalid_param(), invalid_parameters() (pk), poly1305_bad_params(), - rsa_invalid_param(), sha1_invalid_param(), sha256_invalid_param(), - sha512_invalid_param(). Fixes #4313. + MBEDTLS_PARAM_FAILED_ALT. Fixes #4313. diff --git a/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md b/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md index 146b1c7592..6f43aa37a8 100644 --- a/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md +++ b/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md @@ -1,10 +1,11 @@ Remove MBEDTLS_CHECK_PARAMS option ---------------------------------- -This change affects the way of how parameters are validated. +This change does not affect users who use the default configuration; it only +affects users who enabled that option. -The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enables certain kinds of -“parameter validation”. It covers two kinds of validations: +The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enabled certain kinds +of “parameter validation”. It covered two kinds of validations: - In some functions that require a valid pointer, “parameter validation” checks that the pointer is non-null. With the feature disabled, a null pointer is not @@ -14,34 +15,17 @@ runtime crash. 90% of the uses of the feature are of this kind. checks that the value is a valid one. With the feature disabled, an invalid value causes a silent default to one of the valid values. -The default reaction to a failed check is to call a function mbedtls_param_failed -which the application must provide. If this function returns, its caller returns -an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. +The default reaction to a failed check was to call a function +`mbedtls_param_failed()` which the application had to provide. If this function +returned, its caller returned an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. -This feature is only used in some classic (non-PSA) cryptography modules. It is -not used in X.509, TLS or in PSA crypto, and it has not been implemented in all +This feature was only used in some classic (non-PSA) cryptography modules. It was +not used in X.509, TLS or in PSA crypto, and it was not implemented in all classic crypto modules. -Removal of `MBEDTLS_CHECK_PARAMS` and all dependent features means changing -code that does something like this: -``` -#if MBEDTLS_CHECK_PARAMS -#define VALIDATE(cond) do {if(cond) return BAD_INPUT_DATA;} while (0) -#else -#define VALIDATE(cond) do {} while (0) -#endif -... -VALIDATE(coin == HEADS || coin == TAILS); -VALIDATE(data != NULL); -if (coin == HEADS) heads(); -else tails(); -``` -to something like this: -``` -if (coin == HEADS) heads(); -else if (coin == TAILS) tails(); -else return BAD_INPUT_DATA; -``` +This feature has been removed. The library no longer checks for NULL pointers; +checks for enum-like arguments will be kept or re-introduced on a case-by-case +basis, but their presence will no longer be dependent on a compile-time option. Validation of enum-like values is somewhat useful, but not extremely important, because the parameters concerned are usually constants in applications. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 552750ce39..c3dc6e7549 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1021,10 +1021,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) /* * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected lock counter: if available - * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as - * part of the execution of a test suite this will stop the test suite - * execution). + * do our best to report an unexpected lock counter. */ if( slot->lock_count != 1 ) { diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index cad39aacaa..1c0e2bdd69 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -177,14 +177,6 @@ } \ } while( 0 ) -#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT) -#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \ - do { if( ( TEST ) != ( PARAM_ERR_VALUE ) ) goto exit; } while( 0 ) - -#define TEST_INVALID_PARAM( TEST ) \ - do { TEST; } while( 0 ) -#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */ - /** * \brief This macro tests the statement passed to it as a test step or * individual test in a test case. The macro assumes the test will not fail. diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index a740391035..fe4dd3e820 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -206,9 +206,6 @@ void aes_crypt_xts_size( int size, int retval ) mbedtls_aes_xts_init( &ctx ); memset( data_unit, 0x00, sizeof( data_unit ) ); - - /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as - * otherwise we wouldn't get to the size check we're interested in. */ TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); } /* END_CASE */ @@ -359,7 +356,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void aes_invalid_mode( ) { mbedtls_aes_context aes_ctx; diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index b24e4984ed..514706455a 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -23,7 +23,7 @@ void aria_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void aria_invalid_param( ) { mbedtls_aria_context ctx; diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function index 5681a9e945..fdecfb6f92 100644 --- a/tests/suites/test_suite_blowfish.function +++ b/tests/suites/test_suite_blowfish.function @@ -14,7 +14,7 @@ void blowfish_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void blowfish_invalid_param( ) { mbedtls_blowfish_context ctx; diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index fb0a349177..0633b73d11 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -14,7 +14,7 @@ void camellia_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void camellia_invalid_param( ) { mbedtls_camellia_context ctx; diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index ea5fa2e5e4..f1095b1f03 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -207,7 +207,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void cipher_invalid_param_conditional( ) { mbedtls_cipher_context_t valid_ctx; diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 5fced62d42..5fa5b6781d 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -50,7 +50,7 @@ void ecdh_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void ecdh_invalid_param( ) { mbedtls_ecdh_context ctx; diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function index 2a6d8935ef..311733b0dd 100644 --- a/tests/suites/test_suite_ecjpake.function +++ b/tests/suites/test_suite_ecjpake.function @@ -98,7 +98,7 @@ cleanup: * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void ecjpake_invalid_param( ) { mbedtls_ecjpake_context ctx; diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 9b8ba8201e..81a6514cb4 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -38,7 +38,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void ecp_invalid_param( ) { mbedtls_ecp_group grp; diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 35691f725f..ae306b5e3d 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -181,7 +181,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ void gcm_invalid_param( ) { mbedtls_gcm_context ctx; diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 12eec84efc..1cc58af413 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -1,9 +1,6 @@ SHA-1 - Valid parameters sha1_valid_param: -SHA-1 - Invalid parameters -sha1_invalid_param: - # Test the operation of SHA-1 and SHA-2 SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index 1d4cf7192b..a8f5b1848d 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -11,46 +11,6 @@ void sha1_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha1_invalid_param( ) -{ - mbedtls_sha1_context ctx; - unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); - - TEST_INVALID_PARAM( mbedtls_sha1_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha1_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha1_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_starts_ret( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( NULL, buflen, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( buf, buflen, NULL ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ void mbedtls_sha1( data_t * src_str, data_t * hash ) { @@ -72,7 +32,7 @@ void sha256_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:NOT_DEFINED */ void sha256_invalid_param( ) { mbedtls_sha256_context ctx; @@ -81,38 +41,10 @@ void sha256_invalid_param( ) int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha256_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha256_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha256_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, mbedtls_sha256_starts_ret( &ctx, invalid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, mbedtls_sha256_ret( buf, buflen, buf, invalid_type ) ); @@ -156,7 +88,7 @@ void sha512_valid_param( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:NOT_DEFINED */ void sha512_invalid_param( ) { mbedtls_sha512_context ctx; @@ -165,38 +97,10 @@ void sha512_invalid_param( ) int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha512_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha512_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha512_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, mbedtls_sha512_starts_ret( &ctx, invalid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, mbedtls_sha512_ret( buf, buflen, buf, invalid_type ) ); From 7019955c767c8d6305a9fbbb26278e1627e7b747 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 27 May 2021 13:52:59 +0200 Subject: [PATCH 0063/1065] Removal of the TEST_VALID_PARAM macro and its usages Signed-off-by: TRodziewicz --- tests/include/test/macros.h | 23 ----------------------- tests/suites/test_suite_aes.function | 6 ------ tests/suites/test_suite_aria.data | 3 --- tests/suites/test_suite_aria.function | 7 ------- tests/suites/test_suite_blowfish.data | 3 --- tests/suites/test_suite_blowfish.function | 7 ------- tests/suites/test_suite_camellia.data | 3 --- tests/suites/test_suite_camellia.function | 7 ------- tests/suites/test_suite_ccm.data | 3 --- tests/suites/test_suite_ccm.function | 9 --------- tests/suites/test_suite_cipher.function | 8 +------- tests/suites/test_suite_ecdh.data | 3 --- tests/suites/test_suite_ecdh.function | 7 ------- tests/suites/test_suite_ecp.data | 3 --- tests/suites/test_suite_ecp.function | 16 ---------------- tests/suites/test_suite_gcm.function | 9 --------- tests/suites/test_suite_gcm.misc.data | 3 --- tests/suites/test_suite_mpi.data | 3 --- tests/suites/test_suite_mpi.function | 7 ------- tests/suites/test_suite_pk.function | 6 ------ tests/suites/test_suite_shax.data | 9 --------- tests/suites/test_suite_shax.function | 21 --------------------- 22 files changed, 1 insertion(+), 165 deletions(-) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 1c0e2bdd69..a8a01ce473 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -177,29 +177,6 @@ } \ } while( 0 ) -/** - * \brief This macro tests the statement passed to it as a test step or - * individual test in a test case. The macro assumes the test will not fail. - * - * It assumes the library function under test cannot return a value and - * assumes errors can only be indicated by calls to - * MBEDTLS_PARAM_FAILED(). - * - * This macro is intended to test that functions returning void - * accept all of the parameter values they're supposed to accept - eg - * that they don't call MBEDTLS_PARAM_FAILED() when a parameter - * that's allowed to be NULL happens to be NULL. - * - * Note: for functions that return something other that void, - * checking that they accept all the parameters they're supposed to - * accept is best done by using TEST_ASSERT() and checking the return - * value as well. - * - * \param TEST The test expression to be tested. - */ -#define TEST_VALID_PARAM( TEST ) \ - TEST_ASSERT( ( TEST, 1 ) ); - /** Allocate memory dynamically and fail the test case if this fails. * * You must set \p pointer to \c NULL before calling this macro and diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index fe4dd3e820..3e07c9cf9a 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -413,12 +413,6 @@ void aes_misc_params( ) size_t size; #endif - /* These calls accept NULL */ - TEST_VALID_PARAM( mbedtls_aes_free( NULL ) ); -#if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) ); -#endif - #if defined(MBEDTLS_CIPHER_MODE_CBC) TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, 15, diff --git a/tests/suites/test_suite_aria.data b/tests/suites/test_suite_aria.data index 8848978e21..94b6e7e22f 100644 --- a/tests/suites/test_suite_aria.data +++ b/tests/suites/test_suite_aria.data @@ -1,6 +1,3 @@ -ARIA - Valid parameters -aria_valid_param: - ARIA - Invalid parameters aria_invalid_param: diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 514706455a..6432df0811 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -16,13 +16,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void aria_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_aria_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:NOT_DEFINED */ void aria_invalid_param( ) { diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data index c9639f6e79..0ebb64234c 100644 --- a/tests/suites/test_suite_blowfish.data +++ b/tests/suites/test_suite_blowfish.data @@ -1,6 +1,3 @@ -BLOWFISH - Valid parameters -blowfish_valid_param: - BLOWFISH - Invalid parameters blowfish_invalid_param: diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function index fdecfb6f92..1fa59ee6e9 100644 --- a/tests/suites/test_suite_blowfish.function +++ b/tests/suites/test_suite_blowfish.function @@ -7,13 +7,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void blowfish_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:NOT_DEFINED */ void blowfish_invalid_param( ) { diff --git a/tests/suites/test_suite_camellia.data b/tests/suites/test_suite_camellia.data index 3d11b8cb0c..3f73abcea9 100644 --- a/tests/suites/test_suite_camellia.data +++ b/tests/suites/test_suite_camellia.data @@ -1,6 +1,3 @@ -Camellia - Valid parameters -camellia_valid_param: - Camellia - Invalid parameters camellia_invalid_param: diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 0633b73d11..cc18d5b381 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -7,13 +7,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void camellia_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_camellia_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:NOT_DEFINED */ void camellia_invalid_param( ) { diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 63af5aa04a..459683bd29 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1,9 +1,6 @@ CCM self test mbedtls_ccm_self_test: -CCM - Valid parameters -ccm_valid_param: - CCM init #1 AES-128: OK depends_on:MBEDTLS_AES_C mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:128:0 diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 1b00560ecf..840583c5ca 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -291,12 +291,3 @@ exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ - -/* BEGIN_CASE */ -void ccm_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) ); -exit: - return; -} -/* END_CASE */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index f1095b1f03..2ef8f5f63d 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -222,12 +222,6 @@ void cipher_invalid_param_conditional( ) (void)valid_mode; /* In some configurations this is unused */ - /* mbedtls_cipher_init() */ - TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) ); - - /* mbedtls_cipher_setup() */ - TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) ); - TEST_EQUAL( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_setkey( &valid_ctx, @@ -236,7 +230,7 @@ void cipher_invalid_param_conditional( ) invalid_operation ) ); exit: - TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) ); + ; } /* END_CASE */ diff --git a/tests/suites/test_suite_ecdh.data b/tests/suites/test_suite_ecdh.data index fb4a232fc3..3711e55318 100644 --- a/tests/suites/test_suite_ecdh.data +++ b/tests/suites/test_suite_ecdh.data @@ -1,6 +1,3 @@ -ECDH - Valid parameters -ecdh_valid_param: - ECDH - Invalid parameters ecdh_invalid_param: diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 5fa5b6781d..63dc22175d 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -43,13 +43,6 @@ exit: * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void ecdh_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_ecdh_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:NOT_DEFINED */ void ecdh_invalid_param( ) { diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 106791cb88..88d801fb6b 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -1,6 +1,3 @@ -ECP valid params -ecp_valid_param: - ECP invalid params ecp_invalid_param: diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 81a6514cb4..50792b710f 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -22,22 +22,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void ecp_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_ecp_group_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_keypair_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_point_free( NULL ) ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_ecp_restart_free( NULL ) ); -#endif /* MBEDTLS_ECP_RESTARTABLE */ - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE depends_on:NOT_DEFINED */ void ecp_invalid_param( ) { diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index ae306b5e3d..a6b0a4c119 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -201,15 +201,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void gcm_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_gcm_free( NULL ) ); -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void gcm_selftest( ) { diff --git a/tests/suites/test_suite_gcm.misc.data b/tests/suites/test_suite_gcm.misc.data index cf01526535..f22b7a3b79 100644 --- a/tests/suites/test_suite_gcm.misc.data +++ b/tests/suites/test_suite_gcm.misc.data @@ -1,5 +1,2 @@ GCM - Invalid parameters gcm_invalid_param: - -GCM - Valid parameters -gcm_valid_param: diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 8e09ee5bd0..a542267e4c 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1,6 +1,3 @@ -MPI - Valid parameters -mpi_valid_param: - Arguments with no value mpi_null: diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 8c20258c59..d9a44a6e0b 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -71,13 +71,6 @@ static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void mpi_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_mpi_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE */ void mpi_null( ) { diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 06e40d8144..2e24aecc7d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -211,12 +211,6 @@ void valid_parameters( ) mbedtls_pk_init( &pk ); - TEST_VALID_PARAM( mbedtls_pk_free( NULL ) ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) ); -#endif - TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 1cc58af413..3552346e42 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -1,6 +1,3 @@ -SHA-1 - Valid parameters -sha1_valid_param: - # Test the operation of SHA-1 and SHA-2 SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C @@ -42,9 +39,6 @@ SHA-1 Test Vector NIST CAVS #10 depends_on:MBEDTLS_SHA1_C mbedtls_sha1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" -SHA-256 Valid parameters -sha256_valid_param: - SHA-256 Invalid parameters sha256_invalid_param: @@ -107,9 +101,6 @@ mbedtls_sha256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e SHA-512 Invalid parameters sha512_invalid_param: -SHA-512 Valid parameters -sha512_valid_param: - SHA-384 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA384_C sha384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index a8f5b1848d..35fecce6ce 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -4,13 +4,6 @@ #include "mbedtls/sha512.h" /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ -void sha1_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_sha1_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ void mbedtls_sha1( data_t * src_str, data_t * hash ) { @@ -25,13 +18,6 @@ void mbedtls_sha1( data_t * src_str, data_t * hash ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void sha256_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_sha256_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:NOT_DEFINED */ void sha256_invalid_param( ) { @@ -81,13 +67,6 @@ void mbedtls_sha256( data_t * src_str, data_t * hash ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void sha512_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_sha512_free( NULL ) ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:NOT_DEFINED */ void sha512_invalid_param( ) { From 2d0769d1491aa2b8882dab1408b0b5fdf778436d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 27 May 2021 15:24:33 +0200 Subject: [PATCH 0064/1065] Simplification of the tests Signed-off-by: TRodziewicz --- tests/include/test/macros.h | 3 -- tests/src/helpers.c | 9 ------ tests/suites/main_test.function | 37 ++++++++----------------- tests/suites/test_suite_cipher.function | 3 -- tests/suites/test_suite_rsa.data | 3 ++ tests/suites/test_suite_rsa.function | 19 +++++++++++++ 6 files changed, 33 insertions(+), 41 deletions(-) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index a8a01ce473..df961aa049 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -58,9 +58,6 @@ * It allows a library function to return a value and return an error * code that can be tested. * - * This macro is not suitable for negative parameter validation tests, - * as it assumes the test step will not create an error. - * * Failing the test means: * - Mark this test case as failed. * - Print a message identifying the failure. diff --git a/tests/src/helpers.c b/tests/src/helpers.c index ece0465139..cac6d4cc0a 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -204,15 +204,6 @@ int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, return ret; } -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - (void) failure_condition; - (void) file; - (void) line; -} - #if defined(MBEDTLS_TEST_HOOKS) void mbedtls_test_err_add_check( int high, int low, const char *file, int line ) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 13d032c4a4..491de6d2fb 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -158,31 +158,6 @@ $dispatch_code #line $line_no "suites/main_test.function" }; -/** - * \brief Execute the test function. - * - * This is a wrapper function around the test function execution - * to allow the setjmp() call used to catch any calls to the - * parameter failure callback, to be used. Calls to setjmp() - * can invalidate the state of any local auto variables. - * - * \param fp Function pointer to the test function. - * \param params Parameters to pass to the #TestWrapper_t wrapper function. - * - */ -void execute_function_ptr(TestWrapper_t fp, void **params) -{ -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); -#endif - - fp( params ); - -#if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_check( ); -#endif /* MBEDTLS_TEST_MUTEX_USAGE */ -} - /** * \brief Dispatches test functions based on function index. * @@ -203,7 +178,17 @@ int dispatch_test( size_t func_idx, void ** params ) { fp = test_funcs[func_idx]; if ( fp ) - execute_function_ptr(fp, params); + { + #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + mbedtls_test_enable_insecure_external_rng( ); + #endif + + fp( params ); + + #if defined(MBEDTLS_TEST_MUTEX_USAGE) + mbedtls_test_mutex_usage_check( ); + #endif /* MBEDTLS_TEST_MUTEX_USAGE */ + } else ret = DISPATCH_UNSUPPORTED_SUITE; } diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 2ef8f5f63d..674349f764 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -213,15 +213,12 @@ void cipher_invalid_param_conditional( ) mbedtls_cipher_context_t valid_ctx; mbedtls_operation_t invalid_operation = 100; - mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) ); - (void)valid_mode; /* In some configurations this is unused */ - TEST_EQUAL( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_setkey( &valid_ctx, diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 2512ef24c6..cc5a047790 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -1,3 +1,6 @@ +RSA parameter validation +rsa_invalid_param: + RSA init-free-free rsa_init_free:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 9cf2fcf348..bc5036c5c9 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -17,6 +17,25 @@ * END_DEPENDENCIES */ +/* BEGIN_CASE depends_on:NOT_DEFINED */ +void rsa_invalid_param( ) +{ + mbedtls_rsa_context ctx; + const int valid_padding = MBEDTLS_RSA_PKCS_V21; + const int invalid_padding = 42; + unsigned char buf[42] = { 0 }; + size_t olen; + + TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) ); + + TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx, + invalid_padding, 0 ) ); + +exit: + return; +} +/* END_CASE */ + /* BEGIN_CASE */ void rsa_init_free( int reinit ) { From 9b279f98bcd5eab3898610327e2f731eef5eff47 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 27 May 2021 17:20:41 +0200 Subject: [PATCH 0065/1065] Removal of the rsa_invalid_param() from the test Signed-off-by: TRodziewicz --- tests/suites/test_suite_rsa.data | 3 --- tests/suites/test_suite_rsa.function | 19 ------------------- 2 files changed, 22 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index cc5a047790..2512ef24c6 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -1,6 +1,3 @@ -RSA parameter validation -rsa_invalid_param: - RSA init-free-free rsa_init_free:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index bc5036c5c9..9cf2fcf348 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -17,25 +17,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:NOT_DEFINED */ -void rsa_invalid_param( ) -{ - mbedtls_rsa_context ctx; - const int valid_padding = MBEDTLS_RSA_PKCS_V21; - const int invalid_padding = 42; - unsigned char buf[42] = { 0 }; - size_t olen; - - TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) ); - - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx, - invalid_padding, 0 ) ); - -exit: - return; -} -/* END_CASE */ - /* BEGIN_CASE */ void rsa_init_free( int reinit ) { From bcd2b4b9725e64b806b9b92d07c1a12c45b9e9d7 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 28 May 2021 12:56:57 +0200 Subject: [PATCH 0066/1065] Addition of ommited part of code review follow-up Signed-off-by: TRodziewicz --- tests/suites/test_suite_aria.function | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 6432df0811..04263247e3 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -27,6 +27,9 @@ void aria_invalid_param( ) ((void) iv_off); ((void) iv); + ((void) ctx); + ((void) input); + ((void) output); #if defined(MBEDTLS_CIPHER_MODE_CBC) TEST_EQUAL( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, From 358e588b323fa9ec29e386c5197db3d46c5303b8 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 28 May 2021 12:58:46 +0200 Subject: [PATCH 0067/1065] Temporary addition of an empty assert to satisfy the compiler Signed-off-by: TRodziewicz --- tests/suites/test_suite_aes.function | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 3e07c9cf9a..aa3df92fa5 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -447,6 +447,14 @@ void aes_misc_params( ) TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out ) == MBEDTLS_ERR_AES_BAD_INPUT_DATA ); #endif + +/* + * The following line needs to be added to make the code compilable + * when all the conditions above will be not define in a specific + * choice of features. + */ + TEST_ASSERT( 1 ); +/* TODO: It will be removed when the whole test will be reworked */ } /* END_CASE */ From dee975af7dc80830cdaf18e480a1eb4ab720900f Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 28 May 2021 15:27:01 +0200 Subject: [PATCH 0068/1065] Remove MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option Remove define Add ChangeLog file and migration guide entry Signed-off-by: TRodziewicz --- ChangeLog.d/issue4386.txt | 3 ++ ...pp_for_extensions_in_pre-v3_X_509_certs.md | 11 +++++++ include/mbedtls/config.h | 10 ------- library/x509_crt.c | 2 -- tests/suites/test_suite_x509parse.data | 30 ++++--------------- 5 files changed, 19 insertions(+), 37 deletions(-) create mode 100644 ChangeLog.d/issue4386.txt create mode 100644 docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md diff --git a/ChangeLog.d/issue4386.txt b/ChangeLog.d/issue4386.txt new file mode 100644 index 0000000000..9e61fdba23 --- /dev/null +++ b/ChangeLog.d/issue4386.txt @@ -0,0 +1,3 @@ +Removals + * Remove the MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option and let the code + behave as if it was always disabled. Fixes #4386. diff --git a/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md b/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md new file mode 100644 index 0000000000..8484dfbbc3 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md @@ -0,0 +1,11 @@ +Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option +-- + +This change does not affect users who are working with current V3 X.509 +certificates. + +This change makes the pre-V3 X.509 certificates both with or without optional +extensions obsolete. + +If you are working with the pre-V3 certificates you need to switch to the +current ones. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 10140915e3..f4d76e6fdb 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1938,16 +1938,6 @@ */ #define MBEDTLS_VERSION_FEATURES -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - /** * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION * diff --git a/library/x509_crt.c b/library/x509_crt.c index b4fe8863a6..8387de618b 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1268,9 +1268,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, } } -#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) if( crt->version == 3 ) -#endif { ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx ); if( ret != 0 ) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 8b7b09aade..59acc667a1 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -178,10 +178,6 @@ X509 CRT information Non-ASCII string in issuer name and subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509_cert_info:"data_files/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" -X509 certificate v1 with extension -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \:\n dNSName \: identity-check.org\n dNSName \: www.identity-check.org\n \n" - X509 SAN parsing otherName depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\n" @@ -1575,7 +1571,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag) -depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed) @@ -1595,21 +1591,13 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT) -depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3) -depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT) -depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3) -depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - X509 CRT ASN1 (TBS, inv v3Ext, inv tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG @@ -1858,24 +1846,16 @@ X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated outside Extensions) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT (TBS, valid v3Ext in v1 CRT, ALLOW_EXTENSIONS_NON_V3) -depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 - -X509 CRT (TBS, valid v3Ext in v2 CRT, ALLOW_EXTENSIONS_NON_V3) -depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 2\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 - X509 CRT (TBS, valid v3Ext in v3 CRT) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT) -depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid v3Ext in v2 CRT) -depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid SubjectID, valid IssuerID, inv v3Ext, SubjectAltName repeated outside Extensions, inv SubjectAltNames tag) From 3670e387dc5b59a36c14fe03267cd14b93c8bbfd Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 31 May 2021 12:11:53 +0200 Subject: [PATCH 0069/1065] Remove 3DES ciphersuites Signed-off-by: TRodziewicz --- ChangeLog.d/issue4367.txt | 12 ++ .../Remove_3DES_ciphersuites.md | 10 ++ include/mbedtls/config.h | 45 +----- include/mbedtls/ssl_ciphersuites.h | 12 -- library/ssl_ciphersuites.c | 139 ------------------ scripts/config.py | 1 - 6 files changed, 23 insertions(+), 196 deletions(-) create mode 100644 ChangeLog.d/issue4367.txt create mode 100644 docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md diff --git a/ChangeLog.d/issue4367.txt b/ChangeLog.d/issue4367.txt new file mode 100644 index 0000000000..8c31d719d4 --- /dev/null +++ b/ChangeLog.d/issue4367.txt @@ -0,0 +1,12 @@ +Removals + * Remove the MBEDTLS_REMOVE_3DES_CIPHERSUITES config.h option and makke as if + it was disabled. Remove all the 3DES ciphersuites: + MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA . Fixes #4367. diff --git a/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md b/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md new file mode 100644 index 0000000000..85a85b97a6 --- /dev/null +++ b/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md @@ -0,0 +1,10 @@ +Remove 3DES ciphersuites +-- + +This change does not affect users using default settings for 3DES in `config.h` +because the 3DES ciphersuites were disabled by that. + +3DES has weaknesses/limitations and there are better alternatives, and more and +more standard bodies are recommending against its use in TLS. + +The migration path here is to chose from the recomended in literature alternatives. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 10140915e3..12f8c95cef 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -682,26 +682,6 @@ */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY -/** - * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES - * - * Remove 3DES ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on 3DES from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible - * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including - * them explicitly. - * - * A man-in-the-browser attacker can recover authentication tokens sent through - * a TLS connection using a 3DES based cipher suite (see "On the Practical - * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan - * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls - * in your threat model or you are unsure, then you should keep this option - * enabled to remove 3DES based cipher suites. - * - * Comment this macro to keep 3DES in the default ciphersuite list. - */ -#define MBEDTLS_REMOVE_3DES_CIPHERSUITES - /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -843,7 +823,6 @@ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED @@ -866,7 +845,6 @@ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA * * \warning Using DHE constitutes a security risk as it * is not possible to validate custom DH parameters. @@ -892,7 +870,6 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED @@ -916,7 +893,6 @@ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED @@ -942,7 +918,6 @@ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED @@ -968,7 +943,6 @@ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA * * \warning Using DHE constitutes a security risk as it * is not possible to validate custom DH parameters. @@ -999,7 +973,6 @@ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED @@ -1022,7 +995,6 @@ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED @@ -1035,7 +1007,6 @@ * * This enables the following ciphersuites (if other requisites are * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 @@ -1058,7 +1029,6 @@ * * This enables the following ciphersuites (if other requisites are * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 @@ -2370,7 +2340,7 @@ * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying * implementation of the CMAC algorithm is provided by an alternate * implementation, that alternate implementation may opt to not support - * AES-192 or 3DES as underlying block ciphers for the CMAC operation. + * AES-192 as underlying block ciphers for the CMAC operation. * * Module: library/cmac.c * @@ -2422,19 +2392,6 @@ * Caller: library/pem.c * library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * * \warning DES is considered a weak cipher and its use constitutes a diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 3eacfb5a3e..fd7f24c3f0 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -42,10 +42,6 @@ extern "C" { #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ -#define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A - -#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 - #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ @@ -68,15 +64,12 @@ extern "C" { #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 -#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D -#define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 -#define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 @@ -114,22 +107,18 @@ extern "C" { #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 @@ -151,7 +140,6 @@ extern "C" { #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index ac2c50a3ec..00dcd07976 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -254,18 +254,6 @@ static const int ciphersuite_preference[] = MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - /* 3DES suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, - /* NULL suites */ MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, @@ -471,18 +459,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", @@ -580,18 +556,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", @@ -726,17 +690,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) @@ -863,18 +816,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) @@ -963,18 +904,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", @@ -1072,18 +1001,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", @@ -1208,18 +1125,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) @@ -1335,18 +1240,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) @@ -1405,18 +1298,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) @@ -1510,18 +1391,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -2047,14 +1916,6 @@ static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) { (void)cs_info; -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || - cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) - { - return( 1 ); - } -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - return( 0 ); } diff --git a/scripts/config.py b/scripts/config.py index 1b8c3db95b..94fbdef42f 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -189,7 +189,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) - 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) From 4e57f4cdfdfddffde50641a9bd9d4c1b62a5fd05 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 31 May 2021 12:58:25 +0200 Subject: [PATCH 0070/1065] Adding removed defines to check_config.h and fixing the migration guide entry. Signed-off-by: TRodziewicz --- .../combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md | 2 +- include/mbedtls/check_config.h | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md index 405d572a80..bc3fa68069 100644 --- a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md +++ b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md @@ -4,7 +4,7 @@ Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDIN This change affects users who modified the default `config.h` padding granularity settings, i.e. enabled at least one of the options. -`config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and +The `config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because they used exactly the same padding mechanism and hence their respective padding granularities can be used in exactly the same way. This change simplifies the diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 389ae2a718..92f6bfea28 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -841,6 +841,14 @@ #error "MBEDTLS_SSL_PROTO_TLS1_1 (TLS v1.1 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" #endif +#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) //no-check-names +#error "MBEDTLS_SSL_CID_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4335" +#endif + +#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) //no-check-names +#error "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4335" +#endif + /* * Avoid warning from -pedantic. This is a convenient place for this * workaround since this is included by every single file before the From 231649a0205e2f939622eb2fc80fbb970552fc3a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 31 May 2021 13:03:25 +0200 Subject: [PATCH 0071/1065] Changing the migration guide entry wording. Signed-off-by: TRodziewicz --- ...emove_supp_for_extensions_in_pre-v3_X_509_certs.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md b/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md index 8484dfbbc3..4c87f038fc 100644 --- a/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md +++ b/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md @@ -1,11 +1,14 @@ Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option -- -This change does not affect users who are working with current V3 X.509 -certificates. +This change does not affect users who were using the default configuration, as +this option was already disabled by default. Also, it does not affect users who +are working with current V3 X.509 certificates. -This change makes the pre-V3 X.509 certificates both with or without optional -extensions obsolete. +Extensions were added in V3 of the X.509 specification, so pre-V3 certificates +containing extensions were never compliant. Mbed TLS now rejects them with a +parsing error in all configurations, as it did previously in the default +configuration. If you are working with the pre-V3 certificates you need to switch to the current ones. From cd817b06303bf43547ed6fe855e712c529de7e63 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 31 May 2021 19:40:45 +0100 Subject: [PATCH 0072/1065] Remove misleading comment in TLS 1.3 key schedule code The implementation documentation of ``` mbedtls_ssl_tls1_3_derive_early_secrets() ``` mentioned the PSK binder key, which is misleading because the function doesn't actually calculate it. Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 78a55812da..f1c8a12d86 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -368,9 +368,6 @@ int mbedtls_ssl_tls1_3_derive_early_secrets( * v * PSK -> HKDF-Extract = Early Secret * | - * +-----> Derive-Secret(., "ext binder" | "res binder", "") - * | = binder_key - * | * +-----> Derive-Secret(., "c e traffic", ClientHello) * | = client_early_traffic_secret * | From ba9cb76e9f18be7fc763b86295c9f445d1c2d280 Mon Sep 17 00:00:00 2001 From: kXuan Date: Thu, 8 Apr 2021 14:32:06 +0800 Subject: [PATCH 0073/1065] static initialize comb table MBEDTLS_ECP_FIXED_POINT_OPTIM aims to speed up ecc multiplication performance. We compute the comb table in runtime now. It is a costly operation. This patch add a pre-computed table to initialize well-known curves. It speed up ECDSA signature verify process in runtime by using more ROM size. Signed-off-by: kXuan --- include/mbedtls/ecp.h | 8 +- library/ecp.c | 23 +- library/ecp_curves.c | 4025 ++++++++++++++++++++++++++++++++++++- programs/test/benchmark.c | 6 +- 4 files changed, 4035 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index dd400a0186..0c351fae12 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -229,7 +229,7 @@ typedef struct mbedtls_ecp_group int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */ void *t_data; /*!< Unused. */ mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */ - size_t T_size; /*!< The number of pre-computed points. */ + size_t T_size; /*!< The number of dynamic allocated pre-computed points. */ } mbedtls_ecp_group; @@ -276,15 +276,15 @@ mbedtls_ecp_group; #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) /* - * Trade memory for speed on fixed-point multiplication. + * Trade ROM usage for speed on fixed-point multiplication. * * This speeds up repeated multiplication of the generator (that is, the * multiplication in ECDSA signatures, and half of the multiplications in * ECDSA verification and ECDHE) by a factor roughly 3 to 4. * - * The cost is increasing EC peak memory usage by a factor roughly 2. + * The cost is increasing ROM usage by a factor roughly 2. * - * Change this value to 0 to reduce peak memory usage. + * Change this value to 0 to reduce ROM usage. */ #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */ #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ diff --git a/library/ecp.c b/library/ecp.c index 194e448289..1ad5b6748e 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -728,6 +728,18 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ) mbedtls_mpi_free( &( pt->Z ) ); } +/* + * Check that the comb table (grp->T) is static initialized. + */ +static int ecp_group_is_static_comb_table( const mbedtls_ecp_group *grp ) { +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 + return grp->T != NULL && grp->T_size == 0; +#else + (void) grp; + return 0; +#endif +} + /* * Unallocate (the components of) a group */ @@ -747,7 +759,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ) mbedtls_mpi_free( &grp->N ); } - if( grp->T != NULL ) + if( !ecp_group_is_static_comb_table(grp) && grp->T != NULL ) { for( i = 0; i < grp->T_size; i++ ) mbedtls_ecp_point_free( &grp->T[i] ); @@ -2245,11 +2257,16 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, w++; /* - * Make sure w is within bounds. + * If static comb table may not be used (!p_eq_g) or static comb table does + * not exists, make sure w is within bounds. * (The last test is useful only for very small curves in the test suite.) + * + * The user reduces MBEDTLS_ECP_WINDOW_SIZE does not changes the size of + * static comb table, because the size of static comb table is fixed when + * it is generated. */ #if( MBEDTLS_ECP_WINDOW_SIZE < 6 ) - if( w > MBEDTLS_ECP_WINDOW_SIZE ) + if( (!p_eq_g || !ecp_group_is_static_comb_table(grp)) && w > MBEDTLS_ECP_WINDOW_SIZE ) w = MBEDTLS_ECP_WINDOW_SIZE; #endif if( w >= grp->nbits ) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 165c315d17..9a32ac1202 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -81,6 +81,33 @@ #endif /* bits in mbedtls_mpi_uint */ +#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} + +#define ECP_POINT_INIT_XY_Z0(x, y) { \ + ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x),\ + ECP_MPI_INIT(1, sizeof(y) / sizeof(mbedtls_mpi_uint), y), \ + ECP_MPI_INIT(1, 0, NULL) } +#define ECP_POINT_INIT_XY_Z1(x, y) { \ + ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x),\ + ECP_MPI_INIT(1, sizeof(y) / sizeof(mbedtls_mpi_uint), y), \ + ECP_MPI_INIT(1, 1, mpi_one) } + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +/* For these curves, we build the group parameters dynamically. */ +#define ECP_LOAD_GROUP +static mbedtls_mpi_uint mpi_one[] = {1}; +#endif + /* * Note: the constants are in little-endian order * to be directly usable in MPIs @@ -115,6 +142,188 @@ static const mbedtls_mpi_uint secp192r1_n[] = { BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp192r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), + BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), + BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), +}; +static const mbedtls_mpi_uint secp192r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), + BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), + BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), +}; +static const mbedtls_mpi_uint secp192r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x97, 0x9E, 0xE3, 0x60, 0x59, 0xD1, 0xC4, 0xC2 ), + BYTES_TO_T_UINT_8( 0x91, 0xBD, 0x22, 0xD7, 0x2D, 0x07, 0xBD, 0xB6 ), + BYTES_TO_T_UINT_8( 0x74, 0x2A, 0xCF, 0x33, 0xF0, 0xBE, 0xD1, 0xED ), +}; +static const mbedtls_mpi_uint secp192r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x88, 0x71, 0x4B, 0xA8, 0xED, 0x7E, 0xC9, 0x1A ), + BYTES_TO_T_UINT_8( 0x8E, 0x2A, 0xF6, 0xDF, 0x0E, 0xE8, 0x4C, 0x0F ), + BYTES_TO_T_UINT_8( 0xC5, 0x35, 0xF7, 0x8A, 0xC3, 0xEC, 0xDE, 0x1E ), +}; +static const mbedtls_mpi_uint secp192r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x00, 0x67, 0xC2, 0x1D, 0x32, 0x8F, 0x10, 0xFB ), + BYTES_TO_T_UINT_8( 0xBB, 0x2D, 0x17, 0xF3, 0xE4, 0xFE, 0xD8, 0x13 ), + BYTES_TO_T_UINT_8( 0x55, 0x45, 0x10, 0x70, 0x2C, 0x3E, 0x52, 0x3E ), +}; +static const mbedtls_mpi_uint secp192r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x61, 0xF1, 0x04, 0x5D, 0xEE, 0xD4, 0x56, 0xE6 ), + BYTES_TO_T_UINT_8( 0x78, 0xB7, 0x38, 0x27, 0x61, 0xAA, 0x81, 0x87 ), + BYTES_TO_T_UINT_8( 0x71, 0x37, 0xD7, 0x0E, 0x29, 0x0E, 0x11, 0x14 ), +}; +static const mbedtls_mpi_uint secp192r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x1E, 0x35, 0x52, 0xC6, 0x31, 0xB7, 0x27, 0xF5 ), + BYTES_TO_T_UINT_8( 0x3D, 0xD4, 0x15, 0x98, 0x0F, 0xE7, 0xF3, 0x6A ), + BYTES_TO_T_UINT_8( 0xD3, 0x31, 0x70, 0x35, 0x09, 0xA0, 0x2B, 0xC2 ), +}; +static const mbedtls_mpi_uint secp192r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0x21, 0x75, 0xA7, 0x4C, 0x88, 0xCF, 0x5B, 0xE4 ), + BYTES_TO_T_UINT_8( 0x17, 0x17, 0x48, 0x8D, 0xF2, 0xF0, 0x86, 0xED ), + BYTES_TO_T_UINT_8( 0x49, 0xCF, 0xFE, 0x6B, 0xB0, 0xA5, 0x06, 0xAB ), +}; +static const mbedtls_mpi_uint secp192r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x18, 0x6A, 0xDC, 0x9A, 0x6D, 0x7B, 0x47, 0x2E ), + BYTES_TO_T_UINT_8( 0x12, 0xFC, 0x51, 0x12, 0x62, 0x66, 0x0B, 0x59 ), + BYTES_TO_T_UINT_8( 0xCD, 0x40, 0x93, 0xA0, 0xB5, 0x5A, 0x58, 0xD7 ), +}; +static const mbedtls_mpi_uint secp192r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0xEF, 0xCB, 0xAF, 0xDC, 0x0B, 0xA1, 0x26, 0xFB ), + BYTES_TO_T_UINT_8( 0xDA, 0x36, 0x9D, 0xA3, 0xD7, 0x3B, 0xAD, 0x39 ), + BYTES_TO_T_UINT_8( 0xB4, 0x3B, 0x05, 0x9A, 0xA8, 0xAA, 0x69, 0xB2 ), +}; +static const mbedtls_mpi_uint secp192r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x6D, 0xD9, 0xD1, 0x4D, 0x4A, 0x6E, 0x96, 0x1E ), + BYTES_TO_T_UINT_8( 0x17, 0x66, 0x32, 0x39, 0xC6, 0x57, 0x7D, 0xE6 ), + BYTES_TO_T_UINT_8( 0x92, 0xA0, 0x36, 0xC2, 0x45, 0xF9, 0x00, 0x62 ), +}; +static const mbedtls_mpi_uint secp192r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xB4, 0xEF, 0x59, 0x46, 0xDC, 0x60, 0xD9, 0x8F ), + BYTES_TO_T_UINT_8( 0x24, 0xB0, 0xE9, 0x41, 0xA4, 0x87, 0x76, 0x89 ), + BYTES_TO_T_UINT_8( 0x13, 0xD4, 0x0E, 0xB2, 0xFA, 0x16, 0x56, 0xDC ), +}; +static const mbedtls_mpi_uint secp192r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x0A, 0x62, 0xD2, 0xB1, 0x34, 0xB2, 0xF1, 0x06 ), + BYTES_TO_T_UINT_8( 0xB2, 0xED, 0x55, 0xC5, 0x47, 0xB5, 0x07, 0x15 ), + BYTES_TO_T_UINT_8( 0x17, 0xF6, 0x2F, 0x94, 0xC3, 0xDD, 0x54, 0x2F ), +}; +static const mbedtls_mpi_uint secp192r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xFD, 0xA6, 0xD4, 0x8C, 0xA9, 0xCE, 0x4D, 0x2E ), + BYTES_TO_T_UINT_8( 0xB9, 0x4B, 0x46, 0xCC, 0xB2, 0x55, 0xC8, 0xB2 ), + BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x31, 0xED, 0x89, 0x65, 0x59, 0x55 ), +}; +static const mbedtls_mpi_uint secp192r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xCC, 0x0A, 0xD1, 0x1A, 0xC5, 0xF6, 0xEA, 0x43 ), + BYTES_TO_T_UINT_8( 0x0C, 0xFC, 0x0C, 0x1A, 0xFB, 0xA0, 0xC8, 0x70 ), + BYTES_TO_T_UINT_8( 0xEA, 0xFD, 0x53, 0x6F, 0x6D, 0xBF, 0xBA, 0xAF ), +}; +static const mbedtls_mpi_uint secp192r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x2D, 0xB0, 0x7D, 0x83, 0x96, 0xE3, 0xCB, 0x9D ), + BYTES_TO_T_UINT_8( 0x6F, 0x6E, 0x55, 0x2C, 0x20, 0x53, 0x2F, 0x46 ), + BYTES_TO_T_UINT_8( 0xA6, 0x66, 0x00, 0x17, 0x08, 0xFE, 0xAC, 0x31 ), +}; +static const mbedtls_mpi_uint secp192r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x09, 0x12, 0x97, 0x3A, 0xC7, 0x57, 0x45, 0xCD ), + BYTES_TO_T_UINT_8( 0x38, 0x25, 0x99, 0x00, 0xF6, 0x97, 0xB4, 0x64 ), + BYTES_TO_T_UINT_8( 0x9B, 0x74, 0xE6, 0xE6, 0xA3, 0xDF, 0x9C, 0xCC ), +}; +static const mbedtls_mpi_uint secp192r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x32, 0xF4, 0x76, 0xD5, 0x5F, 0x2A, 0xFD, 0x85 ), + BYTES_TO_T_UINT_8( 0x62, 0x80, 0x7E, 0x3E, 0xE5, 0xE8, 0xD6, 0x63 ), + BYTES_TO_T_UINT_8( 0xE2, 0xAD, 0x1E, 0x70, 0x79, 0x3E, 0x3D, 0x83 ), +}; +static const mbedtls_mpi_uint secp192r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x8E, 0x15, 0xBB, 0xB3, 0x42, 0x6A, 0xA1, 0x7C ), + BYTES_TO_T_UINT_8( 0x9B, 0x58, 0xCB, 0x43, 0x25, 0x00, 0x14, 0x68 ), + BYTES_TO_T_UINT_8( 0x06, 0x4E, 0x93, 0x11, 0xE0, 0x32, 0x54, 0x98 ), +}; +static const mbedtls_mpi_uint secp192r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xA7, 0x52, 0xA2, 0xB4, 0x57, 0x32, 0xB9, 0x11 ), + BYTES_TO_T_UINT_8( 0x7D, 0x43, 0xA1, 0xB1, 0xFB, 0x01, 0xE1, 0xE7 ), + BYTES_TO_T_UINT_8( 0xA6, 0xFB, 0x5A, 0x11, 0xB8, 0xC2, 0x03, 0xE5 ), +}; +static const mbedtls_mpi_uint secp192r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x1C, 0x2B, 0x71, 0x26, 0x4E, 0x7C, 0xC5, 0x32 ), + BYTES_TO_T_UINT_8( 0x1F, 0xF5, 0xD3, 0xA8, 0xE4, 0x95, 0x48, 0x65 ), + BYTES_TO_T_UINT_8( 0x55, 0xAE, 0xD9, 0x5D, 0x9F, 0x6A, 0x22, 0xAD ), +}; +static const mbedtls_mpi_uint secp192r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0xD9, 0xCC, 0xA3, 0x4D, 0xA0, 0x1C, 0x34, 0xEF ), + BYTES_TO_T_UINT_8( 0xA3, 0x3C, 0x62, 0xF8, 0x5E, 0xA6, 0x58, 0x7D ), + BYTES_TO_T_UINT_8( 0x6D, 0x6E, 0x66, 0x8A, 0x3D, 0x17, 0xFF, 0x0F ), +}; +static const mbedtls_mpi_uint secp192r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xF7, 0xCD, 0xA8, 0xDD, 0xD1, 0x20, 0x5C, 0xEA ), + BYTES_TO_T_UINT_8( 0xBF, 0xFE, 0x17, 0xE2, 0xCF, 0xEA, 0x63, 0xDE ), + BYTES_TO_T_UINT_8( 0x74, 0x51, 0xC9, 0x16, 0xDE, 0xB4, 0xB2, 0xDD ), +}; +static const mbedtls_mpi_uint secp192r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x59, 0xBE, 0x12, 0xD7, 0xA3, 0x0A, 0x50, 0x33 ), + BYTES_TO_T_UINT_8( 0x53, 0x87, 0xC5, 0x8A, 0x76, 0x57, 0x07, 0x60 ), + BYTES_TO_T_UINT_8( 0xE5, 0x1F, 0xC6, 0x1B, 0x66, 0xC4, 0x3D, 0x8A ), +}; +static const mbedtls_mpi_uint secp192r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x28, 0xA4, 0x85, 0x13, 0x8F, 0xA7, 0x35, 0x19 ), + BYTES_TO_T_UINT_8( 0x58, 0x0D, 0xFD, 0xFF, 0x1B, 0xD1, 0xD6, 0xEF ), + BYTES_TO_T_UINT_8( 0xBA, 0x7A, 0xD0, 0xC3, 0xB4, 0xEF, 0x39, 0x66 ), +}; +static const mbedtls_mpi_uint secp192r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x3A, 0xFE, 0xA5, 0x9C, 0x34, 0x30, 0x49, 0x40 ), + BYTES_TO_T_UINT_8( 0xDE, 0xC5, 0x39, 0x26, 0x06, 0xE3, 0x01, 0x17 ), + BYTES_TO_T_UINT_8( 0xE2, 0x2B, 0x66, 0xFC, 0x95, 0x5F, 0x35, 0xF7 ), +}; +static const mbedtls_mpi_uint secp192r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x58, 0xCF, 0x54, 0x63, 0x99, 0x57, 0x05, 0x45 ), + BYTES_TO_T_UINT_8( 0x71, 0x6F, 0x00, 0x5F, 0x65, 0x08, 0x47, 0x98 ), + BYTES_TO_T_UINT_8( 0x62, 0x2A, 0x90, 0x6D, 0x67, 0xC6, 0xBC, 0x45 ), +}; +static const mbedtls_mpi_uint secp192r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x8A, 0x4D, 0x88, 0x0A, 0x35, 0x9E, 0x33, 0x9C ), + BYTES_TO_T_UINT_8( 0x7C, 0x17, 0x0C, 0xF8, 0xE1, 0x7A, 0x49, 0x02 ), + BYTES_TO_T_UINT_8( 0xA4, 0x44, 0x06, 0x8F, 0x0B, 0x70, 0x2F, 0x71 ), +}; +static const mbedtls_mpi_uint secp192r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x85, 0x4B, 0xCB, 0xF9, 0x8E, 0x6A, 0xDA, 0x1B ), + BYTES_TO_T_UINT_8( 0x29, 0x43, 0xA1, 0x3F, 0xCE, 0x17, 0xD2, 0x32 ), + BYTES_TO_T_UINT_8( 0x5D, 0x0D, 0xD2, 0x6C, 0x82, 0x37, 0xE5, 0xFC ), +}; +static const mbedtls_mpi_uint secp192r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x4A, 0x3C, 0xF4, 0x92, 0xB4, 0x8A, 0x95, 0x85 ), + BYTES_TO_T_UINT_8( 0x85, 0x96, 0xF1, 0x0A, 0x34, 0x2F, 0x74, 0x7E ), + BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0xAA, 0xBA, 0x86, 0x77, 0x4F, 0xA2 ), +}; +static const mbedtls_mpi_uint secp192r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xE5, 0x7F, 0xEF, 0x60, 0x50, 0x80, 0xD7, 0xD4 ), + BYTES_TO_T_UINT_8( 0x31, 0xAC, 0xC9, 0xFE, 0xEC, 0x0A, 0x1A, 0x9F ), + BYTES_TO_T_UINT_8( 0x6B, 0x2F, 0xBE, 0x91, 0xD7, 0xB7, 0x38, 0x48 ), +}; +static const mbedtls_mpi_uint secp192r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xB1, 0xAE, 0x85, 0x98, 0xFE, 0x05, 0x7F, 0x9F ), + BYTES_TO_T_UINT_8( 0x91, 0xBE, 0xFD, 0x11, 0x31, 0x3D, 0x14, 0x13 ), + BYTES_TO_T_UINT_8( 0x59, 0x75, 0xE8, 0x30, 0x01, 0xCB, 0x9B, 0x1C ), +}; +static const mbedtls_ecp_point secp192r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp192r1_T_0_X, secp192r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_1_X, secp192r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_2_X, secp192r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_3_X, secp192r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_4_X, secp192r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_5_X, secp192r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_6_X, secp192r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_7_X, secp192r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_8_X, secp192r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_9_X, secp192r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_10_X, secp192r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_11_X, secp192r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_12_X, secp192r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_13_X, secp192r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_14_X, secp192r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_15_X, secp192r1_T_15_Y), +}; +#else +#define secp192r1_T NULL +#endif #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ /* @@ -151,6 +360,220 @@ static const mbedtls_mpi_uint secp224r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), }; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp224r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), + BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), + BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), + BYTES_TO_T_UINT_8( 0xBD, 0x0C, 0x0E, 0xB7, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), + BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), + BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), + BYTES_TO_T_UINT_8( 0x88, 0x63, 0x37, 0xBD, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0xE0, 0xF9, 0xB8, 0xD0, 0x3D, 0xD2, 0xD3, 0xFA ), + BYTES_TO_T_UINT_8( 0x1E, 0xFD, 0x99, 0x26, 0x19, 0xFE, 0x13, 0x6E ), + BYTES_TO_T_UINT_8( 0x1C, 0x0E, 0x4C, 0x48, 0x7C, 0xA2, 0x17, 0x01 ), + BYTES_TO_T_UINT_8( 0x3D, 0xA3, 0x13, 0x57, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x9F, 0x16, 0x5C, 0x8F, 0xAA, 0xED, 0x0F, 0x58 ), + BYTES_TO_T_UINT_8( 0xBF, 0xC5, 0x43, 0x34, 0x93, 0x05, 0x2A, 0x4C ), + BYTES_TO_T_UINT_8( 0xE4, 0xE3, 0x6C, 0xCA, 0xC6, 0x14, 0xC2, 0x25 ), + BYTES_TO_T_UINT_8( 0xD3, 0x43, 0x6C, 0xD7, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0xC3, 0x5A, 0x98, 0x1E, 0xC8, 0xA5, 0x42, 0xA3 ), + BYTES_TO_T_UINT_8( 0x98, 0x49, 0x56, 0x78, 0xF8, 0xEF, 0xED, 0x65 ), + BYTES_TO_T_UINT_8( 0x1B, 0xBB, 0x64, 0xB6, 0x4C, 0x54, 0x5F, 0xD1 ), + BYTES_TO_T_UINT_8( 0x2F, 0x0C, 0x33, 0xCC, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0xFA, 0x79, 0xCB, 0x2E, 0x08, 0xFF, 0xD8, 0xE6 ), + BYTES_TO_T_UINT_8( 0x2E, 0x1F, 0xD4, 0xD7, 0x57, 0xE9, 0x39, 0x45 ), + BYTES_TO_T_UINT_8( 0xD8, 0xD6, 0x3B, 0x0A, 0x1C, 0x87, 0xB7, 0x6A ), + BYTES_TO_T_UINT_8( 0xEB, 0x30, 0xD8, 0x05, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0xAD, 0x79, 0x74, 0x9A, 0xE6, 0xBB, 0xC2, 0xC2 ), + BYTES_TO_T_UINT_8( 0xB4, 0x5B, 0xA6, 0x67, 0xC1, 0x91, 0xE7, 0x64 ), + BYTES_TO_T_UINT_8( 0xF0, 0xDF, 0x38, 0x82, 0x19, 0x2C, 0x4C, 0xCA ), + BYTES_TO_T_UINT_8( 0xD1, 0x2E, 0x39, 0xC5, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0x99, 0x36, 0x78, 0x4E, 0xAE, 0x5B, 0x02, 0x76 ), + BYTES_TO_T_UINT_8( 0x14, 0xF6, 0x8B, 0xF8, 0xF4, 0x92, 0x6B, 0x42 ), + BYTES_TO_T_UINT_8( 0xBA, 0x4D, 0x71, 0x35, 0xE7, 0x0C, 0x2C, 0x98 ), + BYTES_TO_T_UINT_8( 0x9B, 0xA5, 0x1F, 0xAE, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0xAF, 0x1C, 0x4B, 0xDF, 0x5B, 0xF2, 0x51, 0xB7 ), + BYTES_TO_T_UINT_8( 0x05, 0x74, 0xB1, 0x5A, 0xC6, 0x0F, 0x0E, 0x61 ), + BYTES_TO_T_UINT_8( 0xE8, 0x24, 0x09, 0x62, 0xAF, 0xFC, 0xDB, 0x45 ), + BYTES_TO_T_UINT_8( 0x43, 0xE1, 0x80, 0x55, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x3C, 0x82, 0xFE, 0xAD, 0xC3, 0xE5, 0xCF, 0xD8 ), + BYTES_TO_T_UINT_8( 0x24, 0xA2, 0x62, 0x17, 0x76, 0xF0, 0x5A, 0xFA ), + BYTES_TO_T_UINT_8( 0x3E, 0xB8, 0xE5, 0xAC, 0xB7, 0x66, 0x38, 0xAA ), + BYTES_TO_T_UINT_8( 0x97, 0xFD, 0x86, 0x05, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x59, 0xD3, 0x0C, 0x3C, 0xD1, 0x66, 0xB0, 0xF1 ), + BYTES_TO_T_UINT_8( 0xBC, 0x59, 0xB4, 0x8D, 0x90, 0x10, 0xB7, 0xA2 ), + BYTES_TO_T_UINT_8( 0x96, 0x47, 0x9B, 0xE6, 0x55, 0x8A, 0xE4, 0xEE ), + BYTES_TO_T_UINT_8( 0xB1, 0x49, 0xDB, 0x78, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0x41, 0x97, 0xED, 0xDE, 0xFF, 0xB3, 0xDF, 0x48 ), + BYTES_TO_T_UINT_8( 0x10, 0xB9, 0x83, 0xB7, 0xEB, 0xBE, 0x40, 0x8D ), + BYTES_TO_T_UINT_8( 0xAF, 0xD3, 0xD3, 0xCD, 0x0E, 0x82, 0x79, 0x3D ), + BYTES_TO_T_UINT_8( 0x9B, 0x83, 0x1B, 0xF0, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x3F, 0x22, 0xBB, 0x54, 0xD3, 0x31, 0x56, 0xFC ), + BYTES_TO_T_UINT_8( 0x80, 0x36, 0xE5, 0xE0, 0x89, 0x96, 0x8E, 0x71 ), + BYTES_TO_T_UINT_8( 0xE1, 0xEF, 0x0A, 0xED, 0xD0, 0x11, 0x4A, 0xFF ), + BYTES_TO_T_UINT_8( 0x15, 0x00, 0x57, 0x27, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0x13, 0xCA, 0x3D, 0xF7, 0x64, 0x9B, 0x6E, 0x85 ), + BYTES_TO_T_UINT_8( 0x90, 0xE3, 0x70, 0x6B, 0x41, 0xD7, 0xED, 0x8F ), + BYTES_TO_T_UINT_8( 0x02, 0x44, 0x44, 0x80, 0xCE, 0x13, 0x37, 0x92 ), + BYTES_TO_T_UINT_8( 0x94, 0x73, 0x80, 0x79, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xB7, 0x4D, 0x70, 0x7D, 0x31, 0x0F, 0x1C, 0x58 ), + BYTES_TO_T_UINT_8( 0x6D, 0x35, 0x88, 0x47, 0xC4, 0x24, 0x78, 0x3F ), + BYTES_TO_T_UINT_8( 0xBA, 0xF0, 0xCD, 0x91, 0x81, 0xB3, 0xDE, 0xB6 ), + BYTES_TO_T_UINT_8( 0x04, 0xCE, 0xC6, 0xF7, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0xE9, 0x9C, 0x2D, 0xE8, 0xD2, 0x00, 0x8F, 0x10 ), + BYTES_TO_T_UINT_8( 0xD5, 0x5E, 0x7C, 0x0E, 0x0C, 0x6E, 0x58, 0x02 ), + BYTES_TO_T_UINT_8( 0xAE, 0x81, 0x21, 0xCE, 0x43, 0xF4, 0x24, 0x3D ), + BYTES_TO_T_UINT_8( 0x9E, 0xBC, 0xF0, 0xF4, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0xD6, 0x10, 0xC2, 0x74, 0x4A, 0x8F, 0x8A, 0xCF ), + BYTES_TO_T_UINT_8( 0x89, 0x67, 0xF4, 0x2B, 0x38, 0x2B, 0x35, 0x17 ), + BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0C, 0xA9, 0xFA, 0x77, 0x5C, 0xBD ), + BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x19, 0x2B, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0xE7, 0x3E, 0x96, 0x22, 0x53, 0xE1, 0xE9, 0xBE ), + BYTES_TO_T_UINT_8( 0xE0, 0x13, 0xBC, 0xA1, 0x16, 0xEC, 0x01, 0x1A ), + BYTES_TO_T_UINT_8( 0x9A, 0x00, 0xC9, 0x7A, 0xC3, 0x73, 0xA5, 0x45 ), + BYTES_TO_T_UINT_8( 0xE1, 0xF4, 0x5E, 0xC1, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0xA8, 0x95, 0xD6, 0xD9, 0x32, 0x30, 0x2B, 0xD0 ), + BYTES_TO_T_UINT_8( 0x77, 0x42, 0x09, 0x05, 0x61, 0x2A, 0x7E, 0x82 ), + BYTES_TO_T_UINT_8( 0x73, 0x84, 0xA2, 0x05, 0x88, 0x64, 0x65, 0xF9 ), + BYTES_TO_T_UINT_8( 0x03, 0x2D, 0x90, 0xB3, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0x0A, 0xE7, 0x2E, 0x85, 0x55, 0x80, 0x7C, 0x79 ), + BYTES_TO_T_UINT_8( 0x0F, 0xC1, 0xAC, 0x78, 0xB4, 0xAF, 0xFB, 0x6E ), + BYTES_TO_T_UINT_8( 0xD3, 0xC3, 0x28, 0x8E, 0x79, 0x18, 0x1F, 0x58 ), + BYTES_TO_T_UINT_8( 0x34, 0x46, 0xCF, 0x49, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x63, 0x5F, 0xA8, 0x6C, 0x46, 0x83, 0x43, 0xFA ), + BYTES_TO_T_UINT_8( 0xFA, 0xA9, 0x93, 0x11, 0xB6, 0x07, 0x57, 0x74 ), + BYTES_TO_T_UINT_8( 0x77, 0x2A, 0x9D, 0x03, 0x89, 0x7E, 0xD7, 0x3C ), + BYTES_TO_T_UINT_8( 0x7B, 0x8C, 0x62, 0xCF, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x44, 0x2C, 0x13, 0x59, 0xCC, 0xFA, 0x84, 0x9E ), + BYTES_TO_T_UINT_8( 0x51, 0xB9, 0x48, 0xBC, 0x57, 0xC7, 0xB3, 0x7C ), + BYTES_TO_T_UINT_8( 0xFC, 0x0A, 0x38, 0x24, 0x2E, 0x3A, 0x28, 0x25 ), + BYTES_TO_T_UINT_8( 0xBC, 0x0A, 0x43, 0xB8, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0x59, 0x25, 0xAB, 0xC1, 0xEE, 0x70, 0x3C, 0xE1 ), + BYTES_TO_T_UINT_8( 0xF3, 0xDB, 0x45, 0x1D, 0x4A, 0x80, 0x75, 0x35 ), + BYTES_TO_T_UINT_8( 0xE8, 0x1F, 0x4D, 0x2D, 0x9A, 0x05, 0xF4, 0xCB ), + BYTES_TO_T_UINT_8( 0x6B, 0x10, 0xF0, 0x5A, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x35, 0x95, 0xE1, 0xDC, 0x15, 0x86, 0xC3, 0x7B ), + BYTES_TO_T_UINT_8( 0xEC, 0xDC, 0x27, 0xD1, 0x56, 0xA1, 0x14, 0x0D ), + BYTES_TO_T_UINT_8( 0x59, 0x0B, 0xD6, 0x77, 0x4E, 0x44, 0xA2, 0xF8 ), + BYTES_TO_T_UINT_8( 0x94, 0x42, 0x71, 0x1F, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x30, 0x86, 0xB2, 0xB0, 0xC8, 0x2F, 0x7B, 0xFE ), + BYTES_TO_T_UINT_8( 0x96, 0xEF, 0xCB, 0xDB, 0xBC, 0x9E, 0x3B, 0xC5 ), + BYTES_TO_T_UINT_8( 0x1B, 0x03, 0x86, 0xDD, 0x5B, 0xF5, 0x8D, 0x46 ), + BYTES_TO_T_UINT_8( 0x58, 0x95, 0x79, 0xD6, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x84, 0x32, 0x14, 0xDA, 0x9B, 0x4F, 0x07, 0x39 ), + BYTES_TO_T_UINT_8( 0xB5, 0x3E, 0xFB, 0x06, 0xEE, 0xA7, 0x40, 0x40 ), + BYTES_TO_T_UINT_8( 0x76, 0x1F, 0xDF, 0x71, 0x61, 0xFD, 0x8B, 0xBE ), + BYTES_TO_T_UINT_8( 0x80, 0x8B, 0xAB, 0x8B, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0xC9, 0x34, 0xB3, 0xB4, 0xBC, 0x9F, 0xB0, 0x5E ), + BYTES_TO_T_UINT_8( 0xE6, 0x58, 0x48, 0xA8, 0x77, 0xBB, 0x13, 0x2F ), + BYTES_TO_T_UINT_8( 0x41, 0xC6, 0xF7, 0x34, 0xCC, 0x89, 0x21, 0x0A ), + BYTES_TO_T_UINT_8( 0xCA, 0x33, 0xDD, 0x1F, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0xCC, 0x81, 0xEF, 0xA4, 0xF2, 0x10, 0x0B, 0xCD ), + BYTES_TO_T_UINT_8( 0x83, 0xF7, 0x6E, 0x72, 0x4A, 0xDF, 0xDD, 0xE8 ), + BYTES_TO_T_UINT_8( 0x67, 0x23, 0x0A, 0x53, 0x03, 0x16, 0x62, 0xD2 ), + BYTES_TO_T_UINT_8( 0x0B, 0x76, 0xFD, 0x3C, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0xCB, 0x14, 0xA1, 0xFA, 0xA0, 0x18, 0xBE, 0x07 ), + BYTES_TO_T_UINT_8( 0x03, 0x2A, 0xE1, 0xD7, 0xB0, 0x6C, 0xA0, 0xDE ), + BYTES_TO_T_UINT_8( 0xD1, 0xC0, 0xB0, 0xC6, 0x63, 0x24, 0xCD, 0x4E ), + BYTES_TO_T_UINT_8( 0x33, 0x38, 0x2C, 0xB1, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0xEE, 0xCD, 0x7D, 0x20, 0x0C, 0xFE, 0xAC, 0xC3 ), + BYTES_TO_T_UINT_8( 0x09, 0x97, 0x9F, 0xA2, 0xB6, 0x45, 0xF7, 0x7B ), + BYTES_TO_T_UINT_8( 0xCA, 0x99, 0xF3, 0xD2, 0x20, 0x02, 0xEB, 0x04 ), + BYTES_TO_T_UINT_8( 0x43, 0x18, 0x5B, 0x7B, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0x2B, 0xDD, 0x77, 0x91, 0x60, 0xEA, 0xFD, 0xD3 ), + BYTES_TO_T_UINT_8( 0x7D, 0xD3, 0xB5, 0xD6, 0x90, 0x17, 0x0E, 0x1A ), + BYTES_TO_T_UINT_8( 0x00, 0xF4, 0x28, 0xC1, 0xF2, 0x53, 0xF6, 0x63 ), + BYTES_TO_T_UINT_8( 0x49, 0x58, 0xDC, 0x61, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xA8, 0x20, 0x01, 0xFB, 0xF1, 0xBD, 0x5F, 0x45 ), + BYTES_TO_T_UINT_8( 0xD0, 0x7F, 0x06, 0xDA, 0x11, 0xCB, 0xBA, 0xA6 ), + BYTES_TO_T_UINT_8( 0xA7, 0x41, 0x00, 0xA4, 0x1B, 0x30, 0x33, 0x79 ), + BYTES_TO_T_UINT_8( 0xF4, 0xFF, 0x27, 0xCA, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_ecp_point secp224r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp224r1_T_0_X, secp224r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_1_X, secp224r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_2_X, secp224r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_3_X, secp224r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_4_X, secp224r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_5_X, secp224r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_6_X, secp224r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_7_X, secp224r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_8_X, secp224r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_9_X, secp224r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_10_X, secp224r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_11_X, secp224r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_12_X, secp224r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_13_X, secp224r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_14_X, secp224r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_15_X, secp224r1_T_15_Y), +}; +#else +#define secp224r1_T NULL +#endif #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ /* @@ -187,6 +610,221 @@ static const mbedtls_mpi_uint secp256r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), }; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp256r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), + BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), + BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), + BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), +}; +static const mbedtls_mpi_uint secp256r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), + BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), + BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), + BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), +}; +static const mbedtls_mpi_uint secp256r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x70, 0xC8, 0xBA, 0x04, 0xB7, 0x4B, 0xD2, 0xF7 ), + BYTES_TO_T_UINT_8( 0xAB, 0xC6, 0x23, 0x3A, 0xA0, 0x09, 0x3A, 0x59 ), + BYTES_TO_T_UINT_8( 0x1D, 0x9D, 0x4C, 0xF9, 0x58, 0x23, 0xCC, 0xDF ), + BYTES_TO_T_UINT_8( 0x02, 0xED, 0x7B, 0x29, 0x87, 0x0F, 0xFA, 0x3C ), +}; +static const mbedtls_mpi_uint secp256r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x40, 0x69, 0xF2, 0x40, 0x0B, 0xA3, 0x98, 0xCE ), + BYTES_TO_T_UINT_8( 0xAF, 0xA8, 0x48, 0x02, 0x0D, 0x1C, 0x12, 0x62 ), + BYTES_TO_T_UINT_8( 0x9B, 0xAF, 0x09, 0x83, 0x80, 0xAA, 0x58, 0xA7 ), + BYTES_TO_T_UINT_8( 0xC6, 0x12, 0xBE, 0x70, 0x94, 0x76, 0xE3, 0xE4 ), +}; +static const mbedtls_mpi_uint secp256r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x7D, 0x7D, 0xEF, 0x86, 0xFF, 0xE3, 0x37, 0xDD ), + BYTES_TO_T_UINT_8( 0xDB, 0x86, 0x8B, 0x08, 0x27, 0x7C, 0xD7, 0xF6 ), + BYTES_TO_T_UINT_8( 0x91, 0x54, 0x4C, 0x25, 0x4F, 0x9A, 0xFE, 0x28 ), + BYTES_TO_T_UINT_8( 0x5E, 0xFD, 0xF0, 0x6D, 0x37, 0x03, 0x69, 0xD6 ), +}; +static const mbedtls_mpi_uint secp256r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x96, 0xD5, 0xDA, 0xAD, 0x92, 0x49, 0xF0, 0x9F ), + BYTES_TO_T_UINT_8( 0xF9, 0x73, 0x43, 0x9E, 0xAF, 0xA7, 0xD1, 0xF3 ), + BYTES_TO_T_UINT_8( 0x67, 0x41, 0x07, 0xDF, 0x78, 0x95, 0x3E, 0xA1 ), + BYTES_TO_T_UINT_8( 0x22, 0x3D, 0xD1, 0xE6, 0x3C, 0xA5, 0xE2, 0x20 ), +}; +static const mbedtls_mpi_uint secp256r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0xBF, 0x6A, 0x5D, 0x52, 0x35, 0xD7, 0xBF, 0xAE ), + BYTES_TO_T_UINT_8( 0x5A, 0xA2, 0xBE, 0x96, 0xF4, 0xF8, 0x02, 0xC3 ), + BYTES_TO_T_UINT_8( 0xA4, 0x20, 0x49, 0x54, 0xEA, 0xB3, 0x82, 0xDB ), + BYTES_TO_T_UINT_8( 0x2E, 0xDB, 0xEA, 0x02, 0xD1, 0x75, 0x1C, 0x62 ), +}; +static const mbedtls_mpi_uint secp256r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xF0, 0x85, 0xF4, 0x9E, 0x4C, 0xDC, 0x39, 0x89 ), + BYTES_TO_T_UINT_8( 0x63, 0x6D, 0xC4, 0x57, 0xD8, 0x03, 0x5D, 0x22 ), + BYTES_TO_T_UINT_8( 0x70, 0x7F, 0x2D, 0x52, 0x6F, 0xC9, 0xDA, 0x4F ), + BYTES_TO_T_UINT_8( 0x9D, 0x64, 0xFA, 0xB4, 0xFE, 0xA4, 0xC4, 0xD7 ), +}; +static const mbedtls_mpi_uint secp256r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x2A, 0x37, 0xB9, 0xC0, 0xAA, 0x59, 0xC6, 0x8B ), + BYTES_TO_T_UINT_8( 0x3F, 0x58, 0xD9, 0xED, 0x58, 0x99, 0x65, 0xF7 ), + BYTES_TO_T_UINT_8( 0x88, 0x7D, 0x26, 0x8C, 0x4A, 0xF9, 0x05, 0x9F ), + BYTES_TO_T_UINT_8( 0x9D, 0x73, 0x9A, 0xC9, 0xE7, 0x46, 0xDC, 0x00 ), +}; +static const mbedtls_mpi_uint secp256r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0xF2, 0xD0, 0x55, 0xDF, 0x00, 0x0A, 0xF5, 0x4A ), + BYTES_TO_T_UINT_8( 0x6A, 0xBF, 0x56, 0x81, 0x2D, 0x20, 0xEB, 0xB5 ), + BYTES_TO_T_UINT_8( 0x11, 0xC1, 0x28, 0x52, 0xAB, 0xE3, 0xD1, 0x40 ), + BYTES_TO_T_UINT_8( 0x24, 0x34, 0x79, 0x45, 0x57, 0xA5, 0x12, 0x03 ), +}; +static const mbedtls_mpi_uint secp256r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0xEE, 0xCF, 0xB8, 0x7E, 0xF7, 0x92, 0x96, 0x8D ), + BYTES_TO_T_UINT_8( 0x3D, 0x01, 0x8C, 0x0D, 0x23, 0xF2, 0xE3, 0x05 ), + BYTES_TO_T_UINT_8( 0x59, 0x2E, 0xE3, 0x84, 0x52, 0x7A, 0x34, 0x76 ), + BYTES_TO_T_UINT_8( 0xE5, 0xA1, 0xB0, 0x15, 0x90, 0xE2, 0x53, 0x3C ), +}; +static const mbedtls_mpi_uint secp256r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xD4, 0x98, 0xE7, 0xFA, 0xA5, 0x7D, 0x8B, 0x53 ), + BYTES_TO_T_UINT_8( 0x91, 0x35, 0xD2, 0x00, 0xD1, 0x1B, 0x9F, 0x1B ), + BYTES_TO_T_UINT_8( 0x3F, 0x69, 0x08, 0x9A, 0x72, 0xF0, 0xA9, 0x11 ), + BYTES_TO_T_UINT_8( 0xB3, 0xFE, 0x0E, 0x14, 0xDA, 0x7C, 0x0E, 0xD3 ), +}; +static const mbedtls_mpi_uint secp256r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x83, 0xF6, 0xE8, 0xF8, 0x87, 0xF7, 0xFC, 0x6D ), + BYTES_TO_T_UINT_8( 0x90, 0xBE, 0x7F, 0x3F, 0x7A, 0x2B, 0xD7, 0x13 ), + BYTES_TO_T_UINT_8( 0xCF, 0x32, 0xF2, 0x2D, 0x94, 0x6D, 0x42, 0xFD ), + BYTES_TO_T_UINT_8( 0xAD, 0x9A, 0xE3, 0x5F, 0x42, 0xBB, 0x84, 0xED ), +}; +static const mbedtls_mpi_uint secp256r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xFC, 0x95, 0x29, 0x73, 0xA1, 0x67, 0x3E, 0x02 ), + BYTES_TO_T_UINT_8( 0xE3, 0x30, 0x54, 0x35, 0x8E, 0x0A, 0xDD, 0x67 ), + BYTES_TO_T_UINT_8( 0x03, 0xD7, 0xA1, 0x97, 0x61, 0x3B, 0xF8, 0x0C ), + BYTES_TO_T_UINT_8( 0xF2, 0x33, 0x3C, 0x58, 0x55, 0x34, 0x23, 0xA3 ), +}; +static const mbedtls_mpi_uint secp256r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0x99, 0x5D, 0x16, 0x5F, 0x7B, 0xBC, 0xBB, 0xCE ), + BYTES_TO_T_UINT_8( 0x61, 0xEE, 0x4E, 0x8A, 0xC1, 0x51, 0xCC, 0x50 ), + BYTES_TO_T_UINT_8( 0x1F, 0x0D, 0x4D, 0x1B, 0x53, 0x23, 0x1D, 0xB3 ), + BYTES_TO_T_UINT_8( 0xDA, 0x2A, 0x38, 0x66, 0x52, 0x84, 0xE1, 0x95 ), +}; +static const mbedtls_mpi_uint secp256r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x5B, 0x9B, 0x83, 0x0A, 0x81, 0x4F, 0xAD, 0xAC ), + BYTES_TO_T_UINT_8( 0x0F, 0xFF, 0x42, 0x41, 0x6E, 0xA9, 0xA2, 0xA0 ), + BYTES_TO_T_UINT_8( 0x2F, 0xA1, 0x4F, 0x1F, 0x89, 0x82, 0xAA, 0x3E ), + BYTES_TO_T_UINT_8( 0xF3, 0xB8, 0x0F, 0x6B, 0x8F, 0x8C, 0xD6, 0x68 ), +}; +static const mbedtls_mpi_uint secp256r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0xF1, 0xB3, 0xBB, 0x51, 0x69, 0xA2, 0x11, 0x93 ), + BYTES_TO_T_UINT_8( 0x65, 0x4F, 0x0F, 0x8D, 0xBD, 0x26, 0x0F, 0xE8 ), + BYTES_TO_T_UINT_8( 0xB9, 0xCB, 0xEC, 0x6B, 0x34, 0xC3, 0x3D, 0x9D ), + BYTES_TO_T_UINT_8( 0xE4, 0x5D, 0x1E, 0x10, 0xD5, 0x44, 0xE2, 0x54 ), +}; +static const mbedtls_mpi_uint secp256r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x28, 0x9E, 0xB1, 0xF1, 0x6E, 0x4C, 0xAD, 0xB3 ), + BYTES_TO_T_UINT_8( 0xB7, 0xE3, 0xC2, 0x58, 0xC0, 0xFB, 0x34, 0x43 ), + BYTES_TO_T_UINT_8( 0x25, 0x9C, 0xDF, 0x35, 0x07, 0x41, 0xBD, 0x19 ), + BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x10, 0xEC, 0x0E, 0xEC, 0xBB, 0xD6 ), +}; +static const mbedtls_mpi_uint secp256r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0xC8, 0xCF, 0xEF, 0x3F, 0x83, 0x1A, 0x88, 0xE8 ), + BYTES_TO_T_UINT_8( 0x0B, 0x29, 0xB5, 0xB9, 0xE0, 0xC9, 0xA3, 0xAE ), + BYTES_TO_T_UINT_8( 0x88, 0x46, 0x1E, 0x77, 0xCD, 0x7E, 0xB3, 0x10 ), + BYTES_TO_T_UINT_8( 0xB6, 0x21, 0xD0, 0xD4, 0xA3, 0x16, 0x08, 0xEE ), +}; +static const mbedtls_mpi_uint secp256r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xA1, 0xCA, 0xA8, 0xB3, 0xBF, 0x29, 0x99, 0x8E ), + BYTES_TO_T_UINT_8( 0xD1, 0xF2, 0x05, 0xC1, 0xCF, 0x5D, 0x91, 0x48 ), + BYTES_TO_T_UINT_8( 0x9F, 0x01, 0x49, 0xDB, 0x82, 0xDF, 0x5F, 0x3A ), + BYTES_TO_T_UINT_8( 0xE1, 0x06, 0x90, 0xAD, 0xE3, 0x38, 0xA4, 0xC4 ), +}; +static const mbedtls_mpi_uint secp256r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0xC9, 0xD2, 0x3A, 0xE8, 0x03, 0xC5, 0x6D, 0x5D ), + BYTES_TO_T_UINT_8( 0xBE, 0x35, 0xD0, 0xAE, 0x1D, 0x7A, 0x9F, 0xCA ), + BYTES_TO_T_UINT_8( 0x33, 0x1E, 0xD2, 0xCB, 0xAC, 0x88, 0x27, 0x55 ), + BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x9C, 0xE0, 0x31, 0xDD, 0x99, 0x86 ), +}; +static const mbedtls_mpi_uint secp256r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x61, 0xF9, 0x9B, 0x32, 0x96, 0x41, 0x58, 0x38 ), + BYTES_TO_T_UINT_8( 0xF9, 0x5A, 0x2A, 0xB8, 0x96, 0x0E, 0xB2, 0x4C ), + BYTES_TO_T_UINT_8( 0xC1, 0x78, 0x2C, 0xC7, 0x08, 0x99, 0x19, 0x24 ), + BYTES_TO_T_UINT_8( 0xB7, 0x59, 0x28, 0xE9, 0x84, 0x54, 0xE6, 0x16 ), +}; +static const mbedtls_mpi_uint secp256r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xDD, 0x38, 0x30, 0xDB, 0x70, 0x2C, 0x0A, 0xA2 ), + BYTES_TO_T_UINT_8( 0x7C, 0x5C, 0x9D, 0xE9, 0xD5, 0x46, 0x0B, 0x5F ), + BYTES_TO_T_UINT_8( 0x83, 0x0B, 0x60, 0x4B, 0x37, 0x7D, 0xB9, 0xC9 ), + BYTES_TO_T_UINT_8( 0x5E, 0x24, 0xF3, 0x3D, 0x79, 0x7F, 0x6C, 0x18 ), +}; +static const mbedtls_mpi_uint secp256r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x7F, 0xE5, 0x1C, 0x4F, 0x60, 0x24, 0xF7, 0x2A ), + BYTES_TO_T_UINT_8( 0xED, 0xD8, 0xE2, 0x91, 0x7F, 0x89, 0x49, 0x92 ), + BYTES_TO_T_UINT_8( 0x97, 0xA7, 0x2E, 0x8D, 0x6A, 0xB3, 0x39, 0x81 ), + BYTES_TO_T_UINT_8( 0x13, 0x89, 0xB5, 0x9A, 0xB8, 0x8D, 0x42, 0x9C ), +}; +static const mbedtls_mpi_uint secp256r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x8D, 0x45, 0xE6, 0x4B, 0x3F, 0x4F, 0x1E, 0x1F ), + BYTES_TO_T_UINT_8( 0x47, 0x65, 0x5E, 0x59, 0x22, 0xCC, 0x72, 0x5F ), + BYTES_TO_T_UINT_8( 0xF1, 0x93, 0x1A, 0x27, 0x1E, 0x34, 0xC5, 0x5B ), + BYTES_TO_T_UINT_8( 0x63, 0xF2, 0xA5, 0x58, 0x5C, 0x15, 0x2E, 0xC6 ), +}; +static const mbedtls_mpi_uint secp256r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0xF4, 0x7F, 0xBA, 0x58, 0x5A, 0x84, 0x6F, 0x5F ), + BYTES_TO_T_UINT_8( 0xAD, 0xA6, 0x36, 0x7E, 0xDC, 0xF7, 0xE1, 0x67 ), + BYTES_TO_T_UINT_8( 0x04, 0x4D, 0xAA, 0xEE, 0x57, 0x76, 0x3A, 0xD3 ), + BYTES_TO_T_UINT_8( 0x4E, 0x7E, 0x26, 0x18, 0x22, 0x23, 0x9F, 0xFF ), +}; +static const mbedtls_mpi_uint secp256r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x1D, 0x4C, 0x64, 0xC7, 0x55, 0x02, 0x3F, 0xE3 ), + BYTES_TO_T_UINT_8( 0xD8, 0x02, 0x90, 0xBB, 0xC3, 0xEC, 0x30, 0x40 ), + BYTES_TO_T_UINT_8( 0x9F, 0x6F, 0x64, 0xF4, 0x16, 0x69, 0x48, 0xA4 ), + BYTES_TO_T_UINT_8( 0xFA, 0x44, 0x9C, 0x95, 0x0C, 0x7D, 0x67, 0x5E ), +}; +static const mbedtls_mpi_uint secp256r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x44, 0x91, 0x8B, 0xD8, 0xD0, 0xD7, 0xE7, 0xE2 ), + BYTES_TO_T_UINT_8( 0x1F, 0xF9, 0x48, 0x62, 0x6F, 0xA8, 0x93, 0x5D ), + BYTES_TO_T_UINT_8( 0xEA, 0x3A, 0x99, 0x02, 0xD5, 0x0B, 0x3D, 0xE3 ), + BYTES_TO_T_UINT_8( 0x1E, 0xD3, 0x00, 0x31, 0xE6, 0x0C, 0x9F, 0x44 ), +}; +static const mbedtls_mpi_uint secp256r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x56, 0xB2, 0xAA, 0xFD, 0x88, 0x15, 0xDF, 0x52 ), + BYTES_TO_T_UINT_8( 0x4C, 0x35, 0x27, 0x31, 0x44, 0xCD, 0xC0, 0x68 ), + BYTES_TO_T_UINT_8( 0x53, 0xF8, 0x91, 0xA5, 0x71, 0x94, 0x84, 0x2A ), + BYTES_TO_T_UINT_8( 0x92, 0xCB, 0xD0, 0x93, 0xE9, 0x88, 0xDA, 0xE4 ), +}; +static const mbedtls_mpi_uint secp256r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x24, 0xC6, 0x39, 0x16, 0x5D, 0xA3, 0x1E, 0x6D ), + BYTES_TO_T_UINT_8( 0xBA, 0x07, 0x37, 0x26, 0x36, 0x2A, 0xFE, 0x60 ), + BYTES_TO_T_UINT_8( 0x51, 0xBC, 0xF3, 0xD0, 0xDE, 0x50, 0xFC, 0x97 ), + BYTES_TO_T_UINT_8( 0x80, 0x2E, 0x06, 0x10, 0x15, 0x4D, 0xFA, 0xF7 ), +}; +static const mbedtls_mpi_uint secp256r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0x27, 0x65, 0x69, 0x5B, 0x66, 0xA2, 0x75, 0x2E ), + BYTES_TO_T_UINT_8( 0x9C, 0x16, 0x00, 0x5A, 0xB0, 0x30, 0x25, 0x1A ), + BYTES_TO_T_UINT_8( 0x42, 0xFB, 0x86, 0x42, 0x80, 0xC1, 0xC4, 0x76 ), + BYTES_TO_T_UINT_8( 0x5B, 0x1D, 0x83, 0x8E, 0x94, 0x01, 0x5F, 0x82 ), +}; +static const mbedtls_mpi_uint secp256r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0x39, 0x37, 0x70, 0xEF, 0x1F, 0xA1, 0xF0, 0xDB ), + BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x5B, 0xCE, 0xC4, 0x9B, 0x6F, 0x10 ), + BYTES_TO_T_UINT_8( 0x50, 0x11, 0x11, 0x24, 0x4F, 0x4C, 0x79, 0x61 ), + BYTES_TO_T_UINT_8( 0x17, 0x3A, 0x72, 0xBC, 0xFE, 0x72, 0x58, 0x43 ), +}; +static const mbedtls_ecp_point secp256r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp256r1_T_0_X, secp256r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_1_X, secp256r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_2_X, secp256r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_3_X, secp256r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_4_X, secp256r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_5_X, secp256r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_6_X, secp256r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_7_X, secp256r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_8_X, secp256r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_9_X, secp256r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_10_X, secp256r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_11_X, secp256r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_12_X, secp256r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_13_X, secp256r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_14_X, secp256r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_15_X, secp256r1_T_15_Y), +}; +#else +#define secp256r1_T NULL +#endif + #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ /* @@ -233,6 +871,557 @@ static const mbedtls_mpi_uint secp384r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp384r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), + BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), + BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), + BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), + BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), + BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), +}; +static const mbedtls_mpi_uint secp384r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), + BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), + BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), + BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), + BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), + BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), +}; +static const mbedtls_mpi_uint secp384r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x46, 0x92, 0x00, 0x2C, 0x78, 0xDB, 0x1F, 0x37 ), + BYTES_TO_T_UINT_8( 0x17, 0xF3, 0xEB, 0xB7, 0x06, 0xF7, 0xB6, 0xBC ), + BYTES_TO_T_UINT_8( 0x3D, 0xBC, 0x2C, 0xCF, 0xD8, 0xED, 0x53, 0xE7 ), + BYTES_TO_T_UINT_8( 0x52, 0x75, 0x7B, 0xA3, 0xAB, 0xC3, 0x2C, 0x85 ), + BYTES_TO_T_UINT_8( 0xE5, 0x9D, 0x78, 0x41, 0xF6, 0x76, 0x84, 0xAC ), + BYTES_TO_T_UINT_8( 0x54, 0x56, 0xE8, 0x52, 0xB3, 0xCB, 0xA8, 0xBD ), +}; +static const mbedtls_mpi_uint secp384r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x6D, 0xF2, 0xAE, 0xA4, 0xB6, 0x89, 0x1B, 0xDA ), + BYTES_TO_T_UINT_8( 0x01, 0x0F, 0xCE, 0x1C, 0x7C, 0xF6, 0x50, 0x4C ), + BYTES_TO_T_UINT_8( 0x4C, 0xEB, 0x90, 0xE6, 0x4D, 0xC7, 0xD4, 0x7A ), + BYTES_TO_T_UINT_8( 0xD1, 0x49, 0x2D, 0x8A, 0x01, 0x99, 0x60, 0x94 ), + BYTES_TO_T_UINT_8( 0x5F, 0x80, 0x9B, 0x9B, 0x6A, 0xB0, 0x07, 0xD9 ), + BYTES_TO_T_UINT_8( 0xC2, 0xA2, 0xEE, 0x59, 0xBE, 0x95, 0xBC, 0x23 ), +}; +static const mbedtls_mpi_uint secp384r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0xE6, 0x9D, 0x56, 0xAE, 0x59, 0xFB, 0x1F, 0x98 ), + BYTES_TO_T_UINT_8( 0xCF, 0xAC, 0x91, 0x80, 0x87, 0xA8, 0x6E, 0x58 ), + BYTES_TO_T_UINT_8( 0x30, 0x08, 0xA7, 0x08, 0x94, 0x32, 0xFC, 0x67 ), + BYTES_TO_T_UINT_8( 0x9F, 0x29, 0x9E, 0x84, 0xF4, 0xE5, 0x6E, 0x7E ), + BYTES_TO_T_UINT_8( 0x55, 0x21, 0xB9, 0x50, 0x24, 0xF8, 0x9C, 0xC7 ), + BYTES_TO_T_UINT_8( 0x34, 0x04, 0x01, 0xC2, 0xFB, 0x77, 0x3E, 0xDE ), +}; +static const mbedtls_mpi_uint secp384r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x00, 0x38, 0xEE, 0xE3, 0xC7, 0x9D, 0xEC, 0xA6 ), + BYTES_TO_T_UINT_8( 0xB6, 0x88, 0xCF, 0x43, 0xFA, 0x92, 0x5E, 0x8E ), + BYTES_TO_T_UINT_8( 0xE9, 0xCA, 0x43, 0xF8, 0x3B, 0x49, 0x7E, 0x75 ), + BYTES_TO_T_UINT_8( 0x1C, 0xE7, 0xEB, 0x17, 0x45, 0x86, 0xC2, 0xE1 ), + BYTES_TO_T_UINT_8( 0x92, 0x69, 0x57, 0x32, 0xE0, 0x9C, 0xD1, 0x00 ), + BYTES_TO_T_UINT_8( 0xD9, 0x10, 0xB8, 0x4D, 0xB8, 0xF4, 0x0D, 0xE3 ), +}; +static const mbedtls_mpi_uint secp384r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x60, 0xDC, 0x9A, 0xB2, 0x79, 0x39, 0x27, 0x16 ), + BYTES_TO_T_UINT_8( 0x4F, 0x71, 0xE4, 0x3B, 0x4D, 0x60, 0x0C, 0xA3 ), + BYTES_TO_T_UINT_8( 0x55, 0xBD, 0x19, 0x40, 0xFA, 0x19, 0x2A, 0x5A ), + BYTES_TO_T_UINT_8( 0x4D, 0xF8, 0x1E, 0x43, 0xA1, 0x50, 0x8D, 0xEF ), + BYTES_TO_T_UINT_8( 0xA3, 0x18, 0x7C, 0x41, 0xFA, 0x7C, 0x1B, 0x58 ), + BYTES_TO_T_UINT_8( 0x00, 0x59, 0x24, 0xC4, 0xE9, 0xB7, 0xD3, 0xAD ), +}; +static const mbedtls_mpi_uint secp384r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xBB, 0x01, 0x3D, 0x63, 0x54, 0x45, 0x6F, 0xB7 ), + BYTES_TO_T_UINT_8( 0x7B, 0xB2, 0x19, 0xA3, 0x86, 0x1D, 0x42, 0x34 ), + BYTES_TO_T_UINT_8( 0x84, 0x02, 0x87, 0x18, 0x92, 0x52, 0x1A, 0x71 ), + BYTES_TO_T_UINT_8( 0x6C, 0x18, 0xB1, 0x5D, 0x18, 0x1B, 0x37, 0xFE ), + BYTES_TO_T_UINT_8( 0xF4, 0x74, 0x61, 0xBA, 0x18, 0xAF, 0x40, 0x30 ), + BYTES_TO_T_UINT_8( 0xDA, 0x7D, 0x3C, 0x52, 0x0F, 0x07, 0xB0, 0x6F ), +}; +static const mbedtls_mpi_uint secp384r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x09, 0x39, 0x13, 0xAA, 0x60, 0x15, 0x99, 0x30 ), + BYTES_TO_T_UINT_8( 0x17, 0x00, 0xCB, 0xC6, 0xB1, 0xDB, 0x97, 0x90 ), + BYTES_TO_T_UINT_8( 0xE6, 0xFA, 0x60, 0xB8, 0x24, 0xE4, 0x7D, 0xD3 ), + BYTES_TO_T_UINT_8( 0xDD, 0x75, 0xB3, 0x70, 0xB2, 0x83, 0xB1, 0x9B ), + BYTES_TO_T_UINT_8( 0xA3, 0xE3, 0x6C, 0xCD, 0x33, 0x62, 0x7A, 0x56 ), + BYTES_TO_T_UINT_8( 0x88, 0x30, 0xDC, 0x0F, 0x9F, 0xBB, 0xB8, 0xAA ), +}; +static const mbedtls_mpi_uint secp384r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0xA6, 0xD5, 0x0A, 0x60, 0x81, 0xB9, 0xC5, 0x16 ), + BYTES_TO_T_UINT_8( 0x44, 0xAA, 0x2F, 0xD6, 0xF2, 0x73, 0xDF, 0xEB ), + BYTES_TO_T_UINT_8( 0xF3, 0x7B, 0x74, 0xC9, 0xB3, 0x5B, 0x95, 0x6D ), + BYTES_TO_T_UINT_8( 0xAC, 0x04, 0xEB, 0x15, 0xC8, 0x5F, 0x00, 0xF6 ), + BYTES_TO_T_UINT_8( 0xB5, 0x50, 0x20, 0x28, 0xD1, 0x01, 0xAF, 0xF0 ), + BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x4F, 0x31, 0x81, 0x2F, 0x94, 0x48 ), +}; +static const mbedtls_mpi_uint secp384r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x46, 0x2F, 0xD8, 0xB6, 0x63, 0x7C, 0xE9, 0x50 ), + BYTES_TO_T_UINT_8( 0xD9, 0x8C, 0xB9, 0x14, 0xD9, 0x37, 0x63, 0xDE ), + BYTES_TO_T_UINT_8( 0x10, 0x02, 0xB8, 0x46, 0xAD, 0xCE, 0x7B, 0x38 ), + BYTES_TO_T_UINT_8( 0x82, 0x47, 0x2D, 0x66, 0xA7, 0xE9, 0x33, 0x23 ), + BYTES_TO_T_UINT_8( 0x92, 0xF9, 0x93, 0x94, 0xA8, 0x48, 0xB3, 0x4F ), + BYTES_TO_T_UINT_8( 0xE9, 0x4A, 0xAC, 0x51, 0x08, 0x72, 0x2F, 0x1A ), +}; +static const mbedtls_mpi_uint secp384r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xDA, 0xAD, 0xA0, 0xF9, 0x81, 0xE1, 0x78, 0x97 ), + BYTES_TO_T_UINT_8( 0x3A, 0x9A, 0x63, 0xD8, 0xBA, 0x79, 0x1A, 0x17 ), + BYTES_TO_T_UINT_8( 0x34, 0x31, 0x7B, 0x7A, 0x5A, 0x5D, 0x7D, 0x2D ), + BYTES_TO_T_UINT_8( 0x83, 0x96, 0x12, 0x4B, 0x19, 0x09, 0xE0, 0xB7 ), + BYTES_TO_T_UINT_8( 0x55, 0x8A, 0x57, 0xEE, 0x4E, 0x6E, 0x7E, 0xEC ), + BYTES_TO_T_UINT_8( 0x11, 0x9D, 0x69, 0xDC, 0xB3, 0xDA, 0xD8, 0x08 ), +}; +static const mbedtls_mpi_uint secp384r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x68, 0x49, 0x03, 0x03, 0x33, 0x6F, 0x28, 0x4A ), + BYTES_TO_T_UINT_8( 0x5D, 0xDB, 0xA7, 0x05, 0x8C, 0xF3, 0x4D, 0xFB ), + BYTES_TO_T_UINT_8( 0x8E, 0x92, 0xB1, 0xA8, 0xEC, 0x0D, 0x64, 0x3B ), + BYTES_TO_T_UINT_8( 0x4E, 0xFC, 0xFD, 0xD0, 0x4B, 0x88, 0x1B, 0x5D ), + BYTES_TO_T_UINT_8( 0x83, 0x9C, 0x51, 0x69, 0xCE, 0x71, 0x73, 0xF5 ), + BYTES_TO_T_UINT_8( 0xB8, 0x5A, 0x14, 0x23, 0x1A, 0x46, 0x63, 0x5F ), +}; +static const mbedtls_mpi_uint secp384r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xBC, 0x4C, 0x70, 0x44, 0x18, 0xCD, 0xEF, 0xED ), + BYTES_TO_T_UINT_8( 0xC2, 0x49, 0xDD, 0x64, 0x7E, 0x7E, 0x4D, 0x92 ), + BYTES_TO_T_UINT_8( 0xA2, 0x32, 0x7C, 0x09, 0xD0, 0x3F, 0xD6, 0x2C ), + BYTES_TO_T_UINT_8( 0x6D, 0xE0, 0x4F, 0x65, 0x0C, 0x7A, 0x54, 0x3E ), + BYTES_TO_T_UINT_8( 0x16, 0xFA, 0xFB, 0x4A, 0xB4, 0x79, 0x5A, 0x8C ), + BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x1B, 0x2B, 0xDA, 0xBC, 0x9A, 0x74 ), +}; +static const mbedtls_mpi_uint secp384r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0x51, 0xAC, 0x56, 0xF7, 0x5F, 0x51, 0x68, 0x0B ), + BYTES_TO_T_UINT_8( 0xC6, 0xE0, 0x1D, 0xBC, 0x13, 0x4E, 0xAC, 0x03 ), + BYTES_TO_T_UINT_8( 0xB7, 0xF5, 0xC5, 0xE6, 0xD2, 0x88, 0xBA, 0xCB ), + BYTES_TO_T_UINT_8( 0xFA, 0x0E, 0x28, 0x23, 0x58, 0x67, 0xFA, 0xEE ), + BYTES_TO_T_UINT_8( 0x9E, 0x80, 0x4B, 0xD8, 0xC4, 0xDF, 0x15, 0xE4 ), + BYTES_TO_T_UINT_8( 0xF1, 0x0E, 0x58, 0xE6, 0x2C, 0x59, 0xC2, 0x03 ), +}; +static const mbedtls_mpi_uint secp384r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x9B, 0x26, 0x27, 0x99, 0x16, 0x2B, 0x22, 0x0B ), + BYTES_TO_T_UINT_8( 0xBA, 0xF3, 0x8F, 0xC3, 0x2A, 0x9B, 0xFC, 0x38 ), + BYTES_TO_T_UINT_8( 0xFC, 0x2E, 0x83, 0x3D, 0xFE, 0x9E, 0x3C, 0x1B ), + BYTES_TO_T_UINT_8( 0x08, 0x57, 0xCD, 0x2D, 0xC1, 0x49, 0x38, 0xB5 ), + BYTES_TO_T_UINT_8( 0x95, 0x42, 0x8B, 0x33, 0x89, 0x1F, 0xEA, 0x01 ), + BYTES_TO_T_UINT_8( 0xAA, 0x1D, 0x13, 0xD7, 0x50, 0xBB, 0x3E, 0xEB ), +}; +static const mbedtls_mpi_uint secp384r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0xD2, 0x9A, 0x52, 0xD2, 0x54, 0x7C, 0x97, 0xF2 ), + BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x6E, 0xED, 0xD9, 0x87, 0x50, 0xC5 ), + BYTES_TO_T_UINT_8( 0x5A, 0x35, 0x7E, 0x16, 0x40, 0x15, 0x83, 0xB8 ), + BYTES_TO_T_UINT_8( 0x33, 0x2B, 0xA4, 0xAB, 0x03, 0x91, 0xEA, 0xFE ), + BYTES_TO_T_UINT_8( 0xC1, 0x47, 0x39, 0xEF, 0x05, 0x59, 0xD0, 0x90 ), + BYTES_TO_T_UINT_8( 0xBF, 0x24, 0x0D, 0x76, 0x11, 0x53, 0x08, 0xAF ), +}; +static const mbedtls_mpi_uint secp384r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x1F, 0x2F, 0xDD, 0xBD, 0x50, 0x48, 0xB1, 0xE5 ), + BYTES_TO_T_UINT_8( 0x80, 0x1C, 0x84, 0x55, 0x78, 0x14, 0xEB, 0xF6 ), + BYTES_TO_T_UINT_8( 0xD9, 0x5E, 0x3E, 0xA6, 0xAF, 0xF6, 0xC7, 0x04 ), + BYTES_TO_T_UINT_8( 0xE7, 0x11, 0xE2, 0x65, 0xCA, 0x41, 0x95, 0x3B ), + BYTES_TO_T_UINT_8( 0xAE, 0x83, 0xD8, 0xE6, 0x4D, 0x22, 0x06, 0x2D ), + BYTES_TO_T_UINT_8( 0xFA, 0x7F, 0x25, 0x2A, 0xAA, 0x28, 0x46, 0x97 ), +}; +static const mbedtls_mpi_uint secp384r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x79, 0xDB, 0x15, 0x56, 0x84, 0xCB, 0xC0, 0x56 ), + BYTES_TO_T_UINT_8( 0x56, 0xDB, 0x0E, 0x08, 0xC9, 0xF5, 0xD4, 0x9E ), + BYTES_TO_T_UINT_8( 0xE6, 0x62, 0xD0, 0x1A, 0x7C, 0x13, 0xD5, 0x07 ), + BYTES_TO_T_UINT_8( 0x7D, 0xAD, 0x53, 0xE0, 0x32, 0x21, 0xA0, 0xC0 ), + BYTES_TO_T_UINT_8( 0xC5, 0x38, 0x81, 0x21, 0x23, 0x0E, 0xD2, 0xBB ), + BYTES_TO_T_UINT_8( 0x1C, 0x51, 0x05, 0xD0, 0x1E, 0x82, 0xA9, 0x71 ), +}; +static const mbedtls_mpi_uint secp384r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xA7, 0xC3, 0x27, 0xBF, 0xC6, 0xAA, 0xB7, 0xB9 ), + BYTES_TO_T_UINT_8( 0xCB, 0x65, 0x45, 0xDF, 0xB9, 0x46, 0x17, 0x46 ), + BYTES_TO_T_UINT_8( 0xF5, 0x38, 0x3F, 0xB2, 0xB1, 0x5D, 0xCA, 0x1C ), + BYTES_TO_T_UINT_8( 0x88, 0x29, 0x6C, 0x63, 0xE9, 0xD7, 0x48, 0xB8 ), + BYTES_TO_T_UINT_8( 0xBC, 0xF1, 0xD7, 0x99, 0x8C, 0xC2, 0x05, 0x99 ), + BYTES_TO_T_UINT_8( 0x6D, 0xE6, 0x5E, 0x82, 0x6D, 0xE5, 0x7E, 0xD5 ), +}; +static const mbedtls_mpi_uint secp384r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x7B, 0x61, 0xFA, 0x7D, 0x01, 0xDB, 0xB6, 0x63 ), + BYTES_TO_T_UINT_8( 0x11, 0xC6, 0x58, 0x39, 0xF4, 0xC6, 0x82, 0x23 ), + BYTES_TO_T_UINT_8( 0x47, 0x5A, 0x7A, 0x80, 0x08, 0xCD, 0xAA, 0xD8 ), + BYTES_TO_T_UINT_8( 0xDA, 0x8C, 0xC6, 0x3F, 0x3C, 0xA5, 0x68, 0xF4 ), + BYTES_TO_T_UINT_8( 0xBB, 0xF5, 0xD5, 0x17, 0xAE, 0x36, 0xD8, 0x8A ), + BYTES_TO_T_UINT_8( 0xC7, 0xAD, 0x92, 0xC5, 0x57, 0x6C, 0xDA, 0x91 ), +}; +static const mbedtls_mpi_uint secp384r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0xE8, 0x67, 0x17, 0xC0, 0x40, 0x78, 0x8C, 0x84 ), + BYTES_TO_T_UINT_8( 0x7E, 0x9F, 0xF4, 0xAA, 0xDA, 0x5C, 0x7E, 0xB2 ), + BYTES_TO_T_UINT_8( 0x96, 0xDB, 0x42, 0x3E, 0x72, 0x64, 0xA0, 0x67 ), + BYTES_TO_T_UINT_8( 0x27, 0xF9, 0x41, 0x17, 0x43, 0xE3, 0xE8, 0xA8 ), + BYTES_TO_T_UINT_8( 0x66, 0xDD, 0xCC, 0x43, 0x7E, 0x16, 0x05, 0x03 ), + BYTES_TO_T_UINT_8( 0x36, 0x4B, 0xCF, 0x48, 0x8F, 0x41, 0x90, 0xE5 ), +}; +static const mbedtls_mpi_uint secp384r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0x98, 0x0C, 0x6B, 0x9D, 0x22, 0x04, 0xBC, 0x5C ), + BYTES_TO_T_UINT_8( 0x86, 0x63, 0x79, 0x2F, 0x6A, 0x0E, 0x8A, 0xDE ), + BYTES_TO_T_UINT_8( 0x29, 0x67, 0x3F, 0x02, 0xB8, 0x91, 0x7F, 0x74 ), + BYTES_TO_T_UINT_8( 0xFC, 0x14, 0x64, 0xA0, 0x33, 0xF4, 0x6B, 0x50 ), + BYTES_TO_T_UINT_8( 0x1C, 0x44, 0x71, 0x87, 0xB8, 0x88, 0x3F, 0x45 ), + BYTES_TO_T_UINT_8( 0x1B, 0x2B, 0x85, 0x05, 0xC5, 0x44, 0x53, 0x15 ), +}; +static const mbedtls_mpi_uint secp384r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x3E, 0x2B, 0xFE, 0xD1, 0x1C, 0x73, 0xE3, 0x2E ), + BYTES_TO_T_UINT_8( 0x66, 0x33, 0xA1, 0xD3, 0x69, 0x1C, 0x9D, 0xD2 ), + BYTES_TO_T_UINT_8( 0xE0, 0x5A, 0xBA, 0xB6, 0xAE, 0x1B, 0x94, 0x04 ), + BYTES_TO_T_UINT_8( 0xAF, 0x74, 0x90, 0x5C, 0x57, 0xB0, 0x3A, 0x45 ), + BYTES_TO_T_UINT_8( 0xDD, 0x2F, 0x93, 0x20, 0x24, 0x54, 0x1D, 0x8D ), + BYTES_TO_T_UINT_8( 0xFA, 0x78, 0x9D, 0x71, 0x67, 0x5D, 0x49, 0x98 ), +}; +static const mbedtls_mpi_uint secp384r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x12, 0xC8, 0x0E, 0x11, 0x8D, 0xE0, 0x8F, 0x69 ), + BYTES_TO_T_UINT_8( 0x59, 0x7F, 0x79, 0x6C, 0x5F, 0xB7, 0xBC, 0xB1 ), + BYTES_TO_T_UINT_8( 0x88, 0xE1, 0x83, 0x3C, 0x12, 0xBB, 0xEE, 0x96 ), + BYTES_TO_T_UINT_8( 0x2A, 0xC2, 0xC4, 0x1B, 0x41, 0x71, 0xB9, 0x17 ), + BYTES_TO_T_UINT_8( 0xB0, 0xEE, 0xBB, 0x1D, 0x89, 0x50, 0x88, 0xF2 ), + BYTES_TO_T_UINT_8( 0xFC, 0x1C, 0x55, 0x74, 0xEB, 0xDE, 0x92, 0x3F ), +}; +static const mbedtls_mpi_uint secp384r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x9C, 0x38, 0x92, 0x06, 0x19, 0xD0, 0xB3, 0xB2 ), + BYTES_TO_T_UINT_8( 0x2A, 0x99, 0x26, 0xA3, 0x5F, 0xE2, 0xC1, 0x81 ), + BYTES_TO_T_UINT_8( 0x75, 0xFC, 0xFD, 0xC3, 0xB6, 0x26, 0x24, 0x8F ), + BYTES_TO_T_UINT_8( 0xAF, 0xAD, 0xE7, 0x49, 0xB7, 0x64, 0x4B, 0x96 ), + BYTES_TO_T_UINT_8( 0x6C, 0x4E, 0x95, 0xAD, 0x07, 0xFE, 0xB6, 0x30 ), + BYTES_TO_T_UINT_8( 0x4F, 0x15, 0xE7, 0x2D, 0x19, 0xA9, 0x08, 0x10 ), +}; +static const mbedtls_mpi_uint secp384r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0xBE, 0xBD, 0xAC, 0x0A, 0x3F, 0x6B, 0xFF, 0xFA ), + BYTES_TO_T_UINT_8( 0xE0, 0xE4, 0x74, 0x14, 0xD9, 0x70, 0x1D, 0x71 ), + BYTES_TO_T_UINT_8( 0xF2, 0xB0, 0x71, 0xBB, 0xD8, 0x18, 0x96, 0x2B ), + BYTES_TO_T_UINT_8( 0xDA, 0xB8, 0x19, 0x90, 0x80, 0xB5, 0xEE, 0x01 ), + BYTES_TO_T_UINT_8( 0x91, 0x21, 0x20, 0xA6, 0x17, 0x48, 0x03, 0x6F ), + BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0xBB, 0x6D, 0x94, 0x20, 0x34, 0xF1 ), +}; +static const mbedtls_mpi_uint secp384r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x59, 0x82, 0x67, 0x4B, 0x8E, 0x4E, 0xBE, 0xE2 ), + BYTES_TO_T_UINT_8( 0xBE, 0xDA, 0x77, 0xF8, 0x23, 0x55, 0x2B, 0x2D ), + BYTES_TO_T_UINT_8( 0x5C, 0x02, 0xDE, 0x25, 0x35, 0x2D, 0x74, 0x51 ), + BYTES_TO_T_UINT_8( 0xD0, 0x0C, 0xB8, 0x0B, 0x39, 0xBA, 0xAD, 0x04 ), + BYTES_TO_T_UINT_8( 0xA6, 0x0E, 0x28, 0x4D, 0xE1, 0x3D, 0xE4, 0x1B ), + BYTES_TO_T_UINT_8( 0x5D, 0xEC, 0x0A, 0xD4, 0xB8, 0xC4, 0x8D, 0xB0 ), +}; +static const mbedtls_mpi_uint secp384r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x3E, 0x68, 0xCE, 0xC2, 0x55, 0x4D, 0x0C, 0x6D ), + BYTES_TO_T_UINT_8( 0x9B, 0x20, 0x93, 0x32, 0x90, 0xD6, 0xAE, 0x47 ), + BYTES_TO_T_UINT_8( 0xDD, 0x78, 0xAB, 0x43, 0x9E, 0xEB, 0x73, 0xAE ), + BYTES_TO_T_UINT_8( 0xED, 0x97, 0xC3, 0x83, 0xA6, 0x3C, 0xF1, 0xBF ), + BYTES_TO_T_UINT_8( 0x0F, 0x25, 0x25, 0x66, 0x08, 0x26, 0xFA, 0x4B ), + BYTES_TO_T_UINT_8( 0x41, 0xFB, 0x44, 0x5D, 0x82, 0xEC, 0x3B, 0xAC ), +}; +static const mbedtls_mpi_uint secp384r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x58, 0x90, 0xEA, 0xB5, 0x04, 0x99, 0xD0, 0x69 ), + BYTES_TO_T_UINT_8( 0x4A, 0xF2, 0x22, 0xA0, 0xEB, 0xFD, 0x45, 0x87 ), + BYTES_TO_T_UINT_8( 0x5D, 0xA4, 0x81, 0x32, 0xFC, 0xFA, 0xEE, 0x5B ), + BYTES_TO_T_UINT_8( 0x27, 0xBB, 0xA4, 0x6A, 0x77, 0x41, 0x5C, 0x1D ), + BYTES_TO_T_UINT_8( 0xA1, 0x1E, 0xAA, 0x4F, 0xF0, 0x10, 0xB3, 0x50 ), + BYTES_TO_T_UINT_8( 0x09, 0x74, 0x13, 0x14, 0x9E, 0x90, 0xD7, 0xE6 ), +}; +static const mbedtls_mpi_uint secp384r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xDB, 0xBD, 0x70, 0x4F, 0xA8, 0xD1, 0x06, 0x2C ), + BYTES_TO_T_UINT_8( 0x19, 0x4E, 0x2E, 0x68, 0xFC, 0x35, 0xFA, 0x50 ), + BYTES_TO_T_UINT_8( 0x60, 0x53, 0x75, 0xED, 0xF2, 0x5F, 0xC2, 0xEB ), + BYTES_TO_T_UINT_8( 0x39, 0x87, 0x6B, 0x9F, 0x05, 0xE2, 0x22, 0x93 ), + BYTES_TO_T_UINT_8( 0x4F, 0x1A, 0xA8, 0xB7, 0x03, 0x9E, 0x6D, 0x7C ), + BYTES_TO_T_UINT_8( 0xCB, 0xD0, 0x69, 0x88, 0xA8, 0x39, 0x9E, 0x3A ), +}; +static const mbedtls_mpi_uint secp384r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xF8, 0xEF, 0x68, 0xFE, 0xEC, 0x24, 0x08, 0x15 ), + BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x4B, 0x92, 0x0D, 0xB7, 0x34, 0x74 ), + BYTES_TO_T_UINT_8( 0x3E, 0xF4, 0xDD, 0x1A, 0xA0, 0x4A, 0xE4, 0x45 ), + BYTES_TO_T_UINT_8( 0xC3, 0x63, 0x4F, 0x4F, 0xCE, 0xBB, 0xD6, 0xD3 ), + BYTES_TO_T_UINT_8( 0xCD, 0xEE, 0x8D, 0xDF, 0x3F, 0x73, 0xB7, 0xAC ), + BYTES_TO_T_UINT_8( 0xDF, 0x06, 0xB6, 0x80, 0x4D, 0x81, 0xD9, 0x53 ), +}; +static const mbedtls_mpi_uint secp384r1_T_16_X[] = { + BYTES_TO_T_UINT_8( 0x15, 0xF5, 0x13, 0xDF, 0x13, 0x19, 0x97, 0x94 ), + BYTES_TO_T_UINT_8( 0x08, 0xF9, 0xB3, 0x33, 0x66, 0x82, 0x21, 0xFE ), + BYTES_TO_T_UINT_8( 0xF5, 0xFC, 0x39, 0x16, 0x23, 0x43, 0x76, 0x0E ), + BYTES_TO_T_UINT_8( 0x09, 0x48, 0x25, 0xA1, 0x64, 0x95, 0x1C, 0x2F ), + BYTES_TO_T_UINT_8( 0x43, 0xAC, 0x15, 0x57, 0xD9, 0xDE, 0xA0, 0x28 ), + BYTES_TO_T_UINT_8( 0x16, 0x5F, 0xB8, 0x3D, 0x48, 0x91, 0x24, 0xCC ), +}; +static const mbedtls_mpi_uint secp384r1_T_16_Y[] = { + BYTES_TO_T_UINT_8( 0x2D, 0xF2, 0xC8, 0x54, 0xD1, 0x32, 0xBD, 0xC4 ), + BYTES_TO_T_UINT_8( 0x8A, 0x3B, 0xF0, 0xAA, 0x9D, 0xD8, 0xF4, 0x20 ), + BYTES_TO_T_UINT_8( 0x4F, 0xC3, 0xBB, 0x6C, 0x66, 0xAC, 0x25, 0x2D ), + BYTES_TO_T_UINT_8( 0x6F, 0x25, 0x10, 0xB2, 0xE1, 0x41, 0xDE, 0x1D ), + BYTES_TO_T_UINT_8( 0x3C, 0xE8, 0x30, 0xB8, 0x37, 0xBC, 0x2A, 0x98 ), + BYTES_TO_T_UINT_8( 0xBA, 0x57, 0x01, 0x4A, 0x1E, 0x78, 0x9F, 0x85 ), +}; +static const mbedtls_mpi_uint secp384r1_T_17_X[] = { + BYTES_TO_T_UINT_8( 0xBD, 0x19, 0xCD, 0x12, 0x0B, 0x51, 0x4F, 0x56 ), + BYTES_TO_T_UINT_8( 0x30, 0x4B, 0x3D, 0x24, 0xA4, 0x16, 0x59, 0x05 ), + BYTES_TO_T_UINT_8( 0xAC, 0xEB, 0xD3, 0x59, 0x2E, 0x75, 0x7C, 0x01 ), + BYTES_TO_T_UINT_8( 0x8C, 0xB9, 0xB4, 0xA5, 0xD9, 0x2E, 0x29, 0x4C ), + BYTES_TO_T_UINT_8( 0x86, 0x16, 0x05, 0x75, 0x02, 0xB3, 0x06, 0xEE ), + BYTES_TO_T_UINT_8( 0xAB, 0x7C, 0x9F, 0x79, 0x91, 0xF1, 0x4F, 0x23 ), +}; +static const mbedtls_mpi_uint secp384r1_T_17_Y[] = { + BYTES_TO_T_UINT_8( 0x65, 0x98, 0x7C, 0x84, 0xE1, 0xFF, 0x30, 0x77 ), + BYTES_TO_T_UINT_8( 0x71, 0xE2, 0xC2, 0x5F, 0x55, 0x40, 0xBD, 0xCD ), + BYTES_TO_T_UINT_8( 0x69, 0x65, 0x87, 0x3F, 0xC4, 0xC2, 0x24, 0x57 ), + BYTES_TO_T_UINT_8( 0x0E, 0x30, 0x0A, 0x60, 0x15, 0xD1, 0x24, 0x48 ), + BYTES_TO_T_UINT_8( 0x57, 0x99, 0xD9, 0xB6, 0xAE, 0xB1, 0xAF, 0x1D ), + BYTES_TO_T_UINT_8( 0x9B, 0x80, 0xEE, 0xA2, 0x0F, 0x74, 0xB9, 0xF3 ), +}; +static const mbedtls_mpi_uint secp384r1_T_18_X[] = { + BYTES_TO_T_UINT_8( 0x03, 0xE6, 0x0F, 0x37, 0xC1, 0x10, 0x99, 0x1E ), + BYTES_TO_T_UINT_8( 0x61, 0xAD, 0x9D, 0x5D, 0x80, 0x01, 0xA6, 0xFE ), + BYTES_TO_T_UINT_8( 0xB0, 0x0F, 0x10, 0x2A, 0x9D, 0x20, 0x38, 0xEB ), + BYTES_TO_T_UINT_8( 0x6C, 0x60, 0xCB, 0xCE, 0x5A, 0xA0, 0xA7, 0x32 ), + BYTES_TO_T_UINT_8( 0xBA, 0xCF, 0x14, 0xDF, 0xBF, 0xE5, 0x74, 0x2D ), + BYTES_TO_T_UINT_8( 0xB5, 0x12, 0x1A, 0xDD, 0x59, 0x02, 0x5D, 0xC6 ), +}; +static const mbedtls_mpi_uint secp384r1_T_18_Y[] = { + BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0xF8, 0xF5, 0xB6, 0x13, 0x4D, 0x7B ), + BYTES_TO_T_UINT_8( 0xED, 0x45, 0xB1, 0x93, 0xB3, 0xA2, 0x79, 0xDC ), + BYTES_TO_T_UINT_8( 0x74, 0xF6, 0xCF, 0xF7, 0xE6, 0x29, 0x9C, 0xCC ), + BYTES_TO_T_UINT_8( 0x87, 0x50, 0x65, 0x80, 0xBC, 0x59, 0x0A, 0x59 ), + BYTES_TO_T_UINT_8( 0x0E, 0xF0, 0x24, 0x35, 0xA2, 0x46, 0xF0, 0x0C ), + BYTES_TO_T_UINT_8( 0xBD, 0x26, 0xC0, 0x9D, 0x61, 0x56, 0x62, 0x67 ), +}; +static const mbedtls_mpi_uint secp384r1_T_19_X[] = { + BYTES_TO_T_UINT_8( 0x10, 0xBB, 0xC2, 0x24, 0x43, 0x2E, 0x37, 0x54 ), + BYTES_TO_T_UINT_8( 0x8A, 0xF7, 0xCE, 0x35, 0xFC, 0x77, 0xF3, 0x3F ), + BYTES_TO_T_UINT_8( 0x75, 0x34, 0x96, 0xD5, 0x4A, 0x76, 0x9D, 0x6B ), + BYTES_TO_T_UINT_8( 0xB8, 0x3B, 0x0F, 0xEA, 0xA8, 0x12, 0x0B, 0x22 ), + BYTES_TO_T_UINT_8( 0x66, 0x3F, 0x5D, 0x2D, 0x1C, 0xD4, 0x9E, 0xFB ), + BYTES_TO_T_UINT_8( 0x7D, 0x2E, 0xDD, 0xC7, 0x6E, 0xAB, 0xAF, 0xDC ), +}; +static const mbedtls_mpi_uint secp384r1_T_19_Y[] = { + BYTES_TO_T_UINT_8( 0x8C, 0xB2, 0x7B, 0x0C, 0x9A, 0x83, 0x8E, 0x59 ), + BYTES_TO_T_UINT_8( 0x30, 0x51, 0x90, 0x92, 0x79, 0x32, 0x19, 0xC3 ), + BYTES_TO_T_UINT_8( 0xEE, 0x89, 0xF9, 0xD0, 0xCF, 0x2C, 0xA5, 0x8F ), + BYTES_TO_T_UINT_8( 0x7B, 0x50, 0x21, 0xDE, 0x50, 0x41, 0x9D, 0x81 ), + BYTES_TO_T_UINT_8( 0xE0, 0x7D, 0x2B, 0x9E, 0x9D, 0x95, 0xA8, 0xE3 ), + BYTES_TO_T_UINT_8( 0xD8, 0xA5, 0x20, 0x87, 0x88, 0x97, 0x5F, 0xAA ), +}; +static const mbedtls_mpi_uint secp384r1_T_20_X[] = { + BYTES_TO_T_UINT_8( 0x64, 0x59, 0xB4, 0x66, 0x7E, 0xE8, 0x5A, 0x60 ), + BYTES_TO_T_UINT_8( 0xA5, 0x5C, 0x7E, 0xB2, 0xAD, 0xD9, 0xC9, 0xDA ), + BYTES_TO_T_UINT_8( 0x82, 0x97, 0x49, 0xA3, 0x13, 0x83, 0x07, 0x2E ), + BYTES_TO_T_UINT_8( 0x5A, 0x26, 0xC7, 0x13, 0x35, 0x0D, 0xB0, 0x6B ), + BYTES_TO_T_UINT_8( 0x1E, 0x60, 0xAB, 0xFA, 0x4B, 0x93, 0x18, 0x2C ), + BYTES_TO_T_UINT_8( 0x54, 0x2D, 0x1C, 0x31, 0x4C, 0xE4, 0x61, 0xAE ), +}; +static const mbedtls_mpi_uint secp384r1_T_20_Y[] = { + BYTES_TO_T_UINT_8( 0xDE, 0x4D, 0x1E, 0x51, 0x59, 0x6E, 0x91, 0xC5 ), + BYTES_TO_T_UINT_8( 0x38, 0x54, 0x4D, 0x51, 0xED, 0x36, 0xCC, 0x60 ), + BYTES_TO_T_UINT_8( 0x18, 0xA8, 0x56, 0xC7, 0x78, 0x27, 0x33, 0xC5 ), + BYTES_TO_T_UINT_8( 0x42, 0xB7, 0x95, 0xC9, 0x8B, 0xC8, 0x6A, 0xBC ), + BYTES_TO_T_UINT_8( 0x5E, 0xE9, 0x13, 0x96, 0xB3, 0xE1, 0xF9, 0xEE ), + BYTES_TO_T_UINT_8( 0xF5, 0x46, 0xB0, 0x5E, 0xC3, 0x94, 0x03, 0x05 ), +}; +static const mbedtls_mpi_uint secp384r1_T_21_X[] = { + BYTES_TO_T_UINT_8( 0x6D, 0x5B, 0x29, 0x30, 0x41, 0x1A, 0x9E, 0xB6 ), + BYTES_TO_T_UINT_8( 0x76, 0xCA, 0x83, 0x31, 0x5B, 0xA7, 0xCB, 0x42 ), + BYTES_TO_T_UINT_8( 0x21, 0x41, 0x50, 0x44, 0x4D, 0x64, 0x31, 0x89 ), + BYTES_TO_T_UINT_8( 0xCF, 0x84, 0xC2, 0x5D, 0x97, 0xA5, 0x3C, 0x18 ), + BYTES_TO_T_UINT_8( 0xF0, 0x0F, 0xA5, 0xFD, 0x8E, 0x5A, 0x47, 0x2C ), + BYTES_TO_T_UINT_8( 0x7C, 0x58, 0x02, 0x2D, 0x40, 0xB1, 0x0B, 0xBA ), +}; +static const mbedtls_mpi_uint secp384r1_T_21_Y[] = { + BYTES_TO_T_UINT_8( 0xDA, 0x33, 0x8C, 0x67, 0xCE, 0x23, 0x43, 0x99 ), + BYTES_TO_T_UINT_8( 0x84, 0x53, 0x47, 0x72, 0x44, 0x1F, 0x5B, 0x2A ), + BYTES_TO_T_UINT_8( 0xAE, 0xC1, 0xD9, 0xA4, 0x50, 0x88, 0x63, 0x18 ), + BYTES_TO_T_UINT_8( 0x7C, 0xF2, 0x75, 0x69, 0x73, 0x00, 0xC4, 0x31 ), + BYTES_TO_T_UINT_8( 0x4B, 0x90, 0x1D, 0xDF, 0x1A, 0x00, 0xD8, 0x69 ), + BYTES_TO_T_UINT_8( 0x05, 0xB1, 0x89, 0x48, 0xA8, 0x70, 0x62, 0xEF ), +}; +static const mbedtls_mpi_uint secp384r1_T_22_X[] = { + BYTES_TO_T_UINT_8( 0x7E, 0x8A, 0x55, 0x50, 0x7B, 0xEF, 0x8A, 0x3C ), + BYTES_TO_T_UINT_8( 0xFE, 0x1B, 0x23, 0x48, 0x23, 0x63, 0x91, 0xB6 ), + BYTES_TO_T_UINT_8( 0x0D, 0x04, 0x54, 0x3C, 0x24, 0x9B, 0xC7, 0x9A ), + BYTES_TO_T_UINT_8( 0x25, 0x38, 0xC3, 0x84, 0xFB, 0xFF, 0x9F, 0x49 ), + BYTES_TO_T_UINT_8( 0x66, 0x2A, 0xE0, 0x6D, 0x68, 0x8A, 0x5C, 0xCB ), + BYTES_TO_T_UINT_8( 0xC4, 0x93, 0x53, 0x85, 0xA1, 0x0D, 0xAF, 0x63 ), +}; +static const mbedtls_mpi_uint secp384r1_T_22_Y[] = { + BYTES_TO_T_UINT_8( 0x1B, 0x88, 0x95, 0x4C, 0x0B, 0xD0, 0x06, 0x51 ), + BYTES_TO_T_UINT_8( 0x92, 0xAF, 0x8D, 0x49, 0xA2, 0xC8, 0xB4, 0xE0 ), + BYTES_TO_T_UINT_8( 0x75, 0x76, 0x53, 0x09, 0x88, 0x43, 0x87, 0xCA ), + BYTES_TO_T_UINT_8( 0x90, 0xA4, 0x77, 0x3F, 0x5E, 0x21, 0xB4, 0x0A ), + BYTES_TO_T_UINT_8( 0x35, 0x9E, 0x86, 0x64, 0xCC, 0x91, 0xC1, 0x77 ), + BYTES_TO_T_UINT_8( 0xC1, 0x17, 0x56, 0xCB, 0xC3, 0x7D, 0x5B, 0xB1 ), +}; +static const mbedtls_mpi_uint secp384r1_T_23_X[] = { + BYTES_TO_T_UINT_8( 0x64, 0x74, 0x9F, 0xB5, 0x91, 0x21, 0xB1, 0x1C ), + BYTES_TO_T_UINT_8( 0x1E, 0xED, 0xE1, 0x11, 0xEF, 0x45, 0xAF, 0xC1 ), + BYTES_TO_T_UINT_8( 0xE0, 0x31, 0xBE, 0xB2, 0xBC, 0x72, 0x65, 0x1F ), + BYTES_TO_T_UINT_8( 0xB1, 0x4B, 0x8C, 0x77, 0xCE, 0x1E, 0x42, 0xB5 ), + BYTES_TO_T_UINT_8( 0xFF, 0xC9, 0xAA, 0xB9, 0xD9, 0x86, 0x99, 0x55 ), + BYTES_TO_T_UINT_8( 0x65, 0x23, 0x80, 0xC6, 0x4E, 0x35, 0x0B, 0x6D ), +}; +static const mbedtls_mpi_uint secp384r1_T_23_Y[] = { + BYTES_TO_T_UINT_8( 0x47, 0xD8, 0xA2, 0x0A, 0x39, 0x32, 0x1D, 0x23 ), + BYTES_TO_T_UINT_8( 0x61, 0xC8, 0x86, 0xF1, 0x12, 0x9A, 0x4A, 0x05 ), + BYTES_TO_T_UINT_8( 0x8D, 0xF1, 0x7C, 0xAA, 0x70, 0x8E, 0xBC, 0x01 ), + BYTES_TO_T_UINT_8( 0x62, 0x01, 0x47, 0x8F, 0xDD, 0x8B, 0xA5, 0xC8 ), + BYTES_TO_T_UINT_8( 0xDB, 0x08, 0x21, 0xF4, 0xAB, 0xC7, 0xF5, 0x96 ), + BYTES_TO_T_UINT_8( 0x0A, 0x76, 0xA5, 0x95, 0xC4, 0x0F, 0x88, 0x1D ), +}; +static const mbedtls_mpi_uint secp384r1_T_24_X[] = { + BYTES_TO_T_UINT_8( 0x3F, 0x42, 0x2A, 0x52, 0xCD, 0x75, 0x51, 0x49 ), + BYTES_TO_T_UINT_8( 0x90, 0x36, 0xE5, 0x04, 0x2B, 0x44, 0xC6, 0xEF ), + BYTES_TO_T_UINT_8( 0x5C, 0xEE, 0x16, 0x13, 0x07, 0x83, 0xB5, 0x30 ), + BYTES_TO_T_UINT_8( 0x76, 0x59, 0xC6, 0xA2, 0x19, 0x05, 0xD3, 0xC6 ), + BYTES_TO_T_UINT_8( 0xB6, 0x8B, 0xA8, 0x16, 0x09, 0xB7, 0xEA, 0xD6 ), + BYTES_TO_T_UINT_8( 0x70, 0xEE, 0x14, 0xAF, 0xB5, 0xFD, 0xD0, 0xEF ), +}; +static const mbedtls_mpi_uint secp384r1_T_24_Y[] = { + BYTES_TO_T_UINT_8( 0x18, 0x7C, 0xCA, 0x71, 0x3E, 0x6E, 0x66, 0x75 ), + BYTES_TO_T_UINT_8( 0xBE, 0x31, 0x0E, 0x3F, 0xE5, 0x91, 0xC4, 0x7F ), + BYTES_TO_T_UINT_8( 0x8E, 0x3D, 0xC2, 0x3E, 0x95, 0x37, 0x58, 0x2B ), + BYTES_TO_T_UINT_8( 0x01, 0x1F, 0x02, 0x03, 0xF3, 0xEF, 0xEE, 0x66 ), + BYTES_TO_T_UINT_8( 0x28, 0x5B, 0x1A, 0xFC, 0x38, 0xCD, 0xE8, 0x24 ), + BYTES_TO_T_UINT_8( 0x12, 0x57, 0x42, 0x85, 0xC6, 0x21, 0x68, 0x71 ), +}; +static const mbedtls_mpi_uint secp384r1_T_25_X[] = { + BYTES_TO_T_UINT_8( 0x8D, 0xA2, 0x4A, 0x66, 0xB1, 0x0A, 0xE6, 0xC0 ), + BYTES_TO_T_UINT_8( 0x86, 0x0C, 0x94, 0x9D, 0x5E, 0x99, 0xB2, 0xCE ), + BYTES_TO_T_UINT_8( 0xAD, 0x03, 0x40, 0xCA, 0xB2, 0xB3, 0x30, 0x55 ), + BYTES_TO_T_UINT_8( 0x74, 0x78, 0x48, 0x27, 0x34, 0x1E, 0xE2, 0x42 ), + BYTES_TO_T_UINT_8( 0xAE, 0x72, 0x5B, 0xAC, 0xC1, 0x6D, 0xE3, 0x82 ), + BYTES_TO_T_UINT_8( 0x57, 0xAB, 0x46, 0xCB, 0xEA, 0x5E, 0x4B, 0x0B ), +}; +static const mbedtls_mpi_uint secp384r1_T_25_Y[] = { + BYTES_TO_T_UINT_8( 0xFC, 0x08, 0xAD, 0x4E, 0x51, 0x9F, 0x2A, 0x52 ), + BYTES_TO_T_UINT_8( 0x68, 0x5C, 0x7D, 0x4C, 0xD6, 0xCF, 0xDD, 0x02 ), + BYTES_TO_T_UINT_8( 0xD8, 0x76, 0x26, 0xE0, 0x8B, 0x10, 0xD9, 0x7C ), + BYTES_TO_T_UINT_8( 0x30, 0xA7, 0x23, 0x4E, 0x5F, 0xD2, 0x42, 0x17 ), + BYTES_TO_T_UINT_8( 0xD1, 0xE5, 0xA4, 0xEC, 0x77, 0x21, 0x34, 0x28 ), + BYTES_TO_T_UINT_8( 0x5C, 0x14, 0x65, 0xEA, 0x4A, 0x85, 0xC3, 0x2F ), +}; +static const mbedtls_mpi_uint secp384r1_T_26_X[] = { + BYTES_TO_T_UINT_8( 0x19, 0xD8, 0x40, 0x27, 0x73, 0x15, 0x7E, 0x65 ), + BYTES_TO_T_UINT_8( 0xF6, 0xBB, 0x53, 0x7E, 0x0F, 0x40, 0xC8, 0xD4 ), + BYTES_TO_T_UINT_8( 0xEA, 0x37, 0x19, 0x73, 0xEF, 0x5A, 0x5E, 0x04 ), + BYTES_TO_T_UINT_8( 0x9C, 0x73, 0x2B, 0x49, 0x7E, 0xAC, 0x97, 0x5C ), + BYTES_TO_T_UINT_8( 0x15, 0xB2, 0xC3, 0x1E, 0x0E, 0xE7, 0xD2, 0x21 ), + BYTES_TO_T_UINT_8( 0x8A, 0x08, 0xD6, 0xDD, 0xAC, 0x21, 0xD6, 0x3E ), +}; +static const mbedtls_mpi_uint secp384r1_T_26_Y[] = { + BYTES_TO_T_UINT_8( 0xA9, 0x26, 0xBE, 0x6D, 0x6D, 0xF2, 0x38, 0x3F ), + BYTES_TO_T_UINT_8( 0x08, 0x6C, 0x31, 0xA7, 0x49, 0x50, 0x3A, 0x89 ), + BYTES_TO_T_UINT_8( 0xC3, 0x99, 0xC6, 0xF5, 0xD2, 0xC2, 0x30, 0x5A ), + BYTES_TO_T_UINT_8( 0x2A, 0xE4, 0xF6, 0x8B, 0x8B, 0x97, 0xE9, 0xB2 ), + BYTES_TO_T_UINT_8( 0xDD, 0x21, 0xB7, 0x0D, 0xFC, 0x15, 0x54, 0x0B ), + BYTES_TO_T_UINT_8( 0x65, 0x83, 0x1C, 0xA4, 0xCD, 0x6B, 0x9D, 0xF2 ), +}; +static const mbedtls_mpi_uint secp384r1_T_27_X[] = { + BYTES_TO_T_UINT_8( 0xD6, 0xE8, 0x4C, 0x48, 0xE4, 0xAA, 0x69, 0x93 ), + BYTES_TO_T_UINT_8( 0x27, 0x7A, 0x27, 0xFC, 0x37, 0x96, 0x1A, 0x7B ), + BYTES_TO_T_UINT_8( 0x6F, 0xE7, 0x30, 0xA5, 0xCF, 0x13, 0x46, 0x5C ), + BYTES_TO_T_UINT_8( 0x8C, 0xD8, 0xAF, 0x74, 0x23, 0x4D, 0x56, 0x84 ), + BYTES_TO_T_UINT_8( 0x32, 0x3D, 0x44, 0x14, 0x1B, 0x97, 0x83, 0xF0 ), + BYTES_TO_T_UINT_8( 0xFA, 0x47, 0xD7, 0x5F, 0xFD, 0x98, 0x38, 0xF7 ), +}; +static const mbedtls_mpi_uint secp384r1_T_27_Y[] = { + BYTES_TO_T_UINT_8( 0xA3, 0x73, 0x64, 0x36, 0xFD, 0x7B, 0xC1, 0x15 ), + BYTES_TO_T_UINT_8( 0xEA, 0x5D, 0x32, 0xD2, 0x47, 0x94, 0x89, 0x2D ), + BYTES_TO_T_UINT_8( 0x51, 0xE9, 0x30, 0xAC, 0x06, 0xC8, 0x65, 0x04 ), + BYTES_TO_T_UINT_8( 0xFA, 0x6C, 0xB9, 0x1B, 0xF7, 0x61, 0x49, 0x53 ), + BYTES_TO_T_UINT_8( 0xD7, 0xFF, 0x32, 0x43, 0x80, 0xDA, 0xA6, 0xB1 ), + BYTES_TO_T_UINT_8( 0xAC, 0xF8, 0x04, 0x01, 0x95, 0x35, 0xCE, 0x21 ), +}; +static const mbedtls_mpi_uint secp384r1_T_28_X[] = { + BYTES_TO_T_UINT_8( 0x6D, 0x06, 0x46, 0x0D, 0x51, 0xE2, 0xD8, 0xAC ), + BYTES_TO_T_UINT_8( 0x14, 0x57, 0x1D, 0x6F, 0x79, 0xA0, 0xCD, 0xA6 ), + BYTES_TO_T_UINT_8( 0xDF, 0xFB, 0x36, 0xCA, 0xAD, 0xF5, 0x9E, 0x41 ), + BYTES_TO_T_UINT_8( 0x6F, 0x7A, 0x1D, 0x9E, 0x1D, 0x95, 0x48, 0xDC ), + BYTES_TO_T_UINT_8( 0x81, 0x26, 0xA5, 0xB7, 0x15, 0x2C, 0xC2, 0xC6 ), + BYTES_TO_T_UINT_8( 0x86, 0x42, 0x72, 0xAA, 0x11, 0xDC, 0xC9, 0xB6 ), +}; +static const mbedtls_mpi_uint secp384r1_T_28_Y[] = { + BYTES_TO_T_UINT_8( 0x3F, 0x6C, 0x64, 0xA7, 0x62, 0x3C, 0xAB, 0xD4 ), + BYTES_TO_T_UINT_8( 0x48, 0x6A, 0x44, 0xD8, 0x60, 0xC0, 0xA8, 0x80 ), + BYTES_TO_T_UINT_8( 0x82, 0x76, 0x58, 0x12, 0x57, 0x3C, 0x89, 0x46 ), + BYTES_TO_T_UINT_8( 0x82, 0x4F, 0x83, 0xCE, 0xCB, 0xB8, 0xD0, 0x2C ), + BYTES_TO_T_UINT_8( 0x9A, 0x84, 0x04, 0xB0, 0xAD, 0xEB, 0xFA, 0xDF ), + BYTES_TO_T_UINT_8( 0x34, 0xA4, 0xC3, 0x41, 0x44, 0x4E, 0x65, 0x3E ), +}; +static const mbedtls_mpi_uint secp384r1_T_29_X[] = { + BYTES_TO_T_UINT_8( 0xB6, 0x16, 0xA9, 0x1C, 0xE7, 0x65, 0x20, 0xC1 ), + BYTES_TO_T_UINT_8( 0x58, 0x53, 0x32, 0xF8, 0xC0, 0xA6, 0xBD, 0x2C ), + BYTES_TO_T_UINT_8( 0xB7, 0xF0, 0xE6, 0x57, 0x31, 0xCC, 0x26, 0x6F ), + BYTES_TO_T_UINT_8( 0x27, 0xE3, 0x54, 0x1C, 0x34, 0xD3, 0x17, 0xBC ), + BYTES_TO_T_UINT_8( 0xF5, 0xAE, 0xED, 0xFB, 0xCD, 0xE7, 0x1E, 0x9F ), + BYTES_TO_T_UINT_8( 0x5A, 0x16, 0x1C, 0x34, 0x40, 0x00, 0x1F, 0xB6 ), +}; +static const mbedtls_mpi_uint secp384r1_T_29_Y[] = { + BYTES_TO_T_UINT_8( 0x6A, 0x32, 0x00, 0xC2, 0xD4, 0x3B, 0x1A, 0x09 ), + BYTES_TO_T_UINT_8( 0x34, 0xE0, 0x99, 0x8F, 0x0C, 0x4A, 0x16, 0x44 ), + BYTES_TO_T_UINT_8( 0x83, 0x73, 0x18, 0x1B, 0xD4, 0x94, 0x29, 0x62 ), + BYTES_TO_T_UINT_8( 0x29, 0xA4, 0x2D, 0xB1, 0x9D, 0x74, 0x32, 0x67 ), + BYTES_TO_T_UINT_8( 0xBF, 0xF4, 0xB1, 0x0C, 0x37, 0x62, 0x8B, 0x66 ), + BYTES_TO_T_UINT_8( 0xC9, 0xFF, 0xDA, 0xE2, 0x35, 0xA3, 0xB6, 0x42 ), +}; +static const mbedtls_mpi_uint secp384r1_T_30_X[] = { + BYTES_TO_T_UINT_8( 0x91, 0x49, 0x99, 0x65, 0xC5, 0xED, 0x16, 0xEF ), + BYTES_TO_T_UINT_8( 0x79, 0x42, 0x9A, 0xF3, 0xA7, 0x4E, 0x6F, 0x2B ), + BYTES_TO_T_UINT_8( 0x7B, 0x0A, 0x7E, 0xC0, 0xD7, 0x4E, 0x07, 0x55 ), + BYTES_TO_T_UINT_8( 0xD6, 0x7A, 0x31, 0x69, 0xA6, 0xB9, 0x15, 0x34 ), + BYTES_TO_T_UINT_8( 0xA8, 0xE0, 0x72, 0xA4, 0x3F, 0xB9, 0xF8, 0x0C ), + BYTES_TO_T_UINT_8( 0x2B, 0x75, 0x32, 0x85, 0xA2, 0xDE, 0x37, 0x12 ), +}; +static const mbedtls_mpi_uint secp384r1_T_30_Y[] = { + BYTES_TO_T_UINT_8( 0xBC, 0xC0, 0x0D, 0xCF, 0x25, 0x41, 0xA4, 0xF4 ), + BYTES_TO_T_UINT_8( 0x9B, 0xFC, 0xB2, 0x48, 0xC3, 0x85, 0x83, 0x4B ), + BYTES_TO_T_UINT_8( 0x2B, 0xBE, 0x0B, 0x58, 0x2D, 0x7A, 0x9A, 0x62 ), + BYTES_TO_T_UINT_8( 0xC5, 0xF3, 0x81, 0x18, 0x1B, 0x74, 0x4F, 0x2C ), + BYTES_TO_T_UINT_8( 0xE2, 0x43, 0xA3, 0x0A, 0x16, 0x8B, 0xA3, 0x1E ), + BYTES_TO_T_UINT_8( 0x4A, 0x18, 0x81, 0x7B, 0x8D, 0xA2, 0x35, 0x77 ), +}; +static const mbedtls_mpi_uint secp384r1_T_31_X[] = { + BYTES_TO_T_UINT_8( 0x86, 0xC4, 0x3F, 0x2C, 0xE7, 0x5F, 0x99, 0x03 ), + BYTES_TO_T_UINT_8( 0xF0, 0x2B, 0xB7, 0xB6, 0xAD, 0x5A, 0x56, 0xFF ), + BYTES_TO_T_UINT_8( 0x04, 0x00, 0xA4, 0x48, 0xC8, 0xE8, 0xBA, 0xBF ), + BYTES_TO_T_UINT_8( 0xE8, 0xA1, 0xB5, 0x13, 0x5A, 0xCD, 0x99, 0x9C ), + BYTES_TO_T_UINT_8( 0xB0, 0x95, 0xAD, 0xFC, 0xE2, 0x7E, 0xE7, 0xFE ), + BYTES_TO_T_UINT_8( 0x96, 0x6B, 0xD1, 0x34, 0x99, 0x53, 0x63, 0x0B ), +}; +static const mbedtls_mpi_uint secp384r1_T_31_Y[] = { + BYTES_TO_T_UINT_8( 0x19, 0x8A, 0x77, 0x5D, 0x2B, 0xAB, 0x01, 0x28 ), + BYTES_TO_T_UINT_8( 0x4E, 0x85, 0xD0, 0xD5, 0x49, 0x83, 0x4D, 0x60 ), + BYTES_TO_T_UINT_8( 0x81, 0xC6, 0x91, 0x30, 0x3B, 0x00, 0xAF, 0x7A ), + BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x61, 0x07, 0xE1, 0xB6, 0xE2, 0xC9 ), + BYTES_TO_T_UINT_8( 0x95, 0x43, 0x41, 0xFE, 0x9B, 0xB6, 0xF0, 0xA5 ), + BYTES_TO_T_UINT_8( 0xB4, 0x97, 0xAE, 0xAD, 0x89, 0x88, 0x9E, 0x41 ), +}; +static const mbedtls_ecp_point secp384r1_T[32] = { + ECP_POINT_INIT_XY_Z1(secp384r1_T_0_X, secp384r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_1_X, secp384r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_2_X, secp384r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_3_X, secp384r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_4_X, secp384r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_5_X, secp384r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_6_X, secp384r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_7_X, secp384r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_8_X, secp384r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_9_X, secp384r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_10_X, secp384r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_11_X, secp384r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_12_X, secp384r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_13_X, secp384r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_14_X, secp384r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_15_X, secp384r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_16_X, secp384r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_17_X, secp384r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_18_X, secp384r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_19_X, secp384r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_20_X, secp384r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_21_X, secp384r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_22_X, secp384r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_23_X, secp384r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_24_X, secp384r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_25_X, secp384r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_26_X, secp384r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_27_X, secp384r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_28_X, secp384r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_29_X, secp384r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_30_X, secp384r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_31_X, secp384r1_T_31_Y), +}; +#else +#define secp384r1_T NULL +#endif + #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ /* @@ -294,6 +1483,748 @@ static const mbedtls_mpi_uint secp521r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_2( 0xFF, 0x01 ), }; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp521r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), + BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), + BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), + BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), + BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), + BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), + BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), + BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), + BYTES_TO_T_UINT_8( 0xC6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), + BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), + BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), + BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), + BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), + BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), + BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), + BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), + BYTES_TO_T_UINT_8( 0x18, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x2F, 0xB1, 0x2D, 0xEB, 0x27, 0x2F, 0xE8, 0xDA ), + BYTES_TO_T_UINT_8( 0x98, 0x4B, 0x44, 0x25, 0xDB, 0x5C, 0x5F, 0x67 ), + BYTES_TO_T_UINT_8( 0x13, 0x85, 0x28, 0x78, 0x2E, 0x75, 0x34, 0x32 ), + BYTES_TO_T_UINT_8( 0x69, 0x57, 0x0F, 0x73, 0x78, 0x7A, 0xE3, 0x53 ), + BYTES_TO_T_UINT_8( 0x8D, 0xD8, 0xEC, 0xDC, 0xDA, 0x04, 0xAD, 0xAB ), + BYTES_TO_T_UINT_8( 0x34, 0x8A, 0x09, 0xF3, 0x58, 0x79, 0xD8, 0x29 ), + BYTES_TO_T_UINT_8( 0x63, 0x03, 0xCB, 0x50, 0x1A, 0x7F, 0x56, 0x00 ), + BYTES_TO_T_UINT_8( 0xF6, 0xA6, 0x78, 0x38, 0x85, 0x67, 0x0B, 0x40 ), + BYTES_TO_T_UINT_8( 0x83, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x8A, 0xD5, 0xD2, 0x22, 0xC4, 0x00, 0x3B, 0xBA ), + BYTES_TO_T_UINT_8( 0xD5, 0x93, 0x0E, 0x7B, 0x85, 0x51, 0xC3, 0x06 ), + BYTES_TO_T_UINT_8( 0x3D, 0xA6, 0x5F, 0x54, 0x49, 0x02, 0x81, 0x78 ), + BYTES_TO_T_UINT_8( 0x22, 0xE9, 0x6B, 0x3A, 0x92, 0xE7, 0x72, 0x1D ), + BYTES_TO_T_UINT_8( 0x6F, 0x5F, 0x28, 0x9E, 0x91, 0x27, 0x88, 0xE3 ), + BYTES_TO_T_UINT_8( 0xEF, 0x28, 0x31, 0xB3, 0x84, 0xCA, 0x12, 0x32 ), + BYTES_TO_T_UINT_8( 0x3D, 0xF9, 0xAC, 0x22, 0x10, 0x0A, 0x64, 0x41 ), + BYTES_TO_T_UINT_8( 0xE9, 0xC6, 0x33, 0x1F, 0x69, 0x19, 0x18, 0xBF ), + BYTES_TO_T_UINT_8( 0xBE, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0xA0, 0x48, 0xB8, 0xC7, 0x37, 0x5A, 0x00, 0x36 ), + BYTES_TO_T_UINT_8( 0x07, 0xCC, 0x32, 0xE0, 0xEE, 0x03, 0xC2, 0xBA ), + BYTES_TO_T_UINT_8( 0xC4, 0x29, 0xC2, 0xE4, 0x6E, 0x24, 0x20, 0x8D ), + BYTES_TO_T_UINT_8( 0x06, 0x6B, 0x7F, 0x7B, 0xF9, 0xB0, 0xB8, 0x13 ), + BYTES_TO_T_UINT_8( 0x1D, 0x7B, 0x3C, 0xE1, 0x19, 0xA1, 0x23, 0x02 ), + BYTES_TO_T_UINT_8( 0x2A, 0xE3, 0xC2, 0x53, 0xC0, 0x07, 0x13, 0xA9 ), + BYTES_TO_T_UINT_8( 0x07, 0xFE, 0x36, 0x35, 0x9F, 0x5E, 0x59, 0xCE ), + BYTES_TO_T_UINT_8( 0x1D, 0x55, 0x89, 0x84, 0xBC, 0xEF, 0xA2, 0xC2 ), + BYTES_TO_T_UINT_8( 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0xFD, 0x1A, 0x08, 0x67, 0xB4, 0xE7, 0x22, 0xED ), + BYTES_TO_T_UINT_8( 0x76, 0x26, 0xDF, 0x81, 0x3C, 0x5F, 0x1C, 0xDA ), + BYTES_TO_T_UINT_8( 0xE0, 0x4D, 0xD0, 0x0A, 0x48, 0x06, 0xF4, 0x48 ), + BYTES_TO_T_UINT_8( 0x73, 0x18, 0x39, 0xF7, 0xD1, 0x20, 0x77, 0x8D ), + BYTES_TO_T_UINT_8( 0x78, 0x8F, 0x44, 0x13, 0xCB, 0x78, 0x11, 0x11 ), + BYTES_TO_T_UINT_8( 0x33, 0xE2, 0x49, 0xEA, 0x43, 0x79, 0x08, 0x39 ), + BYTES_TO_T_UINT_8( 0x01, 0xD1, 0xD8, 0x73, 0x2C, 0x71, 0x2F, 0x69 ), + BYTES_TO_T_UINT_8( 0x21, 0xE5, 0xE7, 0xF4, 0x46, 0xAB, 0x20, 0xCA ), + BYTES_TO_T_UINT_8( 0x5A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x8C, 0x0B, 0xB9, 0x71, 0x1A, 0x27, 0xB7, 0xA7 ), + BYTES_TO_T_UINT_8( 0x2A, 0xA2, 0x2C, 0xD1, 0xDA, 0xBC, 0xC1, 0xBD ), + BYTES_TO_T_UINT_8( 0x10, 0xA3, 0x10, 0x1F, 0x90, 0xF2, 0xA5, 0x52 ), + BYTES_TO_T_UINT_8( 0x28, 0xFB, 0x20, 0xF4, 0xC0, 0x70, 0xC0, 0xF5 ), + BYTES_TO_T_UINT_8( 0x8F, 0xA7, 0x99, 0xF0, 0xA5, 0xD3, 0x09, 0xDD ), + BYTES_TO_T_UINT_8( 0x26, 0xE8, 0x14, 0x39, 0xBE, 0xCB, 0x60, 0xAF ), + BYTES_TO_T_UINT_8( 0x9F, 0xD6, 0x14, 0xA9, 0xC9, 0x20, 0xC3, 0xEA ), + BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x5B, 0xFD, 0x2D, 0x96, 0xBC, 0x78 ), + BYTES_TO_T_UINT_8( 0xC0, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0x9D, 0x04, 0x45, 0xBE, 0xCE, 0x75, 0x95, 0xF6 ), + BYTES_TO_T_UINT_8( 0xCC, 0xDA, 0x58, 0x49, 0x35, 0x09, 0x8D, 0x41 ), + BYTES_TO_T_UINT_8( 0x76, 0xF0, 0xC0, 0x36, 0xF2, 0xA6, 0x2D, 0x14 ), + BYTES_TO_T_UINT_8( 0xE7, 0xFC, 0x3D, 0xA8, 0xFB, 0x3C, 0xD2, 0x51 ), + BYTES_TO_T_UINT_8( 0x01, 0x4D, 0x71, 0x09, 0x18, 0x42, 0xF0, 0x2D ), + BYTES_TO_T_UINT_8( 0x8D, 0xC1, 0xCE, 0x9E, 0x6A, 0x49, 0x60, 0x12 ), + BYTES_TO_T_UINT_8( 0xAD, 0xB1, 0x00, 0xF7, 0xA1, 0x7A, 0x31, 0xB4 ), + BYTES_TO_T_UINT_8( 0x41, 0xC3, 0x86, 0xCD, 0x20, 0x4A, 0x17, 0x86 ), + BYTES_TO_T_UINT_8( 0x6C, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x98, 0xAB, 0x8B, 0x47, 0x8D, 0xAA, 0xA6, 0x5B ), + BYTES_TO_T_UINT_8( 0xC4, 0x97, 0xF0, 0xBC, 0x2D, 0xDC, 0x9D, 0x84 ), + BYTES_TO_T_UINT_8( 0x01, 0x86, 0xB0, 0x74, 0xB2, 0xF4, 0xF6, 0x67 ), + BYTES_TO_T_UINT_8( 0xAC, 0xBD, 0xAC, 0xE3, 0x8F, 0x43, 0x5C, 0xB1 ), + BYTES_TO_T_UINT_8( 0x37, 0xC3, 0xE2, 0x6E, 0x25, 0x49, 0xCD, 0x0B ), + BYTES_TO_T_UINT_8( 0x64, 0x5E, 0x08, 0xB3, 0xB9, 0xAC, 0x5F, 0xD1 ), + BYTES_TO_T_UINT_8( 0x08, 0xB7, 0xD1, 0xF4, 0xDC, 0x19, 0xE9, 0xC8 ), + BYTES_TO_T_UINT_8( 0x49, 0xE4, 0xFA, 0xE1, 0x36, 0x3E, 0xED, 0x6E ), + BYTES_TO_T_UINT_8( 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x00, 0x67, 0x92, 0x84, 0x6E, 0x48, 0x03, 0x51 ), + BYTES_TO_T_UINT_8( 0x9E, 0x95, 0xEF, 0x8F, 0xB2, 0x82, 0x6B, 0x1C ), + BYTES_TO_T_UINT_8( 0x8D, 0xFA, 0xB9, 0x55, 0x23, 0xFE, 0x09, 0xB3 ), + BYTES_TO_T_UINT_8( 0xEF, 0x79, 0x85, 0x4B, 0x0E, 0xD4, 0x35, 0xDB ), + BYTES_TO_T_UINT_8( 0x9A, 0x27, 0x45, 0x81, 0xE0, 0x88, 0x52, 0xAD ), + BYTES_TO_T_UINT_8( 0x17, 0x63, 0xA2, 0x4B, 0xBC, 0x5D, 0xB1, 0x92 ), + BYTES_TO_T_UINT_8( 0x28, 0x8C, 0x83, 0xD9, 0x3E, 0xD3, 0x42, 0xDA ), + BYTES_TO_T_UINT_8( 0x99, 0x03, 0x3A, 0x31, 0xBA, 0xE9, 0x3A, 0xD1 ), + BYTES_TO_T_UINT_8( 0x47, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x35, 0x10, 0xCD, 0x2D, 0x00, 0xFE, 0x32, 0xA7 ), + BYTES_TO_T_UINT_8( 0xE4, 0x6E, 0x1F, 0xDA, 0xF8, 0x6F, 0x4D, 0x03 ), + BYTES_TO_T_UINT_8( 0x09, 0x79, 0x7D, 0x09, 0xE5, 0xD3, 0x03, 0x21 ), + BYTES_TO_T_UINT_8( 0x58, 0xC3, 0xBE, 0xDF, 0x07, 0x65, 0x49, 0xCC ), + BYTES_TO_T_UINT_8( 0x08, 0x57, 0x33, 0xEF, 0xAE, 0x4F, 0x04, 0x27 ), + BYTES_TO_T_UINT_8( 0x9A, 0xE9, 0x9B, 0xFE, 0xBF, 0xE6, 0x85, 0xF6 ), + BYTES_TO_T_UINT_8( 0xBD, 0xBA, 0xAA, 0x06, 0xC4, 0xC6, 0xB8, 0x57 ), + BYTES_TO_T_UINT_8( 0x0C, 0x83, 0x01, 0xA9, 0xF6, 0x51, 0xE7, 0xB8 ), + BYTES_TO_T_UINT_8( 0x1B, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xB9, 0xA6, 0x15, 0x8E, 0xAB, 0x1F, 0x10, 0x87 ), + BYTES_TO_T_UINT_8( 0x74, 0x08, 0x27, 0x1A, 0xA1, 0x21, 0xAD, 0xF5 ), + BYTES_TO_T_UINT_8( 0x02, 0x09, 0x90, 0x6E, 0x50, 0x90, 0x9A, 0x5D ), + BYTES_TO_T_UINT_8( 0x86, 0x9A, 0xFE, 0xD7, 0xA1, 0xF5, 0xA2, 0x15 ), + BYTES_TO_T_UINT_8( 0xE8, 0x7D, 0xE3, 0xDC, 0x21, 0xFB, 0xA4, 0x7B ), + BYTES_TO_T_UINT_8( 0xB9, 0xBF, 0x07, 0xFF, 0x45, 0xDF, 0x51, 0x77 ), + BYTES_TO_T_UINT_8( 0x0B, 0x5C, 0x34, 0x02, 0x62, 0x9B, 0x08, 0x12 ), + BYTES_TO_T_UINT_8( 0x86, 0xCE, 0x9A, 0x6A, 0xEC, 0x75, 0xF6, 0x46 ), + BYTES_TO_T_UINT_8( 0x6D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0xE6, 0x59, 0xF4, 0x78, 0x3C, 0x60, 0xB1, 0x4A ), + BYTES_TO_T_UINT_8( 0x3E, 0x37, 0x84, 0x6A, 0xDC, 0xF2, 0x9A, 0x7D ), + BYTES_TO_T_UINT_8( 0x40, 0x9A, 0x9A, 0x15, 0x36, 0xE0, 0x2B, 0x2D ), + BYTES_TO_T_UINT_8( 0xEC, 0x38, 0x9C, 0x50, 0x3D, 0x1E, 0x37, 0x82 ), + BYTES_TO_T_UINT_8( 0xB7, 0x79, 0xF0, 0x92, 0xF2, 0x8B, 0x18, 0x82 ), + BYTES_TO_T_UINT_8( 0x17, 0xE0, 0x82, 0x1E, 0x80, 0x82, 0x4B, 0xD7 ), + BYTES_TO_T_UINT_8( 0xFA, 0xBB, 0x59, 0x6B, 0x8A, 0x77, 0x41, 0x40 ), + BYTES_TO_T_UINT_8( 0xA7, 0xF9, 0xD4, 0xB8, 0x4A, 0x82, 0xCF, 0x40 ), + BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0x1E, 0x8C, 0xC8, 0x9B, 0x72, 0x9E, 0xF7, 0xF9 ), + BYTES_TO_T_UINT_8( 0xB8, 0xCE, 0xE9, 0x77, 0x0A, 0x19, 0x59, 0x84 ), + BYTES_TO_T_UINT_8( 0x9D, 0xA1, 0x41, 0x6A, 0x72, 0x4B, 0xB4, 0xDC ), + BYTES_TO_T_UINT_8( 0x0B, 0x35, 0x43, 0xE2, 0x8C, 0xBE, 0x0D, 0xE3 ), + BYTES_TO_T_UINT_8( 0xC1, 0xEB, 0xAD, 0xF3, 0xA9, 0xA6, 0x68, 0xA1 ), + BYTES_TO_T_UINT_8( 0x81, 0x2F, 0xE2, 0x48, 0x0C, 0xDB, 0x1F, 0x42 ), + BYTES_TO_T_UINT_8( 0xD1, 0x1E, 0x60, 0x9B, 0x2A, 0xD2, 0xC1, 0x3C ), + BYTES_TO_T_UINT_8( 0xC0, 0x64, 0xB5, 0xD2, 0xF6, 0xF6, 0x6E, 0x22 ), + BYTES_TO_T_UINT_8( 0x70, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xC6, 0x3D, 0x30, 0x78, 0x10, 0x18, 0x41, 0x51 ), + BYTES_TO_T_UINT_8( 0x96, 0x1D, 0x1C, 0xE0, 0x6D, 0x83, 0xD1, 0x93 ), + BYTES_TO_T_UINT_8( 0x7B, 0x03, 0x0B, 0xF5, 0x2F, 0x6C, 0x04, 0x98 ), + BYTES_TO_T_UINT_8( 0x6C, 0x3E, 0xD5, 0xFC, 0x31, 0x5B, 0x3A, 0xEB ), + BYTES_TO_T_UINT_8( 0x50, 0x82, 0x2F, 0xFB, 0xFE, 0xF8, 0x76, 0x39 ), + BYTES_TO_T_UINT_8( 0x85, 0x26, 0xDA, 0x9C, 0x36, 0xF5, 0x93, 0xD1 ), + BYTES_TO_T_UINT_8( 0x4C, 0xE7, 0x6E, 0xD2, 0x7D, 0x81, 0x09, 0xC6 ), + BYTES_TO_T_UINT_8( 0xD3, 0x03, 0xF9, 0x58, 0x48, 0x24, 0xA2, 0xEE ), + BYTES_TO_T_UINT_8( 0xE9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x1B, 0x79, 0x0C, 0x8E, 0x6B, 0x95, 0xF3, 0xC4 ), + BYTES_TO_T_UINT_8( 0xF4, 0x10, 0x5C, 0x87, 0x03, 0x39, 0xCF, 0x68 ), + BYTES_TO_T_UINT_8( 0xAD, 0xF0, 0xF7, 0xC1, 0x07, 0xA4, 0xF4, 0x3F ), + BYTES_TO_T_UINT_8( 0x32, 0xE8, 0x02, 0x89, 0x65, 0xC4, 0x72, 0x36 ), + BYTES_TO_T_UINT_8( 0xB4, 0x88, 0xEA, 0x96, 0x67, 0x0B, 0x5D, 0xDF ), + BYTES_TO_T_UINT_8( 0xA8, 0x75, 0x60, 0xA8, 0xBD, 0x74, 0xDF, 0x68 ), + BYTES_TO_T_UINT_8( 0x6E, 0xE5, 0x71, 0x50, 0x67, 0xD0, 0xD2, 0xE6 ), + BYTES_TO_T_UINT_8( 0xD5, 0xFC, 0xE5, 0xC7, 0x77, 0xB0, 0x7F, 0x8C ), + BYTES_TO_T_UINT_8( 0xF1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x97, 0x86, 0x69, 0xCD, 0x0D, 0x9A, 0xBD, 0x66 ), + BYTES_TO_T_UINT_8( 0x58, 0x17, 0xBC, 0xBB, 0x59, 0x85, 0x7D, 0x0E ), + BYTES_TO_T_UINT_8( 0x8D, 0xA8, 0x76, 0xAC, 0x80, 0xA9, 0x72, 0xE0 ), + BYTES_TO_T_UINT_8( 0x74, 0x78, 0xC1, 0xE2, 0x4D, 0xAF, 0xF9, 0x3C ), + BYTES_TO_T_UINT_8( 0xAD, 0x97, 0x8E, 0x74, 0xC4, 0x4B, 0xB2, 0x85 ), + BYTES_TO_T_UINT_8( 0xEA, 0xD8, 0xF6, 0xF3, 0xAF, 0x2F, 0x52, 0xE5 ), + BYTES_TO_T_UINT_8( 0x95, 0x57, 0xF4, 0xCE, 0xEE, 0x43, 0xED, 0x60 ), + BYTES_TO_T_UINT_8( 0x7D, 0x46, 0x38, 0xDE, 0x20, 0xFD, 0x59, 0x18 ), + BYTES_TO_T_UINT_8( 0xD7, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x1C, 0x18, 0xE8, 0x58, 0xB9, 0x76, 0x2C, 0xE6 ), + BYTES_TO_T_UINT_8( 0xED, 0x54, 0xE4, 0xFE, 0xC7, 0xBC, 0x31, 0x37 ), + BYTES_TO_T_UINT_8( 0xF5, 0xF8, 0x89, 0xEE, 0x70, 0xB5, 0xB0, 0x2C ), + BYTES_TO_T_UINT_8( 0x83, 0x22, 0x26, 0x9A, 0x53, 0xB9, 0x38, 0x0A ), + BYTES_TO_T_UINT_8( 0x74, 0xA7, 0x19, 0x8C, 0x74, 0x7E, 0x88, 0x46 ), + BYTES_TO_T_UINT_8( 0xB4, 0xDA, 0x0A, 0xE8, 0xDA, 0xA5, 0xBE, 0x1D ), + BYTES_TO_T_UINT_8( 0x90, 0x5C, 0xF7, 0xB1, 0x0C, 0x72, 0xFB, 0x09 ), + BYTES_TO_T_UINT_8( 0x78, 0xE2, 0x23, 0xE7, 0x46, 0xB7, 0xE0, 0x91 ), + BYTES_TO_T_UINT_8( 0xC5, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x3A, 0x36, 0xBC, 0xBD, 0x48, 0x11, 0x8E, 0x72 ), + BYTES_TO_T_UINT_8( 0xAB, 0xBB, 0xA1, 0xF7, 0x0B, 0x9E, 0xBF, 0xDF ), + BYTES_TO_T_UINT_8( 0x68, 0x28, 0xE1, 0xA2, 0x8F, 0xFC, 0xFC, 0xD6 ), + BYTES_TO_T_UINT_8( 0x81, 0xFE, 0x19, 0x0A, 0xE5, 0xE7, 0x69, 0x39 ), + BYTES_TO_T_UINT_8( 0x5E, 0xCD, 0x12, 0xF5, 0xBE, 0xD3, 0x04, 0xF1 ), + BYTES_TO_T_UINT_8( 0xF5, 0xA8, 0x0D, 0x81, 0x59, 0xC4, 0x79, 0x98 ), + BYTES_TO_T_UINT_8( 0xA3, 0xF3, 0x4B, 0x92, 0x65, 0xC3, 0x31, 0xAD ), + BYTES_TO_T_UINT_8( 0x75, 0xB5, 0x4F, 0x4D, 0x91, 0xD4, 0xE2, 0xB2 ), + BYTES_TO_T_UINT_8( 0x51, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0x72, 0x09, 0x41, 0x79, 0x1D, 0x4D, 0x0D, 0x33 ), + BYTES_TO_T_UINT_8( 0xBB, 0x31, 0x18, 0xBA, 0xA0, 0xF2, 0x6E, 0x7E ), + BYTES_TO_T_UINT_8( 0x93, 0x5B, 0x4D, 0x4F, 0xAF, 0xC9, 0x8C, 0xA1 ), + BYTES_TO_T_UINT_8( 0x48, 0x99, 0x9C, 0x06, 0x68, 0xDE, 0xD8, 0x29 ), + BYTES_TO_T_UINT_8( 0xA0, 0x04, 0xE1, 0xB5, 0x9D, 0x00, 0xBC, 0xB8 ), + BYTES_TO_T_UINT_8( 0x61, 0x95, 0x92, 0x8D, 0x72, 0xD3, 0x37, 0x42 ), + BYTES_TO_T_UINT_8( 0xAB, 0x4B, 0x27, 0xA2, 0xE8, 0xA4, 0x26, 0xA1 ), + BYTES_TO_T_UINT_8( 0x4F, 0x45, 0x9C, 0xA9, 0xCB, 0x9F, 0xBA, 0x85 ), + BYTES_TO_T_UINT_8( 0xCB, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x08, 0x7E, 0x1B, 0x64, 0xF4, 0xE8, 0xA5, 0x55 ), + BYTES_TO_T_UINT_8( 0xF7, 0x20, 0xA9, 0xCA, 0xF3, 0x89, 0xE5, 0xE1 ), + BYTES_TO_T_UINT_8( 0x83, 0xED, 0xFC, 0xAB, 0xD9, 0x0A, 0xB9, 0x07 ), + BYTES_TO_T_UINT_8( 0x08, 0x6F, 0x46, 0x7C, 0xCD, 0x78, 0xFF, 0x05 ), + BYTES_TO_T_UINT_8( 0x69, 0xAB, 0x71, 0x5A, 0x94, 0xAB, 0x20, 0x20 ), + BYTES_TO_T_UINT_8( 0xC2, 0x2E, 0xEE, 0x87, 0x57, 0x1F, 0xAD, 0xD3 ), + BYTES_TO_T_UINT_8( 0x91, 0x4C, 0x3D, 0xFB, 0x7E, 0xA1, 0x8B, 0x07 ), + BYTES_TO_T_UINT_8( 0x69, 0xCF, 0x07, 0x86, 0xBA, 0x53, 0x37, 0xCF ), + BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x00, 0x26, 0xB2, 0xB9, 0xE2, 0x91, 0xE3, 0xB5 ), + BYTES_TO_T_UINT_8( 0x79, 0xC9, 0x54, 0x84, 0x08, 0x3D, 0x0B, 0xD2 ), + BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x77, 0x2F, 0x64, 0x45, 0x99, 0x4C ), + BYTES_TO_T_UINT_8( 0x87, 0x96, 0x16, 0x1F, 0xDB, 0x96, 0x28, 0x97 ), + BYTES_TO_T_UINT_8( 0x83, 0x2B, 0x8D, 0xFF, 0xA2, 0x4F, 0x55, 0xD3 ), + BYTES_TO_T_UINT_8( 0x71, 0xE6, 0x48, 0xBD, 0x99, 0x3D, 0x12, 0x57 ), + BYTES_TO_T_UINT_8( 0x3F, 0x84, 0x59, 0xDA, 0xB9, 0xB6, 0x66, 0x12 ), + BYTES_TO_T_UINT_8( 0x6D, 0x78, 0x41, 0x92, 0xDF, 0xF4, 0x3F, 0x63 ), + BYTES_TO_T_UINT_8( 0x1F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0x7E, 0x86, 0x6F, 0x4F, 0xBF, 0x67, 0xDF, 0x2F ), + BYTES_TO_T_UINT_8( 0xF2, 0x2B, 0x1E, 0x5F, 0x00, 0xEA, 0xF6, 0x56 ), + BYTES_TO_T_UINT_8( 0x90, 0xB9, 0x6A, 0x89, 0xD8, 0xC0, 0xD7, 0xA7 ), + BYTES_TO_T_UINT_8( 0xCB, 0x9A, 0x32, 0x23, 0xA0, 0x02, 0x91, 0x58 ), + BYTES_TO_T_UINT_8( 0x42, 0x7F, 0x6A, 0x15, 0x64, 0x6A, 0x8B, 0xBB ), + BYTES_TO_T_UINT_8( 0x8A, 0x57, 0x82, 0x58, 0xA9, 0x56, 0xB5, 0xFB ), + BYTES_TO_T_UINT_8( 0xDD, 0x50, 0x92, 0x60, 0xCC, 0x81, 0x24, 0xA8 ), + BYTES_TO_T_UINT_8( 0x36, 0x3D, 0xAD, 0xDA, 0xD9, 0x51, 0x3E, 0x57 ), + BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0xEC, 0xFE, 0x8F, 0xB0, 0x0B, 0xDE, 0x2E, 0x7E ), + BYTES_TO_T_UINT_8( 0x79, 0xD2, 0xBE, 0xEF, 0xAC, 0x76, 0x71, 0xA3 ), + BYTES_TO_T_UINT_8( 0x55, 0xE8, 0x72, 0x0B, 0xAC, 0xFE, 0xCA, 0x5A ), + BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0xC7, 0xFC, 0xE3, 0x3C, 0x7C, 0x4C ), + BYTES_TO_T_UINT_8( 0xA1, 0x04, 0xA7, 0xB9, 0x9B, 0x93, 0xC0, 0x2F ), + BYTES_TO_T_UINT_8( 0x41, 0x48, 0x4B, 0x8E, 0x32, 0xC5, 0xF0, 0x6B ), + BYTES_TO_T_UINT_8( 0xB0, 0x42, 0x07, 0xC1, 0xF2, 0xF1, 0x72, 0x5B ), + BYTES_TO_T_UINT_8( 0x1E, 0x37, 0x54, 0x9C, 0x88, 0xD2, 0x62, 0xAA ), + BYTES_TO_T_UINT_8( 0xC1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0xC2, 0x19, 0x8A, 0x89, 0x58, 0xA2, 0x0F, 0xDB ), + BYTES_TO_T_UINT_8( 0x01, 0xCC, 0x4C, 0x97, 0x30, 0x66, 0x34, 0x26 ), + BYTES_TO_T_UINT_8( 0x83, 0x6A, 0x1E, 0x1F, 0xDB, 0xC9, 0x5E, 0x13 ), + BYTES_TO_T_UINT_8( 0x1B, 0x4D, 0x49, 0xFF, 0x9B, 0x9C, 0xAC, 0x9B ), + BYTES_TO_T_UINT_8( 0xD7, 0xE4, 0x4B, 0xF2, 0xD4, 0x1A, 0xD2, 0x78 ), + BYTES_TO_T_UINT_8( 0xCD, 0xDA, 0xE8, 0x61, 0x9F, 0xC8, 0x49, 0x32 ), + BYTES_TO_T_UINT_8( 0x51, 0xCB, 0xF2, 0x2D, 0x85, 0xF6, 0x8D, 0x52 ), + BYTES_TO_T_UINT_8( 0xB7, 0xC5, 0xCD, 0x2C, 0x79, 0xC6, 0x0E, 0x4F ), + BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x73, 0x1D, 0x55, 0x0F, 0xF8, 0x22, 0x9F, 0x78 ), + BYTES_TO_T_UINT_8( 0x76, 0x56, 0xBA, 0xE7, 0x57, 0x32, 0xEC, 0x42 ), + BYTES_TO_T_UINT_8( 0x65, 0x9A, 0xC6, 0x4C, 0x09, 0xC4, 0x52, 0x3F ), + BYTES_TO_T_UINT_8( 0xB6, 0x1E, 0x6F, 0xF4, 0x7D, 0x27, 0xDD, 0xAF ), + BYTES_TO_T_UINT_8( 0x94, 0x11, 0x16, 0xEC, 0x79, 0x83, 0xAD, 0xAE ), + BYTES_TO_T_UINT_8( 0x46, 0x4E, 0x92, 0x1F, 0x19, 0x7D, 0x65, 0xDC ), + BYTES_TO_T_UINT_8( 0x09, 0xFF, 0x78, 0x15, 0x45, 0x63, 0x32, 0xE4 ), + BYTES_TO_T_UINT_8( 0xBF, 0x91, 0xD0, 0x78, 0x58, 0xDA, 0x50, 0x47 ), + BYTES_TO_T_UINT_8( 0x73, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x23, 0xDE, 0x40, 0xF6, 0x41, 0xB4, 0x3B, 0x95 ), + BYTES_TO_T_UINT_8( 0xC6, 0x8D, 0xE0, 0xE1, 0xA9, 0xF0, 0x35, 0x5D ), + BYTES_TO_T_UINT_8( 0xE6, 0xD4, 0xBA, 0x7B, 0xCC, 0x1B, 0x3A, 0x32 ), + BYTES_TO_T_UINT_8( 0xD0, 0x5A, 0x2E, 0x74, 0x47, 0x14, 0xC3, 0x4D ), + BYTES_TO_T_UINT_8( 0x7D, 0xF0, 0x8B, 0x06, 0x15, 0x8E, 0x0E, 0xCA ), + BYTES_TO_T_UINT_8( 0xB5, 0xD2, 0xEB, 0x97, 0x50, 0x7D, 0x31, 0xFC ), + BYTES_TO_T_UINT_8( 0x42, 0x93, 0x4C, 0xDB, 0x97, 0x79, 0x44, 0xF5 ), + BYTES_TO_T_UINT_8( 0x9C, 0xA2, 0xA0, 0x0B, 0xC8, 0x3A, 0x8A, 0xF9 ), + BYTES_TO_T_UINT_8( 0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x79, 0x50, 0x92, 0x9E, 0x24, 0x1F, 0xCB, 0x4C ), + BYTES_TO_T_UINT_8( 0xD3, 0x16, 0xC9, 0xC5, 0x3D, 0x5A, 0xAF, 0x97 ), + BYTES_TO_T_UINT_8( 0x18, 0xE3, 0x97, 0xE4, 0xA8, 0x50, 0xF6, 0x7E ), + BYTES_TO_T_UINT_8( 0x45, 0x57, 0x97, 0x42, 0x78, 0x92, 0x49, 0x0D ), + BYTES_TO_T_UINT_8( 0xA5, 0xEB, 0x62, 0x24, 0xFB, 0x8F, 0x32, 0xCF ), + BYTES_TO_T_UINT_8( 0xF3, 0x0C, 0x36, 0x6E, 0x8F, 0xE8, 0xE8, 0x8E ), + BYTES_TO_T_UINT_8( 0xC2, 0xD3, 0x7C, 0xC7, 0x8D, 0x3F, 0x5C, 0xE1 ), + BYTES_TO_T_UINT_8( 0x6A, 0x64, 0x6A, 0x73, 0x10, 0x79, 0xB8, 0x5A ), + BYTES_TO_T_UINT_8( 0xCB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x51, 0xF9, 0xEF, 0xA5, 0x20, 0x4A, 0x5C, 0xA1 ), + BYTES_TO_T_UINT_8( 0x2F, 0xF3, 0xF4, 0x49, 0x5B, 0x73, 0xAA, 0x1B ), + BYTES_TO_T_UINT_8( 0xC6, 0xF2, 0xEA, 0x0F, 0x00, 0xAD, 0x53, 0xAB ), + BYTES_TO_T_UINT_8( 0x03, 0xB8, 0x66, 0xED, 0xC4, 0x2B, 0x4C, 0x35 ), + BYTES_TO_T_UINT_8( 0x3A, 0x2F, 0xC1, 0x9A, 0x37, 0xD2, 0x7F, 0x58 ), + BYTES_TO_T_UINT_8( 0x29, 0xA7, 0x81, 0x38, 0x64, 0xC9, 0x37, 0x38 ), + BYTES_TO_T_UINT_8( 0xBE, 0x3B, 0x6C, 0x9F, 0x5B, 0xD9, 0x8B, 0x1D ), + BYTES_TO_T_UINT_8( 0xB6, 0x14, 0xD9, 0x08, 0xD8, 0xD2, 0x7E, 0x23 ), + BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x15, 0x71, 0xE6, 0x3D, 0xD1, 0xB0, 0xE7, 0xCD ), + BYTES_TO_T_UINT_8( 0x5B, 0x81, 0x23, 0xEC, 0x2D, 0x42, 0x45, 0xE6 ), + BYTES_TO_T_UINT_8( 0x51, 0x5B, 0x44, 0x6B, 0x89, 0x03, 0x67, 0x28 ), + BYTES_TO_T_UINT_8( 0x84, 0x27, 0xAE, 0x80, 0x5A, 0x33, 0xBE, 0x11 ), + BYTES_TO_T_UINT_8( 0xE3, 0xB6, 0x64, 0x1A, 0xDF, 0xD3, 0x85, 0x91 ), + BYTES_TO_T_UINT_8( 0x67, 0x8C, 0x22, 0xBA, 0xD0, 0xBD, 0xCC, 0xA0 ), + BYTES_TO_T_UINT_8( 0xF7, 0x3C, 0x01, 0x3A, 0xFF, 0x9D, 0xC7, 0x6B ), + BYTES_TO_T_UINT_8( 0x0C, 0xC7, 0x64, 0xB4, 0x59, 0x4E, 0x9F, 0x22 ), + BYTES_TO_T_UINT_8( 0x85, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xA1, 0x34, 0x0A, 0x41, 0x94, 0xA8, 0xF2, 0xB7 ), + BYTES_TO_T_UINT_8( 0xF6, 0xD4, 0xE4, 0xF0, 0x97, 0x45, 0x6D, 0xCA ), + BYTES_TO_T_UINT_8( 0x8F, 0x1F, 0x4D, 0x6D, 0xFE, 0xA0, 0xC4, 0x84 ), + BYTES_TO_T_UINT_8( 0x1D, 0x28, 0x5C, 0x40, 0xBB, 0x65, 0xD4, 0x42 ), + BYTES_TO_T_UINT_8( 0x98, 0xA8, 0x87, 0x35, 0x20, 0x3A, 0x89, 0x44 ), + BYTES_TO_T_UINT_8( 0xD6, 0xFD, 0x4F, 0xAB, 0x2D, 0xD1, 0xD0, 0xC0 ), + BYTES_TO_T_UINT_8( 0x86, 0xE8, 0x00, 0xFC, 0x69, 0x52, 0xF8, 0xD5 ), + BYTES_TO_T_UINT_8( 0xE1, 0x9A, 0x99, 0xE1, 0xDC, 0x9C, 0x3F, 0xD9 ), + BYTES_TO_T_UINT_8( 0x99, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0x12, 0x08, 0x98, 0xD9, 0xCA, 0x73, 0xD5, 0xA9 ), + BYTES_TO_T_UINT_8( 0xB9, 0x2C, 0xE0, 0xA7, 0x3E, 0x91, 0xD7, 0x87 ), + BYTES_TO_T_UINT_8( 0x68, 0x04, 0xB0, 0x54, 0x09, 0xF4, 0x72, 0xB7 ), + BYTES_TO_T_UINT_8( 0xC8, 0xEE, 0x28, 0xCC, 0xE8, 0x50, 0x78, 0x20 ), + BYTES_TO_T_UINT_8( 0x0D, 0x91, 0x03, 0x76, 0xDB, 0x68, 0x24, 0x77 ), + BYTES_TO_T_UINT_8( 0x7A, 0xE0, 0x56, 0xB2, 0x5D, 0x12, 0xD3, 0xB5 ), + BYTES_TO_T_UINT_8( 0x0D, 0x42, 0x59, 0x8B, 0xDF, 0x67, 0xB5, 0xBE ), + BYTES_TO_T_UINT_8( 0xD1, 0xCC, 0xE5, 0x31, 0x53, 0x7A, 0x46, 0xB3 ), + BYTES_TO_T_UINT_8( 0xDA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_16_X[] = { + BYTES_TO_T_UINT_8( 0xCC, 0x8D, 0x59, 0xB5, 0x1B, 0x0F, 0xF4, 0xAF ), + BYTES_TO_T_UINT_8( 0xD9, 0x2F, 0xD1, 0x2C, 0xE0, 0xD8, 0x04, 0xEF ), + BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0xD7, 0xBA, 0xB0, 0xA3, 0x7E, 0xC9 ), + BYTES_TO_T_UINT_8( 0xCD, 0x08, 0x51, 0x56, 0xA6, 0x76, 0x67, 0x33 ), + BYTES_TO_T_UINT_8( 0x8C, 0x17, 0x63, 0xFE, 0x56, 0xD0, 0xD9, 0x71 ), + BYTES_TO_T_UINT_8( 0xAA, 0xF6, 0xC3, 0x14, 0x47, 0xC5, 0xA7, 0x31 ), + BYTES_TO_T_UINT_8( 0x72, 0x4C, 0x80, 0xF6, 0xA2, 0x57, 0xA7, 0x5D ), + BYTES_TO_T_UINT_8( 0x11, 0xB3, 0x7B, 0xF8, 0x2F, 0xE1, 0x3E, 0x7B ), + BYTES_TO_T_UINT_8( 0xFA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_16_Y[] = { + BYTES_TO_T_UINT_8( 0x26, 0xF4, 0xF9, 0x6B, 0x7B, 0x90, 0xDF, 0x30 ), + BYTES_TO_T_UINT_8( 0x1F, 0x82, 0xEF, 0x62, 0xA1, 0x4C, 0x53, 0xCA ), + BYTES_TO_T_UINT_8( 0xE6, 0x99, 0x76, 0x01, 0xBA, 0x8D, 0x0F, 0x54 ), + BYTES_TO_T_UINT_8( 0xAF, 0xF4, 0x58, 0x73, 0x56, 0xFE, 0xDD, 0x7C ), + BYTES_TO_T_UINT_8( 0xF6, 0xCE, 0xF9, 0xE8, 0xA1, 0x34, 0xC3, 0x5B ), + BYTES_TO_T_UINT_8( 0x09, 0x5F, 0xDC, 0x6A, 0x3D, 0xD8, 0x7F, 0x42 ), + BYTES_TO_T_UINT_8( 0xC2, 0xF4, 0x51, 0xB8, 0xB8, 0xC1, 0xD7, 0x2F ), + BYTES_TO_T_UINT_8( 0xAE, 0x7D, 0x58, 0xD1, 0xD4, 0x1B, 0x4D, 0x23 ), + BYTES_TO_T_UINT_8( 0xD3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_17_X[] = { + BYTES_TO_T_UINT_8( 0xB9, 0x95, 0xDF, 0x00, 0xD8, 0x21, 0xDE, 0x94 ), + BYTES_TO_T_UINT_8( 0xF7, 0x47, 0x3C, 0xC3, 0xB2, 0x01, 0x53, 0x5D ), + BYTES_TO_T_UINT_8( 0x1E, 0x17, 0x43, 0x23, 0xBD, 0xCA, 0x71, 0xF2 ), + BYTES_TO_T_UINT_8( 0x70, 0xBA, 0x0F, 0x4F, 0xDC, 0x41, 0x54, 0xBE ), + BYTES_TO_T_UINT_8( 0xD6, 0x39, 0x26, 0x70, 0x53, 0x32, 0x18, 0x11 ), + BYTES_TO_T_UINT_8( 0x32, 0x46, 0x07, 0x97, 0x3A, 0x57, 0xE0, 0x01 ), + BYTES_TO_T_UINT_8( 0xD6, 0x92, 0x4F, 0xCE, 0xDF, 0x25, 0x80, 0x26 ), + BYTES_TO_T_UINT_8( 0x5B, 0x6F, 0x9A, 0x03, 0x05, 0x4B, 0xD1, 0x47 ), + BYTES_TO_T_UINT_8( 0x5D, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_17_Y[] = { + BYTES_TO_T_UINT_8( 0x25, 0x01, 0x72, 0x30, 0x90, 0x17, 0x51, 0x20 ), + BYTES_TO_T_UINT_8( 0x74, 0xFB, 0x41, 0x65, 0x5C, 0xB4, 0x2D, 0xEE ), + BYTES_TO_T_UINT_8( 0x66, 0xCD, 0xCD, 0xAA, 0x41, 0xCC, 0xBB, 0x07 ), + BYTES_TO_T_UINT_8( 0xD4, 0xCE, 0x08, 0x0A, 0x63, 0xE9, 0xA2, 0xFF ), + BYTES_TO_T_UINT_8( 0x3D, 0xA8, 0x21, 0x7F, 0x7A, 0x5B, 0x9B, 0x81 ), + BYTES_TO_T_UINT_8( 0x10, 0x6B, 0x89, 0x44, 0x0A, 0x7F, 0x85, 0x5F ), + BYTES_TO_T_UINT_8( 0x7D, 0xDE, 0x7C, 0x19, 0x5C, 0x65, 0x26, 0x61 ), + BYTES_TO_T_UINT_8( 0xD7, 0xAC, 0x62, 0x29, 0x4A, 0xF1, 0xD0, 0x81 ), + BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_18_X[] = { + BYTES_TO_T_UINT_8( 0x32, 0x00, 0x40, 0x87, 0xEB, 0xA9, 0x58, 0x56 ), + BYTES_TO_T_UINT_8( 0xAF, 0x51, 0x0B, 0xFF, 0x56, 0x35, 0x51, 0xB3 ), + BYTES_TO_T_UINT_8( 0x7B, 0xAC, 0x08, 0x94, 0x71, 0xDA, 0xEC, 0x99 ), + BYTES_TO_T_UINT_8( 0x5F, 0x4D, 0xC5, 0x7B, 0x31, 0x8B, 0x8D, 0x5E ), + BYTES_TO_T_UINT_8( 0x15, 0x05, 0xF1, 0x3E, 0x9E, 0x8F, 0x17, 0x8F ), + BYTES_TO_T_UINT_8( 0xF0, 0x9C, 0x4B, 0x62, 0x94, 0xAD, 0x49, 0xFC ), + BYTES_TO_T_UINT_8( 0x0F, 0xC9, 0xC6, 0x8F, 0xFD, 0x33, 0x44, 0x34 ), + BYTES_TO_T_UINT_8( 0x5F, 0x96, 0x17, 0x7F, 0x42, 0xBE, 0xF7, 0x0D ), + BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_18_Y[] = { + BYTES_TO_T_UINT_8( 0xFB, 0x29, 0x39, 0x13, 0x08, 0x8D, 0x91, 0x47 ), + BYTES_TO_T_UINT_8( 0xF6, 0x79, 0xF9, 0x2F, 0xA9, 0x0A, 0xCF, 0xD6 ), + BYTES_TO_T_UINT_8( 0xAB, 0x87, 0x7A, 0xA3, 0x19, 0xAB, 0x55, 0xAD ), + BYTES_TO_T_UINT_8( 0xE8, 0x0B, 0x01, 0xC5, 0x56, 0x19, 0x9D, 0x9E ), + BYTES_TO_T_UINT_8( 0x19, 0xDE, 0x82, 0x3B, 0xEA, 0xD3, 0x0B, 0x8C ), + BYTES_TO_T_UINT_8( 0x65, 0x6B, 0xC7, 0xF3, 0x0F, 0x82, 0x87, 0x6C ), + BYTES_TO_T_UINT_8( 0xD8, 0x2E, 0x23, 0xF2, 0x39, 0x9D, 0x49, 0x70 ), + BYTES_TO_T_UINT_8( 0x31, 0xDE, 0xAF, 0x7A, 0xEE, 0xB0, 0xDA, 0x70 ), + BYTES_TO_T_UINT_8( 0x63, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_19_X[] = { + BYTES_TO_T_UINT_8( 0x76, 0x4E, 0x2A, 0x50, 0xFD, 0x8E, 0xC0, 0xEB ), + BYTES_TO_T_UINT_8( 0x52, 0x0F, 0x7C, 0x76, 0x63, 0xD8, 0x89, 0x45 ), + BYTES_TO_T_UINT_8( 0xEC, 0x2D, 0xB9, 0x4E, 0xF4, 0xEE, 0x85, 0xCF ), + BYTES_TO_T_UINT_8( 0xC1, 0x95, 0x5C, 0x96, 0x5D, 0xAA, 0x59, 0x0B ), + BYTES_TO_T_UINT_8( 0xCA, 0xDB, 0xD2, 0x68, 0x8E, 0x5A, 0x94, 0x60 ), + BYTES_TO_T_UINT_8( 0xD9, 0x02, 0xBF, 0x77, 0x9F, 0xB9, 0x4C, 0xC9 ), + BYTES_TO_T_UINT_8( 0x2D, 0xDC, 0xC0, 0xCF, 0x81, 0x1E, 0xC4, 0x6C ), + BYTES_TO_T_UINT_8( 0x2B, 0xCC, 0x37, 0x86, 0xDC, 0xE2, 0x64, 0x72 ), + BYTES_TO_T_UINT_8( 0xD5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_19_Y[] = { + BYTES_TO_T_UINT_8( 0x2C, 0x30, 0xB1, 0x59, 0x20, 0x9D, 0x98, 0x28 ), + BYTES_TO_T_UINT_8( 0x77, 0x0C, 0x9D, 0xF8, 0x20, 0xDC, 0x90, 0xBA ), + BYTES_TO_T_UINT_8( 0xB1, 0xA0, 0xF4, 0xE7, 0x3E, 0x9C, 0x9E, 0xA2 ), + BYTES_TO_T_UINT_8( 0xB5, 0x25, 0xA2, 0xB0, 0x54, 0xCD, 0x2E, 0x33 ), + BYTES_TO_T_UINT_8( 0xEA, 0xD9, 0x42, 0xB0, 0x80, 0xB0, 0xA3, 0x38 ), + BYTES_TO_T_UINT_8( 0x9F, 0xFE, 0x9D, 0x8D, 0x40, 0xFF, 0x27, 0x6D ), + BYTES_TO_T_UINT_8( 0x3A, 0x9D, 0xA6, 0x88, 0x3A, 0x8B, 0x6F, 0x14 ), + BYTES_TO_T_UINT_8( 0xB6, 0x39, 0xEE, 0x1F, 0x3F, 0xB1, 0x4F, 0x63 ), + BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_20_X[] = { + BYTES_TO_T_UINT_8( 0x6D, 0xD7, 0x9E, 0xFF, 0xD2, 0x35, 0x67, 0x03 ), + BYTES_TO_T_UINT_8( 0xCA, 0x4F, 0x15, 0x5D, 0xE3, 0xE8, 0x53, 0x86 ), + BYTES_TO_T_UINT_8( 0x92, 0xF7, 0x24, 0x98, 0xA2, 0xCB, 0x11, 0x68 ), + BYTES_TO_T_UINT_8( 0x06, 0x2E, 0x25, 0xE1, 0x94, 0xC5, 0xA3, 0x96 ), + BYTES_TO_T_UINT_8( 0xE0, 0x82, 0x6E, 0xBA, 0xE7, 0x43, 0x25, 0xB0 ), + BYTES_TO_T_UINT_8( 0x18, 0x65, 0xB4, 0x49, 0x73, 0x18, 0x35, 0x54 ), + BYTES_TO_T_UINT_8( 0x59, 0x5B, 0xBC, 0x62, 0x86, 0x4C, 0xC1, 0xB7 ), + BYTES_TO_T_UINT_8( 0x9B, 0xF2, 0x95, 0xA2, 0xBB, 0xA2, 0x35, 0x65 ), + BYTES_TO_T_UINT_8( 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_20_Y[] = { + BYTES_TO_T_UINT_8( 0x72, 0x59, 0x62, 0xB0, 0x4B, 0x1E, 0xB4, 0xD8 ), + BYTES_TO_T_UINT_8( 0x0D, 0x55, 0xCE, 0xB0, 0x69, 0xBA, 0x63, 0x10 ), + BYTES_TO_T_UINT_8( 0x6E, 0x69, 0x86, 0xDB, 0x34, 0x7D, 0x68, 0x64 ), + BYTES_TO_T_UINT_8( 0xDA, 0x06, 0xCA, 0x55, 0x44, 0x36, 0x2B, 0xBA ), + BYTES_TO_T_UINT_8( 0x6C, 0xD4, 0xC4, 0x3D, 0xCD, 0x9E, 0x69, 0xA4 ), + BYTES_TO_T_UINT_8( 0x3F, 0x44, 0xE4, 0xBF, 0x31, 0xE6, 0x40, 0x9F ), + BYTES_TO_T_UINT_8( 0x7E, 0x4F, 0xFA, 0x75, 0xE3, 0xFB, 0x97, 0x0E ), + BYTES_TO_T_UINT_8( 0x08, 0xC0, 0xBD, 0x1C, 0x48, 0xB0, 0x26, 0xD0 ), + BYTES_TO_T_UINT_8( 0xD2, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_21_X[] = { + BYTES_TO_T_UINT_8( 0x1C, 0x7B, 0x32, 0xFA, 0xF2, 0x6D, 0x84, 0x8E ), + BYTES_TO_T_UINT_8( 0xA0, 0x21, 0x03, 0x1D, 0x0D, 0x22, 0x55, 0x67 ), + BYTES_TO_T_UINT_8( 0x18, 0xF9, 0x42, 0x03, 0x9C, 0xC2, 0xCB, 0xBA ), + BYTES_TO_T_UINT_8( 0xF8, 0xA1, 0x96, 0xD9, 0x9D, 0x11, 0x6F, 0xBE ), + BYTES_TO_T_UINT_8( 0xFF, 0x40, 0x57, 0xEB, 0x40, 0x2D, 0xC0, 0x11 ), + BYTES_TO_T_UINT_8( 0x2F, 0x96, 0xBB, 0x4F, 0x2F, 0x23, 0xA8, 0x28 ), + BYTES_TO_T_UINT_8( 0x3A, 0x29, 0x85, 0x21, 0xA5, 0x50, 0x62, 0x06 ), + BYTES_TO_T_UINT_8( 0xC9, 0x7D, 0x92, 0xCF, 0x87, 0x0C, 0x22, 0xF9 ), + BYTES_TO_T_UINT_8( 0xC9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_21_Y[] = { + BYTES_TO_T_UINT_8( 0x5A, 0x0E, 0xA5, 0x32, 0x5B, 0xDF, 0x9C, 0xD5 ), + BYTES_TO_T_UINT_8( 0x27, 0x96, 0x37, 0x2C, 0x88, 0x35, 0x30, 0xA1 ), + BYTES_TO_T_UINT_8( 0x40, 0xB4, 0x69, 0xFF, 0xEB, 0xC6, 0x94, 0x08 ), + BYTES_TO_T_UINT_8( 0xC9, 0x55, 0x60, 0xAD, 0xAA, 0x58, 0x14, 0x88 ), + BYTES_TO_T_UINT_8( 0x3C, 0xFF, 0xF2, 0xB2, 0xD5, 0xA7, 0xD9, 0x27 ), + BYTES_TO_T_UINT_8( 0x2D, 0xAE, 0x54, 0xD2, 0x60, 0x31, 0xF3, 0x15 ), + BYTES_TO_T_UINT_8( 0xBB, 0x92, 0x83, 0xE3, 0xF1, 0x42, 0x83, 0x6E ), + BYTES_TO_T_UINT_8( 0x49, 0xD2, 0xC8, 0xB7, 0x76, 0x45, 0x7F, 0x7D ), + BYTES_TO_T_UINT_8( 0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_22_X[] = { + BYTES_TO_T_UINT_8( 0x4A, 0x11, 0xA4, 0xFB, 0x7A, 0x01, 0xBC, 0xC8 ), + BYTES_TO_T_UINT_8( 0xCD, 0x27, 0x73, 0x8D, 0x02, 0x91, 0x27, 0x8E ), + BYTES_TO_T_UINT_8( 0xA4, 0x62, 0xF6, 0xDD, 0x6B, 0xFA, 0x5B, 0xB9 ), + BYTES_TO_T_UINT_8( 0xEF, 0xCA, 0xA2, 0x44, 0x2C, 0xF0, 0x28, 0xD8 ), + BYTES_TO_T_UINT_8( 0x3C, 0xF1, 0x7A, 0xA2, 0x42, 0x4C, 0x50, 0xC6 ), + BYTES_TO_T_UINT_8( 0x2D, 0x83, 0x3E, 0x50, 0xAB, 0x9C, 0xF7, 0x67 ), + BYTES_TO_T_UINT_8( 0x1D, 0xED, 0x78, 0xCB, 0x76, 0x69, 0xDA, 0x42 ), + BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x1E, 0x43, 0x27, 0x47, 0x6E, 0xDA ), + BYTES_TO_T_UINT_8( 0x94, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_22_Y[] = { + BYTES_TO_T_UINT_8( 0xD3, 0x4F, 0x54, 0xB9, 0x3E, 0xBD, 0xD5, 0x44 ), + BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x40, 0x69, 0x7F, 0x74, 0x9D, 0x32 ), + BYTES_TO_T_UINT_8( 0x5A, 0x06, 0x6F, 0x67, 0x68, 0x2B, 0x4D, 0x10 ), + BYTES_TO_T_UINT_8( 0xC6, 0x65, 0x41, 0xFC, 0x7C, 0x1E, 0xE8, 0xC8 ), + BYTES_TO_T_UINT_8( 0xF2, 0x79, 0x37, 0xAF, 0xFD, 0xD2, 0xDA, 0x4C ), + BYTES_TO_T_UINT_8( 0x33, 0xA8, 0x69, 0x56, 0x62, 0xA4, 0xE4, 0xA3 ), + BYTES_TO_T_UINT_8( 0x42, 0x71, 0x73, 0x21, 0x8A, 0x17, 0x81, 0xA2 ), + BYTES_TO_T_UINT_8( 0x14, 0x55, 0x8F, 0x7B, 0xB8, 0xAF, 0xF7, 0x86 ), + BYTES_TO_T_UINT_8( 0xAA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_23_X[] = { + BYTES_TO_T_UINT_8( 0x4B, 0xD1, 0xBD, 0xBE, 0x8C, 0xBC, 0x60, 0x6E ), + BYTES_TO_T_UINT_8( 0x62, 0xA6, 0x57, 0x8C, 0xAE, 0x5C, 0x19, 0xFE ), + BYTES_TO_T_UINT_8( 0x7A, 0x43, 0xE4, 0xD9, 0xD8, 0x7B, 0xE7, 0x41 ), + BYTES_TO_T_UINT_8( 0xED, 0xB9, 0xE4, 0x85, 0x7C, 0x2E, 0xFC, 0x20 ), + BYTES_TO_T_UINT_8( 0x02, 0x2E, 0x01, 0x2A, 0x6D, 0x56, 0xBE, 0x97 ), + BYTES_TO_T_UINT_8( 0x6A, 0x0C, 0x25, 0x9B, 0xAE, 0x86, 0x37, 0x43 ), + BYTES_TO_T_UINT_8( 0x4A, 0x22, 0xB3, 0xCB, 0x99, 0x66, 0xB7, 0x9E ), + BYTES_TO_T_UINT_8( 0x56, 0xF7, 0x90, 0xF0, 0x1B, 0x09, 0x27, 0xF7 ), + BYTES_TO_T_UINT_8( 0xC8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_23_Y[] = { + BYTES_TO_T_UINT_8( 0x1C, 0x16, 0x08, 0xEF, 0x39, 0x64, 0x49, 0x31 ), + BYTES_TO_T_UINT_8( 0x08, 0xA0, 0xE3, 0x97, 0xA9, 0x07, 0x54, 0x26 ), + BYTES_TO_T_UINT_8( 0xCD, 0xFF, 0xE2, 0x00, 0x07, 0x21, 0x88, 0x20 ), + BYTES_TO_T_UINT_8( 0x16, 0xFD, 0x59, 0x53, 0x05, 0x6C, 0x42, 0x27 ), + BYTES_TO_T_UINT_8( 0x8F, 0xF7, 0x39, 0x5C, 0x82, 0x36, 0xE8, 0x03 ), + BYTES_TO_T_UINT_8( 0x2E, 0x83, 0xA8, 0xE2, 0xA8, 0x43, 0x07, 0x38 ), + BYTES_TO_T_UINT_8( 0xE6, 0xAF, 0x2B, 0x79, 0xED, 0xD8, 0x39, 0x87 ), + BYTES_TO_T_UINT_8( 0x15, 0x20, 0x91, 0x7A, 0xC4, 0x07, 0xEF, 0x6C ), + BYTES_TO_T_UINT_8( 0x28, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_24_X[] = { + BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x2F, 0xAA, 0x0C, 0x94, 0x0E, 0x5A ), + BYTES_TO_T_UINT_8( 0xB7, 0x81, 0x87, 0x41, 0x23, 0xEB, 0x55, 0x7C ), + BYTES_TO_T_UINT_8( 0xB8, 0x53, 0xCC, 0x79, 0xB6, 0xEB, 0x6C, 0xCC ), + BYTES_TO_T_UINT_8( 0xF4, 0x77, 0x73, 0x9D, 0xFC, 0x64, 0x6F, 0x7F ), + BYTES_TO_T_UINT_8( 0x3C, 0x40, 0xE3, 0x6D, 0x1C, 0x16, 0x71, 0x15 ), + BYTES_TO_T_UINT_8( 0x5A, 0xF4, 0x1B, 0xFF, 0x1C, 0x2F, 0xA5, 0xD7 ), + BYTES_TO_T_UINT_8( 0x06, 0x0E, 0x0B, 0x11, 0xF4, 0x8D, 0x93, 0xAF ), + BYTES_TO_T_UINT_8( 0x58, 0xC5, 0x64, 0x6F, 0x24, 0x19, 0xF2, 0x9B ), + BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_24_Y[] = { + BYTES_TO_T_UINT_8( 0x52, 0xB3, 0xAF, 0xA5, 0x0E, 0x4F, 0x5E, 0xE1 ), + BYTES_TO_T_UINT_8( 0x0F, 0x77, 0xCA, 0xF2, 0x6D, 0xC5, 0xF6, 0x9F ), + BYTES_TO_T_UINT_8( 0x90, 0x18, 0x8E, 0x33, 0x68, 0x6C, 0xE8, 0xE0 ), + BYTES_TO_T_UINT_8( 0xFC, 0x8B, 0x80, 0x90, 0x19, 0x7F, 0x90, 0x96 ), + BYTES_TO_T_UINT_8( 0x5B, 0x80, 0x6B, 0x68, 0xE2, 0x7D, 0xD4, 0xD0 ), + BYTES_TO_T_UINT_8( 0x2A, 0xC1, 0x67, 0xB3, 0x72, 0xCB, 0xBF, 0x2F ), + BYTES_TO_T_UINT_8( 0x4F, 0xD5, 0xD3, 0x1D, 0x14, 0x58, 0x0A, 0x80 ), + BYTES_TO_T_UINT_8( 0x79, 0x7A, 0x65, 0x98, 0xB3, 0x07, 0x4B, 0x2F ), + BYTES_TO_T_UINT_8( 0xF3, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_25_X[] = { + BYTES_TO_T_UINT_8( 0x2A, 0x87, 0x0F, 0x5F, 0xCF, 0xA2, 0x01, 0x08 ), + BYTES_TO_T_UINT_8( 0x0C, 0xC9, 0xC8, 0x6E, 0x35, 0x87, 0xA5, 0x67 ), + BYTES_TO_T_UINT_8( 0x94, 0x3E, 0x91, 0xA0, 0xAB, 0x24, 0x1E, 0xF2 ), + BYTES_TO_T_UINT_8( 0xB9, 0xBC, 0x02, 0x35, 0x70, 0xC1, 0x5F, 0x98 ), + BYTES_TO_T_UINT_8( 0x26, 0x59, 0xA0, 0x50, 0x04, 0x80, 0x52, 0x85 ), + BYTES_TO_T_UINT_8( 0xF8, 0x56, 0x6E, 0x42, 0x8F, 0x8C, 0x91, 0x65 ), + BYTES_TO_T_UINT_8( 0xAC, 0xA2, 0xCB, 0xA5, 0xDE, 0x14, 0x24, 0x38 ), + BYTES_TO_T_UINT_8( 0x00, 0xCB, 0x74, 0x28, 0xE6, 0xA7, 0xE7, 0xC3 ), + BYTES_TO_T_UINT_8( 0x5F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_25_Y[] = { + BYTES_TO_T_UINT_8( 0x35, 0x73, 0xA8, 0x8F, 0x9E, 0x0E, 0x63, 0x96 ), + BYTES_TO_T_UINT_8( 0xC8, 0x1B, 0x77, 0xC7, 0xC1, 0x38, 0xF9, 0xDC ), + BYTES_TO_T_UINT_8( 0xD8, 0x3C, 0xCF, 0xA8, 0x7A, 0xD7, 0xF3, 0xC4 ), + BYTES_TO_T_UINT_8( 0xDD, 0x5F, 0x9A, 0xC9, 0xAD, 0xE9, 0x1A, 0x93 ), + BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0x2B, 0x5E, 0xD5, 0x81, 0x95, 0xA8 ), + BYTES_TO_T_UINT_8( 0x19, 0x88, 0x75, 0x29, 0x1F, 0xC7, 0xC7, 0xD0 ), + BYTES_TO_T_UINT_8( 0xD8, 0xA9, 0x5A, 0x4D, 0x63, 0x95, 0xF9, 0x4E ), + BYTES_TO_T_UINT_8( 0xEB, 0xCD, 0x04, 0x8F, 0xCD, 0x91, 0xDE, 0xC6 ), + BYTES_TO_T_UINT_8( 0x71, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_26_X[] = { + BYTES_TO_T_UINT_8( 0x88, 0xD4, 0xFD, 0x25, 0x11, 0x99, 0x6E, 0xEA ), + BYTES_TO_T_UINT_8( 0xB0, 0x83, 0x01, 0x3D, 0xFB, 0x56, 0xA5, 0x4E ), + BYTES_TO_T_UINT_8( 0xC2, 0x3A, 0xDC, 0x74, 0xC2, 0xD7, 0xCF, 0xE8 ), + BYTES_TO_T_UINT_8( 0x8F, 0xBD, 0xF1, 0xDD, 0xA3, 0x07, 0x03, 0xE2 ), + BYTES_TO_T_UINT_8( 0x7B, 0xBE, 0xE9, 0x2E, 0x58, 0x84, 0x66, 0xFC ), + BYTES_TO_T_UINT_8( 0x71, 0x20, 0x78, 0x37, 0x79, 0x0B, 0xA6, 0x64 ), + BYTES_TO_T_UINT_8( 0xE3, 0xF2, 0xAC, 0x65, 0xC8, 0xC9, 0x2F, 0x61 ), + BYTES_TO_T_UINT_8( 0x26, 0x93, 0xE5, 0x0D, 0x0C, 0xC6, 0xB8, 0xCB ), + BYTES_TO_T_UINT_8( 0x9C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_26_Y[] = { + BYTES_TO_T_UINT_8( 0x69, 0xAD, 0x5C, 0x19, 0x12, 0x61, 0x0E, 0x25 ), + BYTES_TO_T_UINT_8( 0x39, 0x4F, 0x0B, 0x1F, 0x49, 0x7E, 0xCD, 0x81 ), + BYTES_TO_T_UINT_8( 0x46, 0x2E, 0x30, 0x61, 0xDB, 0x08, 0x68, 0x9B ), + BYTES_TO_T_UINT_8( 0x41, 0x78, 0xAF, 0xB3, 0x08, 0xC1, 0x69, 0xE5 ), + BYTES_TO_T_UINT_8( 0xC4, 0x5F, 0x5D, 0xC1, 0x57, 0x6F, 0xD8, 0x34 ), + BYTES_TO_T_UINT_8( 0x38, 0xD3, 0x6A, 0xF7, 0xFD, 0x86, 0xE5, 0xB3 ), + BYTES_TO_T_UINT_8( 0xA8, 0x63, 0xBD, 0x70, 0x7B, 0x47, 0xE8, 0x6D ), + BYTES_TO_T_UINT_8( 0x18, 0x62, 0xC8, 0x7E, 0x9D, 0x11, 0x2B, 0xA5 ), + BYTES_TO_T_UINT_8( 0xB6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_27_X[] = { + BYTES_TO_T_UINT_8( 0xE2, 0x84, 0xFD, 0xD5, 0x9A, 0x56, 0x7F, 0x5C ), + BYTES_TO_T_UINT_8( 0x7C, 0xBB, 0xA4, 0x6F, 0x12, 0x6E, 0x4D, 0xF8 ), + BYTES_TO_T_UINT_8( 0x1D, 0x08, 0xA1, 0x82, 0x9C, 0x62, 0x74, 0x7B ), + BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x22, 0x05, 0x1D, 0x15, 0x35, 0x79 ), + BYTES_TO_T_UINT_8( 0x9A, 0x88, 0xCF, 0x5C, 0x05, 0x78, 0xFB, 0x94 ), + BYTES_TO_T_UINT_8( 0xAC, 0x6B, 0x2F, 0x79, 0x09, 0x73, 0x67, 0xEC ), + BYTES_TO_T_UINT_8( 0xD8, 0xA0, 0x80, 0xD8, 0xE8, 0xEC, 0xFB, 0x42 ), + BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0B, 0xB7, 0x81, 0x48, 0x7B, 0xD9 ), + BYTES_TO_T_UINT_8( 0xE3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_27_Y[] = { + BYTES_TO_T_UINT_8( 0xE8, 0x53, 0xA9, 0xED, 0x61, 0x92, 0xD7, 0x85 ), + BYTES_TO_T_UINT_8( 0x26, 0x49, 0xD9, 0x5D, 0x9B, 0x4E, 0x89, 0x35 ), + BYTES_TO_T_UINT_8( 0xB8, 0x12, 0xEB, 0x9A, 0xC9, 0xCB, 0xC1, 0x95 ), + BYTES_TO_T_UINT_8( 0x35, 0xDC, 0x95, 0x16, 0xFE, 0x29, 0x70, 0x01 ), + BYTES_TO_T_UINT_8( 0x64, 0x33, 0xB1, 0xD6, 0x78, 0xB9, 0xE2, 0x36 ), + BYTES_TO_T_UINT_8( 0x34, 0xCE, 0x88, 0xC3, 0xFD, 0x7A, 0x6B, 0xB8 ), + BYTES_TO_T_UINT_8( 0x40, 0x1E, 0x50, 0x1E, 0xAF, 0xB1, 0x25, 0x2D ), + BYTES_TO_T_UINT_8( 0xC1, 0xE7, 0xD7, 0xD5, 0xBD, 0x7A, 0x12, 0xF9 ), + BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_28_X[] = { + BYTES_TO_T_UINT_8( 0x22, 0xAA, 0xA2, 0x80, 0x5D, 0x8F, 0xCD, 0xC8 ), + BYTES_TO_T_UINT_8( 0x48, 0x39, 0x79, 0x64, 0xA1, 0x67, 0x3C, 0xB7 ), + BYTES_TO_T_UINT_8( 0x3D, 0xC7, 0x49, 0xFF, 0x7F, 0xAC, 0xAB, 0x55 ), + BYTES_TO_T_UINT_8( 0x81, 0x54, 0x3E, 0x83, 0xF0, 0x3D, 0xBC, 0xB5 ), + BYTES_TO_T_UINT_8( 0x87, 0x92, 0x4A, 0x38, 0x42, 0x8A, 0xAB, 0xF6 ), + BYTES_TO_T_UINT_8( 0xE7, 0x0B, 0x4F, 0xEE, 0x9E, 0x92, 0xA5, 0xBE ), + BYTES_TO_T_UINT_8( 0xBA, 0xDD, 0x19, 0x96, 0xF2, 0xF0, 0x6B, 0x2E ), + BYTES_TO_T_UINT_8( 0xBE, 0xFC, 0xDD, 0xB2, 0x8A, 0xE5, 0x4C, 0x22 ), + BYTES_TO_T_UINT_8( 0xD4, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_28_Y[] = { + BYTES_TO_T_UINT_8( 0xB7, 0x06, 0x49, 0xAC, 0x99, 0x7E, 0xF8, 0x12 ), + BYTES_TO_T_UINT_8( 0x76, 0xC8, 0x01, 0x51, 0xEA, 0xF6, 0x52, 0xE7 ), + BYTES_TO_T_UINT_8( 0x43, 0x89, 0x66, 0x2B, 0x1F, 0x9B, 0x2A, 0xA3 ), + BYTES_TO_T_UINT_8( 0xDF, 0x0F, 0x95, 0x07, 0x2B, 0x6C, 0x6E, 0x9E ), + BYTES_TO_T_UINT_8( 0x24, 0xC3, 0xB4, 0xBB, 0x91, 0x1F, 0xA3, 0x72 ), + BYTES_TO_T_UINT_8( 0x5F, 0x6E, 0x54, 0x28, 0x7B, 0x9C, 0x79, 0x2E ), + BYTES_TO_T_UINT_8( 0x03, 0x45, 0xFF, 0xA6, 0xDA, 0xA2, 0x83, 0x71 ), + BYTES_TO_T_UINT_8( 0xEB, 0xDE, 0x8F, 0x17, 0x37, 0x82, 0xCB, 0xE2 ), + BYTES_TO_T_UINT_8( 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_29_X[] = { + BYTES_TO_T_UINT_8( 0xD8, 0x94, 0x3F, 0x26, 0xC9, 0x1D, 0xD9, 0xAE ), + BYTES_TO_T_UINT_8( 0x09, 0x97, 0x28, 0x20, 0xCD, 0xC1, 0xF3, 0x40 ), + BYTES_TO_T_UINT_8( 0x95, 0xC9, 0xB5, 0x60, 0x9B, 0x1E, 0xDC, 0x74 ), + BYTES_TO_T_UINT_8( 0x5B, 0xB9, 0x5B, 0x7D, 0xA0, 0xB2, 0x8C, 0xF0 ), + BYTES_TO_T_UINT_8( 0x33, 0xD1, 0x42, 0xE6, 0x39, 0x33, 0x6D, 0xBB ), + BYTES_TO_T_UINT_8( 0x5D, 0xC0, 0xFC, 0xD2, 0x14, 0x5D, 0x3E, 0x3C ), + BYTES_TO_T_UINT_8( 0x78, 0x4A, 0x3E, 0x40, 0x16, 0x93, 0x15, 0xCF ), + BYTES_TO_T_UINT_8( 0xFA, 0x24, 0xC1, 0x27, 0x27, 0xE5, 0x4B, 0xD8 ), + BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_29_Y[] = { + BYTES_TO_T_UINT_8( 0x1D, 0x50, 0xD8, 0xBC, 0xC1, 0x46, 0x22, 0xBB ), + BYTES_TO_T_UINT_8( 0xAD, 0x0E, 0x60, 0xA1, 0xB3, 0x50, 0xD4, 0x86 ), + BYTES_TO_T_UINT_8( 0x80, 0xB1, 0x26, 0xB6, 0x6D, 0x47, 0x5A, 0x6F ), + BYTES_TO_T_UINT_8( 0x45, 0xAC, 0x11, 0x35, 0x3E, 0xB9, 0xF4, 0x01 ), + BYTES_TO_T_UINT_8( 0x58, 0x97, 0xFA, 0xBB, 0x6B, 0x39, 0x13, 0xD8 ), + BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x34, 0x12, 0x75, 0x8E, 0x9B, 0xC6 ), + BYTES_TO_T_UINT_8( 0x2C, 0x9E, 0xCD, 0x29, 0xB6, 0xEF, 0x8D, 0x10 ), + BYTES_TO_T_UINT_8( 0x47, 0xAC, 0xE9, 0x25, 0x27, 0xBB, 0x78, 0x47 ), + BYTES_TO_T_UINT_8( 0x2F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_30_X[] = { + BYTES_TO_T_UINT_8( 0x30, 0x7A, 0xA8, 0xD3, 0xE3, 0x66, 0xE5, 0x66 ), + BYTES_TO_T_UINT_8( 0x2F, 0x4C, 0xC4, 0x2C, 0x76, 0x81, 0x50, 0x32 ), + BYTES_TO_T_UINT_8( 0xEE, 0x71, 0x08, 0xB8, 0x52, 0x7C, 0xAF, 0xDC ), + BYTES_TO_T_UINT_8( 0x45, 0x59, 0x24, 0xDD, 0xFB, 0x2F, 0xD0, 0xDA ), + BYTES_TO_T_UINT_8( 0xB7, 0xCD, 0x56, 0xE9, 0xAC, 0x91, 0xE6, 0xB9 ), + BYTES_TO_T_UINT_8( 0xE5, 0x64, 0x20, 0xC6, 0x9F, 0xE4, 0xEF, 0xDF ), + BYTES_TO_T_UINT_8( 0x6D, 0x2C, 0x8F, 0x8C, 0x97, 0xF6, 0x22, 0xC3 ), + BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0x88, 0xAA, 0xA8, 0xD7, 0xA5, 0x68 ), + BYTES_TO_T_UINT_8( 0xDE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_30_Y[] = { + BYTES_TO_T_UINT_8( 0x21, 0x6C, 0xAE, 0x83, 0xB1, 0x55, 0x55, 0xEE ), + BYTES_TO_T_UINT_8( 0xB0, 0x67, 0x84, 0x47, 0x7C, 0x83, 0x5C, 0x89 ), + BYTES_TO_T_UINT_8( 0x5B, 0x10, 0x4D, 0xDD, 0x30, 0x60, 0xB0, 0xE6 ), + BYTES_TO_T_UINT_8( 0x59, 0xA7, 0x36, 0x76, 0x24, 0x32, 0x9F, 0x9D ), + BYTES_TO_T_UINT_8( 0xDD, 0x42, 0x81, 0xFB, 0xA4, 0x2E, 0x13, 0x68 ), + BYTES_TO_T_UINT_8( 0x87, 0x94, 0x91, 0xFF, 0x99, 0xA0, 0x09, 0x61 ), + BYTES_TO_T_UINT_8( 0x5D, 0x83, 0xA1, 0x76, 0xAF, 0x37, 0x5C, 0x77 ), + BYTES_TO_T_UINT_8( 0x1E, 0xA8, 0x04, 0x86, 0xC4, 0xA9, 0x79, 0x42 ), + BYTES_TO_T_UINT_8( 0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_31_X[] = { + BYTES_TO_T_UINT_8( 0xB6, 0x8C, 0xC2, 0x34, 0xFB, 0x83, 0x28, 0x27 ), + BYTES_TO_T_UINT_8( 0xA4, 0x03, 0x7D, 0x5E, 0x9E, 0x0E, 0xB0, 0x22 ), + BYTES_TO_T_UINT_8( 0xA2, 0x02, 0x46, 0x7F, 0xB9, 0xAC, 0xBB, 0x23 ), + BYTES_TO_T_UINT_8( 0x06, 0xED, 0x48, 0xC2, 0x96, 0x4D, 0x56, 0x27 ), + BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xC5, 0xD1, 0xE6, 0x1C, 0x7E, 0x9B ), + BYTES_TO_T_UINT_8( 0x92, 0x2E, 0x18, 0x71, 0x2D, 0x7B, 0xD7, 0xB3 ), + BYTES_TO_T_UINT_8( 0xAB, 0x46, 0x9D, 0xDE, 0xAA, 0x78, 0x8E, 0xB1 ), + BYTES_TO_T_UINT_8( 0x4D, 0xD7, 0x69, 0x2E, 0xE1, 0xD9, 0x48, 0xDE ), + BYTES_TO_T_UINT_8( 0xFB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp521r1_T_31_Y[] = { + BYTES_TO_T_UINT_8( 0xAF, 0xFF, 0x9E, 0x09, 0x22, 0x22, 0xE6, 0x8D ), + BYTES_TO_T_UINT_8( 0x6C, 0x14, 0x28, 0x13, 0x1B, 0x62, 0x12, 0x22 ), + BYTES_TO_T_UINT_8( 0xCC, 0x7F, 0x67, 0x03, 0xB0, 0xC0, 0xF3, 0x05 ), + BYTES_TO_T_UINT_8( 0xC0, 0xC3, 0x0F, 0xFB, 0x25, 0x48, 0x3E, 0xF4 ), + BYTES_TO_T_UINT_8( 0x0B, 0x6E, 0x53, 0x98, 0x36, 0xB3, 0xD3, 0x94 ), + BYTES_TO_T_UINT_8( 0xEB, 0x81, 0x54, 0x22, 0xA4, 0xCC, 0xC1, 0x22 ), + BYTES_TO_T_UINT_8( 0xF5, 0xBA, 0xFC, 0xA9, 0xDF, 0x68, 0x86, 0x2B ), + BYTES_TO_T_UINT_8( 0x71, 0x92, 0x0E, 0xC3, 0xF2, 0x58, 0xE8, 0x51 ), + BYTES_TO_T_UINT_8( 0xE9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_ecp_point secp521r1_T[32] = { + ECP_POINT_INIT_XY_Z1(secp521r1_T_0_X, secp521r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_1_X, secp521r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_2_X, secp521r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_3_X, secp521r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_4_X, secp521r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_5_X, secp521r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_6_X, secp521r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_7_X, secp521r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_8_X, secp521r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_9_X, secp521r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_10_X, secp521r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_11_X, secp521r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_12_X, secp521r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_13_X, secp521r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_14_X, secp521r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_15_X, secp521r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_16_X, secp521r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_17_X, secp521r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_18_X, secp521r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_19_X, secp521r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_20_X, secp521r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_21_X, secp521r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_22_X, secp521r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_23_X, secp521r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_24_X, secp521r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_25_X, secp521r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_26_X, secp521r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_27_X, secp521r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_28_X, secp521r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_29_X, secp521r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_30_X, secp521r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_31_X, secp521r1_T_31_Y), +}; +#else +#define secp521r1_T NULL +#endif #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) @@ -323,6 +2254,190 @@ static const mbedtls_mpi_uint secp192k1_n[] = { BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp192k1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), + BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), + BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), +}; +static const mbedtls_mpi_uint secp192k1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), + BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), + BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), +}; +static const mbedtls_mpi_uint secp192k1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x6F, 0x77, 0x3D, 0x0D, 0x85, 0x48, 0xA8, 0xA9 ), + BYTES_TO_T_UINT_8( 0x62, 0x07, 0xDF, 0x1D, 0xB3, 0xB3, 0x01, 0x54 ), + BYTES_TO_T_UINT_8( 0x05, 0x86, 0xF6, 0xAF, 0x19, 0x2A, 0x88, 0x2E ), +}; +static const mbedtls_mpi_uint secp192k1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x33, 0x90, 0xB6, 0x2F, 0x48, 0x36, 0x4C, 0x5B ), + BYTES_TO_T_UINT_8( 0xDB, 0x11, 0x14, 0xA6, 0xCB, 0xBA, 0x15, 0xD9 ), + BYTES_TO_T_UINT_8( 0x7E, 0xB0, 0xF2, 0xD4, 0xC9, 0xDA, 0xBA, 0xD7 ), +}; +static const mbedtls_mpi_uint secp192k1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0xE4, 0xC1, 0x9C, 0xE6, 0xBB, 0xFB, 0xCF, 0x23 ), + BYTES_TO_T_UINT_8( 0x93, 0x19, 0xAC, 0x5A, 0xC9, 0x8A, 0x1C, 0x75 ), + BYTES_TO_T_UINT_8( 0xC1, 0xF6, 0x76, 0x86, 0x89, 0x27, 0x8D, 0x28 ), +}; +static const mbedtls_mpi_uint secp192k1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x4B, 0xE0, 0x6F, 0x34, 0xBA, 0x5E, 0xD3, 0x96 ), + BYTES_TO_T_UINT_8( 0x6A, 0xDC, 0xA6, 0x87, 0xC9, 0x9D, 0xC0, 0x82 ), + BYTES_TO_T_UINT_8( 0x09, 0x11, 0x7E, 0xD6, 0xF7, 0x33, 0xFC, 0xE4 ), +}; +static const mbedtls_mpi_uint secp192k1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0xC2, 0x37, 0x3E, 0xC0, 0x7F, 0x62, 0xE7, 0x54 ), + BYTES_TO_T_UINT_8( 0xA5, 0x3B, 0x69, 0x9D, 0x44, 0xBC, 0x82, 0x99 ), + BYTES_TO_T_UINT_8( 0xD4, 0x84, 0xB3, 0x5F, 0x2B, 0xA5, 0x9E, 0x2C ), +}; +static const mbedtls_mpi_uint secp192k1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0x1D, 0x95, 0xEB, 0x4C, 0x04, 0xB4, 0xF4, 0x75 ), + BYTES_TO_T_UINT_8( 0x55, 0xAD, 0x4B, 0xD5, 0x9A, 0xEB, 0xC4, 0x4E ), + BYTES_TO_T_UINT_8( 0xC9, 0xB1, 0xC5, 0x59, 0xE3, 0xD5, 0x16, 0x2A ), +}; +static const mbedtls_mpi_uint secp192k1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x48, 0x2A, 0xCC, 0xAC, 0xD0, 0xEE, 0x50, 0xEC ), + BYTES_TO_T_UINT_8( 0x99, 0x83, 0xE0, 0x5B, 0x14, 0x44, 0x52, 0x20 ), + BYTES_TO_T_UINT_8( 0xD6, 0x15, 0x2D, 0x78, 0xF6, 0x51, 0x32, 0xCF ), +}; +static const mbedtls_mpi_uint secp192k1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x86, 0x36, 0x9B, 0xDD, 0xF8, 0xDD, 0xEF, 0xB2 ), + BYTES_TO_T_UINT_8( 0x0B, 0xB1, 0x6A, 0x2B, 0xAF, 0xEB, 0x2B, 0xB1 ), + BYTES_TO_T_UINT_8( 0xC9, 0x87, 0x7A, 0x66, 0x5D, 0x5B, 0xDF, 0x8F ), +}; +static const mbedtls_mpi_uint secp192k1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x62, 0x45, 0xE5, 0x81, 0x9B, 0xEB, 0x37, 0x23 ), + BYTES_TO_T_UINT_8( 0xB3, 0x29, 0xE2, 0x20, 0x64, 0x23, 0x6B, 0x6E ), + BYTES_TO_T_UINT_8( 0xFE, 0x1D, 0x41, 0xE1, 0x9B, 0x61, 0x7B, 0xD9 ), +}; +static const mbedtls_mpi_uint secp192k1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0x75, 0x57, 0xA3, 0x0A, 0x13, 0xE4, 0x59, 0x15 ), + BYTES_TO_T_UINT_8( 0x79, 0x6E, 0x4A, 0x48, 0x84, 0x90, 0xAC, 0xC7 ), + BYTES_TO_T_UINT_8( 0x9C, 0xB8, 0xF5, 0xF3, 0xDE, 0xA0, 0xA1, 0x1D ), +}; +static const mbedtls_mpi_uint secp192k1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0xA3, 0x32, 0x81, 0xA9, 0x91, 0x5A, 0x4E, 0x33 ), + BYTES_TO_T_UINT_8( 0xCB, 0xA8, 0x90, 0xBE, 0x0F, 0xEC, 0xC0, 0x85 ), + BYTES_TO_T_UINT_8( 0x80, 0x30, 0xD7, 0x08, 0xAE, 0xC4, 0x3A, 0xA5 ), +}; +static const mbedtls_mpi_uint secp192k1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xBC, 0x55, 0xE3, 0x76, 0xB3, 0x64, 0x74, 0x9F ), + BYTES_TO_T_UINT_8( 0x3F, 0x75, 0xD4, 0xDB, 0x98, 0xD7, 0x39, 0xAE ), + BYTES_TO_T_UINT_8( 0xD4, 0xEB, 0x8A, 0xAB, 0x16, 0xD9, 0xD4, 0x0B ), +}; +static const mbedtls_mpi_uint secp192k1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0x41, 0xBE, 0xF9, 0xC7, 0xC7, 0xBA, 0xF3, 0xA1 ), + BYTES_TO_T_UINT_8( 0xC2, 0x85, 0x59, 0xF3, 0x60, 0x41, 0x02, 0xD2 ), + BYTES_TO_T_UINT_8( 0x46, 0x1C, 0x4A, 0xA4, 0xC7, 0xED, 0x66, 0xBC ), +}; +static const mbedtls_mpi_uint secp192k1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x2E, 0x46, 0x52, 0x18, 0x87, 0x14 ), + BYTES_TO_T_UINT_8( 0xFF, 0x35, 0x5A, 0x75, 0xAC, 0x4D, 0x75, 0x91 ), + BYTES_TO_T_UINT_8( 0xCE, 0x2F, 0xAC, 0xFC, 0xBC, 0xE6, 0x93, 0x5E ), +}; +static const mbedtls_mpi_uint secp192k1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x87, 0x4D, 0xC9, 0x18, 0xE9, 0x00, 0xEB, 0x33 ), + BYTES_TO_T_UINT_8( 0x1A, 0x69, 0x72, 0x07, 0x5A, 0x59, 0xA8, 0x26 ), + BYTES_TO_T_UINT_8( 0xB6, 0x65, 0x83, 0x20, 0x10, 0xF9, 0x69, 0x82 ), +}; +static const mbedtls_mpi_uint secp192k1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x8B, 0x56, 0x7F, 0x9F, 0xBF, 0x46, 0x0C, 0x7E ), + BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0xF0, 0xDC, 0xDF, 0x2D, 0xE6, 0xE5 ), + BYTES_TO_T_UINT_8( 0x09, 0xF0, 0x72, 0x3A, 0x7A, 0x03, 0xE5, 0x22 ), +}; +static const mbedtls_mpi_uint secp192k1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x3E, 0xAA, 0x57, 0x13, 0x37, 0xA7, 0x2C, 0xD4 ), + BYTES_TO_T_UINT_8( 0xA3, 0xAC, 0xA2, 0x23, 0xF9, 0x84, 0x60, 0xD3 ), + BYTES_TO_T_UINT_8( 0x32, 0xEB, 0x51, 0x70, 0x64, 0x78, 0xCA, 0x05 ), +}; +static const mbedtls_mpi_uint secp192k1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0x91, 0xCC, 0x30, 0x62, 0x93, 0x46, 0x13, 0xE9 ), + BYTES_TO_T_UINT_8( 0x21, 0x26, 0xCC, 0x6C, 0x3D, 0x5C, 0xDA, 0x2C ), + BYTES_TO_T_UINT_8( 0xD5, 0xAA, 0xB8, 0x03, 0xA4, 0x1A, 0x00, 0x96 ), +}; +static const mbedtls_mpi_uint secp192k1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0xF9, 0x9D, 0xE6, 0xCC, 0x4E, 0x2E, 0xC2, 0xD5 ), + BYTES_TO_T_UINT_8( 0xB4, 0xC3, 0x8A, 0xAE, 0x6F, 0x40, 0x05, 0xEB ), + BYTES_TO_T_UINT_8( 0x9D, 0x8F, 0x4A, 0x4D, 0x35, 0xD3, 0x50, 0x9D ), +}; +static const mbedtls_mpi_uint secp192k1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x1F, 0xFD, 0x98, 0xAB, 0xC7, 0x03, 0xB4, 0x55 ), + BYTES_TO_T_UINT_8( 0x40, 0x40, 0xD2, 0x9F, 0xCA, 0xD0, 0x53, 0x00 ), + BYTES_TO_T_UINT_8( 0x1A, 0x84, 0x00, 0x6F, 0xC8, 0xAD, 0xED, 0x8D ), +}; +static const mbedtls_mpi_uint secp192k1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xCE, 0xD3, 0x57, 0xD7, 0xC3, 0x07, 0xBD, 0xD7 ), + BYTES_TO_T_UINT_8( 0x67, 0xBA, 0x47, 0x1D, 0x3D, 0xEF, 0x98, 0x6C ), + BYTES_TO_T_UINT_8( 0x6D, 0xC0, 0x6C, 0x7F, 0x12, 0xEE, 0x9F, 0x67 ), +}; +static const mbedtls_mpi_uint secp192k1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0xCA, 0x02, 0xDA, 0x79, 0xAA, 0xC9, 0x27, 0xC4 ), + BYTES_TO_T_UINT_8( 0x21, 0x79, 0xC7, 0x71, 0x84, 0xCB, 0xE5, 0x5A ), + BYTES_TO_T_UINT_8( 0x15, 0x37, 0x06, 0xBA, 0xB5, 0xD5, 0x18, 0x4C ), +}; +static const mbedtls_mpi_uint secp192k1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0xA1, 0x65, 0x72, 0x6C, 0xF2, 0x63, 0x27, 0x6A ), + BYTES_TO_T_UINT_8( 0x69, 0xBC, 0x71, 0xDF, 0x75, 0xF8, 0x98, 0x4D ), + BYTES_TO_T_UINT_8( 0x70, 0x70, 0x9B, 0xDC, 0xE7, 0x18, 0x71, 0xFF ), +}; +static const mbedtls_mpi_uint secp192k1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x15, 0x5B, 0x9F, 0x00, 0x5A, 0xB6, 0x80, 0x7A ), + BYTES_TO_T_UINT_8( 0xB7, 0xE0, 0xBB, 0xFC, 0x5E, 0x78, 0x9C, 0x89 ), + BYTES_TO_T_UINT_8( 0x60, 0x03, 0x68, 0x83, 0x3D, 0x2E, 0x4C, 0xDD ), +}; +static const mbedtls_mpi_uint secp192k1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x3B, 0x49, 0x23, 0xA8, 0xCB, 0x3B, 0x1A, 0xF6 ), + BYTES_TO_T_UINT_8( 0x8B, 0x3D, 0xA7, 0x46, 0xCF, 0x75, 0xB6, 0x2C ), + BYTES_TO_T_UINT_8( 0x92, 0xFD, 0x30, 0x01, 0xB6, 0xEF, 0xF9, 0xE8 ), +}; +static const mbedtls_mpi_uint secp192k1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0xDC, 0xFA, 0xDA, 0xB8, 0x29, 0x42, 0xC9, 0xC7 ), + BYTES_TO_T_UINT_8( 0x06, 0xD7, 0xA0, 0xE6, 0x6B, 0x86, 0x61, 0x39 ), + BYTES_TO_T_UINT_8( 0xDB, 0xE9, 0xD3, 0x37, 0xD8, 0xE7, 0x35, 0xA9 ), +}; +static const mbedtls_mpi_uint secp192k1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0xFD, 0xC8, 0x8E, 0xB1, 0xCB, 0xB1, 0xB5, 0x4D ), + BYTES_TO_T_UINT_8( 0x16, 0xD7, 0x46, 0x7D, 0xAF, 0xE2, 0xDC, 0xBB ), + BYTES_TO_T_UINT_8( 0xD0, 0x46, 0xE7, 0xD8, 0x76, 0x31, 0x90, 0x76 ), +}; +static const mbedtls_mpi_uint secp192k1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0xEB, 0xD3, 0xF4, 0x74, 0xE1, 0x67, 0xD8, 0x66 ), + BYTES_TO_T_UINT_8( 0xE7, 0x70, 0x3C, 0xC8, 0xAF, 0x5F, 0xF4, 0x58 ), + BYTES_TO_T_UINT_8( 0x24, 0x4E, 0xED, 0x5C, 0x43, 0xB3, 0x16, 0x35 ), +}; +static const mbedtls_mpi_uint secp192k1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0x57, 0xAE, 0xD1, 0xDD, 0x31, 0x14, 0xD3, 0xF0 ), + BYTES_TO_T_UINT_8( 0xE8, 0x14, 0x06, 0x13, 0x12, 0x1C, 0x81, 0xF5 ), + BYTES_TO_T_UINT_8( 0xA6, 0xF9, 0x0C, 0x91, 0xF7, 0x67, 0x59, 0x63 ), +}; +static const mbedtls_mpi_uint secp192k1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xAB, 0x91, 0xE2, 0xF4, 0x9D, 0xEB, 0x88, 0x87 ), + BYTES_TO_T_UINT_8( 0xDB, 0x82, 0x30, 0x9C, 0xAE, 0x18, 0x4D, 0xB7 ), + BYTES_TO_T_UINT_8( 0x3C, 0x79, 0xCF, 0x17, 0xA5, 0x1E, 0xE8, 0xC8 ), +}; +static const mbedtls_ecp_point secp192k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp192k1_T_0_X, secp192k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_1_X, secp192k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_2_X, secp192k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_3_X, secp192k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_4_X, secp192k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_5_X, secp192k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_6_X, secp192k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_7_X, secp192k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_8_X, secp192k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_9_X, secp192k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_10_X, secp192k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_11_X, secp192k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_12_X, secp192k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_13_X, secp192k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_14_X, secp192k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_15_X, secp192k1_T_15_Y), +}; +#else +#define secp192k1_T NULL +#endif + #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) @@ -356,6 +2471,221 @@ static const mbedtls_mpi_uint secp224k1_n[] = { BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), }; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp224k1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), + BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), + BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), + BYTES_TO_T_UINT_8( 0x33, 0x5B, 0x45, 0xA1, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), + BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), + BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), + BYTES_TO_T_UINT_8( 0xED, 0x9F, 0x08, 0x7E, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x99, 0x6C, 0x22, 0x22, 0x40, 0x89, 0xAE, 0x7A ), + BYTES_TO_T_UINT_8( 0x2F, 0x92, 0xE1, 0x87, 0x56, 0x35, 0xAF, 0x9B ), + BYTES_TO_T_UINT_8( 0x88, 0xAF, 0x08, 0x35, 0x27, 0xEA, 0x04, 0xED ), + BYTES_TO_T_UINT_8( 0xF0, 0x53, 0xFD, 0xCF, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0xC1, 0xD0, 0x9F, 0x8D, 0xF3, 0x63, 0x54, 0x30 ), + BYTES_TO_T_UINT_8( 0x39, 0xDB, 0x0F, 0x61, 0x54, 0x26, 0xD1, 0x98 ), + BYTES_TO_T_UINT_8( 0xF5, 0x21, 0xF7, 0x1B, 0xB5, 0x1D, 0xF6, 0x7E ), + BYTES_TO_T_UINT_8( 0xFF, 0x05, 0xDA, 0x8F, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x10, 0x26, 0x73, 0xBC, 0xE4, 0x29, 0x62, 0x56 ), + BYTES_TO_T_UINT_8( 0x37, 0x95, 0x17, 0x8B, 0xC3, 0x9B, 0xAC, 0xCC ), + BYTES_TO_T_UINT_8( 0xB1, 0xDB, 0x77, 0xDF, 0xDD, 0x13, 0x04, 0x98 ), + BYTES_TO_T_UINT_8( 0x02, 0xFC, 0x22, 0x93, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0xAC, 0x65, 0xF1, 0x5A, 0x37, 0xEF, 0x79, 0xAD ), + BYTES_TO_T_UINT_8( 0x99, 0x01, 0x37, 0xAC, 0x9A, 0x5B, 0x51, 0x65 ), + BYTES_TO_T_UINT_8( 0xFA, 0x75, 0x13, 0xA9, 0x4A, 0xAD, 0xFE, 0x9B ), + BYTES_TO_T_UINT_8( 0x32, 0x82, 0x6F, 0x66, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x4D, 0x5E, 0xF0, 0x40, 0xC3, 0xA6, 0xE2, 0x1E ), + BYTES_TO_T_UINT_8( 0x34, 0x9A, 0x6F, 0xCF, 0x11, 0x26, 0x66, 0x85 ), + BYTES_TO_T_UINT_8( 0x79, 0x73, 0xA8, 0xCF, 0x2B, 0x12, 0x36, 0x37 ), + BYTES_TO_T_UINT_8( 0xB9, 0xB3, 0x0A, 0x58, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xD3, 0x79, 0x00, 0x55, 0x04, 0x34, 0x90, 0x1A ), + BYTES_TO_T_UINT_8( 0x0A, 0x54, 0x1C, 0xC2, 0x45, 0x0C, 0x1B, 0x23 ), + BYTES_TO_T_UINT_8( 0x86, 0x19, 0xAB, 0xA8, 0xFC, 0x73, 0xDC, 0xEE ), + BYTES_TO_T_UINT_8( 0x72, 0xFB, 0x93, 0xCE, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0xF8, 0x75, 0xD0, 0x66, 0x95, 0x86, 0xCA, 0x66 ), + BYTES_TO_T_UINT_8( 0x17, 0xEA, 0x29, 0x16, 0x6A, 0x38, 0xDF, 0x41 ), + BYTES_TO_T_UINT_8( 0xD8, 0xA2, 0x36, 0x2F, 0xDC, 0xBB, 0x5E, 0xF7 ), + BYTES_TO_T_UINT_8( 0xD4, 0x89, 0x59, 0x49, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0xCA, 0xA3, 0x99, 0x9D, 0xB8, 0x77, 0x9D, 0x1D ), + BYTES_TO_T_UINT_8( 0x0A, 0x93, 0x43, 0x47, 0xC6, 0x5C, 0xF9, 0xFD ), + BYTES_TO_T_UINT_8( 0xAA, 0x00, 0x79, 0x42, 0x64, 0xB8, 0x25, 0x3E ), + BYTES_TO_T_UINT_8( 0x29, 0x54, 0xB4, 0x33, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0xD9, 0x0C, 0x42, 0x90, 0x83, 0x0B, 0x31, 0x5F ), + BYTES_TO_T_UINT_8( 0x54, 0x2E, 0xAE, 0xC8, 0xC7, 0x5F, 0xD2, 0x70 ), + BYTES_TO_T_UINT_8( 0xA9, 0xBC, 0xAD, 0x41, 0xE7, 0x32, 0x3A, 0x81 ), + BYTES_TO_T_UINT_8( 0x8A, 0x97, 0x52, 0x83, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0x1A, 0x13, 0x7A, 0xBD, 0xAE, 0x94, 0x60, 0xFD ), + BYTES_TO_T_UINT_8( 0x92, 0x9B, 0x95, 0xB4, 0x6E, 0x68, 0xB2, 0x1F ), + BYTES_TO_T_UINT_8( 0x15, 0x49, 0xBE, 0x51, 0xFE, 0x66, 0x15, 0x74 ), + BYTES_TO_T_UINT_8( 0xE6, 0x37, 0xE4, 0xFE, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0xF6, 0x9B, 0xEE, 0x64, 0xC9, 0x1B, 0xBD, 0x77 ), + BYTES_TO_T_UINT_8( 0xDA, 0x5F, 0x34, 0xA9, 0x0B, 0xB7, 0x25, 0x52 ), + BYTES_TO_T_UINT_8( 0x90, 0x13, 0xB1, 0x38, 0xFB, 0x9D, 0x78, 0xED ), + BYTES_TO_T_UINT_8( 0x39, 0xE7, 0x1B, 0xFA, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xFB, 0xB3, 0xB7, 0x44, 0x92, 0x6B, 0x00, 0x82 ), + BYTES_TO_T_UINT_8( 0x97, 0x82, 0x44, 0x3E, 0x18, 0x1A, 0x58, 0x6A ), + BYTES_TO_T_UINT_8( 0x15, 0xF8, 0xC0, 0xE4, 0xEE, 0xC1, 0xBF, 0x44 ), + BYTES_TO_T_UINT_8( 0x7E, 0x32, 0x27, 0xB2, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xF4, 0x9A, 0x42, 0x62, 0x8B, 0x26, 0x54, 0x21 ), + BYTES_TO_T_UINT_8( 0x24, 0x85, 0x74, 0xA0, 0x79, 0xA8, 0xEE, 0xBE ), + BYTES_TO_T_UINT_8( 0x80, 0x36, 0x60, 0xB3, 0x28, 0x4D, 0x55, 0xBE ), + BYTES_TO_T_UINT_8( 0x32, 0x27, 0x82, 0x29, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x0D, 0xFC, 0x73, 0x77, 0xAF, 0x5C, 0xAC, 0x78 ), + BYTES_TO_T_UINT_8( 0xCC, 0xED, 0xE5, 0xF6, 0x1D, 0xA8, 0x67, 0x43 ), + BYTES_TO_T_UINT_8( 0xF8, 0xDE, 0x33, 0x1C, 0xF1, 0x80, 0x73, 0xF8 ), + BYTES_TO_T_UINT_8( 0x2A, 0xE2, 0xDE, 0x3C, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x57, 0x3E, 0x6B, 0xFE, 0xF0, 0x04, 0x28, 0x01 ), + BYTES_TO_T_UINT_8( 0xBB, 0xB2, 0x14, 0x9D, 0x18, 0x11, 0x7D, 0x9D ), + BYTES_TO_T_UINT_8( 0x96, 0xC4, 0xD6, 0x2E, 0x6E, 0x57, 0x4D, 0xE1 ), + BYTES_TO_T_UINT_8( 0xEA, 0x55, 0x1B, 0xDE, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x07, 0xF7, 0x17, 0xBC, 0x45, 0xAB, 0x16, 0xAB ), + BYTES_TO_T_UINT_8( 0xCD, 0xB0, 0xEF, 0x61, 0xE3, 0x20, 0x7C, 0xF8 ), + BYTES_TO_T_UINT_8( 0x6C, 0x85, 0x41, 0x4D, 0xF1, 0x7E, 0x4D, 0x41 ), + BYTES_TO_T_UINT_8( 0x99, 0xC2, 0x9B, 0x5E, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x70, 0x2E, 0x49, 0x3D, 0x3E, 0x4B, 0xD3, 0x32 ), + BYTES_TO_T_UINT_8( 0xC8, 0x2B, 0x9D, 0xD5, 0x27, 0xFA, 0xCA, 0xE0 ), + BYTES_TO_T_UINT_8( 0xB3, 0xB3, 0x6A, 0xE0, 0x79, 0x14, 0x28, 0x0F ), + BYTES_TO_T_UINT_8( 0x6C, 0x1E, 0xDC, 0xF5, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xCA, 0x44, 0x56, 0xCD, 0xFC, 0x9F, 0x09, 0xFF ), + BYTES_TO_T_UINT_8( 0x5C, 0x8C, 0x59, 0xA4, 0x64, 0x2A, 0x3A, 0xED ), + BYTES_TO_T_UINT_8( 0x40, 0xA0, 0xB5, 0x86, 0x4E, 0x69, 0xDA, 0x06 ), + BYTES_TO_T_UINT_8( 0x08, 0x8B, 0x11, 0x38, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0xA0, 0x17, 0x16, 0x12, 0x17, 0xDC, 0x00, 0x7E ), + BYTES_TO_T_UINT_8( 0xE7, 0x76, 0x24, 0x6C, 0x97, 0x2C, 0xB5, 0xF9 ), + BYTES_TO_T_UINT_8( 0x82, 0x71, 0xE3, 0xB0, 0xBB, 0x4E, 0x50, 0x52 ), + BYTES_TO_T_UINT_8( 0x6E, 0x48, 0x26, 0xD5, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x06, 0x5F, 0x28, 0xF6, 0x01, 0x5A, 0x60, 0x41 ), + BYTES_TO_T_UINT_8( 0xAE, 0x95, 0xFE, 0xD0, 0xAD, 0x15, 0xD4, 0xD9 ), + BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0x7A, 0xFD, 0x80, 0xF7, 0x9F, 0x64 ), + BYTES_TO_T_UINT_8( 0x32, 0xBC, 0x1B, 0xDF, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xBB, 0xE6, 0xDF, 0x14, 0x29, 0xF4, 0xD4, 0x14 ), + BYTES_TO_T_UINT_8( 0xE5, 0x12, 0xDD, 0xEC, 0x5B, 0x8A, 0x59, 0xE5 ), + BYTES_TO_T_UINT_8( 0x26, 0x92, 0x3E, 0x35, 0x08, 0xE9, 0xCF, 0x0E ), + BYTES_TO_T_UINT_8( 0xE0, 0x35, 0x29, 0x97, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x11, 0xDB, 0xD6, 0x6A, 0xC5, 0x43, 0xA4, 0xA1 ), + BYTES_TO_T_UINT_8( 0x61, 0x33, 0x50, 0x61, 0x70, 0xA1, 0xE9, 0xCE ), + BYTES_TO_T_UINT_8( 0x15, 0x15, 0x6E, 0x5F, 0x01, 0x0C, 0x8C, 0xFA ), + BYTES_TO_T_UINT_8( 0x85, 0xA1, 0x9A, 0x9D, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x6E, 0xC6, 0xF7, 0xE2, 0x4A, 0xCD, 0x9B, 0x61 ), + BYTES_TO_T_UINT_8( 0x34, 0x4D, 0x5A, 0xB8, 0xE2, 0x6D, 0xA6, 0x50 ), + BYTES_TO_T_UINT_8( 0x32, 0x3F, 0xB6, 0x17, 0xE3, 0x2C, 0x6F, 0x65 ), + BYTES_TO_T_UINT_8( 0x1E, 0xA4, 0x59, 0x51, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x77, 0x4F, 0x7C, 0x49, 0xCD, 0x6E, 0xEB, 0x3C ), + BYTES_TO_T_UINT_8( 0x05, 0xC9, 0x1F, 0xB7, 0x4D, 0x98, 0xC7, 0x67 ), + BYTES_TO_T_UINT_8( 0x4C, 0xFD, 0x98, 0x20, 0x95, 0xBB, 0x20, 0x3A ), + BYTES_TO_T_UINT_8( 0xE0, 0xF2, 0x73, 0x92, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0xE2, 0xEF, 0xFB, 0x30, 0xFA, 0x12, 0x1A, 0xB0 ), + BYTES_TO_T_UINT_8( 0x7A, 0x4C, 0x24, 0xB4, 0x5B, 0xC9, 0x4C, 0x0F ), + BYTES_TO_T_UINT_8( 0x7A, 0xDD, 0x5E, 0x84, 0x95, 0x4D, 0x26, 0xED ), + BYTES_TO_T_UINT_8( 0xE3, 0xFA, 0xF9, 0x3A, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x6A, 0xA3, 0x2E, 0x7A, 0xDC, 0xA7, 0x53, 0xA9 ), + BYTES_TO_T_UINT_8( 0x7C, 0x9F, 0x81, 0x84, 0xB2, 0x0D, 0xFE, 0x31 ), + BYTES_TO_T_UINT_8( 0x61, 0x89, 0x1B, 0x77, 0x0C, 0x89, 0x71, 0xEC ), + BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0x7F, 0xB2, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x28, 0xE9, 0x2C, 0x79, 0xA6, 0x3C, 0xAD, 0x93 ), + BYTES_TO_T_UINT_8( 0xD6, 0xE0, 0x23, 0x02, 0x86, 0x0F, 0x77, 0x2A ), + BYTES_TO_T_UINT_8( 0x13, 0x93, 0x6D, 0xE9, 0xF9, 0x3C, 0xBE, 0xB9 ), + BYTES_TO_T_UINT_8( 0x04, 0xE7, 0x24, 0x92, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0xBB, 0x3C, 0x5B, 0x4B, 0x1B, 0x25, 0x37, 0xD6 ), + BYTES_TO_T_UINT_8( 0xC9, 0xE8, 0x38, 0x1B, 0xA1, 0x5A, 0x2E, 0x68 ), + BYTES_TO_T_UINT_8( 0x03, 0x19, 0xFD, 0xF4, 0x78, 0x01, 0x6B, 0x44 ), + BYTES_TO_T_UINT_8( 0x0F, 0x69, 0x37, 0x4F, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0x1A, 0xE2, 0xBF, 0xD3, 0xEC, 0x95, 0x9C, 0x03 ), + BYTES_TO_T_UINT_8( 0xC2, 0x7B, 0xFC, 0xD5, 0xD3, 0x25, 0x5E, 0x0F ), + BYTES_TO_T_UINT_8( 0x39, 0x55, 0x09, 0xA2, 0x58, 0x6A, 0xC9, 0xFF ), + BYTES_TO_T_UINT_8( 0x80, 0xCC, 0x3B, 0xD9, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_mpi_uint secp224k1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0x8F, 0x08, 0x65, 0x5E, 0xCB, 0xAB, 0x48, 0xC8 ), + BYTES_TO_T_UINT_8( 0xEE, 0x79, 0x8B, 0xC0, 0x11, 0xC0, 0x69, 0x38 ), + BYTES_TO_T_UINT_8( 0xE6, 0xE8, 0x8C, 0x4C, 0xC5, 0x28, 0xE4, 0xAE ), + BYTES_TO_T_UINT_8( 0xA5, 0x1F, 0x34, 0x5C, 0x00, 0x00, 0x00, 0x00 ), +}; +static const mbedtls_ecp_point secp224k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp224k1_T_0_X, secp224k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_1_X, secp224k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_2_X, secp224k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_3_X, secp224k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_4_X, secp224k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_5_X, secp224k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_6_X, secp224k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_7_X, secp224k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_8_X, secp224k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_9_X, secp224k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_10_X, secp224k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_11_X, secp224k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_12_X, secp224k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_13_X, secp224k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_14_X, secp224k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_15_X, secp224k1_T_15_Y), +}; +#else +#define secp224k1_T NULL +#endif #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) @@ -389,6 +2719,221 @@ static const mbedtls_mpi_uint secp256k1_n[] = { BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp256k1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), + BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), + BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), + BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), +}; +static const mbedtls_mpi_uint secp256k1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), + BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), + BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), + BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), +}; +static const mbedtls_mpi_uint secp256k1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0xE7, 0xEE, 0xD7, 0x1E, 0x67, 0x86, 0x32, 0x74 ), + BYTES_TO_T_UINT_8( 0x23, 0x73, 0xB1, 0xA9, 0xD5, 0xCC, 0x27, 0x78 ), + BYTES_TO_T_UINT_8( 0x1F, 0x0E, 0x11, 0x01, 0x71, 0xFE, 0x92, 0x73 ), + BYTES_TO_T_UINT_8( 0xC6, 0x28, 0x63, 0x6D, 0x72, 0x09, 0xA6, 0xC0 ), +}; +static const mbedtls_mpi_uint secp256k1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0x69, 0xDC, 0x3E, 0x2C, 0x75, 0xC3 ), + BYTES_TO_T_UINT_8( 0xE5, 0xB7, 0x3F, 0x30, 0x26, 0x3C, 0xDF, 0x8E ), + BYTES_TO_T_UINT_8( 0x3D, 0xBE, 0xB9, 0x5D, 0x0E, 0xE8, 0x5E, 0x14 ), + BYTES_TO_T_UINT_8( 0x01, 0xC3, 0x05, 0xD6, 0xB7, 0xD5, 0x24, 0xFC ), +}; +static const mbedtls_mpi_uint secp256k1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x13, 0xCF, 0x7B, 0xDC, 0xCD, 0xC3, 0x39, 0x9D ), + BYTES_TO_T_UINT_8( 0x42, 0xDA, 0xB9, 0xE5, 0x64, 0xA7, 0x47, 0x91 ), + BYTES_TO_T_UINT_8( 0x76, 0x46, 0xA8, 0x61, 0xF6, 0x23, 0xEB, 0x58 ), + BYTES_TO_T_UINT_8( 0x5C, 0xC1, 0xFF, 0xE4, 0x55, 0xD5, 0xC2, 0xBF ), +}; +static const mbedtls_mpi_uint secp256k1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0xC9, 0xBE, 0xB9, 0x59, 0x24, 0x13, 0x4A, 0x2A ), + BYTES_TO_T_UINT_8( 0x64, 0x45, 0x12, 0xDE, 0xBA, 0x4F, 0xEF, 0x56 ), + BYTES_TO_T_UINT_8( 0xBE, 0x08, 0xBF, 0xC1, 0x66, 0xAA, 0x0A, 0xBC ), + BYTES_TO_T_UINT_8( 0x36, 0xFE, 0x30, 0x55, 0x31, 0x86, 0xA7, 0xB4 ), +}; +static const mbedtls_mpi_uint secp256k1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x1D, 0xBF, 0x18, 0x81, 0x67, 0x27, 0x42, 0xBD ), + BYTES_TO_T_UINT_8( 0x08, 0x05, 0x83, 0xA4, 0xDD, 0x57, 0xD3, 0x50 ), + BYTES_TO_T_UINT_8( 0x20, 0x63, 0xAB, 0xE4, 0x90, 0x70, 0xD0, 0x7C ), + BYTES_TO_T_UINT_8( 0x71, 0x5D, 0xFD, 0xA0, 0xEF, 0xCF, 0x1C, 0x54 ), +}; +static const mbedtls_mpi_uint secp256k1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0x13, 0x80, 0xE4, 0xF6, 0x09, 0xBC, 0x57, 0x90 ), + BYTES_TO_T_UINT_8( 0x21, 0x9F, 0x6E, 0x88, 0x54, 0x6E, 0x51, 0xF2 ), + BYTES_TO_T_UINT_8( 0xF5, 0x5F, 0x85, 0xFB, 0x84, 0x3E, 0x4A, 0xAA ), + BYTES_TO_T_UINT_8( 0xA8, 0x19, 0xF5, 0x55, 0xC9, 0x07, 0xD8, 0xCE ), +}; +static const mbedtls_mpi_uint secp256k1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0x1A, 0xB4, 0xC3, 0xD9, 0x5C, 0xA0, 0xD4, 0x90 ), + BYTES_TO_T_UINT_8( 0x0D, 0x30, 0xAF, 0x59, 0x9B, 0xF8, 0x04, 0x85 ), + BYTES_TO_T_UINT_8( 0x4D, 0xA6, 0xFD, 0x66, 0x7B, 0xC3, 0x39, 0x85 ), + BYTES_TO_T_UINT_8( 0xE0, 0xBF, 0xF0, 0xC2, 0xE9, 0x71, 0xA4, 0x9E ), +}; +static const mbedtls_mpi_uint secp256k1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x14, 0x2D, 0xB9, 0x88, 0x28, 0xF1, 0xBE, 0x78 ), + BYTES_TO_T_UINT_8( 0x14, 0xF3, 0x1A, 0x0E, 0xB9, 0x01, 0x66, 0x34 ), + BYTES_TO_T_UINT_8( 0x77, 0xA7, 0xA4, 0xF4, 0x05, 0xD0, 0xAA, 0x53 ), + BYTES_TO_T_UINT_8( 0x00, 0x39, 0x1E, 0x47, 0xE5, 0x68, 0xC8, 0xC0 ), +}; +static const mbedtls_mpi_uint secp256k1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0xDD, 0xB9, 0xFC, 0xE0, 0x33, 0x8A, 0x7D, 0x96 ), + BYTES_TO_T_UINT_8( 0x4F, 0x93, 0xA5, 0x53, 0x55, 0x16, 0xB4, 0x6E ), + BYTES_TO_T_UINT_8( 0xE9, 0x5F, 0xEA, 0x9B, 0x29, 0x52, 0x71, 0xDA ), + BYTES_TO_T_UINT_8( 0xB2, 0xF0, 0x24, 0xB8, 0x7D, 0xB7, 0xA0, 0x9B ), +}; +static const mbedtls_mpi_uint secp256k1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xC2, 0x00, 0x27, 0xB2, 0xDF, 0x73, 0xA2, 0xE0 ), + BYTES_TO_T_UINT_8( 0x1D, 0x2E, 0x4D, 0x7C, 0xDE, 0x7A, 0x23, 0x32 ), + BYTES_TO_T_UINT_8( 0xAC, 0x65, 0x60, 0xC7, 0x97, 0x1E, 0xA4, 0x22 ), + BYTES_TO_T_UINT_8( 0xCD, 0x13, 0x5B, 0x77, 0x59, 0xCB, 0x36, 0xE1 ), +}; +static const mbedtls_mpi_uint secp256k1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x99, 0xBC, 0x9F, 0x9E, 0x2D, 0x53, 0x2A, 0xA8 ), + BYTES_TO_T_UINT_8( 0x87, 0x5F, 0x64, 0x9F, 0x1A, 0x19, 0xE6, 0x77 ), + BYTES_TO_T_UINT_8( 0x9E, 0x7B, 0x39, 0xD2, 0xDB, 0x85, 0x84, 0xD5 ), + BYTES_TO_T_UINT_8( 0x83, 0xC7, 0x0D, 0x58, 0x6E, 0x3F, 0x52, 0x15 ), +}; +static const mbedtls_mpi_uint secp256k1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0x21, 0x68, 0x19, 0x0B, 0x68, 0xC9, 0x1E, 0xFB ), + BYTES_TO_T_UINT_8( 0xD2, 0x4E, 0x21, 0x49, 0x3D, 0x55, 0xCC, 0x25 ), + BYTES_TO_T_UINT_8( 0xF5, 0xF9, 0x25, 0x45, 0x54, 0x45, 0xB1, 0x0F ), + BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xF7, 0xCD, 0x80, 0xA4, 0x04, 0x05 ), +}; +static const mbedtls_mpi_uint secp256k1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xD4, 0x1E, 0x88, 0xC4, 0xAA, 0x18, 0x7E, 0x45 ), + BYTES_TO_T_UINT_8( 0x4B, 0xAC, 0xD9, 0xB2, 0xA1, 0xC0, 0x71, 0x5D ), + BYTES_TO_T_UINT_8( 0xA9, 0xA2, 0xF1, 0x15, 0xA6, 0x5F, 0x6C, 0x86 ), + BYTES_TO_T_UINT_8( 0x4F, 0x5B, 0x05, 0xBC, 0xB7, 0xC6, 0x4E, 0x72 ), +}; +static const mbedtls_mpi_uint secp256k1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x1D, 0x80, 0xF8, 0x5C, 0x20, 0x2A, 0xE1, 0xE2 ), + BYTES_TO_T_UINT_8( 0x7C, 0x48, 0x2E, 0x68, 0x82, 0x7F, 0xEB, 0x5F ), + BYTES_TO_T_UINT_8( 0xA2, 0x3B, 0x25, 0xDB, 0x32, 0x4D, 0x88, 0x42 ), + BYTES_TO_T_UINT_8( 0xEE, 0x6E, 0xA6, 0xB6, 0x6D, 0x62, 0x78, 0x22 ), +}; +static const mbedtls_mpi_uint secp256k1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x1F, 0x4D, 0x3E, 0x86, 0x58, 0xC3, 0xEB, 0xBA ), + BYTES_TO_T_UINT_8( 0x1A, 0x89, 0x33, 0x18, 0x21, 0x1D, 0x9B, 0xE7 ), + BYTES_TO_T_UINT_8( 0x0B, 0x9D, 0xFF, 0xC3, 0x79, 0xC1, 0x88, 0xF8 ), + BYTES_TO_T_UINT_8( 0x28, 0xD4, 0x48, 0x53, 0xE8, 0xAD, 0x21, 0x16 ), +}; +static const mbedtls_mpi_uint secp256k1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0xF5, 0x7B, 0xDE, 0xCB, 0xD8, 0x39, 0x17, 0x7C ), + BYTES_TO_T_UINT_8( 0xD3, 0xF3, 0x03, 0xF2, 0x5C, 0xBC, 0xC8, 0x8A ), + BYTES_TO_T_UINT_8( 0x27, 0xAE, 0x4C, 0xB0, 0x16, 0xA4, 0x93, 0x86 ), + BYTES_TO_T_UINT_8( 0x71, 0x8B, 0x6B, 0xDC, 0xD7, 0x9A, 0x3E, 0x7E ), +}; +static const mbedtls_mpi_uint secp256k1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0xD6, 0x2D, 0x7A, 0xD2, 0x59, 0x05, 0xA2, 0x82 ), + BYTES_TO_T_UINT_8( 0x57, 0x56, 0x09, 0x32, 0xF1, 0xE8, 0xE3, 0x72 ), + BYTES_TO_T_UINT_8( 0x03, 0xCA, 0xE5, 0x2E, 0xF0, 0xFB, 0x18, 0x19 ), + BYTES_TO_T_UINT_8( 0xBA, 0x85, 0xA9, 0x23, 0x15, 0x31, 0x1F, 0x0E ), +}; +static const mbedtls_mpi_uint secp256k1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0x76, 0xE5, 0xB1, 0x86, 0xB9, 0x6E, 0x8D, 0xD3 ), + BYTES_TO_T_UINT_8( 0x6C, 0x77, 0xFC, 0xC9, 0xA3, 0x3F, 0x89, 0xD2 ), + BYTES_TO_T_UINT_8( 0xDB, 0x6A, 0xDC, 0x25, 0xB0, 0xC7, 0x41, 0x54 ), + BYTES_TO_T_UINT_8( 0x02, 0x11, 0x6B, 0xA6, 0x11, 0x62, 0xD4, 0x2D ), +}; +static const mbedtls_mpi_uint secp256k1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x19, 0x7D, 0x34, 0xB3, 0x20, 0x7F, 0x37, 0xAA ), + BYTES_TO_T_UINT_8( 0xBD, 0xD4, 0x45, 0xE8, 0xC2, 0xE9, 0xC5, 0xEA ), + BYTES_TO_T_UINT_8( 0x5A, 0x32, 0x3B, 0x25, 0x7E, 0x79, 0xAF, 0xE7 ), + BYTES_TO_T_UINT_8( 0x3F, 0xE4, 0x54, 0x71, 0xBE, 0x35, 0x4E, 0xD0 ), +}; +static const mbedtls_mpi_uint secp256k1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0xB0, 0x94, 0xDD, 0x8F, 0xB5, 0xC2, 0xDD, 0x75 ), + BYTES_TO_T_UINT_8( 0x07, 0x49, 0xE9, 0x1C, 0x2F, 0x08, 0x49, 0xC6 ), + BYTES_TO_T_UINT_8( 0x77, 0xB6, 0x03, 0x88, 0x6F, 0xB8, 0x15, 0x67 ), + BYTES_TO_T_UINT_8( 0xA4, 0xD3, 0x1C, 0xF3, 0xA5, 0xEB, 0x79, 0x01 ), +}; +static const mbedtls_mpi_uint secp256k1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0x25, 0xF9, 0x43, 0x88, 0x89, 0x0D, 0x06, 0xEA ), + BYTES_TO_T_UINT_8( 0x02, 0x2D, 0xF5, 0x98, 0x32, 0xF6, 0xB1, 0x05 ), + BYTES_TO_T_UINT_8( 0x23, 0x73, 0x8F, 0x2B, 0x50, 0x27, 0x0A, 0xE7 ), + BYTES_TO_T_UINT_8( 0xA7, 0xE3, 0xBD, 0x16, 0x05, 0xC8, 0x93, 0x12 ), +}; +static const mbedtls_mpi_uint secp256k1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x0A, 0x6A, 0xF7, 0xE3, 0x3D, 0xDE, 0x5F, 0x2F ), + BYTES_TO_T_UINT_8( 0x47, 0xA3, 0x9C, 0x22, 0x3C, 0x33, 0x36, 0x5D ), + BYTES_TO_T_UINT_8( 0x20, 0x24, 0x4C, 0x69, 0x45, 0x78, 0x14, 0xAE ), + BYTES_TO_T_UINT_8( 0x59, 0xF8, 0xD4, 0xBF, 0xB8, 0xC0, 0xA1, 0x25 ), +}; +static const mbedtls_mpi_uint secp256k1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x7E, 0x88, 0xE1, 0x91, 0x03, 0xEB, 0xB3, 0x2B ), + BYTES_TO_T_UINT_8( 0x5C, 0x11, 0xA1, 0xEF, 0x14, 0x0D, 0xC4, 0x7D ), + BYTES_TO_T_UINT_8( 0xFE, 0xD4, 0x0D, 0x1D, 0x96, 0x33, 0x5C, 0x19 ), + BYTES_TO_T_UINT_8( 0x70, 0x45, 0x2A, 0x1A, 0xE6, 0x57, 0x04, 0x9B ), +}; +static const mbedtls_mpi_uint secp256k1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x70, 0xB5, 0xA7, 0x80, 0xE9, 0x93, 0x97, 0x8D ), + BYTES_TO_T_UINT_8( 0x5D, 0xB9, 0x7C, 0xA0, 0xC9, 0x57, 0x26, 0x43 ), + BYTES_TO_T_UINT_8( 0x9E, 0xEF, 0x56, 0xDA, 0x66, 0xF6, 0x1B, 0x9A ), + BYTES_TO_T_UINT_8( 0x1F, 0x89, 0x6B, 0x91, 0xE0, 0xA9, 0x65, 0x2B ), +}; +static const mbedtls_mpi_uint secp256k1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x91, 0x98, 0x96, 0x9B, 0x06, 0x7D, 0x5E, 0x5A ), + BYTES_TO_T_UINT_8( 0x0A, 0xFA, 0xC1, 0x5F, 0x19, 0x37, 0x94, 0x9D ), + BYTES_TO_T_UINT_8( 0xCF, 0xBE, 0x6B, 0x1A, 0x05, 0xE4, 0xBF, 0x9F ), + BYTES_TO_T_UINT_8( 0x84, 0xCD, 0x5D, 0x35, 0xB4, 0x51, 0xF7, 0x64 ), +}; +static const mbedtls_mpi_uint secp256k1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x6C, 0xEF, 0x96, 0xDB, 0xF2, 0x61, 0x63, 0x59 ), + BYTES_TO_T_UINT_8( 0xCB, 0x04, 0x88, 0xC9, 0x9F, 0x1B, 0x94, 0xB9 ), + BYTES_TO_T_UINT_8( 0xDB, 0x30, 0x79, 0x7E, 0x24, 0xE7, 0x5F, 0xB8 ), + BYTES_TO_T_UINT_8( 0x3F, 0xB8, 0x90, 0xB7, 0x94, 0x25, 0xBB, 0x0F ), +}; +static const mbedtls_mpi_uint secp256k1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x62, 0x79, 0xEA, 0xAD, 0xC0, 0x6D, 0x18, 0x57 ), + BYTES_TO_T_UINT_8( 0xE9, 0xA4, 0x58, 0x2A, 0x8D, 0x95, 0xB3, 0xE6 ), + BYTES_TO_T_UINT_8( 0xC8, 0xC4, 0xC2, 0x12, 0x0D, 0x79, 0xE2, 0x2B ), + BYTES_TO_T_UINT_8( 0x02, 0x6F, 0xBE, 0x97, 0x4D, 0xA4, 0x20, 0x07 ), +}; +static const mbedtls_mpi_uint secp256k1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0xCA, 0x31, 0x71, 0xC6, 0xA6, 0x91, 0xEB, 0x1F ), + BYTES_TO_T_UINT_8( 0xB4, 0x9B, 0xA8, 0x4A, 0xE7, 0x77, 0xE1, 0xAA ), + BYTES_TO_T_UINT_8( 0xA9, 0x06, 0xD3, 0x3D, 0x94, 0x30, 0xEF, 0x8C ), + BYTES_TO_T_UINT_8( 0xE7, 0xDF, 0xCA, 0xFA, 0xF5, 0x28, 0xF8, 0xC9 ), +}; +static const mbedtls_mpi_uint secp256k1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xCC, 0xE1, 0x32, 0xFD, 0x3E, 0x81, 0xF8, 0x11 ), + BYTES_TO_T_UINT_8( 0xCD, 0xF2, 0x4B, 0x1D, 0x19, 0xC9, 0x0F, 0xCC ), + BYTES_TO_T_UINT_8( 0x59, 0xB1, 0x8A, 0x22, 0x8B, 0x05, 0x6B, 0x56 ), + BYTES_TO_T_UINT_8( 0x35, 0x21, 0xEF, 0x30, 0xEC, 0x09, 0x2A, 0x89 ), +}; +static const mbedtls_mpi_uint secp256k1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0x15, 0x84, 0x4A, 0x46, 0x07, 0x6C, 0x3C, 0x4C ), + BYTES_TO_T_UINT_8( 0xDD, 0x18, 0x3A, 0xF4, 0xCC, 0xF5, 0xB2, 0xF2 ), + BYTES_TO_T_UINT_8( 0x4F, 0x8F, 0xCD, 0x0A, 0x9C, 0xF4, 0xBD, 0x95 ), + BYTES_TO_T_UINT_8( 0x37, 0x89, 0x7F, 0x8A, 0xB1, 0x52, 0x3A, 0xAB ), +}; +static const mbedtls_ecp_point secp256k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp256k1_T_0_X, secp256k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_1_X, secp256k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_2_X, secp256k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_3_X, secp256k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_4_X, secp256k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_5_X, secp256k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_6_X, secp256k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_7_X, secp256k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_8_X, secp256k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_9_X, secp256k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_10_X, secp256k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_11_X, secp256k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_12_X, secp256k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_13_X, secp256k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_14_X, secp256k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_15_X, secp256k1_T_15_Y), +}; +#else +#define secp256k1_T NULL +#endif #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ /* @@ -431,6 +2976,222 @@ static const mbedtls_mpi_uint brainpoolP256r1_n[] = { BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), }; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP256r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), + BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), + BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), + BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), + BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), + BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), + BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x3C, 0xA2, 0xED, 0x52, 0xC9, 0x8C, 0xE3, 0xA5 ), + BYTES_TO_T_UINT_8( 0x72, 0xC9, 0xC4, 0x87, 0x3F, 0x93, 0x7A, 0xD1 ), + BYTES_TO_T_UINT_8( 0x96, 0x12, 0x53, 0x61, 0x3E, 0x76, 0x08, 0xCB ), + BYTES_TO_T_UINT_8( 0x09, 0x8C, 0x74, 0xF4, 0x08, 0xC3, 0x76, 0x80 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x05, 0xDD, 0x09, 0xA6, 0xED, 0xEE, 0xC4, 0x38 ), + BYTES_TO_T_UINT_8( 0x74, 0xD9, 0xBE, 0x4B, 0xA5, 0xB7, 0x2B, 0x6E ), + BYTES_TO_T_UINT_8( 0x42, 0x20, 0x12, 0xCA, 0x0A, 0x38, 0x24, 0xAB ), + BYTES_TO_T_UINT_8( 0x00, 0x72, 0x71, 0x90, 0x7A, 0x2E, 0xB7, 0x23 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x2C, 0x66, 0xA1, 0x93, 0x10, 0x2A, 0x51, 0x17 ), + BYTES_TO_T_UINT_8( 0x88, 0x10, 0x11, 0x12, 0xBC, 0xB0, 0xB6, 0x93 ), + BYTES_TO_T_UINT_8( 0x3C, 0x58, 0xD7, 0x0A, 0x84, 0x05, 0xA3, 0x9C ), + BYTES_TO_T_UINT_8( 0xF7, 0x8E, 0x95, 0x61, 0xD3, 0x0B, 0xDF, 0x36 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0xF9, 0x92, 0x12, 0x0F, 0x5E, 0x87, 0x70, 0x1B ), + BYTES_TO_T_UINT_8( 0x38, 0xE9, 0x9B, 0xEB, 0x3A, 0xFB, 0xCF, 0xC4 ), + BYTES_TO_T_UINT_8( 0xDC, 0x92, 0xB9, 0xF7, 0x45, 0xD3, 0x06, 0xB6 ), + BYTES_TO_T_UINT_8( 0x82, 0x28, 0x65, 0xE1, 0xC5, 0x6C, 0x57, 0x18 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x28, 0x0E, 0x77, 0x01, 0x81, 0x9E, 0x38, 0x5C ), + BYTES_TO_T_UINT_8( 0x71, 0xF0, 0xD5, 0xA5, 0x91, 0x2B, 0xDF, 0xC0 ), + BYTES_TO_T_UINT_8( 0xD8, 0xEE, 0xB6, 0x25, 0xD6, 0x98, 0xDE, 0x2D ), + BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0x55, 0x63, 0x39, 0xEB, 0xB5, 0x47 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xB6, 0xD6, 0xB8, 0xE3, 0x13, 0xED, 0x7F, 0xA3 ), + BYTES_TO_T_UINT_8( 0x6C, 0xE8, 0xAE, 0x36, 0xB8, 0xCD, 0x19, 0x02 ), + BYTES_TO_T_UINT_8( 0xF9, 0x82, 0x83, 0x7A, 0x7B, 0x46, 0x56, 0xE8 ), + BYTES_TO_T_UINT_8( 0x4E, 0x60, 0x46, 0x15, 0x5A, 0xAC, 0x99, 0x30 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0xBF, 0x61, 0x50, 0xC6, 0xFF, 0x10, 0x7D, 0x04 ), + BYTES_TO_T_UINT_8( 0x92, 0x51, 0xDF, 0xA9, 0x7D, 0x78, 0x26, 0x74 ), + BYTES_TO_T_UINT_8( 0x56, 0x15, 0x9A, 0xF7, 0x01, 0xC1, 0xBB, 0x40 ), + BYTES_TO_T_UINT_8( 0x26, 0x0F, 0xE6, 0x2A, 0xBD, 0x4A, 0x9E, 0x87 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x57, 0xF8, 0xD1, 0x77, 0xD2, 0x49, 0xB3, 0xDD ), + BYTES_TO_T_UINT_8( 0x36, 0x86, 0xFB, 0x9E, 0x1F, 0x5A, 0x60, 0x47 ), + BYTES_TO_T_UINT_8( 0x98, 0xC4, 0x8D, 0xCD, 0x86, 0x61, 0x2F, 0xF9 ), + BYTES_TO_T_UINT_8( 0x41, 0xF6, 0xB9, 0xAC, 0x37, 0x9D, 0xE9, 0x28 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0xFA, 0x77, 0xAA, 0x97, 0x9C, 0x0B, 0x04, 0x20 ), + BYTES_TO_T_UINT_8( 0x80, 0xA6, 0x60, 0x81, 0xCE, 0x25, 0x13, 0x3E ), + BYTES_TO_T_UINT_8( 0x24, 0x00, 0xF3, 0xBB, 0x82, 0x99, 0x95, 0xB7 ), + BYTES_TO_T_UINT_8( 0x47, 0x5A, 0xCE, 0x90, 0x71, 0x38, 0x2F, 0x10 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xA7, 0x1A, 0xC0, 0x84, 0x27, 0xD6, 0x9D, 0xB7 ), + BYTES_TO_T_UINT_8( 0x34, 0x37, 0x52, 0x16, 0x13, 0x0E, 0xCE, 0x92 ), + BYTES_TO_T_UINT_8( 0x1E, 0xBF, 0x5A, 0xDB, 0xDB, 0x6E, 0x1E, 0x69 ), + BYTES_TO_T_UINT_8( 0x3E, 0xB7, 0x5E, 0xF9, 0x86, 0xDD, 0x8A, 0x5C ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x3D, 0xAB, 0x5C, 0x8D, 0x1D, 0xF2, 0x2D, 0x1E ), + BYTES_TO_T_UINT_8( 0x65, 0xC5, 0xF8, 0xF7, 0x1D, 0x96, 0x0B, 0x4D ), + BYTES_TO_T_UINT_8( 0xAC, 0x4C, 0xA7, 0x45, 0x20, 0x6A, 0x1E, 0x5B ), + BYTES_TO_T_UINT_8( 0x21, 0x5D, 0xEF, 0xDE, 0xEE, 0x39, 0x44, 0x19 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0x4B, 0x2F, 0x6D, 0x52, 0xC9, 0x58, 0x60, 0xE8 ), + BYTES_TO_T_UINT_8( 0xC3, 0xC9, 0x62, 0xCB, 0x38, 0x3C, 0x55, 0xCA ), + BYTES_TO_T_UINT_8( 0xFF, 0xA5, 0x09, 0x10, 0x88, 0xDB, 0xE3, 0xBD ), + BYTES_TO_T_UINT_8( 0x52, 0xE0, 0x3C, 0xCE, 0x06, 0x0B, 0x4B, 0x5D ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xB1, 0x1D, 0xB4, 0x10, 0x76, 0x8F, 0xBA, 0x09 ), + BYTES_TO_T_UINT_8( 0x57, 0x70, 0x5A, 0x07, 0xF5, 0x1A, 0x74, 0xC7 ), + BYTES_TO_T_UINT_8( 0x0B, 0xE9, 0x94, 0xA8, 0xC0, 0xD5, 0x4A, 0x4A ), + BYTES_TO_T_UINT_8( 0x3E, 0x6D, 0xD4, 0xE8, 0x9B, 0xE9, 0x6D, 0x0E ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x65, 0x00, 0x32, 0x41, 0x57, 0x84, 0x89, 0x52 ), + BYTES_TO_T_UINT_8( 0xEE, 0xC7, 0x14, 0xEC, 0xE9, 0x27, 0xFF, 0xF3 ), + BYTES_TO_T_UINT_8( 0x9A, 0x67, 0x9E, 0xFB, 0xB6, 0xB8, 0x96, 0xF3 ), + BYTES_TO_T_UINT_8( 0xE5, 0x4A, 0xE3, 0x97, 0x4B, 0x58, 0xDE, 0x30 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0xA6, 0x1E, 0x5C, 0xF5, 0x7F, 0xD5, 0xD4, 0xAA ), + BYTES_TO_T_UINT_8( 0x5D, 0x08, 0x7A, 0xF1, 0xBD, 0x89, 0xC7, 0x1E ), + BYTES_TO_T_UINT_8( 0x3A, 0xF9, 0x11, 0x1B, 0xF5, 0x3C, 0x6D, 0x8C ), + BYTES_TO_T_UINT_8( 0x19, 0x50, 0xE5, 0x69, 0x1D, 0x59, 0xFC, 0x0C ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0xF1, 0x2F, 0xF8, 0x3F, 0xEC, 0x55, 0x99, 0x57 ), + BYTES_TO_T_UINT_8( 0x41, 0xA7, 0x29, 0x90, 0x43, 0x81, 0x31, 0x4C ), + BYTES_TO_T_UINT_8( 0xC3, 0x18, 0x44, 0x50, 0x5D, 0x76, 0xCB, 0xDD ), + BYTES_TO_T_UINT_8( 0xF0, 0xC5, 0x5B, 0x9A, 0x03, 0xE6, 0x17, 0x39 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0x21, 0x89, 0xFC, 0x55, 0x94, 0x91, 0x6A, 0xA2 ), + BYTES_TO_T_UINT_8( 0x74, 0x46, 0x35, 0xF2, 0x3A, 0x42, 0x08, 0x2F ), + BYTES_TO_T_UINT_8( 0xD3, 0xD2, 0x76, 0x49, 0x42, 0x87, 0xD3, 0x7F ), + BYTES_TO_T_UINT_8( 0x90, 0xEA, 0xA0, 0x52, 0xF1, 0x6A, 0x30, 0x57 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0x00, 0xB2, 0x57, 0xA3, 0x8A, 0x4D, 0x1B, 0x3C ), + BYTES_TO_T_UINT_8( 0xFC, 0xA3, 0x99, 0x94, 0xB5, 0x3D, 0x64, 0x09 ), + BYTES_TO_T_UINT_8( 0x35, 0xC3, 0xD7, 0x53, 0xF6, 0x49, 0x1C, 0x60 ), + BYTES_TO_T_UINT_8( 0x27, 0x23, 0x41, 0x4D, 0xFB, 0x7A, 0x5C, 0x53 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0xCA, 0xB8, 0x15, 0x65, 0x5C, 0x85, 0x94, 0xD7 ), + BYTES_TO_T_UINT_8( 0xAC, 0x37, 0xC7, 0xF8, 0x7E, 0xAE, 0x6C, 0x10 ), + BYTES_TO_T_UINT_8( 0x53, 0xD8, 0x11, 0x54, 0x98, 0x44, 0xE3, 0xF1 ), + BYTES_TO_T_UINT_8( 0xE4, 0x4D, 0xA6, 0x4B, 0x28, 0xF2, 0x57, 0x9E ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0xF6, 0xD0, 0xEB, 0x1E, 0xAA, 0x30, 0xD3, 0x6A ), + BYTES_TO_T_UINT_8( 0x58, 0x9B, 0x4D, 0xA7, 0x73, 0x6E, 0xB6, 0x45 ), + BYTES_TO_T_UINT_8( 0x5D, 0x47, 0xF6, 0xED, 0x37, 0xEF, 0x71, 0x4D ), + BYTES_TO_T_UINT_8( 0xA8, 0xB5, 0x49, 0x61, 0x5E, 0x45, 0xF6, 0x4A ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xEF, 0x0E, 0xB3, 0x84, 0x3A, 0x63, 0x72, 0x84 ), + BYTES_TO_T_UINT_8( 0x6D, 0x53, 0x5C, 0xA7, 0xC6, 0x2E, 0xAB, 0x9E ), + BYTES_TO_T_UINT_8( 0xEB, 0x0F, 0x8F, 0x87, 0x50, 0x28, 0xB4, 0xAE ), + BYTES_TO_T_UINT_8( 0x5C, 0x98, 0x4A, 0x98, 0x31, 0x86, 0xCA, 0x51 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0xBE, 0xC9, 0xE2, 0xFD, 0x5D, 0x1F, 0xE8, 0xC2 ), + BYTES_TO_T_UINT_8( 0xD5, 0x90, 0x91, 0xC4, 0x84, 0xF0, 0xBA, 0xC5 ), + BYTES_TO_T_UINT_8( 0x6C, 0x5A, 0xB3, 0x4E, 0xFB, 0xE0, 0x57, 0xE8 ), + BYTES_TO_T_UINT_8( 0x6B, 0x0B, 0x90, 0xA6, 0xFD, 0x9D, 0x8E, 0x02 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0xF8, 0x41, 0x8F, 0x31, 0xFA, 0x5A, 0xF6, 0x33 ), + BYTES_TO_T_UINT_8( 0xAC, 0xE9, 0xE3, 0xF6, 0xE0, 0x4A, 0xE7, 0xD2 ), + BYTES_TO_T_UINT_8( 0x84, 0x4E, 0xCD, 0xA2, 0x22, 0x14, 0xD4, 0x12 ), + BYTES_TO_T_UINT_8( 0x7C, 0xED, 0x21, 0xB7, 0x0F, 0x53, 0x10, 0x17 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x05, 0x06, 0x24, 0x2C, 0x4E, 0xD1, 0x1E, 0x9F ), + BYTES_TO_T_UINT_8( 0xD7, 0x3F, 0xC1, 0x9F, 0xAB, 0xF0, 0x37, 0x95 ), + BYTES_TO_T_UINT_8( 0x03, 0x5E, 0x12, 0xCE, 0x83, 0x1B, 0x2A, 0x18 ), + BYTES_TO_T_UINT_8( 0x61, 0x65, 0xCF, 0xE8, 0x5C, 0xA5, 0xA2, 0x70 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0xB8, 0x86, 0x76, 0x3A, 0x94, 0xF6, 0x1D, 0xC1 ), + BYTES_TO_T_UINT_8( 0x1D, 0xDA, 0xC9, 0xA6, 0x29, 0x93, 0x15, 0x10 ), + BYTES_TO_T_UINT_8( 0x6D, 0x61, 0x6A, 0x7D, 0xC7, 0xA9, 0xF3, 0x76 ), + BYTES_TO_T_UINT_8( 0x4A, 0x03, 0x71, 0xA2, 0x15, 0xCE, 0x50, 0x72 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0xB6, 0xD0, 0xA8, 0x1E, 0x91, 0xC4, 0x4F, 0x24 ), + BYTES_TO_T_UINT_8( 0x2D, 0x4B, 0x7E, 0xD7, 0x71, 0x58, 0x7E, 0x1E ), + BYTES_TO_T_UINT_8( 0x93, 0x45, 0xAF, 0x2A, 0x18, 0x93, 0x95, 0x3B ), + BYTES_TO_T_UINT_8( 0x1B, 0x8F, 0xC7, 0xFA, 0x4C, 0x7A, 0x86, 0x54 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0x97, 0xAF, 0x68, 0x3A, 0x23, 0xC1, 0x2E, 0xBF ), + BYTES_TO_T_UINT_8( 0x89, 0x50, 0x11, 0x67, 0x39, 0xB9, 0xAF, 0x48 ), + BYTES_TO_T_UINT_8( 0x19, 0x86, 0xAA, 0x1E, 0x88, 0x21, 0x29, 0x8B ), + BYTES_TO_T_UINT_8( 0xCD, 0x28, 0xA4, 0x9D, 0x89, 0xA9, 0x9A, 0x10 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x91, 0xBA, 0x04, 0x67, 0xB7, 0x01, 0x40, 0x38 ), + BYTES_TO_T_UINT_8( 0x08, 0xE9, 0x09, 0xA3, 0xCA, 0xA6, 0x37, 0xF6 ), + BYTES_TO_T_UINT_8( 0x6C, 0x97, 0xA8, 0xB6, 0x3C, 0xEE, 0x90, 0x3D ), + BYTES_TO_T_UINT_8( 0xDC, 0xED, 0xC4, 0xF7, 0xC3, 0x95, 0xEC, 0x85 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xF5, 0x84, 0xBD, 0xEB, 0xD5, 0x64, 0xBB, 0x9D ), + BYTES_TO_T_UINT_8( 0xDB, 0x9B, 0xE2, 0x28, 0x50, 0xC2, 0x72, 0x40 ), + BYTES_TO_T_UINT_8( 0x39, 0xF2, 0x74, 0xD1, 0x26, 0xBF, 0x32, 0x68 ), + BYTES_TO_T_UINT_8( 0x36, 0xCB, 0xAF, 0x72, 0xDB, 0x6D, 0x30, 0x98 ), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xB3, 0x50, 0x85, 0xF4, 0x2B, 0x48, 0xC1, 0xAD ), + BYTES_TO_T_UINT_8( 0xC0, 0x28, 0xBB, 0x11, 0xBA, 0x5B, 0x22, 0x6C ), + BYTES_TO_T_UINT_8( 0xAD, 0xA1, 0xE5, 0x5C, 0xC9, 0x1D, 0x44, 0x45 ), + BYTES_TO_T_UINT_8( 0xD4, 0xE8, 0xE6, 0x6F, 0xBB, 0xC1, 0x81, 0x7F ), +}; +static const mbedtls_ecp_point brainpoolP256r1_T[16] = { + ECP_POINT_INIT_XY_Z1(brainpoolP256r1_T_0_X, brainpoolP256r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_1_X, brainpoolP256r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_2_X, brainpoolP256r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_3_X, brainpoolP256r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_4_X, brainpoolP256r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_5_X, brainpoolP256r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_6_X, brainpoolP256r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_7_X, brainpoolP256r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_8_X, brainpoolP256r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_9_X, brainpoolP256r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_10_X, brainpoolP256r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_11_X, brainpoolP256r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_12_X, brainpoolP256r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_13_X, brainpoolP256r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_14_X, brainpoolP256r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_15_X, brainpoolP256r1_T_15_Y), +}; +#else +#define brainpoolP256r1_T NULL +#endif + #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ /* @@ -485,6 +3246,558 @@ static const mbedtls_mpi_uint brainpoolP384r1_n[] = { BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), }; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP384r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), + BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), + BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), + BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), + BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), + BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), + BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), + BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), + BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), + BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), + BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0x93, 0xD8, 0x8A, 0x54, 0x41, 0xD6, 0x6B, 0x1D ), + BYTES_TO_T_UINT_8( 0xE2, 0x3B, 0xF1, 0x22, 0xFD, 0x2D, 0x4B, 0x03 ), + BYTES_TO_T_UINT_8( 0x01, 0x55, 0xE3, 0x33, 0xF0, 0x73, 0x52, 0x5A ), + BYTES_TO_T_UINT_8( 0xC1, 0x3F, 0x30, 0x26, 0xCA, 0x7F, 0x52, 0xA3 ), + BYTES_TO_T_UINT_8( 0xD3, 0x6E, 0x17, 0x9B, 0xD5, 0x2A, 0x4A, 0x31 ), + BYTES_TO_T_UINT_8( 0x86, 0xDA, 0x6B, 0xE5, 0x03, 0x07, 0x1D, 0x2E ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x51, 0x7A, 0xAF, 0x98, 0xE3, 0xA4, 0xF6, 0x19 ), + BYTES_TO_T_UINT_8( 0xEC, 0x7D, 0xFE, 0x51, 0x40, 0x3B, 0x47, 0xD2 ), + BYTES_TO_T_UINT_8( 0xFC, 0x88, 0xEC, 0xC4, 0xE2, 0x8F, 0xCB, 0xA4 ), + BYTES_TO_T_UINT_8( 0x30, 0xE2, 0x88, 0x2D, 0x4E, 0x50, 0xEB, 0x9A ), + BYTES_TO_T_UINT_8( 0x13, 0x54, 0x94, 0x5E, 0xF4, 0x7F, 0x3A, 0x04 ), + BYTES_TO_T_UINT_8( 0xCD, 0x07, 0x1C, 0xE1, 0xBD, 0x0F, 0xF8, 0x63 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x94, 0x92, 0x28, 0x2E, 0x32, 0x04, 0xB1, 0x4D ), + BYTES_TO_T_UINT_8( 0x25, 0x82, 0x44, 0x43, 0x76, 0x0D, 0x55, 0xBF ), + BYTES_TO_T_UINT_8( 0x5B, 0xE3, 0xFF, 0x89, 0x46, 0xDE, 0x4E, 0xFE ), + BYTES_TO_T_UINT_8( 0x5B, 0x22, 0xBB, 0x67, 0x1A, 0x81, 0xEE, 0x27 ), + BYTES_TO_T_UINT_8( 0xC8, 0x54, 0xE2, 0x7A, 0xAE, 0xDA, 0x2C, 0xD0 ), + BYTES_TO_T_UINT_8( 0x74, 0x9A, 0x90, 0xAA, 0x6E, 0x8B, 0xCC, 0x5F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x16, 0x40, 0xAC, 0xED, 0x7D, 0x37, 0x87, 0xAC ), + BYTES_TO_T_UINT_8( 0x98, 0xF8, 0xB1, 0x80, 0x4C, 0x8C, 0x04, 0x42 ), + BYTES_TO_T_UINT_8( 0xC2, 0x98, 0x2C, 0xAD, 0x30, 0x69, 0x35, 0xC0 ), + BYTES_TO_T_UINT_8( 0x32, 0x2E, 0x00, 0x2F, 0x44, 0x8C, 0xF0, 0xC0 ), + BYTES_TO_T_UINT_8( 0x16, 0x58, 0x07, 0xD7, 0xCD, 0x60, 0xA1, 0x5B ), + BYTES_TO_T_UINT_8( 0xAF, 0xFB, 0x7B, 0x03, 0x05, 0x5E, 0x79, 0x73 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0xC8, 0x17, 0xCE, 0x38, 0x4B, 0x5E, 0x5B, 0xC8 ), + BYTES_TO_T_UINT_8( 0x60, 0x0E, 0x0A, 0x61, 0x9D, 0x7C, 0x62, 0x08 ), + BYTES_TO_T_UINT_8( 0x25, 0xF0, 0x98, 0x71, 0x7F, 0x17, 0x26, 0xD7 ), + BYTES_TO_T_UINT_8( 0x83, 0xD3, 0xFA, 0x3C, 0xF0, 0x70, 0x07, 0x82 ), + BYTES_TO_T_UINT_8( 0x29, 0x47, 0x5C, 0x09, 0x43, 0xB7, 0x65, 0x15 ), + BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xA7, 0x3E, 0xFA, 0xF3, 0xEC, 0x22 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xDA, 0x78, 0x22, 0x2B, 0x58, 0x71, 0xFA, 0xAA ), + BYTES_TO_T_UINT_8( 0x00, 0x30, 0xCE, 0x6A, 0xB3, 0xB0, 0x4F, 0x83 ), + BYTES_TO_T_UINT_8( 0xCF, 0x95, 0x20, 0xA9, 0x23, 0xC2, 0x65, 0xE7 ), + BYTES_TO_T_UINT_8( 0x55, 0xCF, 0x03, 0x5B, 0x8A, 0x80, 0x44, 0xBB ), + BYTES_TO_T_UINT_8( 0x5C, 0xF8, 0x91, 0xF7, 0xD5, 0xED, 0xEA, 0x81 ), + BYTES_TO_T_UINT_8( 0x40, 0x5B, 0x16, 0x10, 0x25, 0xAC, 0x2A, 0x17 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0xF2, 0xEC, 0xDC, 0xC4, 0x7B, 0x8C, 0x6B, 0xE9 ), + BYTES_TO_T_UINT_8( 0x2B, 0xBB, 0x1C, 0xD3, 0x5A, 0xEE, 0xD9, 0x97 ), + BYTES_TO_T_UINT_8( 0x64, 0x5D, 0x30, 0x5E, 0xF7, 0xB2, 0x41, 0x9D ), + BYTES_TO_T_UINT_8( 0xED, 0xCE, 0x0F, 0x1A, 0xC6, 0x41, 0x64, 0x62 ), + BYTES_TO_T_UINT_8( 0xF2, 0x18, 0xE1, 0xE3, 0x82, 0x15, 0x66, 0x4B ), + BYTES_TO_T_UINT_8( 0x9B, 0xE2, 0x24, 0x04, 0x72, 0x39, 0xA0, 0x7C ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0x2B, 0x51, 0xA2, 0x58, 0x88, 0x62, 0xE1, 0x02 ), + BYTES_TO_T_UINT_8( 0x58, 0xD2, 0x65, 0x14, 0xE9, 0x4C, 0x82, 0x30 ), + BYTES_TO_T_UINT_8( 0xDC, 0xE1, 0xAC, 0x87, 0xAE, 0x31, 0x1A, 0x7A ), + BYTES_TO_T_UINT_8( 0x85, 0x4F, 0x96, 0x1E, 0x85, 0x7A, 0xC3, 0x2B ), + BYTES_TO_T_UINT_8( 0xF0, 0x86, 0xBB, 0xF0, 0xC0, 0x9D, 0x08, 0x7B ), + BYTES_TO_T_UINT_8( 0xBD, 0x53, 0x03, 0x09, 0x80, 0x91, 0xEF, 0x68 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x2D, 0xD7, 0xAF, 0x6F, 0x69, 0x7B, 0x88, 0xA1 ), + BYTES_TO_T_UINT_8( 0xAF, 0x13, 0xE4, 0x30, 0xA2, 0x47, 0xB5, 0xC1 ), + BYTES_TO_T_UINT_8( 0x0F, 0xD2, 0xC0, 0xDD, 0x8A, 0x1C, 0x3C, 0xF2 ), + BYTES_TO_T_UINT_8( 0xF9, 0x8C, 0xB3, 0x4C, 0xBA, 0x8B, 0x6D, 0xCF ), + BYTES_TO_T_UINT_8( 0x6B, 0xC7, 0xA1, 0xA8, 0x6E, 0x3C, 0x4F, 0xF1 ), + BYTES_TO_T_UINT_8( 0x94, 0x4A, 0x97, 0xC8, 0x03, 0x6F, 0x01, 0x82 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0x74, 0x18, 0x12, 0xA9, 0x39, 0xD5, 0x22, 0x26 ), + BYTES_TO_T_UINT_8( 0x47, 0xA7, 0xC0, 0xBD, 0x9D, 0x8D, 0x78, 0x38 ), + BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xD0, 0x7F, 0xDF, 0xD0, 0x30, 0xDE ), + BYTES_TO_T_UINT_8( 0x37, 0x25, 0x73, 0x96, 0xEC, 0xA8, 0x1D, 0x7C ), + BYTES_TO_T_UINT_8( 0x91, 0xD1, 0x65, 0x66, 0xDC, 0xD9, 0xCF, 0xDF ), + BYTES_TO_T_UINT_8( 0x95, 0xED, 0x7B, 0x37, 0xAD, 0xE2, 0xBE, 0x2D ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x50, 0x79, 0x42, 0x6A, 0x07, 0x66, 0xB1, 0xBD ), + BYTES_TO_T_UINT_8( 0x45, 0x53, 0x62, 0x65, 0x92, 0x09, 0x4C, 0xA1 ), + BYTES_TO_T_UINT_8( 0x06, 0xAF, 0xC3, 0x03, 0xF6, 0xF4, 0x2D, 0x9B ), + BYTES_TO_T_UINT_8( 0xE8, 0xCA, 0x41, 0xD9, 0xA2, 0x69, 0x9B, 0xC9 ), + BYTES_TO_T_UINT_8( 0x4B, 0xB2, 0xA6, 0x8D, 0xE1, 0xAA, 0x61, 0x76 ), + BYTES_TO_T_UINT_8( 0x11, 0xBA, 0x4D, 0x12, 0xB6, 0xBE, 0xF3, 0x7E ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x92, 0x22, 0x07, 0xCE, 0xC9, 0x26 ), + BYTES_TO_T_UINT_8( 0x62, 0xA1, 0x7C, 0x91, 0xDB, 0x32, 0xF7, 0xE5 ), + BYTES_TO_T_UINT_8( 0x6D, 0x49, 0x4B, 0x6D, 0xFB, 0xD9, 0x70, 0x3B ), + BYTES_TO_T_UINT_8( 0x1C, 0xFB, 0x4E, 0x4C, 0x5E, 0x66, 0x81, 0x1D ), + BYTES_TO_T_UINT_8( 0xA5, 0xB3, 0xE1, 0x00, 0xB7, 0xD9, 0xCC, 0x58 ), + BYTES_TO_T_UINT_8( 0xF3, 0x36, 0x8B, 0xC4, 0x39, 0x20, 0xFD, 0x30 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0x94, 0x1F, 0x60, 0x03, 0xBB, 0xD7, 0x60, 0x57 ), + BYTES_TO_T_UINT_8( 0x72, 0x3C, 0x62, 0xDD, 0x71, 0x95, 0xE9, 0x61 ), + BYTES_TO_T_UINT_8( 0xB0, 0x5B, 0x7A, 0x5F, 0x68, 0x81, 0xC5, 0x90 ), + BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xB5, 0xB9, 0x98, 0x42, 0x28, 0xA5 ), + BYTES_TO_T_UINT_8( 0x0C, 0x29, 0x8E, 0x11, 0x49, 0xB4, 0xD7, 0x20 ), + BYTES_TO_T_UINT_8( 0x9B, 0x3E, 0xD2, 0x30, 0xA1, 0xBA, 0xCA, 0x03 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0x29, 0x37, 0x64, 0x44, 0x2F, 0x03, 0xE5, 0x41 ), + BYTES_TO_T_UINT_8( 0x4A, 0x42, 0xBC, 0xFF, 0xA2, 0x1A, 0x5F, 0x06 ), + BYTES_TO_T_UINT_8( 0x1D, 0x04, 0xAB, 0x04, 0xE0, 0x24, 0xAD, 0x2A ), + BYTES_TO_T_UINT_8( 0x3D, 0x45, 0x17, 0x67, 0x1F, 0x3E, 0x53, 0xF8 ), + BYTES_TO_T_UINT_8( 0xED, 0x0F, 0xB3, 0x1B, 0x57, 0x54, 0xC2, 0x03 ), + BYTES_TO_T_UINT_8( 0x59, 0xD3, 0xF8, 0xC4, 0x1B, 0x9B, 0xFA, 0x30 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x37, 0x90, 0xFD, 0xFB, 0xCA, 0x49, 0x38, 0x4E ), + BYTES_TO_T_UINT_8( 0xC3, 0xCF, 0xC6, 0xDD, 0xF0, 0xFF, 0x8C, 0x11 ), + BYTES_TO_T_UINT_8( 0xD7, 0x69, 0x9D, 0xBD, 0x5F, 0x33, 0xE9, 0xB4 ), + BYTES_TO_T_UINT_8( 0x47, 0x19, 0x82, 0x3D, 0xAC, 0x1C, 0x40, 0x23 ), + BYTES_TO_T_UINT_8( 0x40, 0xC7, 0x02, 0x46, 0x14, 0x77, 0x00, 0xBE ), + BYTES_TO_T_UINT_8( 0xC9, 0x05, 0xF2, 0x77, 0x3A, 0x66, 0x5C, 0x39 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x1E, 0xE6, 0x17, 0xDE, 0xB2, 0xA1, 0xE5, 0xB8 ), + BYTES_TO_T_UINT_8( 0xC7, 0x71, 0xEC, 0x9D, 0xD8, 0xF5, 0xD4, 0x66 ), + BYTES_TO_T_UINT_8( 0xAA, 0xC6, 0x42, 0x5E, 0xE7, 0x18, 0xBA, 0xD0 ), + BYTES_TO_T_UINT_8( 0xC5, 0x21, 0x68, 0x5A, 0x26, 0xFB, 0xD7, 0x17 ), + BYTES_TO_T_UINT_8( 0x26, 0x00, 0x5C, 0xBA, 0x8A, 0x34, 0xEC, 0x75 ), + BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x3C, 0xAF, 0x53, 0xE8, 0x65, 0x35 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0xBE, 0xEF, 0x28, 0xDC, 0x67, 0x05, 0xC8, 0xDF ), + BYTES_TO_T_UINT_8( 0x0B, 0x78, 0xC3, 0x85, 0x49, 0xA0, 0xBC, 0x0F ), + BYTES_TO_T_UINT_8( 0x10, 0x3E, 0x2D, 0xA0, 0xCF, 0xD4, 0x7A, 0xF5 ), + BYTES_TO_T_UINT_8( 0x36, 0x93, 0xFE, 0x60, 0xB3, 0x6E, 0x99, 0xE2 ), + BYTES_TO_T_UINT_8( 0x62, 0xAD, 0x04, 0xE7, 0x49, 0xAF, 0x5E, 0xE3 ), + BYTES_TO_T_UINT_8( 0x54, 0x7A, 0xED, 0xA6, 0x9E, 0x18, 0x09, 0x31 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xE8, 0x05, 0x94, 0x44, 0xDC, 0xB8, 0x85, 0x94 ), + BYTES_TO_T_UINT_8( 0x14, 0xB7, 0x37, 0xC2, 0x50, 0x75, 0x15, 0xDA ), + BYTES_TO_T_UINT_8( 0xD6, 0xC6, 0x0F, 0xB2, 0xA9, 0x91, 0x3E, 0xE8 ), + BYTES_TO_T_UINT_8( 0xB9, 0x81, 0xAD, 0x25, 0xA1, 0x26, 0x73, 0x15 ), + BYTES_TO_T_UINT_8( 0xFD, 0xF1, 0xD1, 0x61, 0x7C, 0x76, 0x8F, 0x13 ), + BYTES_TO_T_UINT_8( 0x06, 0xDB, 0x4A, 0xFF, 0x14, 0xA7, 0x48, 0x0B ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0x2A, 0x73, 0xC6, 0xC2, 0xCC, 0xF1, 0x57, 0x04 ), + BYTES_TO_T_UINT_8( 0xB6, 0xED, 0x73, 0x27, 0x70, 0x82, 0xB6, 0x5E ), + BYTES_TO_T_UINT_8( 0x0B, 0xBA, 0xAC, 0x3A, 0xCF, 0xF4, 0xEA, 0xA6 ), + BYTES_TO_T_UINT_8( 0x99, 0xD6, 0xB1, 0x8F, 0x0E, 0x08, 0x2C, 0x5E ), + BYTES_TO_T_UINT_8( 0x17, 0xE3, 0x8F, 0x2F, 0x0E, 0xA1, 0xF3, 0x07 ), + BYTES_TO_T_UINT_8( 0x1A, 0xF5, 0x7C, 0x9B, 0x29, 0x0A, 0xF6, 0x28 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0xBD, 0xEE, 0x17, 0x47, 0x34, 0x15, 0xA3, 0xAF ), + BYTES_TO_T_UINT_8( 0xFB, 0xBE, 0x88, 0x48, 0xE7, 0xA2, 0xBB, 0xDE ), + BYTES_TO_T_UINT_8( 0xC5, 0xAD, 0xDC, 0x65, 0x61, 0x37, 0x0F, 0xC1 ), + BYTES_TO_T_UINT_8( 0xFA, 0x67, 0xAD, 0xA2, 0x3A, 0x1C, 0x91, 0x78 ), + BYTES_TO_T_UINT_8( 0x55, 0x07, 0x0C, 0x3A, 0x41, 0x6E, 0x13, 0x28 ), + BYTES_TO_T_UINT_8( 0x73, 0xBD, 0x7E, 0xED, 0xAA, 0x14, 0xDD, 0x61 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xC3, 0xDC, 0x20, 0x01, 0x72, 0x11, 0x48, 0x55 ), + BYTES_TO_T_UINT_8( 0x1E, 0xC4, 0x7B, 0xF8, 0x62, 0x3D, 0xF0, 0x9F ), + BYTES_TO_T_UINT_8( 0xE8, 0xC2, 0x3D, 0x2E, 0x52, 0xA3, 0x4A, 0x89 ), + BYTES_TO_T_UINT_8( 0xCE, 0xE2, 0x53, 0x46, 0x5E, 0x21, 0xF8, 0xCE ), + BYTES_TO_T_UINT_8( 0xC2, 0xC7, 0x8F, 0xA9, 0x26, 0x42, 0x32, 0x3A ), + BYTES_TO_T_UINT_8( 0xFB, 0xA6, 0xA0, 0x8D, 0x4B, 0x9A, 0x19, 0x03 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0xEA, 0xAB, 0x6D, 0x1E, 0xFB, 0xEE, 0x60, 0x0C ), + BYTES_TO_T_UINT_8( 0xB6, 0x56, 0x3C, 0xC5, 0x5D, 0x10, 0x79, 0x1C ), + BYTES_TO_T_UINT_8( 0x25, 0xBC, 0x41, 0x9F, 0x71, 0xEF, 0x02, 0xF9 ), + BYTES_TO_T_UINT_8( 0xA2, 0x36, 0xC4, 0xD0, 0x88, 0x9B, 0x32, 0xFC ), + BYTES_TO_T_UINT_8( 0x9C, 0xD4, 0x5D, 0x17, 0x39, 0xE6, 0x22, 0x2C ), + BYTES_TO_T_UINT_8( 0x7B, 0x26, 0x01, 0xCE, 0xBE, 0x4A, 0x9C, 0x27 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0xEF, 0x6D, 0x11, 0xCA, 0x6C, 0x5A, 0x93, 0x0C ), + BYTES_TO_T_UINT_8( 0xEB, 0x96, 0x26, 0xAF, 0x2F, 0xE4, 0x30, 0x98 ), + BYTES_TO_T_UINT_8( 0x35, 0xC1, 0x4C, 0xC6, 0x30, 0x1F, 0x5C, 0x04 ), + BYTES_TO_T_UINT_8( 0x59, 0xB3, 0xE8, 0xFC, 0x35, 0xEB, 0x63, 0x6C ), + BYTES_TO_T_UINT_8( 0x9C, 0x1D, 0xCA, 0xFC, 0x50, 0x36, 0x4B, 0x96 ), + BYTES_TO_T_UINT_8( 0xE4, 0x0E, 0x23, 0x5B, 0xAF, 0xEB, 0x2D, 0x31 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0xC6, 0x88, 0xB6, 0xD7, 0x74, 0x4A, 0x23, 0xB6 ), + BYTES_TO_T_UINT_8( 0xEF, 0x66, 0xE2, 0xBB, 0x29, 0xA6, 0x4F, 0x55 ), + BYTES_TO_T_UINT_8( 0xE9, 0x6F, 0x7E, 0x68, 0x6E, 0xA0, 0x14, 0x94 ), + BYTES_TO_T_UINT_8( 0x3B, 0x73, 0xD4, 0xE8, 0xAB, 0x5B, 0xF6, 0x0D ), + BYTES_TO_T_UINT_8( 0x46, 0xE0, 0x3C, 0x24, 0x00, 0x95, 0xE9, 0xAD ), + BYTES_TO_T_UINT_8( 0x37, 0x0D, 0x4F, 0x81, 0xD0, 0xF2, 0x3F, 0x00 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x99, 0x1D, 0xCD, 0x78, 0x39, 0xC4, 0x6B, 0xD9 ), + BYTES_TO_T_UINT_8( 0x81, 0x45, 0xC7, 0xB8, 0x2F, 0xAA, 0x5D, 0xE3 ), + BYTES_TO_T_UINT_8( 0x33, 0x8C, 0x6E, 0xA3, 0x24, 0xB2, 0xDB, 0x4B ), + BYTES_TO_T_UINT_8( 0x69, 0x2D, 0xD9, 0xF1, 0xC7, 0x9B, 0x8A, 0xAF ), + BYTES_TO_T_UINT_8( 0x67, 0xE1, 0x2C, 0xB9, 0x40, 0x37, 0x91, 0x75 ), + BYTES_TO_T_UINT_8( 0x81, 0x2C, 0xB5, 0x23, 0x03, 0x2B, 0xAF, 0x2F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x2F, 0x9D, 0x5A, 0x20, 0x10, 0xA9, 0x84, 0xDA ), + BYTES_TO_T_UINT_8( 0x61, 0x30, 0x89, 0x20, 0x13, 0xE9, 0xB2, 0xCA ), + BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x52, 0xEB, 0x03, 0x18, 0x1F, 0xA6 ), + BYTES_TO_T_UINT_8( 0x6C, 0x9E, 0x1C, 0x35, 0x87, 0x92, 0x69, 0xC7 ), + BYTES_TO_T_UINT_8( 0xA1, 0xC9, 0x88, 0xAF, 0xC6, 0x6C, 0x83, 0x72 ), + BYTES_TO_T_UINT_8( 0xCB, 0xD5, 0x7A, 0x54, 0x34, 0x99, 0xB6, 0x6F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0xDF, 0xAD, 0x45, 0x9B, 0x4B, 0x41, 0x4D, 0x50 ), + BYTES_TO_T_UINT_8( 0x1B, 0x5D, 0xAB, 0x7F, 0x35, 0x34, 0xE9, 0x29 ), + BYTES_TO_T_UINT_8( 0x73, 0xBE, 0x78, 0x34, 0x44, 0xF3, 0x4A, 0x87 ), + BYTES_TO_T_UINT_8( 0xFB, 0xDE, 0xE3, 0xC4, 0xEE, 0x0B, 0xF9, 0xEB ), + BYTES_TO_T_UINT_8( 0x5E, 0x86, 0x16, 0x48, 0x32, 0xB8, 0x74, 0x41 ), + BYTES_TO_T_UINT_8( 0xF2, 0xEE, 0x7C, 0xBA, 0xBD, 0x81, 0xE3, 0x55 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0xF8, 0x6A, 0xFA, 0x84, 0xDA, 0xB8, 0xD5, 0x14 ), + BYTES_TO_T_UINT_8( 0xB2, 0x9F, 0x8A, 0xD5, 0x1B, 0x2E, 0x1A, 0x0B ), + BYTES_TO_T_UINT_8( 0x5F, 0x0C, 0x61, 0xE2, 0xFF, 0x5B, 0xE6, 0xD5 ), + BYTES_TO_T_UINT_8( 0x0E, 0x62, 0xC1, 0x87, 0x53, 0x1B, 0x92, 0xA3 ), + BYTES_TO_T_UINT_8( 0x54, 0x90, 0x00, 0xD1, 0x6A, 0x0C, 0x0E, 0x28 ), + BYTES_TO_T_UINT_8( 0x8B, 0x2E, 0xB5, 0x3B, 0x44, 0xB5, 0xA0, 0x78 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xB8, 0x5D, 0x02, 0x58, 0xB5, 0xBE, 0x45, 0x14 ), + BYTES_TO_T_UINT_8( 0xAD, 0xEF, 0x8E, 0x90, 0x4D, 0x2A, 0x32, 0xAC ), + BYTES_TO_T_UINT_8( 0x48, 0x99, 0x75, 0x5C, 0x0A, 0x33, 0x8F, 0x36 ), + BYTES_TO_T_UINT_8( 0xC8, 0x6C, 0x95, 0xD4, 0x1F, 0xF3, 0xEB, 0xDA ), + BYTES_TO_T_UINT_8( 0xC2, 0xE4, 0x4C, 0x91, 0x20, 0xF3, 0x25, 0xEB ), + BYTES_TO_T_UINT_8( 0xF1, 0x95, 0xEB, 0x29, 0x6F, 0x20, 0x34, 0x81 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0x2D, 0x15, 0xE5, 0x13, 0x7E, 0x64, 0x8B, 0xAD ), + BYTES_TO_T_UINT_8( 0xA7, 0xBC, 0x0D, 0x18, 0x7E, 0x37, 0x9E, 0xFA ), + BYTES_TO_T_UINT_8( 0xE8, 0x82, 0x20, 0xF7, 0x2D, 0x7A, 0x77, 0x52 ), + BYTES_TO_T_UINT_8( 0xCB, 0x29, 0xA2, 0xDB, 0x7A, 0xE6, 0x6F, 0xA5 ), + BYTES_TO_T_UINT_8( 0xA0, 0xC6, 0x50, 0x5C, 0xBC, 0xE6, 0x4F, 0xBD ), + BYTES_TO_T_UINT_8( 0x1E, 0x9F, 0xD5, 0xE8, 0xC5, 0x3D, 0xB7, 0x30 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_16_X[] = { + BYTES_TO_T_UINT_8( 0x45, 0x03, 0x55, 0x10, 0xDB, 0xA6, 0x8B, 0x22 ), + BYTES_TO_T_UINT_8( 0x4E, 0x17, 0xAE, 0x78, 0xC9, 0x1D, 0x43, 0xCA ), + BYTES_TO_T_UINT_8( 0x4E, 0x35, 0x49, 0xD4, 0x47, 0x84, 0x8D, 0x20 ), + BYTES_TO_T_UINT_8( 0xF3, 0x95, 0x2F, 0xEA, 0xBC, 0xB4, 0x18, 0xB3 ), + BYTES_TO_T_UINT_8( 0xD4, 0x48, 0xAE, 0x89, 0xF5, 0x65, 0x3D, 0x89 ), + BYTES_TO_T_UINT_8( 0x86, 0xF2, 0x2B, 0x20, 0xD1, 0x75, 0x50, 0x63 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_16_Y[] = { + BYTES_TO_T_UINT_8( 0xAD, 0xE6, 0x5C, 0x2C, 0xE0, 0x7D, 0xDF, 0x2D ), + BYTES_TO_T_UINT_8( 0x3E, 0x07, 0x3E, 0xCE, 0x9F, 0x18, 0xB6, 0x05 ), + BYTES_TO_T_UINT_8( 0x9A, 0xF8, 0xF0, 0xD5, 0xFA, 0x42, 0x1D, 0x6D ), + BYTES_TO_T_UINT_8( 0x41, 0x6C, 0x1D, 0x03, 0xC9, 0x0E, 0x2B, 0x2F ), + BYTES_TO_T_UINT_8( 0x43, 0x18, 0x52, 0xA5, 0xB4, 0x63, 0xE1, 0x06 ), + BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0xD9, 0xC4, 0xFD, 0x16, 0x60, 0x54 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_17_X[] = { + BYTES_TO_T_UINT_8( 0x43, 0x7D, 0xDE, 0xDF, 0x4B, 0x4A, 0xB0, 0xCB ), + BYTES_TO_T_UINT_8( 0xB0, 0x4E, 0x8C, 0x94, 0xC1, 0xE2, 0x85, 0xDF ), + BYTES_TO_T_UINT_8( 0x4F, 0xF0, 0xEA, 0xB5, 0x9B, 0x70, 0xEF, 0x10 ), + BYTES_TO_T_UINT_8( 0x56, 0xC2, 0x39, 0x5D, 0xF3, 0x2C, 0xD9, 0x2C ), + BYTES_TO_T_UINT_8( 0x0D, 0x1C, 0x2E, 0xCC, 0x2F, 0x54, 0x87, 0x80 ), + BYTES_TO_T_UINT_8( 0xB0, 0x72, 0xC7, 0xB5, 0x50, 0xA3, 0x84, 0x77 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_17_Y[] = { + BYTES_TO_T_UINT_8( 0xB7, 0xD1, 0xAF, 0xA9, 0xB4, 0x8B, 0x5D, 0xFA ), + BYTES_TO_T_UINT_8( 0xC8, 0xF6, 0x52, 0x8A, 0xC3, 0x56, 0xA5, 0x5E ), + BYTES_TO_T_UINT_8( 0x3B, 0x52, 0xFF, 0xEA, 0x05, 0x42, 0x77, 0x83 ), + BYTES_TO_T_UINT_8( 0x29, 0x08, 0x90, 0x72, 0x86, 0xC4, 0xC3, 0xB8 ), + BYTES_TO_T_UINT_8( 0x4D, 0x15, 0xF8, 0xF1, 0x16, 0x67, 0xC6, 0xD5 ), + BYTES_TO_T_UINT_8( 0x75, 0x87, 0xAC, 0x8F, 0x71, 0xEC, 0x83, 0x81 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_18_X[] = { + BYTES_TO_T_UINT_8( 0x91, 0xE1, 0xE6, 0x2D, 0x0E, 0x11, 0xA1, 0x62 ), + BYTES_TO_T_UINT_8( 0x74, 0xE2, 0xA8, 0x32, 0xE6, 0xE3, 0x83, 0xD1 ), + BYTES_TO_T_UINT_8( 0x50, 0x56, 0xE5, 0xCD, 0xB7, 0x2B, 0x67, 0x6F ), + BYTES_TO_T_UINT_8( 0xE5, 0xED, 0xC9, 0x65, 0x6D, 0x87, 0xE1, 0x8E ), + BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xFD, 0x9A, 0x53, 0x0E, 0xFA, 0xA3 ), + BYTES_TO_T_UINT_8( 0x49, 0x4C, 0x4A, 0xE2, 0x23, 0x84, 0xFA, 0x01 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_18_Y[] = { + BYTES_TO_T_UINT_8( 0xB4, 0xFE, 0x49, 0x81, 0xD1, 0x3E, 0xF4, 0x7C ), + BYTES_TO_T_UINT_8( 0x45, 0x72, 0xE0, 0xEF, 0x0D, 0xB8, 0x3E, 0x6F ), + BYTES_TO_T_UINT_8( 0x3C, 0x00, 0x0F, 0x5F, 0xCE, 0x60, 0x72, 0x2C ), + BYTES_TO_T_UINT_8( 0xB7, 0xCC, 0xD8, 0x03, 0x07, 0x6E, 0x5A, 0xCD ), + BYTES_TO_T_UINT_8( 0x27, 0x3A, 0x35, 0x50, 0x4E, 0x1F, 0xCA, 0x5F ), + BYTES_TO_T_UINT_8( 0x58, 0xEA, 0x88, 0x55, 0xBD, 0x6E, 0x05, 0x7F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_19_X[] = { + BYTES_TO_T_UINT_8( 0xB1, 0x6D, 0xF1, 0x97, 0xA6, 0x69, 0x39, 0x24 ), + BYTES_TO_T_UINT_8( 0x0B, 0x41, 0x99, 0xFF, 0x3B, 0xA1, 0x26, 0xEC ), + BYTES_TO_T_UINT_8( 0x95, 0x2F, 0x95, 0x80, 0x12, 0x4A, 0x1B, 0xCB ), + BYTES_TO_T_UINT_8( 0xEA, 0xBF, 0x51, 0xAA, 0xAE, 0x2D, 0xDA, 0xCF ), + BYTES_TO_T_UINT_8( 0x0C, 0x1C, 0xB3, 0x52, 0x36, 0x49, 0xD4, 0x86 ), + BYTES_TO_T_UINT_8( 0x99, 0xC1, 0x1F, 0x3A, 0xD3, 0x3E, 0x5C, 0x1A ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_19_Y[] = { + BYTES_TO_T_UINT_8( 0x73, 0x51, 0xF7, 0x2B, 0xC8, 0xA9, 0xA7, 0x15 ), + BYTES_TO_T_UINT_8( 0x12, 0x4E, 0x7F, 0x98, 0x41, 0x66, 0xB0, 0x03 ), + BYTES_TO_T_UINT_8( 0x91, 0x1D, 0xC0, 0x42, 0xCD, 0xF8, 0xC3, 0x2B ), + BYTES_TO_T_UINT_8( 0xCC, 0x41, 0x91, 0x7D, 0xCC, 0x8B, 0xCC, 0x41 ), + BYTES_TO_T_UINT_8( 0x2A, 0xAE, 0x76, 0xED, 0x56, 0x18, 0xC5, 0xAB ), + BYTES_TO_T_UINT_8( 0xAB, 0x6A, 0x06, 0xA3, 0x7F, 0x65, 0x10, 0x1F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_20_X[] = { + BYTES_TO_T_UINT_8( 0x0C, 0xEC, 0x3C, 0x05, 0x05, 0xCA, 0xF6, 0xED ), + BYTES_TO_T_UINT_8( 0x48, 0xCD, 0x02, 0x51, 0x12, 0x16, 0x3C, 0x63 ), + BYTES_TO_T_UINT_8( 0xA8, 0xEB, 0xB3, 0x43, 0x7B, 0xDD, 0xB2, 0x7C ), + BYTES_TO_T_UINT_8( 0x00, 0x59, 0x90, 0x41, 0xDB, 0xE4, 0xF5, 0x91 ), + BYTES_TO_T_UINT_8( 0xD0, 0x0E, 0x18, 0x2A, 0x5A, 0x83, 0x7C, 0x2F ), + BYTES_TO_T_UINT_8( 0xE1, 0x37, 0xA1, 0x0D, 0xF1, 0x2F, 0x63, 0x79 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_20_Y[] = { + BYTES_TO_T_UINT_8( 0x21, 0xC0, 0xFA, 0x6F, 0x1F, 0x67, 0xCF, 0xEC ), + BYTES_TO_T_UINT_8( 0x98, 0x34, 0x45, 0xBB, 0xF4, 0xF9, 0x9B, 0x89 ), + BYTES_TO_T_UINT_8( 0xF5, 0x69, 0xFE, 0x67, 0x1D, 0x64, 0x8F, 0xB9 ), + BYTES_TO_T_UINT_8( 0xDB, 0x39, 0xBF, 0xD8, 0xB3, 0xC7, 0xAD, 0x8A ), + BYTES_TO_T_UINT_8( 0x8C, 0x93, 0xFF, 0xF3, 0x28, 0xFA, 0x39, 0xF6 ), + BYTES_TO_T_UINT_8( 0xFA, 0xF9, 0xC3, 0x85, 0x26, 0x7A, 0x88, 0x89 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_21_X[] = { + BYTES_TO_T_UINT_8( 0x4D, 0xD5, 0x79, 0xD8, 0x11, 0xDE, 0xEB, 0x4E ), + BYTES_TO_T_UINT_8( 0x1C, 0x46, 0xA4, 0x6A, 0xDA, 0x74, 0x34, 0xA8 ), + BYTES_TO_T_UINT_8( 0x1E, 0xBD, 0xD3, 0xF5, 0x14, 0xEE, 0xFE, 0xAE ), + BYTES_TO_T_UINT_8( 0x19, 0x4C, 0xA3, 0x71, 0x43, 0x65, 0xF8, 0x94 ), + BYTES_TO_T_UINT_8( 0x72, 0x6C, 0x35, 0xFA, 0x90, 0x25, 0xD8, 0xE2 ), + BYTES_TO_T_UINT_8( 0xBB, 0x34, 0x84, 0x96, 0xA1, 0x43, 0x03, 0x4D ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_21_Y[] = { + BYTES_TO_T_UINT_8( 0xF1, 0x3B, 0x3B, 0x2F, 0xCA, 0x59, 0xF2, 0x42 ), + BYTES_TO_T_UINT_8( 0xCD, 0x48, 0x24, 0x74, 0xD8, 0x72, 0x90, 0xA3 ), + BYTES_TO_T_UINT_8( 0x83, 0x42, 0x74, 0x8C, 0x6F, 0x52, 0x19, 0x3D ), + BYTES_TO_T_UINT_8( 0x40, 0x9E, 0x41, 0x63, 0x68, 0x78, 0x4C, 0x2F ), + BYTES_TO_T_UINT_8( 0x53, 0x94, 0xB6, 0x6B, 0x38, 0x52, 0xA8, 0x9F ), + BYTES_TO_T_UINT_8( 0x81, 0x30, 0x25, 0x93, 0xA1, 0x6F, 0x6E, 0x68 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_22_X[] = { + BYTES_TO_T_UINT_8( 0xFC, 0x2F, 0x4B, 0x64, 0x79, 0x50, 0xFF, 0x01 ), + BYTES_TO_T_UINT_8( 0xD4, 0x36, 0xED, 0x57, 0x39, 0x3B, 0xE7, 0xF3 ), + BYTES_TO_T_UINT_8( 0xF1, 0x85, 0xEA, 0x35, 0xD6, 0xC0, 0xA0, 0x52 ), + BYTES_TO_T_UINT_8( 0xBA, 0x89, 0x3A, 0xCC, 0x22, 0x1C, 0x46, 0x02 ), + BYTES_TO_T_UINT_8( 0x6C, 0x7A, 0xB0, 0xA1, 0x1B, 0x69, 0x62, 0x55 ), + BYTES_TO_T_UINT_8( 0x57, 0xB8, 0x8A, 0x6C, 0x18, 0x85, 0x0D, 0x88 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_22_Y[] = { + BYTES_TO_T_UINT_8( 0xFD, 0xB6, 0x50, 0xE9, 0x4E, 0x7F, 0xE8, 0x07 ), + BYTES_TO_T_UINT_8( 0x92, 0x5B, 0x5C, 0xD1, 0x4B, 0x11, 0x9A, 0xD8 ), + BYTES_TO_T_UINT_8( 0x96, 0x25, 0x56, 0x74, 0x51, 0x9C, 0xEC, 0x9C ), + BYTES_TO_T_UINT_8( 0x55, 0x7F, 0xB6, 0x8A, 0xCB, 0x3A, 0x10, 0x6A ), + BYTES_TO_T_UINT_8( 0x60, 0x33, 0x07, 0x01, 0xE9, 0x49, 0x59, 0xE6 ), + BYTES_TO_T_UINT_8( 0xC6, 0xA5, 0x2E, 0xF2, 0xBA, 0x32, 0x63, 0x44 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_23_X[] = { + BYTES_TO_T_UINT_8( 0xF8, 0x06, 0x0B, 0xA5, 0x44, 0x27, 0x7F, 0x22 ), + BYTES_TO_T_UINT_8( 0x30, 0x74, 0xAC, 0x0F, 0xCC, 0x4F, 0x13, 0x61 ), + BYTES_TO_T_UINT_8( 0xFD, 0xB1, 0xBF, 0x97, 0x49, 0xA5, 0x1C, 0x1D ), + BYTES_TO_T_UINT_8( 0x8A, 0x64, 0x68, 0x7B, 0x0F, 0xCC, 0x77, 0xF8 ), + BYTES_TO_T_UINT_8( 0xBB, 0x39, 0xF9, 0x4E, 0x84, 0x9C, 0xF6, 0x96 ), + BYTES_TO_T_UINT_8( 0xBC, 0xCF, 0x6D, 0xE2, 0xA1, 0x2D, 0xF9, 0x2B ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_23_Y[] = { + BYTES_TO_T_UINT_8( 0x95, 0xC4, 0x90, 0x57, 0x31, 0x01, 0x05, 0x5E ), + BYTES_TO_T_UINT_8( 0xCC, 0x1E, 0xBB, 0xBF, 0x98, 0xA4, 0x7C, 0xE3 ), + BYTES_TO_T_UINT_8( 0x89, 0xE3, 0xA0, 0xB2, 0xCD, 0x39, 0x9A, 0x3F ), + BYTES_TO_T_UINT_8( 0x92, 0x34, 0x60, 0x7A, 0x89, 0x98, 0xB5, 0x52 ), + BYTES_TO_T_UINT_8( 0x8D, 0x20, 0x3D, 0x3A, 0x04, 0x8F, 0x5A, 0xAC ), + BYTES_TO_T_UINT_8( 0xA3, 0x26, 0xB6, 0x49, 0x09, 0x9C, 0x0F, 0x59 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_24_X[] = { + BYTES_TO_T_UINT_8( 0x72, 0x66, 0xD2, 0x38, 0x2A, 0x62, 0x81, 0xCA ), + BYTES_TO_T_UINT_8( 0xC5, 0xC8, 0x20, 0x5E, 0x28, 0xA3, 0x81, 0xA7 ), + BYTES_TO_T_UINT_8( 0x20, 0x31, 0xA4, 0xF1, 0xEA, 0x7D, 0x87, 0x45 ), + BYTES_TO_T_UINT_8( 0x8F, 0x2C, 0x99, 0x09, 0x6F, 0x63, 0xEB, 0x2F ), + BYTES_TO_T_UINT_8( 0x73, 0x76, 0xDA, 0x1A, 0x06, 0xBE, 0xDE, 0xA2 ), + BYTES_TO_T_UINT_8( 0x29, 0x09, 0x2E, 0x75, 0x39, 0x30, 0x2D, 0x42 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_24_Y[] = { + BYTES_TO_T_UINT_8( 0x41, 0x9B, 0xC1, 0x5A, 0x17, 0xC3, 0x8C, 0x31 ), + BYTES_TO_T_UINT_8( 0x58, 0x8D, 0x94, 0x4D, 0x3D, 0xAB, 0x60, 0xD4 ), + BYTES_TO_T_UINT_8( 0xFF, 0xFD, 0x1E, 0x0F, 0x43, 0xAE, 0x9D, 0x62 ), + BYTES_TO_T_UINT_8( 0x8E, 0xF2, 0xF3, 0x20, 0x1B, 0xAA, 0xB7, 0x41 ), + BYTES_TO_T_UINT_8( 0x9D, 0x5B, 0xA4, 0xF4, 0x90, 0x3B, 0xE3, 0x71 ), + BYTES_TO_T_UINT_8( 0xF7, 0x78, 0x72, 0xBD, 0x65, 0x09, 0x0B, 0x01 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_25_X[] = { + BYTES_TO_T_UINT_8( 0xCA, 0x37, 0x2A, 0x6C, 0x16, 0x4F, 0x64, 0x59 ), + BYTES_TO_T_UINT_8( 0x5A, 0xCE, 0xA3, 0x90, 0xB4, 0x9A, 0xBC, 0xF7 ), + BYTES_TO_T_UINT_8( 0x27, 0x38, 0x55, 0x63, 0x1D, 0x3A, 0x6E, 0x18 ), + BYTES_TO_T_UINT_8( 0x37, 0xB4, 0xAA, 0x99, 0x22, 0x45, 0x89, 0x2C ), + BYTES_TO_T_UINT_8( 0xB7, 0x7C, 0x8C, 0xA6, 0x3D, 0xA7, 0x3E, 0xE8 ), + BYTES_TO_T_UINT_8( 0x70, 0x06, 0x42, 0xDC, 0xA6, 0xE3, 0xC6, 0x12 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_25_Y[] = { + BYTES_TO_T_UINT_8( 0x55, 0x8C, 0x3D, 0x5D, 0x47, 0x31, 0x7C, 0xEB ), + BYTES_TO_T_UINT_8( 0x46, 0x85, 0xEE, 0x46, 0x7E, 0x13, 0x04, 0x41 ), + BYTES_TO_T_UINT_8( 0x9E, 0x3C, 0x8B, 0x43, 0x2E, 0x74, 0xF5, 0xF6 ), + BYTES_TO_T_UINT_8( 0xBA, 0x88, 0x8E, 0x07, 0x29, 0x08, 0x03, 0x26 ), + BYTES_TO_T_UINT_8( 0xEA, 0x9B, 0x89, 0xEB, 0x08, 0xE8, 0x43, 0xB5 ), + BYTES_TO_T_UINT_8( 0x17, 0x07, 0x67, 0xFD, 0xD9, 0x73, 0x6F, 0x18 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_26_X[] = { + BYTES_TO_T_UINT_8( 0x29, 0xEB, 0x21, 0x8D, 0x98, 0x43, 0x74, 0x98 ), + BYTES_TO_T_UINT_8( 0x88, 0xCC, 0x14, 0xD8, 0x08, 0xBB, 0xA6, 0xE3 ), + BYTES_TO_T_UINT_8( 0xC4, 0x98, 0xF2, 0x6A, 0x18, 0xC3, 0xDD, 0x9E ), + BYTES_TO_T_UINT_8( 0xC7, 0x38, 0x91, 0xA0, 0x03, 0xF2, 0x04, 0x62 ), + BYTES_TO_T_UINT_8( 0x7A, 0xAF, 0xE8, 0xFD, 0xFB, 0x13, 0x70, 0x74 ), + BYTES_TO_T_UINT_8( 0xD0, 0x93, 0x87, 0x98, 0x4A, 0xE0, 0x00, 0x12 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_26_Y[] = { + BYTES_TO_T_UINT_8( 0x97, 0x2E, 0x69, 0x9C, 0xA2, 0x2D, 0x03, 0x3F ), + BYTES_TO_T_UINT_8( 0x79, 0xFE, 0xF3, 0xB9, 0xC1, 0x85, 0x2A, 0xEE ), + BYTES_TO_T_UINT_8( 0xCE, 0xFD, 0x86, 0xB1, 0xCD, 0xBF, 0x41, 0xB7 ), + BYTES_TO_T_UINT_8( 0xA0, 0xD8, 0x9A, 0x21, 0xF3, 0xFE, 0xCB, 0xF1 ), + BYTES_TO_T_UINT_8( 0x95, 0x78, 0x04, 0x60, 0xB7, 0xA9, 0xA2, 0x84 ), + BYTES_TO_T_UINT_8( 0xE8, 0x1E, 0x66, 0x2A, 0x54, 0x51, 0xBD, 0x8B ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_27_X[] = { + BYTES_TO_T_UINT_8( 0x8E, 0x16, 0x36, 0xEF, 0x61, 0x2D, 0xEE, 0x3B ), + BYTES_TO_T_UINT_8( 0x45, 0x5F, 0x88, 0xA0, 0x13, 0x12, 0xF7, 0x23 ), + BYTES_TO_T_UINT_8( 0xA9, 0xC6, 0xAD, 0x4A, 0x4A, 0x07, 0x01, 0x5B ), + BYTES_TO_T_UINT_8( 0xB8, 0x74, 0xB1, 0x4F, 0xEB, 0xBD, 0xD5, 0x6B ), + BYTES_TO_T_UINT_8( 0x57, 0xF9, 0x71, 0xA2, 0x06, 0x4F, 0xD7, 0xBC ), + BYTES_TO_T_UINT_8( 0xFF, 0x8B, 0x4D, 0x48, 0xE0, 0x98, 0xFB, 0x6A ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_27_Y[] = { + BYTES_TO_T_UINT_8( 0xC4, 0xBA, 0x10, 0xA3, 0x0D, 0x52, 0xAC, 0x3A ), + BYTES_TO_T_UINT_8( 0x11, 0xD0, 0xE0, 0x36, 0xE6, 0x07, 0x3A, 0x30 ), + BYTES_TO_T_UINT_8( 0x7E, 0x80, 0xF0, 0xAA, 0x49, 0x22, 0x4B, 0xDD ), + BYTES_TO_T_UINT_8( 0xFF, 0xC7, 0xAB, 0x1C, 0x89, 0xCD, 0x24, 0x40 ), + BYTES_TO_T_UINT_8( 0x82, 0x2A, 0xFC, 0xB3, 0x6D, 0x45, 0x96, 0x49 ), + BYTES_TO_T_UINT_8( 0x63, 0xE4, 0xDB, 0x52, 0x3F, 0xC4, 0xB4, 0x19 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_28_X[] = { + BYTES_TO_T_UINT_8( 0x5B, 0xCC, 0xC8, 0x7F, 0xBB, 0x6B, 0x87, 0x47 ), + BYTES_TO_T_UINT_8( 0xC0, 0x21, 0x3C, 0x69, 0x7D, 0x38, 0x57, 0x50 ), + BYTES_TO_T_UINT_8( 0x52, 0x4C, 0x18, 0x3C, 0x53, 0xA5, 0x48, 0x6D ), + BYTES_TO_T_UINT_8( 0x21, 0xC3, 0x64, 0x45, 0xDB, 0xC4, 0x6D, 0x15 ), + BYTES_TO_T_UINT_8( 0x49, 0xCC, 0xD1, 0xBB, 0x17, 0xB8, 0x34, 0x2D ), + BYTES_TO_T_UINT_8( 0x6C, 0x69, 0x71, 0xFA, 0xA0, 0x28, 0x4A, 0x3D ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_28_Y[] = { + BYTES_TO_T_UINT_8( 0xED, 0xE8, 0x9E, 0x39, 0xEA, 0x8D, 0x38, 0xDB ), + BYTES_TO_T_UINT_8( 0xCC, 0x9C, 0xBB, 0xCD, 0x80, 0x1A, 0xEE, 0xB7 ), + BYTES_TO_T_UINT_8( 0xBC, 0xA0, 0x45, 0xBF, 0xD9, 0x22, 0x11, 0x32 ), + BYTES_TO_T_UINT_8( 0xDA, 0x7C, 0x5C, 0xD9, 0xC0, 0x9F, 0x69, 0xF5 ), + BYTES_TO_T_UINT_8( 0xBC, 0x8A, 0xA6, 0x79, 0x4E, 0x35, 0xB9, 0xD5 ), + BYTES_TO_T_UINT_8( 0xCC, 0x8B, 0x9A, 0x3E, 0xA1, 0xB8, 0x28, 0x10 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_29_X[] = { + BYTES_TO_T_UINT_8( 0x55, 0x2F, 0xEF, 0xBB, 0xA9, 0x72, 0x7F, 0xEA ), + BYTES_TO_T_UINT_8( 0xB5, 0x34, 0xB7, 0x12, 0xB9, 0xE7, 0xC3, 0x2A ), + BYTES_TO_T_UINT_8( 0xF8, 0x1D, 0xD9, 0x42, 0x77, 0x0C, 0x71, 0x6E ), + BYTES_TO_T_UINT_8( 0xEC, 0x01, 0x59, 0xA7, 0x56, 0x03, 0x91, 0x8D ), + BYTES_TO_T_UINT_8( 0x6C, 0x91, 0x99, 0x33, 0x30, 0x3E, 0xEF, 0x13 ), + BYTES_TO_T_UINT_8( 0x87, 0xC9, 0x5A, 0x9A, 0x54, 0x66, 0xF1, 0x70 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_29_Y[] = { + BYTES_TO_T_UINT_8( 0x64, 0x2C, 0xB7, 0x6E, 0x71, 0x7D, 0x35, 0x30 ), + BYTES_TO_T_UINT_8( 0x1A, 0x0D, 0xEF, 0xD1, 0x2D, 0x99, 0x63, 0x2F ), + BYTES_TO_T_UINT_8( 0xE4, 0x31, 0xAF, 0x2D, 0xC9, 0xC6, 0xC2, 0xAE ), + BYTES_TO_T_UINT_8( 0x19, 0xC0, 0xDF, 0x80, 0x54, 0xC4, 0xAC, 0xF3 ), + BYTES_TO_T_UINT_8( 0xE3, 0x6B, 0xA0, 0x84, 0x96, 0xF7, 0x31, 0xC8 ), + BYTES_TO_T_UINT_8( 0x93, 0xE2, 0x7C, 0x7A, 0x41, 0x45, 0x75, 0x6A ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_30_X[] = { + BYTES_TO_T_UINT_8( 0xAE, 0xEE, 0x58, 0x31, 0xE8, 0x68, 0xD6, 0x76 ), + BYTES_TO_T_UINT_8( 0xD2, 0x2E, 0x48, 0xB7, 0x09, 0x9F, 0xD4, 0xCA ), + BYTES_TO_T_UINT_8( 0x34, 0xA9, 0x5C, 0xE7, 0x64, 0x43, 0x5D, 0xC9 ), + BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x9F, 0x50, 0xAB, 0x68, 0xFF, 0x6D ), + BYTES_TO_T_UINT_8( 0x87, 0x88, 0x2D, 0xBA, 0x12, 0xBF, 0x8D, 0x7D ), + BYTES_TO_T_UINT_8( 0xD4, 0xDF, 0x6F, 0xB3, 0x75, 0xA4, 0x55, 0x73 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_30_Y[] = { + BYTES_TO_T_UINT_8( 0x6D, 0x17, 0x92, 0x39, 0xB7, 0x13, 0x37, 0x6F ), + BYTES_TO_T_UINT_8( 0x5E, 0x43, 0x71, 0xA7, 0xCA, 0x17, 0x1B, 0x32 ), + BYTES_TO_T_UINT_8( 0xE7, 0xB9, 0xB0, 0x78, 0xEF, 0xA0, 0xDA, 0x83 ), + BYTES_TO_T_UINT_8( 0x9A, 0x84, 0xF2, 0x0F, 0x85, 0xA2, 0xB6, 0x1F ), + BYTES_TO_T_UINT_8( 0x72, 0x65, 0x2E, 0x6E, 0x45, 0xB9, 0x4C, 0x3C ), + BYTES_TO_T_UINT_8( 0xFE, 0x6A, 0x8C, 0x2B, 0x77, 0x96, 0x36, 0x22 ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_31_X[] = { + BYTES_TO_T_UINT_8( 0x68, 0x7A, 0x13, 0x4A, 0x97, 0x63, 0x02, 0x10 ), + BYTES_TO_T_UINT_8( 0xBC, 0x1E, 0x06, 0x03, 0x8F, 0xB9, 0xEE, 0x64 ), + BYTES_TO_T_UINT_8( 0x68, 0xEE, 0x8B, 0x89, 0xA9, 0x70, 0xDB, 0xCE ), + BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x81, 0xC9, 0x70, 0x8D, 0x62, 0x32 ), + BYTES_TO_T_UINT_8( 0x75, 0xDA, 0x46, 0xF8, 0xF9, 0x3A, 0xBE, 0x55 ), + BYTES_TO_T_UINT_8( 0x9F, 0x9C, 0x7A, 0x97, 0x62, 0xEB, 0xFA, 0x0F ), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_31_Y[] = { + BYTES_TO_T_UINT_8( 0xB2, 0x03, 0x3D, 0x3C, 0x46, 0x27, 0x9E, 0x65 ), + BYTES_TO_T_UINT_8( 0xA4, 0x08, 0x1C, 0xD5, 0x25, 0xAF, 0xE9, 0x40 ), + BYTES_TO_T_UINT_8( 0xFE, 0x69, 0xDC, 0x59, 0xF4, 0x8A, 0x7C, 0x1F ), + BYTES_TO_T_UINT_8( 0xFC, 0x9A, 0x7A, 0x99, 0x21, 0x0C, 0x4E, 0xE3 ), + BYTES_TO_T_UINT_8( 0xF5, 0xCE, 0x85, 0x5F, 0xAC, 0xAA, 0x82, 0x10 ), + BYTES_TO_T_UINT_8( 0x83, 0x57, 0x69, 0x90, 0x76, 0xF3, 0x53, 0x3F ), +}; +static const mbedtls_ecp_point brainpoolP384r1_T[32] = { + ECP_POINT_INIT_XY_Z1(brainpoolP384r1_T_0_X, brainpoolP384r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_1_X, brainpoolP384r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_2_X, brainpoolP384r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_3_X, brainpoolP384r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_4_X, brainpoolP384r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_5_X, brainpoolP384r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_6_X, brainpoolP384r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_7_X, brainpoolP384r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_8_X, brainpoolP384r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_9_X, brainpoolP384r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_10_X, brainpoolP384r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_11_X, brainpoolP384r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_12_X, brainpoolP384r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_13_X, brainpoolP384r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_14_X, brainpoolP384r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_15_X, brainpoolP384r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_16_X, brainpoolP384r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_17_X, brainpoolP384r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_18_X, brainpoolP384r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_19_X, brainpoolP384r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_20_X, brainpoolP384r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_21_X, brainpoolP384r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_22_X, brainpoolP384r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_23_X, brainpoolP384r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_24_X, brainpoolP384r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_25_X, brainpoolP384r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_26_X, brainpoolP384r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_27_X, brainpoolP384r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_28_X, brainpoolP384r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_29_X, brainpoolP384r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_30_X, brainpoolP384r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_31_X, brainpoolP384r1_T_31_Y), +}; +#else +#define brainpoolP384r1_T NULL +#endif + #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ /* @@ -551,22 +3864,686 @@ static const mbedtls_mpi_uint brainpoolP512r1_n[] = { BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), }; -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -/* For these curves, we build the group parameters dynamically. */ -#define ECP_LOAD_GROUP +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP512r1_T_0_X[] = { + BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), + BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), + BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), + BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), + BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), + BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), + BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), + BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_0_Y[] = { + BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), + BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), + BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), + BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), + BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), + BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), + BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), + BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_1_X[] = { + BYTES_TO_T_UINT_8( 0xEA, 0xE9, 0x6B, 0x8C, 0x6F, 0x9D, 0x88, 0x43 ), + BYTES_TO_T_UINT_8( 0xBB, 0x4F, 0x86, 0x96, 0xA7, 0x56, 0xD1, 0x37 ), + BYTES_TO_T_UINT_8( 0x9D, 0xAB, 0xFA, 0xEE, 0xA7, 0xF5, 0x0E, 0xA6 ), + BYTES_TO_T_UINT_8( 0xE3, 0x40, 0xEF, 0x9E, 0x6D, 0xD6, 0x32, 0x33 ), + BYTES_TO_T_UINT_8( 0xE3, 0xED, 0x56, 0x14, 0x57, 0x1A, 0x8D, 0x69 ), + BYTES_TO_T_UINT_8( 0xA4, 0xED, 0x4D, 0x3A, 0xFA, 0x71, 0x75, 0x6B ), + BYTES_TO_T_UINT_8( 0x66, 0xC5, 0x76, 0x1C, 0x14, 0xBE, 0xB5, 0xCD ), + BYTES_TO_T_UINT_8( 0xE1, 0x5A, 0xCB, 0xE7, 0x36, 0x1D, 0x52, 0x1C ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_1_Y[] = { + BYTES_TO_T_UINT_8( 0x6B, 0x8D, 0x7A, 0xEB, 0xA3, 0x8B, 0xD5, 0xB0 ), + BYTES_TO_T_UINT_8( 0x1F, 0xA3, 0x41, 0xF8, 0xAC, 0x9E, 0xAB, 0x74 ), + BYTES_TO_T_UINT_8( 0x12, 0xE3, 0x65, 0x0D, 0x1C, 0xFE, 0x09, 0x2B ), + BYTES_TO_T_UINT_8( 0x3F, 0xCA, 0x13, 0x3F, 0xC5, 0xF9, 0x7E, 0xEC ), + BYTES_TO_T_UINT_8( 0x2C, 0x5D, 0x63, 0x28, 0xA6, 0x89, 0xD3, 0x91 ), + BYTES_TO_T_UINT_8( 0xC9, 0x95, 0x3F, 0x7A, 0x82, 0xD4, 0x77, 0xE3 ), + BYTES_TO_T_UINT_8( 0x34, 0xBB, 0x92, 0x32, 0x00, 0xF4, 0x66, 0x42 ), + BYTES_TO_T_UINT_8( 0xBA, 0x58, 0x31, 0xD1, 0x17, 0x9F, 0x2A, 0x22 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_2_X[] = { + BYTES_TO_T_UINT_8( 0x52, 0x36, 0xA9, 0xCD, 0x80, 0xA5, 0x2D, 0x78 ), + BYTES_TO_T_UINT_8( 0x91, 0x44, 0xAB, 0xCE, 0x71, 0xFF, 0x0C, 0x9B ), + BYTES_TO_T_UINT_8( 0x18, 0x24, 0x58, 0x35, 0x5A, 0x21, 0x32, 0x93 ), + BYTES_TO_T_UINT_8( 0x1B, 0xA6, 0x28, 0xF8, 0x7A, 0x97, 0xAE, 0x8B ), + BYTES_TO_T_UINT_8( 0x84, 0xE7, 0x08, 0xFA, 0x47, 0xC9, 0x55, 0x09 ), + BYTES_TO_T_UINT_8( 0x8D, 0xAC, 0x2E, 0x84, 0xA4, 0xF5, 0x52, 0xC4 ), + BYTES_TO_T_UINT_8( 0xD9, 0x58, 0x05, 0x9D, 0xA7, 0xC8, 0x71, 0xBF ), + BYTES_TO_T_UINT_8( 0xB3, 0x92, 0xB4, 0x92, 0xC1, 0x92, 0xEC, 0x6B ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_2_Y[] = { + BYTES_TO_T_UINT_8( 0x4A, 0x48, 0x2D, 0x79, 0x5E, 0x58, 0xE5, 0x69 ), + BYTES_TO_T_UINT_8( 0xB4, 0x85, 0x26, 0xEC, 0xE9, 0x6E, 0xD4, 0x06 ), + BYTES_TO_T_UINT_8( 0x98, 0x68, 0x26, 0x87, 0x38, 0xA2, 0xD2, 0x0B ), + BYTES_TO_T_UINT_8( 0xF7, 0x17, 0x60, 0xCE, 0x75, 0xF8, 0xA5, 0x6F ), + BYTES_TO_T_UINT_8( 0x20, 0x51, 0xDB, 0xA9, 0xAE, 0x87, 0xF1, 0x15 ), + BYTES_TO_T_UINT_8( 0xDD, 0x49, 0x92, 0x3B, 0x19, 0x96, 0xF5, 0xB0 ), + BYTES_TO_T_UINT_8( 0xC4, 0xD5, 0x52, 0x52, 0x8C, 0xCE, 0xFD, 0xFA ), + BYTES_TO_T_UINT_8( 0x24, 0x18, 0x0A, 0xE6, 0xF6, 0xAE, 0x08, 0x41 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_3_X[] = { + BYTES_TO_T_UINT_8( 0x7E, 0x2B, 0xD8, 0x54, 0xCE, 0xB0, 0x57, 0xFE ), + BYTES_TO_T_UINT_8( 0x8A, 0xB0, 0xF8, 0x9E, 0x03, 0x03, 0x3C, 0x5D ), + BYTES_TO_T_UINT_8( 0x93, 0x0E, 0x29, 0x29, 0x00, 0xF3, 0x70, 0xBF ), + BYTES_TO_T_UINT_8( 0x54, 0x33, 0x99, 0x0E, 0x00, 0x5D, 0xFE, 0x4B ), + BYTES_TO_T_UINT_8( 0x46, 0x2D, 0xF2, 0x59, 0x32, 0xCF, 0x03, 0xF4 ), + BYTES_TO_T_UINT_8( 0x3B, 0xC9, 0x72, 0xAE, 0x0C, 0xEF, 0xD1, 0x5B ), + BYTES_TO_T_UINT_8( 0xB6, 0x5A, 0x27, 0xBF, 0x2F, 0x45, 0xF9, 0x51 ), + BYTES_TO_T_UINT_8( 0xD4, 0xBE, 0xE5, 0x2C, 0xFF, 0x5B, 0x1E, 0x88 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_3_Y[] = { + BYTES_TO_T_UINT_8( 0xAA, 0xAC, 0xBB, 0xD8, 0x83, 0xC2, 0x46, 0xF6 ), + BYTES_TO_T_UINT_8( 0xCF, 0xDC, 0xCE, 0x15, 0xB4, 0xEF, 0xCF, 0x46 ), + BYTES_TO_T_UINT_8( 0x46, 0xDB, 0x5E, 0x94, 0x31, 0x0B, 0xB2, 0x7A ), + BYTES_TO_T_UINT_8( 0x3C, 0xB9, 0xE3, 0xE3, 0x11, 0x71, 0x41, 0x1E ), + BYTES_TO_T_UINT_8( 0x36, 0xE3, 0x01, 0xB7, 0x7D, 0xBC, 0x65, 0xBE ), + BYTES_TO_T_UINT_8( 0xFC, 0x07, 0x65, 0x87, 0xA7, 0xE8, 0x48, 0xE3 ), + BYTES_TO_T_UINT_8( 0x66, 0x48, 0x8F, 0xD4, 0x30, 0x8E, 0xB4, 0x6C ), + BYTES_TO_T_UINT_8( 0x86, 0xE0, 0x73, 0xBE, 0x1E, 0xBF, 0x56, 0x36 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_4_X[] = { + BYTES_TO_T_UINT_8( 0xFE, 0x0E, 0x5E, 0x87, 0xC5, 0xAB, 0x0E, 0x3C ), + BYTES_TO_T_UINT_8( 0xB9, 0xF9, 0x5F, 0x80, 0x24, 0x4C, 0x2A, 0xF1 ), + BYTES_TO_T_UINT_8( 0xDE, 0x15, 0x21, 0x54, 0x92, 0x84, 0x8D, 0x6A ), + BYTES_TO_T_UINT_8( 0xA8, 0x8A, 0x47, 0x74, 0xDC, 0x42, 0xB1, 0xF8 ), + BYTES_TO_T_UINT_8( 0x81, 0xF7, 0x30, 0xFD, 0xC1, 0x9B, 0x0C, 0x5B ), + BYTES_TO_T_UINT_8( 0x4E, 0x6C, 0xCC, 0xDF, 0xC5, 0xE3, 0xA9, 0xD5 ), + BYTES_TO_T_UINT_8( 0xD6, 0x67, 0x59, 0x10, 0x5C, 0x51, 0x54, 0x40 ), + BYTES_TO_T_UINT_8( 0xA0, 0x37, 0xFB, 0x6E, 0xB0, 0x78, 0x63, 0x8E ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_4_Y[] = { + BYTES_TO_T_UINT_8( 0xA5, 0xEF, 0xC4, 0x39, 0x20, 0xF1, 0x46, 0x66 ), + BYTES_TO_T_UINT_8( 0xE2, 0x62, 0xAE, 0xFF, 0x10, 0xE4, 0xE2, 0xE9 ), + BYTES_TO_T_UINT_8( 0xFF, 0x5C, 0xF5, 0x2E, 0x22, 0x89, 0xE5, 0x82 ), + BYTES_TO_T_UINT_8( 0x89, 0x0C, 0x29, 0xA8, 0x62, 0xAE, 0xDB, 0x65 ), + BYTES_TO_T_UINT_8( 0xD7, 0x9E, 0x0F, 0xCA, 0x87, 0x2A, 0x6F, 0x7B ), + BYTES_TO_T_UINT_8( 0xCE, 0xDC, 0x9B, 0x9F, 0x65, 0xD4, 0xAD, 0x27 ), + BYTES_TO_T_UINT_8( 0xED, 0xC3, 0x08, 0x0F, 0xCF, 0x67, 0xE9, 0xF4 ), + BYTES_TO_T_UINT_8( 0x92, 0x5C, 0xD7, 0xFF, 0x41, 0x9C, 0xCB, 0x26 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_5_X[] = { + BYTES_TO_T_UINT_8( 0x37, 0x25, 0x05, 0x12, 0xAD, 0x73, 0x63, 0x90 ), + BYTES_TO_T_UINT_8( 0xC7, 0x99, 0x07, 0x86, 0x57, 0xE7, 0x94, 0xB1 ), + BYTES_TO_T_UINT_8( 0x00, 0x4B, 0xA5, 0xBF, 0x18, 0xA9, 0xEF, 0x6A ), + BYTES_TO_T_UINT_8( 0xFA, 0x4C, 0xC4, 0x09, 0xF2, 0x2F, 0x0C, 0xAA ), + BYTES_TO_T_UINT_8( 0x8C, 0x3A, 0x04, 0xEA, 0x89, 0x6C, 0x91, 0xB9 ), + BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0x3A, 0xE7, 0xA3, 0xEC, 0x24, 0x7B ), + BYTES_TO_T_UINT_8( 0x16, 0xA1, 0x26, 0x21, 0x04, 0xE3, 0xB9, 0x40 ), + BYTES_TO_T_UINT_8( 0x53, 0x71, 0x4B, 0x7B, 0xC2, 0x89, 0xCD, 0xA2 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_5_Y[] = { + BYTES_TO_T_UINT_8( 0xB7, 0xB9, 0xA8, 0x9D, 0xFD, 0x00, 0x3A, 0x1F ), + BYTES_TO_T_UINT_8( 0x63, 0x41, 0x6C, 0xBB, 0x5A, 0xCA, 0x1F, 0x74 ), + BYTES_TO_T_UINT_8( 0x2A, 0xD7, 0xE2, 0x6C, 0x6B, 0xA7, 0x48, 0xC9 ), + BYTES_TO_T_UINT_8( 0x1E, 0x19, 0xAD, 0xA7, 0xC1, 0x7E, 0x4F, 0x6E ), + BYTES_TO_T_UINT_8( 0xD1, 0xF7, 0x19, 0x3C, 0x06, 0x74, 0x2C, 0x3A ), + BYTES_TO_T_UINT_8( 0xC5, 0x23, 0x4F, 0x0C, 0x09, 0xB0, 0x80, 0x4A ), + BYTES_TO_T_UINT_8( 0x4E, 0x74, 0x34, 0x08, 0x44, 0x7E, 0xA3, 0xDD ), + BYTES_TO_T_UINT_8( 0xFB, 0xCC, 0x8D, 0x12, 0x6E, 0xE1, 0x3D, 0x0B ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_6_X[] = { + BYTES_TO_T_UINT_8( 0x38, 0x18, 0xB1, 0x71, 0x02, 0x93, 0xC2, 0xA4 ), + BYTES_TO_T_UINT_8( 0xC9, 0x89, 0x40, 0xE2, 0x1F, 0xE7, 0x5E, 0x68 ), + BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xAE, 0x89, 0x01, 0xD4, 0x0C, 0xEB ), + BYTES_TO_T_UINT_8( 0xAE, 0xDA, 0x58, 0x70, 0x24, 0xF2, 0xE4, 0x5F ), + BYTES_TO_T_UINT_8( 0x6F, 0xC7, 0x1D, 0xD6, 0x4A, 0x6F, 0x66, 0x4F ), + BYTES_TO_T_UINT_8( 0x92, 0x1D, 0x7E, 0x4A, 0x2C, 0xCA, 0xEC, 0x3B ), + BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x7F, 0xA8, 0x99, 0xE4, 0xD3, 0x4E ), + BYTES_TO_T_UINT_8( 0x2A, 0x1D, 0x5A, 0xDF, 0x5E, 0x58, 0x36, 0x49 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_6_Y[] = { + BYTES_TO_T_UINT_8( 0x9C, 0xB9, 0x32, 0x69, 0x1F, 0x72, 0x2A, 0xB3 ), + BYTES_TO_T_UINT_8( 0x1C, 0x73, 0xE2, 0x03, 0x39, 0x35, 0xAA, 0xA8 ), + BYTES_TO_T_UINT_8( 0xEB, 0x5E, 0x5D, 0x48, 0xEF, 0xAE, 0x30, 0xF5 ), + BYTES_TO_T_UINT_8( 0x77, 0x7F, 0x60, 0x19, 0xAF, 0xEC, 0x9D, 0xFC ), + BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x19, 0xE4, 0x1B, 0x56, 0x15, 0x5F ), + BYTES_TO_T_UINT_8( 0xBC, 0xD7, 0x33, 0x59, 0x1F, 0x43, 0x59, 0x2C ), + BYTES_TO_T_UINT_8( 0xC6, 0xCE, 0xEE, 0xCA, 0xA4, 0x7F, 0x63, 0xD4 ), + BYTES_TO_T_UINT_8( 0xBD, 0x40, 0xC0, 0xF6, 0x19, 0x89, 0x43, 0x20 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_7_X[] = { + BYTES_TO_T_UINT_8( 0xEB, 0x92, 0xEA, 0x07, 0x65, 0x79, 0x86, 0xD3 ), + BYTES_TO_T_UINT_8( 0xFF, 0xB7, 0x13, 0x75, 0xD3, 0xC5, 0x0A, 0xC9 ), + BYTES_TO_T_UINT_8( 0x26, 0x9E, 0xFA, 0xE1, 0x1F, 0x0C, 0xF9, 0x74 ), + BYTES_TO_T_UINT_8( 0xB4, 0x8C, 0xED, 0x5C, 0x21, 0xE9, 0x09, 0xDD ), + BYTES_TO_T_UINT_8( 0xF4, 0x4D, 0xD8, 0x18, 0xC4, 0xF6, 0x36, 0x39 ), + BYTES_TO_T_UINT_8( 0xC7, 0xC9, 0xAC, 0x5C, 0xFA, 0x69, 0xA4, 0xA0 ), + BYTES_TO_T_UINT_8( 0x6B, 0x8C, 0x94, 0x1C, 0x7B, 0x71, 0x36, 0x58 ), + BYTES_TO_T_UINT_8( 0x7C, 0xBD, 0x46, 0xCE, 0xB7, 0x1D, 0x9C, 0x5E ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_7_Y[] = { + BYTES_TO_T_UINT_8( 0xEA, 0xD6, 0x96, 0x4B, 0xA6, 0x47, 0xEB, 0xE5 ), + BYTES_TO_T_UINT_8( 0x5F, 0xF1, 0x5F, 0x15, 0xDE, 0x99, 0x6F, 0x66 ), + BYTES_TO_T_UINT_8( 0x21, 0xBD, 0xE5, 0x04, 0xB8, 0xE6, 0xC0, 0x0B ), + BYTES_TO_T_UINT_8( 0x49, 0xD3, 0xF0, 0x04, 0x00, 0xE4, 0x05, 0xDB ), + BYTES_TO_T_UINT_8( 0x96, 0xF3, 0x06, 0xA3, 0x1A, 0xFF, 0xEA, 0x73 ), + BYTES_TO_T_UINT_8( 0x08, 0x32, 0xAA, 0x99, 0x33, 0x09, 0xB6, 0x34 ), + BYTES_TO_T_UINT_8( 0x6E, 0xEF, 0xFC, 0x61, 0x10, 0x42, 0x31, 0x94 ), + BYTES_TO_T_UINT_8( 0x34, 0xF1, 0xF4, 0x33, 0xCF, 0x28, 0x90, 0x9C ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_8_X[] = { + BYTES_TO_T_UINT_8( 0x10, 0xDE, 0xF9, 0x88, 0x87, 0x7B, 0xEB, 0xC9 ), + BYTES_TO_T_UINT_8( 0x66, 0xB8, 0xDA, 0xFA, 0xDA, 0x3D, 0xA6, 0x17 ), + BYTES_TO_T_UINT_8( 0xA0, 0xF0, 0x62, 0x82, 0x53, 0x32, 0x55, 0x03 ), + BYTES_TO_T_UINT_8( 0x2F, 0xA5, 0x32, 0x4A, 0x19, 0x11, 0x9C, 0x10 ), + BYTES_TO_T_UINT_8( 0x16, 0xB3, 0x27, 0xE9, 0x75, 0x90, 0x05, 0x2D ), + BYTES_TO_T_UINT_8( 0x63, 0x1C, 0x90, 0x48, 0x77, 0x01, 0x85, 0x1B ), + BYTES_TO_T_UINT_8( 0xC7, 0xD6, 0x9B, 0x84, 0xA8, 0xD7, 0xC5, 0x28 ), + BYTES_TO_T_UINT_8( 0xE1, 0x7A, 0xCB, 0xB3, 0x11, 0x46, 0xD7, 0x99 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_8_Y[] = { + BYTES_TO_T_UINT_8( 0x8B, 0x23, 0xBF, 0x75, 0x75, 0xA1, 0x95, 0x90 ), + BYTES_TO_T_UINT_8( 0x4B, 0x66, 0x5D, 0x34, 0x13, 0xA9, 0x03, 0xBE ), + BYTES_TO_T_UINT_8( 0x29, 0x80, 0x9D, 0x5F, 0xD2, 0x44, 0xE1, 0x62 ), + BYTES_TO_T_UINT_8( 0x96, 0x5D, 0xBD, 0xA8, 0xBF, 0xB4, 0x25, 0x1F ), + BYTES_TO_T_UINT_8( 0x6A, 0x99, 0x1F, 0x53, 0xF1, 0x57, 0xDB, 0xE7 ), + BYTES_TO_T_UINT_8( 0x21, 0x7C, 0xE5, 0xC5, 0x51, 0x0B, 0x4C, 0x9B ), + BYTES_TO_T_UINT_8( 0x6B, 0xB0, 0x1A, 0x9C, 0x16, 0xB0, 0x32, 0x1F ), + BYTES_TO_T_UINT_8( 0xF4, 0xE3, 0xCF, 0xDD, 0x48, 0xB4, 0x7B, 0x33 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_9_X[] = { + BYTES_TO_T_UINT_8( 0xC0, 0xDD, 0x9E, 0x3C, 0x98, 0x0E, 0x77, 0x65 ), + BYTES_TO_T_UINT_8( 0x6C, 0xAB, 0x01, 0xD3, 0x87, 0x74, 0x25, 0x4A ), + BYTES_TO_T_UINT_8( 0x87, 0xA3, 0xE3, 0x76, 0x43, 0x87, 0x12, 0xBD ), + BYTES_TO_T_UINT_8( 0x54, 0xB1, 0x3B, 0x60, 0x66, 0xEB, 0x98, 0x54 ), + BYTES_TO_T_UINT_8( 0xD2, 0x78, 0xC8, 0xD7, 0x4E, 0x75, 0xCA, 0x69 ), + BYTES_TO_T_UINT_8( 0x07, 0xDF, 0x71, 0x19, 0xE7, 0x07, 0x36, 0xB5 ), + BYTES_TO_T_UINT_8( 0x6D, 0xC9, 0xA8, 0x5F, 0x91, 0xBF, 0x47, 0xB2 ), + BYTES_TO_T_UINT_8( 0x80, 0x96, 0x58, 0x96, 0x18, 0xB6, 0xFA, 0x01 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_9_Y[] = { + BYTES_TO_T_UINT_8( 0xD0, 0x2D, 0xA9, 0x9B, 0x86, 0xDB, 0x0C, 0x4C ), + BYTES_TO_T_UINT_8( 0xE4, 0x0B, 0x2D, 0x56, 0x4A, 0xD3, 0x93, 0x8A ), + BYTES_TO_T_UINT_8( 0xB5, 0x15, 0xE2, 0x65, 0x12, 0x86, 0x0E, 0xB2 ), + BYTES_TO_T_UINT_8( 0xB4, 0x41, 0x4D, 0xC1, 0xCB, 0xE4, 0xC3, 0xD7 ), + BYTES_TO_T_UINT_8( 0x6A, 0x53, 0x10, 0xCA, 0xA3, 0xAC, 0x83, 0x26 ), + BYTES_TO_T_UINT_8( 0x3E, 0x01, 0x22, 0x96, 0x10, 0xAD, 0x69, 0xDB ), + BYTES_TO_T_UINT_8( 0x42, 0x46, 0x4E, 0xD8, 0xEA, 0xD6, 0x9D, 0xF3 ), + BYTES_TO_T_UINT_8( 0x43, 0x2F, 0x7F, 0x62, 0x62, 0x80, 0xD0, 0x14 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_10_X[] = { + BYTES_TO_T_UINT_8( 0xB2, 0xDA, 0x00, 0x63, 0x09, 0xBD, 0x6A, 0x83 ), + BYTES_TO_T_UINT_8( 0x0F, 0xD4, 0x6E, 0x48, 0x05, 0xB7, 0xF7, 0x17 ), + BYTES_TO_T_UINT_8( 0x14, 0x4D, 0xD7, 0x00, 0x4A, 0x15, 0x27, 0x7A ), + BYTES_TO_T_UINT_8( 0x3A, 0x15, 0xAA, 0x37, 0x27, 0x34, 0x18, 0x24 ), + BYTES_TO_T_UINT_8( 0x3A, 0x20, 0x2C, 0x84, 0x1B, 0x88, 0xBA, 0x05 ), + BYTES_TO_T_UINT_8( 0xAC, 0x09, 0xD6, 0x04, 0xA2, 0x60, 0x84, 0x72 ), + BYTES_TO_T_UINT_8( 0xC8, 0x04, 0x94, 0x08, 0xD4, 0xED, 0x47, 0xDB ), + BYTES_TO_T_UINT_8( 0x8B, 0xF3, 0xE4, 0x3E, 0xB9, 0x5B, 0x35, 0x42 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_10_Y[] = { + BYTES_TO_T_UINT_8( 0x5F, 0xD8, 0xB6, 0x80, 0xD6, 0xF1, 0x30, 0xDD ), + BYTES_TO_T_UINT_8( 0xD6, 0x14, 0xA6, 0x85, 0xEE, 0xA7, 0xD8, 0x61 ), + BYTES_TO_T_UINT_8( 0xE4, 0x49, 0x2A, 0x1E, 0x7C, 0xE9, 0x2D, 0xEC ), + BYTES_TO_T_UINT_8( 0x3A, 0x87, 0x56, 0x91, 0x03, 0x77, 0x4D, 0x55 ), + BYTES_TO_T_UINT_8( 0x0E, 0x52, 0xD4, 0xAA, 0xF7, 0xFA, 0xB0, 0xC5 ), + BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x11, 0x39, 0xB1, 0xE7, 0x76, 0xAD ), + BYTES_TO_T_UINT_8( 0xD6, 0x13, 0xBC, 0x37, 0x5D, 0x74, 0xCD, 0xC2 ), + BYTES_TO_T_UINT_8( 0xC9, 0x48, 0x14, 0x23, 0x30, 0xF8, 0x46, 0x37 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_11_X[] = { + BYTES_TO_T_UINT_8( 0xAC, 0x27, 0xB0, 0xD9, 0xB2, 0x74, 0xB4, 0xC0 ), + BYTES_TO_T_UINT_8( 0xEA, 0xA6, 0xB9, 0x6F, 0x9F, 0x64, 0x36, 0x92 ), + BYTES_TO_T_UINT_8( 0x2E, 0x2B, 0x78, 0x40, 0x05, 0x2B, 0x7B, 0xA9 ), + BYTES_TO_T_UINT_8( 0xB3, 0x68, 0x3A, 0xB6, 0x4A, 0xE2, 0xDB, 0xB8 ), + BYTES_TO_T_UINT_8( 0x1E, 0x33, 0xD7, 0x34, 0x8B, 0x25, 0x45, 0xEF ), + BYTES_TO_T_UINT_8( 0x89, 0xCE, 0xA8, 0xC9, 0x01, 0xFB, 0x0E, 0x7B ), + BYTES_TO_T_UINT_8( 0xE2, 0xF9, 0x51, 0x4C, 0x12, 0x9F, 0x60, 0xE4 ), + BYTES_TO_T_UINT_8( 0x67, 0x85, 0xBD, 0x30, 0x37, 0x84, 0x39, 0x44 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_11_Y[] = { + BYTES_TO_T_UINT_8( 0x26, 0x33, 0xAF, 0x2E, 0xB8, 0x2E, 0xCC, 0x3C ), + BYTES_TO_T_UINT_8( 0xA4, 0xB1, 0x73, 0x59, 0x4E, 0x0C, 0x09, 0x4A ), + BYTES_TO_T_UINT_8( 0x8A, 0x24, 0x89, 0x81, 0x12, 0xFF, 0xBB, 0x6E ), + BYTES_TO_T_UINT_8( 0x71, 0x37, 0x1A, 0x66, 0xEE, 0xED, 0xB6, 0x9B ), + BYTES_TO_T_UINT_8( 0x16, 0xBD, 0x04, 0x20, 0x5D, 0xFB, 0xBF, 0x95 ), + BYTES_TO_T_UINT_8( 0xA0, 0xF8, 0x34, 0xA3, 0xFF, 0x45, 0xDE, 0x92 ), + BYTES_TO_T_UINT_8( 0x9B, 0x18, 0x73, 0xF1, 0x32, 0x25, 0x58, 0xEB ), + BYTES_TO_T_UINT_8( 0x63, 0xC1, 0x14, 0xE3, 0x9E, 0x40, 0x0F, 0x12 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_12_X[] = { + BYTES_TO_T_UINT_8( 0x61, 0x07, 0x9D, 0x9C, 0x00, 0xF7, 0x56, 0x19 ), + BYTES_TO_T_UINT_8( 0xFB, 0xBA, 0x87, 0xF9, 0x15, 0x0C, 0x66, 0x5D ), + BYTES_TO_T_UINT_8( 0x7E, 0x1F, 0xC1, 0x28, 0xB0, 0x47, 0x0D, 0xF5 ), + BYTES_TO_T_UINT_8( 0x96, 0xCA, 0x27, 0xEE, 0x4B, 0x23, 0x2B, 0x89 ), + BYTES_TO_T_UINT_8( 0x7E, 0xB5, 0x68, 0xC8, 0x17, 0x5D, 0xC3, 0xAA ), + BYTES_TO_T_UINT_8( 0x17, 0x02, 0x08, 0xEE, 0x20, 0x9D, 0xEA, 0x64 ), + BYTES_TO_T_UINT_8( 0xA7, 0x14, 0x50, 0xD4, 0x7D, 0x5F, 0xCF, 0xA0 ), + BYTES_TO_T_UINT_8( 0xD5, 0xFA, 0xF8, 0xA7, 0xC6, 0xDC, 0x14, 0x8C ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_12_Y[] = { + BYTES_TO_T_UINT_8( 0x76, 0xBD, 0x0A, 0x1A, 0x18, 0x98, 0xDC, 0xB0 ), + BYTES_TO_T_UINT_8( 0x63, 0x63, 0x02, 0xB7, 0xD5, 0x5B, 0x5A, 0xC6 ), + BYTES_TO_T_UINT_8( 0x51, 0xB1, 0xD7, 0x4B, 0x15, 0x39, 0x61, 0x5D ), + BYTES_TO_T_UINT_8( 0x5C, 0x32, 0xE1, 0x9E, 0x70, 0x1B, 0xCE, 0x51 ), + BYTES_TO_T_UINT_8( 0x64, 0xD8, 0x18, 0x83, 0x52, 0x9B, 0x6D, 0xA2 ), + BYTES_TO_T_UINT_8( 0xA4, 0x55, 0x56, 0x19, 0x34, 0xA4, 0xEA, 0xFC ), + BYTES_TO_T_UINT_8( 0x30, 0xA9, 0x55, 0x80, 0xE3, 0x15, 0x36, 0x8B ), + BYTES_TO_T_UINT_8( 0xBB, 0x06, 0xC8, 0x1D, 0x17, 0x0D, 0xAD, 0x16 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_13_X[] = { + BYTES_TO_T_UINT_8( 0x20, 0xD6, 0xF0, 0xCC, 0xF3, 0x63, 0x53, 0xD2 ), + BYTES_TO_T_UINT_8( 0x27, 0x5A, 0xDC, 0x46, 0xBD, 0x0D, 0xAD, 0x96 ), + BYTES_TO_T_UINT_8( 0x21, 0x2F, 0x11, 0x60, 0x15, 0x51, 0x4A, 0xEA ), + BYTES_TO_T_UINT_8( 0x33, 0xE3, 0x93, 0x38, 0xD5, 0x83, 0xAA, 0x0D ), + BYTES_TO_T_UINT_8( 0x90, 0xA6, 0xCC, 0xB1, 0xFD, 0xBB, 0x1A, 0x0F ), + BYTES_TO_T_UINT_8( 0x3B, 0x54, 0xC8, 0x54, 0x6F, 0x79, 0x1A, 0x59 ), + BYTES_TO_T_UINT_8( 0x3F, 0x4A, 0xDA, 0x28, 0x92, 0x97, 0x9D, 0x7F ), + BYTES_TO_T_UINT_8( 0xD6, 0x4B, 0xDB, 0xC7, 0x52, 0xC5, 0x66, 0x34 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_13_Y[] = { + BYTES_TO_T_UINT_8( 0x05, 0x7E, 0x92, 0x53, 0x30, 0x93, 0xFD, 0xFF ), + BYTES_TO_T_UINT_8( 0xA0, 0x16, 0x6A, 0xB1, 0x91, 0x0A, 0xB4, 0x52 ), + BYTES_TO_T_UINT_8( 0x6D, 0x9D, 0x40, 0x3F, 0xE3, 0xF1, 0x01, 0x46 ), + BYTES_TO_T_UINT_8( 0x13, 0x0E, 0xD8, 0xED, 0x11, 0x8E, 0x4C, 0xED ), + BYTES_TO_T_UINT_8( 0x86, 0x4A, 0x1B, 0x88, 0xDF, 0x8D, 0x29, 0xE7 ), + BYTES_TO_T_UINT_8( 0x97, 0x23, 0x21, 0x11, 0xAB, 0x77, 0x81, 0x62 ), + BYTES_TO_T_UINT_8( 0x0B, 0xAF, 0x11, 0xFA, 0xBA, 0x40, 0x63, 0xE7 ), + BYTES_TO_T_UINT_8( 0x2B, 0x6F, 0x8D, 0x80, 0xDF, 0x67, 0xF5, 0x44 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_14_X[] = { + BYTES_TO_T_UINT_8( 0xB2, 0x8B, 0xB7, 0x08, 0xF4, 0xD7, 0x2D, 0xA8 ), + BYTES_TO_T_UINT_8( 0xC7, 0x2B, 0x30, 0x02, 0x45, 0x71, 0x08, 0x49 ), + BYTES_TO_T_UINT_8( 0x97, 0x3A, 0xCA, 0x50, 0xF6, 0xC2, 0x19, 0x8C ), + BYTES_TO_T_UINT_8( 0x17, 0xB9, 0x9B, 0x3E, 0x73, 0x95, 0x1D, 0x49 ), + BYTES_TO_T_UINT_8( 0xB6, 0x60, 0x59, 0x48, 0xCB, 0xD8, 0xD6, 0xAA ), + BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x6C, 0x89, 0xAB, 0x99, 0xA8, 0xF8 ), + BYTES_TO_T_UINT_8( 0xEF, 0xA1, 0x8B, 0x4E, 0x06, 0x19, 0xEC, 0x99 ), + BYTES_TO_T_UINT_8( 0x70, 0x95, 0x04, 0xCF, 0xD5, 0x94, 0xB3, 0x02 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_14_Y[] = { + BYTES_TO_T_UINT_8( 0x29, 0x35, 0x93, 0x7C, 0xB3, 0xB8, 0x9E, 0x1B ), + BYTES_TO_T_UINT_8( 0xC4, 0x45, 0x5C, 0x7E, 0xBF, 0x75, 0x81, 0x0F ), + BYTES_TO_T_UINT_8( 0xDC, 0xE8, 0x24, 0xDF, 0xEC, 0x2F, 0x7D, 0xB9 ), + BYTES_TO_T_UINT_8( 0xF2, 0x8B, 0xD5, 0x6A, 0x9B, 0xA0, 0xE0, 0x4F ), + BYTES_TO_T_UINT_8( 0x32, 0xE3, 0x27, 0x82, 0xDE, 0xDD, 0xCA, 0x4B ), + BYTES_TO_T_UINT_8( 0xA7, 0x57, 0x56, 0x46, 0x05, 0x06, 0x01, 0x2E ), + BYTES_TO_T_UINT_8( 0x74, 0x35, 0xA7, 0x47, 0xE2, 0x6B, 0x2C, 0x4F ), + BYTES_TO_T_UINT_8( 0x38, 0x9D, 0x4C, 0xEC, 0x1F, 0x11, 0x75, 0x2B ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_15_X[] = { + BYTES_TO_T_UINT_8( 0xAC, 0xAA, 0x41, 0xC1, 0xE9, 0x0E, 0xE9, 0xAA ), + BYTES_TO_T_UINT_8( 0x0A, 0xCF, 0x9C, 0x4B, 0xE8, 0xED, 0x0A, 0x49 ), + BYTES_TO_T_UINT_8( 0x3D, 0x73, 0xCA, 0x0C, 0x46, 0x0A, 0x9C, 0xE4 ), + BYTES_TO_T_UINT_8( 0x99, 0xE1, 0x9E, 0xBC, 0xFE, 0x44, 0x63, 0x6D ), + BYTES_TO_T_UINT_8( 0x31, 0x43, 0x71, 0xEE, 0xF8, 0xC1, 0x8C, 0x5C ), + BYTES_TO_T_UINT_8( 0x6A, 0x4B, 0xF0, 0x69, 0x25, 0xBD, 0x71, 0x1A ), + BYTES_TO_T_UINT_8( 0xFD, 0x9A, 0xFE, 0x82, 0xE7, 0xC1, 0xC1, 0xEE ), + BYTES_TO_T_UINT_8( 0xFC, 0x5A, 0x6E, 0x5E, 0x97, 0x6A, 0x35, 0x8D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_15_Y[] = { + BYTES_TO_T_UINT_8( 0xA2, 0x18, 0x6C, 0x7E, 0xB8, 0x9E, 0x57, 0x32 ), + BYTES_TO_T_UINT_8( 0x35, 0xB9, 0xC1, 0xD0, 0xFE, 0x78, 0xFB, 0x32 ), + BYTES_TO_T_UINT_8( 0x7C, 0x08, 0xAE, 0x46, 0x34, 0xEA, 0x7A, 0x7F ), + BYTES_TO_T_UINT_8( 0xE8, 0x1C, 0x56, 0xA9, 0x18, 0x37, 0xD4, 0x9E ), + BYTES_TO_T_UINT_8( 0x28, 0x63, 0xE9, 0x0A, 0xB6, 0x38, 0x3C, 0xC1 ), + BYTES_TO_T_UINT_8( 0x3E, 0x4F, 0xA4, 0x6E, 0x85, 0x31, 0x23, 0x52 ), + BYTES_TO_T_UINT_8( 0x0D, 0xAD, 0xC4, 0xC3, 0xB1, 0x4B, 0x1C, 0x82 ), + BYTES_TO_T_UINT_8( 0x30, 0x56, 0x4A, 0x38, 0xB3, 0x6B, 0x6F, 0x2C ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_16_X[] = { + BYTES_TO_T_UINT_8( 0x67, 0xC7, 0x19, 0xDE, 0x21, 0xED, 0x89, 0xD0 ), + BYTES_TO_T_UINT_8( 0x2F, 0xBE, 0xA6, 0xAE, 0xEB, 0x9D, 0xA7, 0x2A ), + BYTES_TO_T_UINT_8( 0x04, 0x0E, 0x13, 0x1E, 0x86, 0x57, 0xC3, 0x3B ), + BYTES_TO_T_UINT_8( 0x1F, 0x4B, 0x30, 0x46, 0x52, 0xC1, 0xEC, 0x52 ), + BYTES_TO_T_UINT_8( 0x6E, 0xD5, 0x44, 0x31, 0x96, 0x3B, 0x26, 0x27 ), + BYTES_TO_T_UINT_8( 0x77, 0x68, 0xA8, 0x67, 0x78, 0x39, 0xE8, 0x68 ), + BYTES_TO_T_UINT_8( 0x8E, 0x78, 0xB7, 0xDD, 0xF2, 0x58, 0xB6, 0x3D ), + BYTES_TO_T_UINT_8( 0x81, 0x3C, 0xB3, 0x26, 0xC4, 0x2C, 0x8C, 0xA5 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_16_Y[] = { + BYTES_TO_T_UINT_8( 0xB9, 0x24, 0xE5, 0x73, 0xEE, 0x9A, 0x02, 0xA9 ), + BYTES_TO_T_UINT_8( 0xD9, 0x6A, 0x65, 0x60, 0xF3, 0x62, 0xE3, 0xE9 ), + BYTES_TO_T_UINT_8( 0xFB, 0x07, 0x84, 0xE6, 0x3B, 0x46, 0x65, 0x9F ), + BYTES_TO_T_UINT_8( 0xE1, 0x8F, 0x0C, 0xB0, 0xE1, 0x04, 0x82, 0x9D ), + BYTES_TO_T_UINT_8( 0xEB, 0x13, 0xBF, 0x3D, 0xA0, 0x48, 0xA2, 0x74 ), + BYTES_TO_T_UINT_8( 0x08, 0x26, 0x76, 0x74, 0xAB, 0x0B, 0x29, 0xE8 ), + BYTES_TO_T_UINT_8( 0x30, 0x6E, 0x5F, 0x03, 0x34, 0x7C, 0x38, 0xCE ), + BYTES_TO_T_UINT_8( 0x4D, 0x72, 0xF9, 0x3B, 0x3C, 0xA4, 0xBC, 0x7C ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_17_X[] = { + BYTES_TO_T_UINT_8( 0x5C, 0xCE, 0x18, 0x80, 0xB8, 0x24, 0x45, 0x81 ), + BYTES_TO_T_UINT_8( 0xF1, 0x09, 0x03, 0xB8, 0x06, 0x64, 0xF7, 0xEC ), + BYTES_TO_T_UINT_8( 0xF1, 0x26, 0xB1, 0x10, 0x6D, 0x71, 0x12, 0x2E ), + BYTES_TO_T_UINT_8( 0xAD, 0x12, 0xC6, 0x6E, 0x1E, 0x6A, 0xC3, 0x80 ), + BYTES_TO_T_UINT_8( 0xE5, 0xD3, 0x0A, 0xDE, 0xD8, 0x6B, 0x04, 0x5C ), + BYTES_TO_T_UINT_8( 0x96, 0x87, 0x5B, 0xAE, 0xDB, 0x3C, 0xC0, 0xC5 ), + BYTES_TO_T_UINT_8( 0x8E, 0xF5, 0xF9, 0xC1, 0x9A, 0x89, 0xBB, 0x7E ), + BYTES_TO_T_UINT_8( 0xED, 0x69, 0x72, 0x8B, 0xAE, 0x32, 0x13, 0x11 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_17_Y[] = { + BYTES_TO_T_UINT_8( 0xF9, 0x16, 0x07, 0x50, 0xFA, 0x4C, 0xCF, 0xE8 ), + BYTES_TO_T_UINT_8( 0xF8, 0x50, 0x21, 0xE9, 0xDE, 0xEC, 0x7E, 0xDF ), + BYTES_TO_T_UINT_8( 0x7C, 0x2F, 0xE8, 0x83, 0x30, 0x0B, 0x65, 0x0E ), + BYTES_TO_T_UINT_8( 0xA5, 0x0B, 0x99, 0xAC, 0xC9, 0xBA, 0x6C, 0x2A ), + BYTES_TO_T_UINT_8( 0xA7, 0x59, 0x5A, 0x0D, 0x7B, 0x9E, 0x08, 0xAD ), + BYTES_TO_T_UINT_8( 0x34, 0x91, 0xB2, 0xDC, 0x90, 0xCE, 0x67, 0xED ), + BYTES_TO_T_UINT_8( 0xE3, 0x93, 0x60, 0x0C, 0xD7, 0x1F, 0x2F, 0x17 ), + BYTES_TO_T_UINT_8( 0x19, 0x7F, 0x9D, 0x40, 0xF8, 0x78, 0x7A, 0x54 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_18_X[] = { + BYTES_TO_T_UINT_8( 0x13, 0x22, 0x95, 0xE8, 0xEF, 0x31, 0x57, 0x35 ), + BYTES_TO_T_UINT_8( 0x2D, 0x88, 0x53, 0xFE, 0xAF, 0x7C, 0x47, 0x14 ), + BYTES_TO_T_UINT_8( 0x0E, 0xCE, 0xCC, 0x79, 0xE8, 0x9F, 0x8C, 0xC4 ), + BYTES_TO_T_UINT_8( 0xDB, 0x16, 0xDD, 0x77, 0x6E, 0x8A, 0x73, 0x97 ), + BYTES_TO_T_UINT_8( 0xC0, 0x07, 0x97, 0x21, 0x3B, 0xF8, 0x5F, 0xA8 ), + BYTES_TO_T_UINT_8( 0xC6, 0xB5, 0xD2, 0x81, 0x84, 0xF0, 0xE7, 0x9F ), + BYTES_TO_T_UINT_8( 0xCB, 0x8F, 0x75, 0x09, 0x6A, 0x0E, 0x53, 0xAD ), + BYTES_TO_T_UINT_8( 0xE6, 0x4F, 0x70, 0x97, 0xC7, 0xAC, 0x7D, 0x3F ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_18_Y[] = { + BYTES_TO_T_UINT_8( 0xF9, 0x3C, 0x6A, 0xB4, 0x10, 0xA9, 0xC8, 0x1D ), + BYTES_TO_T_UINT_8( 0xEE, 0xC5, 0xD6, 0x69, 0x16, 0xB8, 0xAC, 0x25 ), + BYTES_TO_T_UINT_8( 0xAC, 0x44, 0xDC, 0xEB, 0x48, 0x54, 0x5D, 0x5F ), + BYTES_TO_T_UINT_8( 0x6F, 0x48, 0x9B, 0xD7, 0x72, 0x69, 0xA4, 0x8A ), + BYTES_TO_T_UINT_8( 0xB4, 0x0D, 0x36, 0x9A, 0x66, 0x0B, 0xEC, 0x24 ), + BYTES_TO_T_UINT_8( 0xBE, 0xC6, 0xD4, 0xB6, 0x60, 0xE5, 0xC3, 0x3A ), + BYTES_TO_T_UINT_8( 0xBA, 0x29, 0x42, 0xE0, 0x9D, 0xFD, 0x7C, 0x3E ), + BYTES_TO_T_UINT_8( 0x43, 0x10, 0xBA, 0x55, 0xBC, 0x3B, 0x38, 0x5D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_19_X[] = { + BYTES_TO_T_UINT_8( 0x25, 0x66, 0xFA, 0x05, 0x73, 0x03, 0x1B, 0x69 ), + BYTES_TO_T_UINT_8( 0x11, 0xA4, 0x66, 0x12, 0x96, 0x7B, 0x02, 0x4C ), + BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xDE, 0x6D, 0x98, 0xD1, 0xD5, 0xA8 ), + BYTES_TO_T_UINT_8( 0xE2, 0xF5, 0x44, 0xB8, 0x8E, 0xF6, 0x8C, 0x05 ), + BYTES_TO_T_UINT_8( 0x68, 0x15, 0x2B, 0x72, 0xBC, 0x49, 0xE5, 0xDF ), + BYTES_TO_T_UINT_8( 0x6C, 0x44, 0xD7, 0xDF, 0x8F, 0xEB, 0x8D, 0x80 ), + BYTES_TO_T_UINT_8( 0x05, 0x64, 0x88, 0xAA, 0xB7, 0xE4, 0x70, 0x1D ), + BYTES_TO_T_UINT_8( 0x9C, 0x14, 0xBB, 0xE9, 0x9B, 0xB9, 0x65, 0x5D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_19_Y[] = { + BYTES_TO_T_UINT_8( 0x66, 0x8E, 0x88, 0xF5, 0xF1, 0xC1, 0x89, 0xA2 ), + BYTES_TO_T_UINT_8( 0x16, 0x30, 0x53, 0xE6, 0xFB, 0x2D, 0x82, 0xB4 ), + BYTES_TO_T_UINT_8( 0xA7, 0xE4, 0xFF, 0xBA, 0x31, 0x79, 0xAB, 0xC2 ), + BYTES_TO_T_UINT_8( 0x45, 0x09, 0xF7, 0xB7, 0x09, 0x78, 0x4C, 0x90 ), + BYTES_TO_T_UINT_8( 0x10, 0xAE, 0xC2, 0x44, 0xDC, 0x17, 0x78, 0x47 ), + BYTES_TO_T_UINT_8( 0xC7, 0xD4, 0x17, 0x43, 0x19, 0x74, 0x9E, 0x23 ), + BYTES_TO_T_UINT_8( 0x15, 0x64, 0x3B, 0x73, 0xA2, 0x99, 0x27, 0x76 ), + BYTES_TO_T_UINT_8( 0x05, 0x74, 0x36, 0x5F, 0xD3, 0x14, 0xB1, 0x31 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_20_X[] = { + BYTES_TO_T_UINT_8( 0xAC, 0x07, 0xAB, 0xFD, 0x9B, 0x03, 0xC5, 0xD5 ), + BYTES_TO_T_UINT_8( 0xC7, 0xBE, 0xB0, 0x1D, 0xF2, 0x0C, 0x73, 0x73 ), + BYTES_TO_T_UINT_8( 0x99, 0xE7, 0x7B, 0x87, 0xD3, 0x34, 0xFD, 0xE2 ), + BYTES_TO_T_UINT_8( 0x9A, 0x25, 0x3D, 0xC7, 0x36, 0x83, 0x53, 0xDC ), + BYTES_TO_T_UINT_8( 0x22, 0x7C, 0xCF, 0x63, 0x55, 0x12, 0x11, 0xB0 ), + BYTES_TO_T_UINT_8( 0xC0, 0x34, 0x4D, 0x27, 0x92, 0xAC, 0x18, 0x16 ), + BYTES_TO_T_UINT_8( 0x98, 0x42, 0x61, 0x9D, 0x2E, 0xFF, 0x13, 0x16 ), + BYTES_TO_T_UINT_8( 0xF4, 0xDE, 0x92, 0x65, 0x57, 0x0D, 0xBC, 0x0A ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_20_Y[] = { + BYTES_TO_T_UINT_8( 0xEF, 0x7B, 0x6E, 0xC6, 0x2A, 0x21, 0x74, 0x0A ), + BYTES_TO_T_UINT_8( 0x37, 0xA7, 0x53, 0x4D, 0x29, 0x36, 0xEF, 0xE5 ), + BYTES_TO_T_UINT_8( 0xE1, 0xD6, 0x41, 0xC7, 0x99, 0xAD, 0x50, 0x53 ), + BYTES_TO_T_UINT_8( 0x99, 0xAC, 0x41, 0x9F, 0xFB, 0x4C, 0x86, 0xF1 ), + BYTES_TO_T_UINT_8( 0x8B, 0xBB, 0xE6, 0x25, 0x28, 0xAA, 0xEB, 0x1E ), + BYTES_TO_T_UINT_8( 0x92, 0x04, 0xA2, 0xC3, 0xAA, 0x08, 0x8A, 0xCC ), + BYTES_TO_T_UINT_8( 0x5A, 0x2B, 0x5B, 0xE2, 0x8D, 0x76, 0xEA, 0x34 ), + BYTES_TO_T_UINT_8( 0xB3, 0x33, 0xD2, 0x21, 0x4D, 0x62, 0xE3, 0x8E ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_21_X[] = { + BYTES_TO_T_UINT_8( 0xF6, 0x06, 0x8B, 0x2B, 0xC2, 0xC4, 0xB1, 0xD2 ), + BYTES_TO_T_UINT_8( 0xFA, 0xF5, 0xA1, 0xC0, 0x03, 0x6A, 0x29, 0x12 ), + BYTES_TO_T_UINT_8( 0xF5, 0xA9, 0xEF, 0x55, 0xB6, 0x1A, 0x9F, 0x6B ), + BYTES_TO_T_UINT_8( 0x9B, 0x54, 0x32, 0xBE, 0x06, 0x43, 0xB5, 0xFD ), + BYTES_TO_T_UINT_8( 0xF7, 0xD6, 0xD9, 0x20, 0x89, 0xBE, 0xD4, 0x1B ), + BYTES_TO_T_UINT_8( 0xE8, 0x26, 0x95, 0x10, 0xCE, 0xB4, 0x88, 0x79 ), + BYTES_TO_T_UINT_8( 0xE6, 0xA6, 0x27, 0xAC, 0x32, 0xBA, 0xBD, 0xC7 ), + BYTES_TO_T_UINT_8( 0xA3, 0xA6, 0xAE, 0x9C, 0x7B, 0xBE, 0xA1, 0x63 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_21_Y[] = { + BYTES_TO_T_UINT_8( 0x8B, 0xCD, 0x4D, 0x3D, 0xDF, 0x96, 0xBB, 0x7D ), + BYTES_TO_T_UINT_8( 0x77, 0xA7, 0x11, 0x06, 0xCC, 0x0E, 0x31, 0x81 ), + BYTES_TO_T_UINT_8( 0x20, 0xE4, 0xF4, 0xAD, 0x7B, 0x5F, 0xF1, 0xEF ), + BYTES_TO_T_UINT_8( 0xE4, 0x54, 0xBE, 0xF4, 0x8A, 0x03, 0x47, 0xDF ), + BYTES_TO_T_UINT_8( 0xB4, 0x53, 0x00, 0x7F, 0xB0, 0x8A, 0x68, 0xA6 ), + BYTES_TO_T_UINT_8( 0xA0, 0x16, 0xB1, 0x73, 0x6F, 0x5B, 0x0E, 0xC3 ), + BYTES_TO_T_UINT_8( 0x2A, 0x32, 0xE3, 0x43, 0x64, 0x75, 0xFB, 0xFB ), + BYTES_TO_T_UINT_8( 0xA0, 0x18, 0x55, 0x8A, 0x4E, 0x6E, 0x35, 0x54 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_22_X[] = { + BYTES_TO_T_UINT_8( 0x80, 0x97, 0x15, 0x1E, 0xCB, 0xF2, 0x9C, 0xA5 ), + BYTES_TO_T_UINT_8( 0x2B, 0xD1, 0xBB, 0xF3, 0x70, 0xAD, 0x13, 0xAD ), + BYTES_TO_T_UINT_8( 0xD8, 0x96, 0xA4, 0xC5, 0x5E, 0xDA, 0xD5, 0x57 ), + BYTES_TO_T_UINT_8( 0x07, 0x81, 0xE9, 0x65, 0x66, 0x76, 0x47, 0x45 ), + BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x87, 0x06, 0x73, 0xCF, 0x34, 0xD2 ), + BYTES_TO_T_UINT_8( 0x5A, 0x81, 0x15, 0x42, 0xA2, 0x79, 0x5B, 0x42 ), + BYTES_TO_T_UINT_8( 0x08, 0xA2, 0x7D, 0x09, 0x14, 0x64, 0xC6, 0xAE ), + BYTES_TO_T_UINT_8( 0x5E, 0x6D, 0xC4, 0xED, 0xF1, 0xD6, 0xE9, 0x24 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_22_Y[] = { + BYTES_TO_T_UINT_8( 0xB4, 0xD5, 0xBB, 0x25, 0xA3, 0xDD, 0xA3, 0x88 ), + BYTES_TO_T_UINT_8( 0x46, 0xF2, 0x68, 0x67, 0x39, 0x8F, 0x73, 0x93 ), + BYTES_TO_T_UINT_8( 0xF0, 0x76, 0x28, 0x89, 0xAD, 0x32, 0xE0, 0xDF ), + BYTES_TO_T_UINT_8( 0xF8, 0x90, 0xCC, 0x57, 0x58, 0xAA, 0xC9, 0x75 ), + BYTES_TO_T_UINT_8( 0x5E, 0xD7, 0x43, 0xD2, 0xCE, 0x5E, 0xA0, 0x08 ), + BYTES_TO_T_UINT_8( 0x33, 0xB0, 0xB8, 0xA4, 0x9E, 0x96, 0x26, 0x86 ), + BYTES_TO_T_UINT_8( 0x94, 0x61, 0x1D, 0xF3, 0x65, 0x5E, 0x60, 0xCA ), + BYTES_TO_T_UINT_8( 0xC7, 0x1E, 0x65, 0xED, 0xCF, 0x07, 0x60, 0x20 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_23_X[] = { + BYTES_TO_T_UINT_8( 0xA4, 0x30, 0x17, 0x8A, 0x91, 0x88, 0x0A, 0xA4 ), + BYTES_TO_T_UINT_8( 0x05, 0x7D, 0x18, 0xA4, 0xAC, 0x59, 0xFC, 0x5F ), + BYTES_TO_T_UINT_8( 0xA4, 0x31, 0x8B, 0x25, 0x65, 0x39, 0x9A, 0xDC ), + BYTES_TO_T_UINT_8( 0x15, 0x16, 0x4B, 0x68, 0xBA, 0x59, 0x13, 0x2F ), + BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xD3, 0xC5, 0x56, 0xC9, 0x8C, 0x5E ), + BYTES_TO_T_UINT_8( 0xBC, 0xC6, 0x9F, 0xF4, 0xE6, 0xF7, 0xB4, 0x01 ), + BYTES_TO_T_UINT_8( 0x2D, 0x7C, 0x03, 0x00, 0x26, 0x9F, 0xD8, 0x7B ), + BYTES_TO_T_UINT_8( 0x24, 0x1D, 0x6E, 0x00, 0xB9, 0x00, 0x6E, 0x93 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_23_Y[] = { + BYTES_TO_T_UINT_8( 0x75, 0x63, 0xDA, 0x03, 0x2B, 0xD5, 0x0B, 0xFE ), + BYTES_TO_T_UINT_8( 0x46, 0xFC, 0xE2, 0xC8, 0x47, 0xF0, 0xAE, 0xF2 ), + BYTES_TO_T_UINT_8( 0x51, 0x4C, 0xF7, 0x50, 0x0C, 0x48, 0x06, 0x2A ), + BYTES_TO_T_UINT_8( 0xDF, 0x2B, 0x32, 0x98, 0x0E, 0x7E, 0x61, 0x41 ), + BYTES_TO_T_UINT_8( 0x5D, 0x02, 0x27, 0xFE, 0x75, 0x86, 0xDF, 0x24 ), + BYTES_TO_T_UINT_8( 0x2B, 0x30, 0xB1, 0x22, 0x32, 0x1B, 0xFE, 0x24 ), + BYTES_TO_T_UINT_8( 0xC2, 0x27, 0xF7, 0x78, 0x6F, 0xD7, 0xFD, 0xE4 ), + BYTES_TO_T_UINT_8( 0xA0, 0x78, 0xCC, 0xEA, 0xC0, 0x50, 0x24, 0x44 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_24_X[] = { + BYTES_TO_T_UINT_8( 0x37, 0x2B, 0x4F, 0x7F, 0x58, 0xE6, 0xC2, 0x70 ), + BYTES_TO_T_UINT_8( 0x37, 0x43, 0xD5, 0xA7, 0x35, 0x3C, 0x80, 0xB8 ), + BYTES_TO_T_UINT_8( 0x1A, 0x6D, 0x4B, 0x12, 0x00, 0x7B, 0xE6, 0xA6 ), + BYTES_TO_T_UINT_8( 0x37, 0x15, 0xBD, 0xD0, 0x9B, 0xCA, 0xAA, 0x81 ), + BYTES_TO_T_UINT_8( 0xCF, 0xCE, 0x9C, 0xE3, 0x8B, 0x60, 0x7A, 0x53 ), + BYTES_TO_T_UINT_8( 0x0C, 0xDA, 0x4B, 0x03, 0xA7, 0x8D, 0x43, 0x22 ), + BYTES_TO_T_UINT_8( 0x57, 0xAF, 0x00, 0x2B, 0x32, 0xF0, 0x22, 0x68 ), + BYTES_TO_T_UINT_8( 0xDC, 0xD9, 0x99, 0x99, 0xBE, 0x43, 0x99, 0x3E ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_24_Y[] = { + BYTES_TO_T_UINT_8( 0x1F, 0x71, 0x41, 0xF4, 0xB5, 0xFD, 0xDD, 0x36 ), + BYTES_TO_T_UINT_8( 0x9D, 0xE2, 0x20, 0x4C, 0xD1, 0x2E, 0x1F, 0x06 ), + BYTES_TO_T_UINT_8( 0x96, 0x43, 0x48, 0x76, 0x8A, 0x49, 0xAC, 0x87 ), + BYTES_TO_T_UINT_8( 0x0C, 0x1A, 0x55, 0xA8, 0xA3, 0xD4, 0x57, 0x75 ), + BYTES_TO_T_UINT_8( 0x7C, 0xA6, 0x84, 0x39, 0xC9, 0x13, 0xBB, 0x60 ), + BYTES_TO_T_UINT_8( 0xD9, 0xFA, 0xA9, 0x70, 0xDE, 0x83, 0xDD, 0xC9 ), + BYTES_TO_T_UINT_8( 0xEC, 0xC9, 0xD9, 0x3E, 0x44, 0x91, 0x68, 0x7B ), + BYTES_TO_T_UINT_8( 0xB6, 0x9F, 0x85, 0x6D, 0xF7, 0x54, 0x36, 0x82 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_25_X[] = { + BYTES_TO_T_UINT_8( 0x68, 0x6B, 0xA6, 0xA3, 0xE5, 0xD4, 0x46, 0xDB ), + BYTES_TO_T_UINT_8( 0x23, 0x3E, 0xDC, 0x84, 0x7C, 0x7B, 0x24, 0x34 ), + BYTES_TO_T_UINT_8( 0x14, 0xED, 0x7F, 0x86, 0x07, 0x6C, 0x57, 0xCA ), + BYTES_TO_T_UINT_8( 0x95, 0x06, 0xFE, 0x52, 0x12, 0x79, 0x69, 0x56 ), + BYTES_TO_T_UINT_8( 0x84, 0xD1, 0x44, 0x5F, 0x21, 0x3A, 0xC3, 0x84 ), + BYTES_TO_T_UINT_8( 0x5E, 0xD9, 0x4A, 0xC0, 0x75, 0xAB, 0x17, 0xAC ), + BYTES_TO_T_UINT_8( 0xFF, 0x81, 0x94, 0xB6, 0x80, 0x6B, 0x6F, 0xC3 ), + BYTES_TO_T_UINT_8( 0x07, 0xBE, 0x8E, 0xA5, 0xAA, 0xBC, 0x1E, 0x3E ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_25_Y[] = { + BYTES_TO_T_UINT_8( 0x89, 0xC7, 0x85, 0xA6, 0x59, 0x9B, 0xB1, 0x52 ), + BYTES_TO_T_UINT_8( 0x1C, 0xCE, 0x40, 0xD1, 0xFB, 0xDF, 0x94, 0xF7 ), + BYTES_TO_T_UINT_8( 0x18, 0xB8, 0x5E, 0xBF, 0x45, 0xA8, 0x2D, 0x2D ), + BYTES_TO_T_UINT_8( 0x98, 0x9C, 0x06, 0x1B, 0xA9, 0x57, 0xB9, 0x79 ), + BYTES_TO_T_UINT_8( 0x53, 0xE9, 0xCE, 0xA2, 0xD3, 0x74, 0xA1, 0x3C ), + BYTES_TO_T_UINT_8( 0xAA, 0x5F, 0x34, 0x78, 0xDB, 0xAE, 0x3A, 0x14 ), + BYTES_TO_T_UINT_8( 0x7D, 0x32, 0x84, 0x3E, 0x68, 0x6A, 0x43, 0x0F ), + BYTES_TO_T_UINT_8( 0x8C, 0xBC, 0x39, 0x36, 0xA4, 0xC5, 0xBB, 0x11 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_26_X[] = { + BYTES_TO_T_UINT_8( 0x8C, 0x07, 0xA2, 0xB5, 0xC9, 0x0F, 0x4D, 0x0F ), + BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0x67, 0xE6, 0xF1, 0x46, 0xEB, 0x71 ), + BYTES_TO_T_UINT_8( 0xD7, 0x41, 0x23, 0x95, 0xE7, 0xE0, 0x10, 0xDD ), + BYTES_TO_T_UINT_8( 0xBE, 0x69, 0xFE, 0x68, 0x8C, 0xC6, 0x5F, 0xB6 ), + BYTES_TO_T_UINT_8( 0xE3, 0xB9, 0x2B, 0x3D, 0xD2, 0x4F, 0xD8, 0x1A ), + BYTES_TO_T_UINT_8( 0xA3, 0x09, 0xF5, 0x5F, 0xCF, 0xF6, 0x91, 0x57 ), + BYTES_TO_T_UINT_8( 0x65, 0x15, 0x42, 0x6B, 0x6D, 0xB5, 0xF3, 0xB6 ), + BYTES_TO_T_UINT_8( 0xBF, 0x56, 0x9D, 0xC5, 0xFF, 0xCA, 0x13, 0x9B ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_26_Y[] = { + BYTES_TO_T_UINT_8( 0x4D, 0x38, 0xE6, 0x23, 0x63, 0x48, 0x3C, 0xCA ), + BYTES_TO_T_UINT_8( 0xD2, 0x68, 0x3C, 0xD1, 0x3B, 0xE9, 0x3B, 0x82 ), + BYTES_TO_T_UINT_8( 0xB5, 0x08, 0x54, 0x49, 0xD1, 0x46, 0x45, 0x13 ), + BYTES_TO_T_UINT_8( 0x07, 0x70, 0x52, 0x6E, 0x79, 0xC4, 0x5E, 0x95 ), + BYTES_TO_T_UINT_8( 0x36, 0xDF, 0xE8, 0x5A, 0x32, 0x81, 0xDA, 0xD3 ), + BYTES_TO_T_UINT_8( 0x3C, 0x2D, 0x94, 0x5B, 0xB5, 0x35, 0x9F, 0x0A ), + BYTES_TO_T_UINT_8( 0x2A, 0x12, 0x8D, 0xC3, 0x36, 0x36, 0xB2, 0x2A ), + BYTES_TO_T_UINT_8( 0x39, 0x2F, 0x22, 0x38, 0x5B, 0x18, 0x4C, 0x35 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_27_X[] = { + BYTES_TO_T_UINT_8( 0x10, 0xC1, 0x22, 0x0E, 0xF0, 0x73, 0x11, 0x05 ), + BYTES_TO_T_UINT_8( 0xB2, 0xAE, 0xA4, 0x56, 0x18, 0x61, 0x66, 0x12 ), + BYTES_TO_T_UINT_8( 0x79, 0xFB, 0x72, 0x08, 0x84, 0x38, 0x51, 0xB0 ), + BYTES_TO_T_UINT_8( 0xDA, 0x86, 0xA8, 0xB9, 0x31, 0x99, 0x29, 0xC3 ), + BYTES_TO_T_UINT_8( 0x8A, 0xFB, 0xC3, 0x42, 0xB3, 0xC7, 0x6F, 0x3A ), + BYTES_TO_T_UINT_8( 0xD8, 0xF8, 0xE1, 0x09, 0xBE, 0x75, 0xB0, 0x22 ), + BYTES_TO_T_UINT_8( 0x5A, 0x7D, 0xFF, 0xF4, 0x99, 0xFC, 0x13, 0xAB ), + BYTES_TO_T_UINT_8( 0xE6, 0x1B, 0x84, 0x81, 0x42, 0x22, 0xC6, 0x3D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_27_Y[] = { + BYTES_TO_T_UINT_8( 0x21, 0xE0, 0x37, 0xA4, 0xA0, 0x2F, 0x38, 0x7F ), + BYTES_TO_T_UINT_8( 0xD0, 0x3D, 0xB7, 0x40, 0x2F, 0x39, 0x3C, 0x7A ), + BYTES_TO_T_UINT_8( 0x7A, 0x3B, 0x8A, 0x51, 0xAE, 0x40, 0x49, 0x7A ), + BYTES_TO_T_UINT_8( 0x36, 0x20, 0x9F, 0xDD, 0xA9, 0xD0, 0x77, 0xC7 ), + BYTES_TO_T_UINT_8( 0x78, 0x1D, 0x64, 0xDA, 0xA0, 0x53, 0xC7, 0x7D ), + BYTES_TO_T_UINT_8( 0x37, 0x7B, 0x66, 0x55, 0x94, 0xD1, 0x51, 0x44 ), + BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xB5, 0x5B, 0x38, 0x35, 0x40, 0xC0 ), + BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0x0F, 0xF0, 0x73, 0x79, 0x43, 0x61 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_28_X[] = { + BYTES_TO_T_UINT_8( 0x10, 0x47, 0x45, 0x69, 0x80, 0x72, 0x72, 0x42 ), + BYTES_TO_T_UINT_8( 0x70, 0x11, 0x99, 0x59, 0xDB, 0x48, 0x80, 0x39 ), + BYTES_TO_T_UINT_8( 0x75, 0x6E, 0x3D, 0xFC, 0x37, 0x15, 0xF4, 0xBF ), + BYTES_TO_T_UINT_8( 0x17, 0xBB, 0x5B, 0xA6, 0x35, 0x8D, 0x28, 0x20 ), + BYTES_TO_T_UINT_8( 0xAB, 0x1A, 0x3B, 0x2C, 0x8F, 0xD3, 0xAA, 0x2D ), + BYTES_TO_T_UINT_8( 0x55, 0x1C, 0x1A, 0xF8, 0x02, 0xD9, 0x7B, 0x41 ), + BYTES_TO_T_UINT_8( 0xAF, 0x69, 0xAC, 0xF8, 0x54, 0x31, 0x14, 0xA1 ), + BYTES_TO_T_UINT_8( 0x41, 0x8A, 0xE6, 0xDE, 0x58, 0xB9, 0xC4, 0x7A ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_28_Y[] = { + BYTES_TO_T_UINT_8( 0x57, 0x83, 0x52, 0xFE, 0xF9, 0x7B, 0xE9, 0x1F ), + BYTES_TO_T_UINT_8( 0x07, 0xA2, 0x55, 0x46, 0x15, 0x49, 0xC1, 0x3A ), + BYTES_TO_T_UINT_8( 0x1D, 0xBC, 0x5C, 0x91, 0xBD, 0xB9, 0x9C, 0xF4 ), + BYTES_TO_T_UINT_8( 0xBB, 0xFD, 0xB1, 0x4E, 0x5F, 0x74, 0xEE, 0x53 ), + BYTES_TO_T_UINT_8( 0xB1, 0x8B, 0xD8, 0x8B, 0x17, 0x73, 0x1B, 0x96 ), + BYTES_TO_T_UINT_8( 0x22, 0x92, 0xD7, 0x67, 0x06, 0xAD, 0x25, 0xCD ), + BYTES_TO_T_UINT_8( 0x01, 0x0F, 0x80, 0x24, 0xE2, 0x27, 0x5F, 0x8B ), + BYTES_TO_T_UINT_8( 0x61, 0x1C, 0xCE, 0xD0, 0x67, 0xCA, 0xD4, 0x0B ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_29_X[] = { + BYTES_TO_T_UINT_8( 0x87, 0xF1, 0xDD, 0x33, 0x66, 0xF9, 0x05, 0xD6 ), + BYTES_TO_T_UINT_8( 0x1D, 0xE5, 0x6B, 0x79, 0xBD, 0x48, 0x42, 0xAA ), + BYTES_TO_T_UINT_8( 0xD1, 0x14, 0x52, 0xE3, 0x53, 0xB4, 0x50, 0xD4 ), + BYTES_TO_T_UINT_8( 0x32, 0x84, 0x6C, 0xCF, 0xDA, 0xB2, 0x20, 0x0A ), + BYTES_TO_T_UINT_8( 0x70, 0xD6, 0x1A, 0xE5, 0xE2, 0x29, 0x70, 0xCE ), + BYTES_TO_T_UINT_8( 0xD5, 0x61, 0xFE, 0xBB, 0x21, 0x82, 0xD1, 0xFE ), + BYTES_TO_T_UINT_8( 0x2C, 0xF0, 0x9C, 0x8B, 0x1A, 0x42, 0x30, 0x06 ), + BYTES_TO_T_UINT_8( 0x43, 0xD6, 0x49, 0x81, 0x92, 0xF1, 0xD0, 0x90 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_29_Y[] = { + BYTES_TO_T_UINT_8( 0xC9, 0x91, 0x93, 0x6A, 0xA6, 0x22, 0xE9, 0xD6 ), + BYTES_TO_T_UINT_8( 0x09, 0xDC, 0xC3, 0x69, 0x11, 0x95, 0x7D, 0xEC ), + BYTES_TO_T_UINT_8( 0x1C, 0xA3, 0x9D, 0x87, 0x5E, 0x64, 0x41, 0xA2 ), + BYTES_TO_T_UINT_8( 0xBE, 0x87, 0x5A, 0x15, 0xBD, 0x6E, 0x3C, 0x8D ), + BYTES_TO_T_UINT_8( 0xD0, 0x8D, 0x50, 0xCC, 0xCF, 0xB7, 0x8F, 0x0B ), + BYTES_TO_T_UINT_8( 0x38, 0x65, 0xCD, 0x31, 0x30, 0xF1, 0x68, 0x13 ), + BYTES_TO_T_UINT_8( 0x10, 0x5C, 0x66, 0x67, 0x92, 0x30, 0x57, 0x95 ), + BYTES_TO_T_UINT_8( 0x23, 0x9B, 0x01, 0x3D, 0x20, 0x8B, 0xD1, 0x0D ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_30_X[] = { + BYTES_TO_T_UINT_8( 0xAB, 0xC0, 0xE6, 0x4F, 0xDE, 0x62, 0xAB, 0xB3 ), + BYTES_TO_T_UINT_8( 0xA4, 0x48, 0xB3, 0x1C, 0x0F, 0x16, 0x93, 0x45 ), + BYTES_TO_T_UINT_8( 0x77, 0x63, 0xBD, 0x1F, 0x16, 0x50, 0x56, 0x98 ), + BYTES_TO_T_UINT_8( 0x5D, 0x06, 0xBC, 0xE9, 0x27, 0x1C, 0x9A, 0x7B ), + BYTES_TO_T_UINT_8( 0xF8, 0xFE, 0x21, 0xC5, 0x39, 0x55, 0xE1, 0xFD ), + BYTES_TO_T_UINT_8( 0xF6, 0xA8, 0xD0, 0x96, 0x0E, 0xB5, 0xB2, 0x84 ), + BYTES_TO_T_UINT_8( 0x3D, 0xE7, 0x4B, 0xF3, 0x11, 0x0C, 0xC9, 0x5B ), + BYTES_TO_T_UINT_8( 0x43, 0x3A, 0xC4, 0x87, 0x71, 0xEE, 0xFA, 0x18 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_30_Y[] = { + BYTES_TO_T_UINT_8( 0xA7, 0x77, 0xEE, 0x81, 0x5E, 0x96, 0xEA, 0x4B ), + BYTES_TO_T_UINT_8( 0xEE, 0xDF, 0xA9, 0xF4, 0x4F, 0x7C, 0xB2, 0x43 ), + BYTES_TO_T_UINT_8( 0x9F, 0xD4, 0xDF, 0x35, 0x63, 0x47, 0x25, 0x8A ), + BYTES_TO_T_UINT_8( 0xA5, 0x3D, 0xFF, 0xA4, 0x02, 0xC3, 0x95, 0x11 ), + BYTES_TO_T_UINT_8( 0xD5, 0x10, 0x78, 0xD1, 0x2B, 0xB7, 0xBE, 0x0E ), + BYTES_TO_T_UINT_8( 0x0A, 0xE9, 0x57, 0xF9, 0xE0, 0xD8, 0xFC, 0xBC ), + BYTES_TO_T_UINT_8( 0xF3, 0xC4, 0x01, 0xD6, 0xB4, 0xE7, 0x78, 0xE2 ), + BYTES_TO_T_UINT_8( 0x02, 0x6C, 0xB9, 0x13, 0xA4, 0xE8, 0x6D, 0x6F ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_31_X[] = { + BYTES_TO_T_UINT_8( 0xE8, 0xB0, 0xC9, 0xCD, 0xBF, 0xA2, 0x1E, 0x63 ), + BYTES_TO_T_UINT_8( 0xDD, 0x4F, 0x86, 0x22, 0x9B, 0xEA, 0xE8, 0xBB ), + BYTES_TO_T_UINT_8( 0x50, 0x46, 0xDF, 0x43, 0xB9, 0x82, 0x2D, 0x0A ), + BYTES_TO_T_UINT_8( 0x07, 0x32, 0xF1, 0x4E, 0x95, 0x41, 0xAE, 0x8E ), + BYTES_TO_T_UINT_8( 0x52, 0x93, 0x26, 0xFC, 0xD3, 0x90, 0xDC, 0xEB ), + BYTES_TO_T_UINT_8( 0x04, 0x05, 0x45, 0xCA, 0xF9, 0x5A, 0x89, 0x93 ), + BYTES_TO_T_UINT_8( 0xC5, 0x82, 0x63, 0x4E, 0x55, 0x1D, 0x3A, 0x08 ), + BYTES_TO_T_UINT_8( 0x7C, 0x69, 0x52, 0x49, 0xE9, 0xED, 0x57, 0x34 ), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_31_Y[] = { + BYTES_TO_T_UINT_8( 0x70, 0x64, 0xE9, 0xAC, 0x4C, 0x4A, 0xEA, 0x25 ), + BYTES_TO_T_UINT_8( 0xE9, 0xE9, 0x0B, 0x99, 0xE7, 0xF9, 0xA9, 0x2C ), + BYTES_TO_T_UINT_8( 0x24, 0x0C, 0xC1, 0xF4, 0x8D, 0x07, 0xB6, 0xB1 ), + BYTES_TO_T_UINT_8( 0xAD, 0x68, 0xFA, 0x35, 0xE4, 0x9E, 0xAE, 0xD9 ), + BYTES_TO_T_UINT_8( 0xF0, 0x2D, 0x1A, 0x13, 0x8E, 0x02, 0xE2, 0x63 ), + BYTES_TO_T_UINT_8( 0x27, 0x38, 0x28, 0x86, 0x46, 0x7B, 0x3A, 0xE1 ), + BYTES_TO_T_UINT_8( 0x3F, 0x4C, 0x64, 0x59, 0x0A, 0xF9, 0x02, 0xC4 ), + BYTES_TO_T_UINT_8( 0x41, 0x4F, 0x23, 0xA2, 0xC3, 0xD5, 0xEF, 0x42 ), +}; +static const mbedtls_ecp_point brainpoolP512r1_T[32] = { + ECP_POINT_INIT_XY_Z1(brainpoolP512r1_T_0_X, brainpoolP512r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_1_X, brainpoolP512r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_2_X, brainpoolP512r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_3_X, brainpoolP512r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_4_X, brainpoolP512r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_5_X, brainpoolP512r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_6_X, brainpoolP512r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_7_X, brainpoolP512r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_8_X, brainpoolP512r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_9_X, brainpoolP512r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_10_X, brainpoolP512r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_11_X, brainpoolP512r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_12_X, brainpoolP512r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_13_X, brainpoolP512r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_14_X, brainpoolP512r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_15_X, brainpoolP512r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_16_X, brainpoolP512r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_17_X, brainpoolP512r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_18_X, brainpoolP512r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_19_X, brainpoolP512r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_20_X, brainpoolP512r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_21_X, brainpoolP512r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_22_X, brainpoolP512r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_23_X, brainpoolP512r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_24_X, brainpoolP512r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_25_X, brainpoolP512r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_26_X, brainpoolP512r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_27_X, brainpoolP512r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_28_X, brainpoolP512r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_29_X, brainpoolP512r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_30_X, brainpoolP512r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_31_X, brainpoolP512r1_T_31_Y), +}; +#else +#define brainpoolP512r1_T NULL #endif +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ #if defined(ECP_LOAD_GROUP) /* @@ -585,10 +4562,9 @@ static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size */ static inline void ecp_mpi_set1( mbedtls_mpi *X ) { - static mbedtls_mpi_uint one[] = { 1 }; X->s = 1; X->n = 1; - X->p = one; + X->p = mpi_one; } /* @@ -600,7 +4576,8 @@ static int ecp_group_load( mbedtls_ecp_group *grp, const mbedtls_mpi_uint *b, size_t blen, const mbedtls_mpi_uint *gx, size_t gxlen, const mbedtls_mpi_uint *gy, size_t gylen, - const mbedtls_mpi_uint *n, size_t nlen) + const mbedtls_mpi_uint *n, size_t nlen, + const mbedtls_ecp_point *T) { ecp_mpi_load( &grp->P, p, plen ); if( a != NULL ) @@ -617,6 +4594,12 @@ static int ecp_group_load( mbedtls_ecp_group *grp, grp->h = 1; + grp->T = (mbedtls_ecp_point *) T; + /* + * Set T_size to 0 to prevent T free by mbedtls_ecp_group_free. + */ + grp->T_size = 0; + return( 0 ); } #endif /* ECP_LOAD_GROUP */ @@ -668,7 +4651,9 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); G ## _b, sizeof( G ## _b ), \ G ## _gx, sizeof( G ## _gx ), \ G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) + G ## _n, sizeof( G ## _n ), \ + G ## _T \ + ) #define LOAD_GROUP( G ) ecp_group_load( grp, \ G ## _p, sizeof( G ## _p ), \ @@ -676,7 +4661,9 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); G ## _b, sizeof( G ## _b ), \ G ## _gx, sizeof( G ## _gx ), \ G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) + G ## _n, sizeof( G ## _n ), \ + G ## _T \ + ) #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3e4ac8b616..e12345365f 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -251,7 +251,11 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) #if defined(MBEDTLS_ECP_C) void ecp_clear_precomputed( mbedtls_ecp_group *grp ) { - if( grp->T != NULL ) + if( grp->T != NULL +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 + && grp->T_size != 0 +#endif + ) { size_t i; for( i = 0; i < grp->T_size; i++ ) From b2b3ec4f7a79bffe36d414d7abe84662ad838985 Mon Sep 17 00:00:00 2001 From: kXuan Date: Sat, 10 Apr 2021 14:56:39 +0800 Subject: [PATCH 0074/1065] add ecp_comb_table.py ecp_comb_table.py generates comb table Signed-off-by: kXuan --- scripts/ecp_comb_table.py | 249 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) create mode 100755 scripts/ecp_comb_table.py diff --git a/scripts/ecp_comb_table.py b/scripts/ecp_comb_table.py new file mode 100755 index 0000000000..bc11431189 --- /dev/null +++ b/scripts/ecp_comb_table.py @@ -0,0 +1,249 @@ +#!/usr/bin/env python3 +""" +Purpose + +This script dumps comb table of ec curve. When you add a new ec curve, you +can use this script to generate codes to define `_T` in ecp_curves.c +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os +import subprocess +import sys +import tempfile + +HOW_TO_ADD_NEW_CURVE = """ +If you are trying to add new curve, you can follow these steps: + +1. Define curve parameters (_p, _gx, etc...) in ecp_curves.c. +2. Add a macro to define _T to NULL following these parameters. +3. Build mbedcrypto +4. Run this script with an argument of new curve +5. Copy the output of this script into ecp_curves.c and replace the macro added + in Step 2 +6. Rebuild and test if everything is ok + +Replace the in the above with the name of the curve you want to add.""" + +CC = os.getenv('CC', 'cc') +MBEDTLS_LIBRARY_PATH = os.getenv('MBEDTLS_LIBRARY_PATH', "library") + +SRC_DUMP_COMB_TABLE = r''' +#include +#include +#include "mbedtls/ecp.h" +#include "mbedtls/error.h" + +static void dump_mpi_initialize( const char *name, const mbedtls_mpi *d ) +{ + uint8_t buf[128] = {0}; + size_t olen; + uint8_t *p; + + olen = mbedtls_mpi_size( d ); + mbedtls_mpi_write_binary_le( d, buf, olen ); + printf("static const mbedtls_mpi_uint %s[] = {\n", name); + for (p = buf; p < buf + olen; p += 8) { + printf( " BYTES_TO_T_UINT_8( 0x%02X, 0x%02X, 0x%02X, 0x%02X, 0x%02X, 0x%02X, 0x%02X, 0x%02X ),\n", + p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7] ); + } + printf("};\n"); +} + +static void dump_T( const mbedtls_ecp_group *grp ) +{ + char name[128]; + + printf( "#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1\n" ); + + for (size_t i = 0; i < grp->T_size; ++i) { + snprintf( name, sizeof(name), "%s_T_%zu_X", CURVE_NAME, i ); + dump_mpi_initialize( name, &grp->T[i].X ); + + snprintf( name, sizeof(name), "%s_T_%zu_Y", CURVE_NAME, i ); + dump_mpi_initialize( name, &grp->T[i].Y ); + } + printf( "static const mbedtls_ecp_point %s_T[%zu] = {\n", CURVE_NAME, grp->T_size ); + size_t olen; + for (size_t i = 0; i < grp->T_size; ++i) { + int z; + if ( mbedtls_mpi_cmp_int(&grp->T[i].Z, 0) == 0 ) { + z = 0; + } else if ( mbedtls_mpi_cmp_int(&grp->T[i].Z, 1) == 0 ) { + z = 1; + } else { + fprintf( stderr, "Unexpected value of Z (i = %d)\n", (int)i ); + exit( 1 ); + } + printf( " ECP_POINT_INIT_XY_Z%d(%s_T_%zu_X, %s_T_%zu_Y),\n", + z, + CURVE_NAME, i, + CURVE_NAME, i + ); + } + printf("};\n#endif\n\n"); +} + +int main() +{ + int rc; + mbedtls_mpi m; + mbedtls_ecp_point R; + mbedtls_ecp_group grp; + + mbedtls_ecp_group_init( &grp ); + rc = mbedtls_ecp_group_load( &grp, CURVE_ID ); + if (rc != 0) { + char buf[100]; + mbedtls_strerror( rc, buf, sizeof(buf) ); + fprintf( stderr, "mbedtls_ecp_group_load: %s (-0x%x)\n", buf, -rc ); + return 1; + } + grp.T = NULL; + mbedtls_ecp_point_init( &R ); + mbedtls_mpi_init( &m); + mbedtls_mpi_lset( &m, 1 ); + rc = mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ); + if ( rc != 0 ) { + char buf[100]; + mbedtls_strerror( rc, buf, sizeof(buf) ); + fprintf( stderr, "mbedtls_ecp_mul: %s (-0x%x)\n", buf, -rc ); + return 1; + } + if ( grp.T == NULL ) { + fprintf( stderr, "grp.T is not generated. Please make sure" + "MBEDTLS_ECP_FIXED_POINT_OPTIM is enabled in config.h\n" ); + return 1; + } + dump_T( &grp ); + return 0; +} +''' + +SRC_DUMP_KNOWN_CURVE = r''' +#include +#include +#include "mbedtls/ecp.h" + +int main() { + const mbedtls_ecp_curve_info *info = mbedtls_ecp_curve_list(); + mbedtls_ecp_group grp; + + mbedtls_ecp_group_init( &grp ); + while ( info->name != NULL ) { + mbedtls_ecp_group_load( &grp, info->grp_id ); + if ( mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) { + printf( " %s", info->name ); + } + info++; + } + printf( "\n" ); + return 0; +} +''' + + +def join_src_path(*args): + return os.path.normpath(os.path.join(os.path.dirname(__file__), "..", *args)) + + +def run_c_source(src, cflags): + """ + Compile and run C source code + :param src: the c language code to run + :param cflags: additional cflags passing to compiler + :return: + """ + binname = tempfile.mktemp(prefix="mbedtls") + fd, srcname = tempfile.mkstemp(prefix="mbedtls", suffix=".c") + srcfile = os.fdopen(fd, mode="w") + srcfile.write(src) + srcfile.close() + args = [CC, + *cflags, + '-I' + join_src_path("include"), + "-o", binname, + '-L' + MBEDTLS_LIBRARY_PATH, + srcname, + '-lmbedcrypto'] + + p = subprocess.run(args=args, check=False) + if p.returncode != 0: + return False + p = subprocess.run(args=[binname], check=False, env={ + 'LD_LIBRARY_PATH': MBEDTLS_LIBRARY_PATH + }) + if p.returncode != 0: + return False + os.unlink(srcname) + os.unlink(binname) + return True + + +def compute_curve(curve): + """compute comb table for curve""" + r = run_c_source( + SRC_DUMP_COMB_TABLE, + [ + '-g', + '-DCURVE_ID=MBEDTLS_ECP_DP_%s' % curve.upper(), + '-DCURVE_NAME="%s"' % curve.lower(), + ]) + if not r: + print("""\ +Unable to compile and run utility.""", file=sys.stderr) + sys.exit(1) + + +def usage(): + print(""" +Usage: python %s ... + +Arguments: + curve Specify one or more curve names (e.g secp256r1) + +All possible curves: """ % sys.argv[0]) + run_c_source(SRC_DUMP_KNOWN_CURVE, []) + print(""" +Environment Variable: + CC Specify which c compile to use to compile utility. + MBEDTLS_LIBRARY_PATH + Specify the path to mbedcrypto library. (e.g. build/library/) + +How to add a new curve: %s""" % HOW_TO_ADD_NEW_CURVE) + + +def run_main(): + shared_lib_path = os.path.normpath(os.path.join(MBEDTLS_LIBRARY_PATH, "libmbedcrypto.so")) + static_lib_path = os.path.normpath(os.path.join(MBEDTLS_LIBRARY_PATH, "libmbedcrypto.a")) + if not os.path.exists(shared_lib_path) and not os.path.exists(static_lib_path): + print("Warning: both '%s' and '%s' are not exists. This script will use " + "the library from your system instead of the library compiled by " + "this source directory.\n" + "You can specify library path using environment variable " + "'MBEDTLS_LIBRARY_PATH'." % (shared_lib_path, static_lib_path), + file=sys.stderr) + + if len(sys.argv) <= 1: + usage() + else: + for curve in sys.argv[1:]: + compute_curve(curve) + + +if __name__ == '__main__': + run_main() From 22fc906d57d1730fd7bfd48b1193ef34a2309ac4 Mon Sep 17 00:00:00 2001 From: kXuan Date: Tue, 1 Jun 2021 11:36:18 +0800 Subject: [PATCH 0075/1065] Add ChangeLog and migration guide for MBEDTLS_ECP_FIXED_POINT_OPTIM Signed-off-by: kXuan --- ChangeLog.d/issue4128.txt | 4 ++++ .../modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md | 8 ++++++++ 2 files changed, 12 insertions(+) create mode 100644 ChangeLog.d/issue4128.txt create mode 100644 docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md diff --git a/ChangeLog.d/issue4128.txt b/ChangeLog.d/issue4128.txt new file mode 100644 index 0000000000..421740397d --- /dev/null +++ b/ChangeLog.d/issue4128.txt @@ -0,0 +1,4 @@ +API changes + * The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` use pre-computed comb tables + instead of computing tables in runtime. Thus, this option now use more + ROM, and it does not increase RAM usage in runtime anymore. diff --git a/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md b/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md new file mode 100644 index 0000000000..02a083c44b --- /dev/null +++ b/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md @@ -0,0 +1,8 @@ +Change MBEDTLS_ECP_FIXED_POINT_OPTIM behaviour +------------------------------------------------------ + +The option MBEDTLS_ECP_FIXED_POINT_OPTIM now use more ROM and does not increase +peak RAM usage anymore. + +If you are limited by ROM space, you can define MBEDTLS_ECP_FIXED_POINT_OPTIM +to `0` in your config file. This will save about 50 KiB ROM space. From 86e6c9f8605138befbfa07e1d7deb30a678b705d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:30:59 +0200 Subject: [PATCH 0076/1065] Improve expected context state for some APIs Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 4cfb1e85cf..eb0cbb2ca2 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -400,7 +400,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * the input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. * - * \param ctx The CCM context. This must be initialized. + * \param ctx The CCM context. This must have been started with + * mbedtls_ccm_starts(). * \param input The buffer holding the input data. If \p input_len * is greater than zero, this must be a readable buffer * of at least \p input_len bytes. @@ -435,7 +436,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * * \note This function is not implemented in Mbed TLS yet. * - * \param ctx The CCM context. This must be initialized. + * \param ctx The CCM context. This must have been started with + * mbedtls_ccm_starts(). * \param tag The buffer for holding the tag. If \p tag_len is greater * than zero, this must be a writable buffer of at least \p * tag_len Bytes. From b87fe016aa966af1cb974f90792aa554a0804b29 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:40:46 +0200 Subject: [PATCH 0077/1065] Remove buffer overlap considerations Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index eb0cbb2ca2..e5a58068e2 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -396,10 +396,6 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * * \note This function is not implemented in Mbed TLS yet. * - * \note For decryption, the output buffer cannot be the same as - * the input buffer. If the buffers overlap, the output buffer - * must trail at least 8 Bytes behind the input buffer. - * * \param ctx The CCM context. This must have been started with * mbedtls_ccm_starts(). * \param input The buffer holding the input data. If \p input_len @@ -419,7 +415,6 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: * total input length too long, - * unsupported input/output buffer overlap detected, * or \p output_size too small. */ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, From 84cb8e00637f2688017e0f123a8d2fc2ab93c9aa Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:49:58 +0200 Subject: [PATCH 0078/1065] Add invalid mode as mbedtls_ccm_start() possible error Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index e5a58068e2..c4e310d42b 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -316,6 +316,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * * \return \c 0 on success. * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p mode is invalid, * \p iv_len is invalid (lower than \c 7 or greater than * \c 13), * \p total_add_len is greater than \c 0xFF00. From ff92479f717060ec49b86ee578e96c28affba6b7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:51:30 +0200 Subject: [PATCH 0079/1065] Wording improvement Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index c4e310d42b..b8964d8e13 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -375,7 +375,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * ways: * - Immediate output: the output length is always equal * to the input length. - * - Buffered output: but for the last part of input data, + * - Buffered output: except for the last part of input data, * the output consists of a whole number of 16-byte blocks. * If the total input length so far (not including * associated data) is 16 \* *B* + *A* with *A* < 16 then From 51584c6cdb43c2657c10886eb9268ae8d9773de5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 09:47:15 +0200 Subject: [PATCH 0080/1065] Prefer ad to add as shorthand for additional/associated data Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 56 +++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index b8964d8e13..ae09cf5371 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -138,10 +138,10 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. If \p add_len is greater than - * zero, \p add must be a readable buffer of at least that + * \param ad The additional data field. If \p ad_len is greater than + * zero, \p ad must be a readable buffer of at least that * length. - * \param add_len The length of additional data in Bytes. + * \param ad_len The length of additional data in Bytes. * This must be less than `2^16 - 2^8`. * \param input The buffer holding the input data. If \p length is greater * than zero, \p input must be a readable buffer of at least @@ -159,7 +159,7 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); */ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, + const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ); @@ -184,9 +184,9 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. This must be a readable buffer of - * at least \p add_len Bytes. - * \param add_len The length of additional data in Bytes. + * \param ad The additional data field. This must be a readable buffer of + * at least \p ad_len Bytes. + * \param ad_len The length of additional data in Bytes. * This must be less than 2^16 - 2^8. * \param input The buffer holding the input data. If \p length is greater * than zero, \p input must be a readable buffer of at least @@ -207,7 +207,7 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, */ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, + const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ); @@ -223,9 +223,9 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. This must be a readable buffer - * of at least that \p add_len Bytes.. - * \param add_len The length of additional data in Bytes. + * \param ad The additional data field. This must be a readable buffer + * of at least that \p ad_len Bytes.. + * \param ad_len The length of additional data in Bytes. * This must be less than 2^16 - 2^8. * \param input The buffer holding the input data. If \p length is greater * than zero, \p input must be a readable buffer of at least @@ -244,7 +244,7 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, */ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, + const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ); @@ -265,9 +265,9 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. This must be a readable buffer of - * at least that \p add_len Bytes. - * \param add_len The length of additional data in Bytes. + * \param ad The additional data field. This must be a readable buffer of + * at least that \p ad_len Bytes. + * \param ad_len The length of additional data in Bytes. * This must be less than 2^16 - 2^8. * \param input The buffer holding the input data. If \p length is greater * than zero, \p input must be a readable buffer of at least @@ -289,7 +289,7 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, */ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, + const unsigned char *ad, size_t ad_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ); @@ -308,7 +308,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param total_add_len The total length of additional data in bytes. + * \param total_ad_len The total length of additional data in bytes. * This must be less than `2^16 - 2^8`. * \param plaintext_len The length in bytes of the plaintext to encrypt or * result of the decryption (thus not encompassing the @@ -319,13 +319,13 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \p mode is invalid, * \p iv_len is invalid (lower than \c 7 or greater than * \c 13), - * \p total_add_len is greater than \c 0xFF00. + * \p total_ad_len is greater than \c 0xFF00. */ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, - size_t total_add_len, + size_t total_ad_len, size_t plaintext_len ); /** @@ -335,9 +335,9 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * * You may call this function zero, one or more times * to pass successive parts of the additional data. The - * lengths \p add_len of the data parts should eventually add + * lengths \p ad_len of the data parts should eventually add * up exactly to the total length of additional data - * \c total_add_len passed to mbedtls_ccm_starts(). You may + * \c total_ad_len passed to mbedtls_ccm_starts(). You may * not call this function after calling mbedtls_ccm_update(). * * \note This function is not implemented in Mbed TLS yet. @@ -345,18 +345,18 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * \param ctx The CCM context. This must have been started with * mbedtls_ccm_starts() and must not have yet received * any input with mbedtls_ccm_update(). - * \param add The buffer holding the additional data, or \c NULL - * if \p add_len is \c 0. - * \param add_len The length of the additional data. If \c 0, - * \p add may be \c NULL. + * \param ad The buffer holding the additional data, or \c NULL + * if \p ad_len is \c 0. + * \param ad_len The length of the additional data. If \c 0, + * \p ad may be \c NULL. * * \return \c 0 on success. * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: * total input length too long. */ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, - const unsigned char *add, - size_t add_len ); + const unsigned char *ad, + size_t ad_len ); /** * \brief This function feeds an input buffer into an ongoing CCM @@ -446,7 +446,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * invalid value of \p tag_len, * the total amount of additional data passed to * mbedtls_ccm_update_ad() was lower than the total length of - * additional data \c total_add_len passed to + * additional data \c total_ad_len passed to * mbedtls_ccm_starts(), * the total amount of input data passed to * mbedtls_ccm_update() was lower than the plaintext length From b740a617ec71a88004683c5bcdadedb008a12ec4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 10:53:06 +0200 Subject: [PATCH 0081/1065] Remove change log Remove the change log as the changes in this PR only affect CCM alternative implementation developers. Signed-off-by: Ronald Cron --- ChangeLog.d/m-ccm-api.txt | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 ChangeLog.d/m-ccm-api.txt diff --git a/ChangeLog.d/m-ccm-api.txt b/ChangeLog.d/m-ccm-api.txt deleted file mode 100644 index 7301e12e59..0000000000 --- a/ChangeLog.d/m-ccm-api.txt +++ /dev/null @@ -1,5 +0,0 @@ -Features - * The CCM API now supports multi-part operations. Alternative - implementations can add multipart support according to the new multi-part - interface functions. The implementation of these functions in Mbed TLS - will be added in a future release. From 7c41cd2a7af2a499d362140a7061c40aa47da5da Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 29 May 2021 17:22:10 +0200 Subject: [PATCH 0082/1065] Split operation start and the declaration of data lengths Split operation start and the declaration of data lengths to better align with the PSA Cryptography multipart AEAD APIs. Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 59 +++++++++++++++++++++++++++++-------------- 1 file changed, 40 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index ae09cf5371..f89ddc2e0f 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -308,6 +308,26 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. + * + * \return \c 0 on success. + * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p mode is invalid, + * \p iv_len is invalid (lower than \c 7 or greater than + * \c 13). + */ +int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len ); + +/** + * \brief This function declares the lengths of the message + * and additional data for a CCM encryption or decryption + * operation. + * + * \note This function is not implemented in Mbed TLS yet. + * + * \param ctx The CCM context. This must be initialized. * \param total_ad_len The total length of additional data in bytes. * This must be less than `2^16 - 2^8`. * \param plaintext_len The length in bytes of the plaintext to encrypt or @@ -316,17 +336,11 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * * \return \c 0 on success. * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: - * \p mode is invalid, - * \p iv_len is invalid (lower than \c 7 or greater than - * \c 13), * \p total_ad_len is greater than \c 0xFF00. */ -int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - size_t total_ad_len, - size_t plaintext_len ); +int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, + size_t total_ad_len, + size_t plaintext_len ); /** * \brief This function feeds an input buffer as associated data @@ -337,14 +351,17 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * to pass successive parts of the additional data. The * lengths \p ad_len of the data parts should eventually add * up exactly to the total length of additional data - * \c total_ad_len passed to mbedtls_ccm_starts(). You may - * not call this function after calling mbedtls_ccm_update(). + * \c total_ad_len passed to mbedtls_ccm_set_lengths(). You + * may not call this function after calling + * mbedtls_ccm_update(). * * \note This function is not implemented in Mbed TLS yet. * * \param ctx The CCM context. This must have been started with - * mbedtls_ccm_starts() and must not have yet received - * any input with mbedtls_ccm_update(). + * mbedtls_ccm_starts(), the lengths of the message and + * additional data must have been declared with + * mbedtls_ccm_set_lengths() and this must not have yet + * received any input with mbedtls_ccm_update(). * \param ad The buffer holding the additional data, or \c NULL * if \p ad_len is \c 0. * \param ad_len The length of the additional data. If \c 0, @@ -369,7 +386,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * mbedtls_ccm_finish(). The lengths \p input_len of the * data parts should eventually add up exactly to the * plaintext length \c plaintext_len passed to - * mbedtls_ccm_starts(). + * mbedtls_ccm_set_lengths(). * * This function may produce output in one of the following * ways: @@ -384,7 +401,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * equal to the input length plus the number of bytes (*A*) * buffered in the previous call to the function (if any). * The function uses the plaintext length - * \c plaintext_len passed to mbedtls_ccm_starts() + * \c plaintext_len passed to mbedtls_ccm_set_lengths() * to detect the last part of input data. * * In particular: @@ -398,7 +415,9 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * \note This function is not implemented in Mbed TLS yet. * * \param ctx The CCM context. This must have been started with - * mbedtls_ccm_starts(). + * mbedtls_ccm_starts() and the lengths of the message and + * additional data must have been declared with + * mbedtls_ccm_set_lengths(). * \param input The buffer holding the input data. If \p input_len * is greater than zero, this must be a readable buffer * of at least \p input_len bytes. @@ -433,7 +452,9 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * \note This function is not implemented in Mbed TLS yet. * * \param ctx The CCM context. This must have been started with - * mbedtls_ccm_starts(). + * mbedtls_ccm_starts() and the lengths of the message and + * additional data must have been declared with + * mbedtls_ccm_set_lengths(). * \param tag The buffer for holding the tag. If \p tag_len is greater * than zero, this must be a writable buffer of at least \p * tag_len Bytes. @@ -447,10 +468,10 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * the total amount of additional data passed to * mbedtls_ccm_update_ad() was lower than the total length of * additional data \c total_ad_len passed to - * mbedtls_ccm_starts(), + * mbedtls_ccm_set_lengths(), * the total amount of input data passed to * mbedtls_ccm_update() was lower than the plaintext length - * \c plaintext_len passed to mbedtls_ccm_starts(). + * \c plaintext_len passed to mbedtls_ccm_set_lengths(). */ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len ); From f668bd18dfc11e2092f65c1cd13162cbe8975fbe Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 27 May 2021 11:48:00 +0200 Subject: [PATCH 0083/1065] Add migration guide for developers of CCM alternative implementation Signed-off-by: Ronald Cron --- docs/3.0-migration-guide.d/ccm-alt.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 docs/3.0-migration-guide.d/ccm-alt.md diff --git a/docs/3.0-migration-guide.d/ccm-alt.md b/docs/3.0-migration-guide.d/ccm-alt.md new file mode 100644 index 0000000000..1abac7acdf --- /dev/null +++ b/docs/3.0-migration-guide.d/ccm-alt.md @@ -0,0 +1,9 @@ +CCM interface changes: impact for alternative implementations +------------------------------------------------------------- + +The CCM interface has changed with the addition of support for +multi-part operations. Five new API functions have been defined: +mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), +mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). +Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to +implement those additional five API functions. From 542957d6b1dfd61bb7c162061e0ab7c38cfec802 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 1 Jun 2021 09:22:05 +0200 Subject: [PATCH 0084/1065] Add some API calling order documentation Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index f89ddc2e0f..c4fc6b55d9 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -297,6 +297,11 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \brief This function starts a CCM encryption or decryption * operation. * + * This function and mbedtls_ccm_set_lengths() must be called + * before calling mbedtls_ccm_update_ad() or + * mbedtls_ccm_update(). This function can be called before + * or after mbedtls_ccm_set_lengths(). + * * \note This function is not implemented in Mbed TLS yet. * * \param ctx The CCM context. This must be initialized. @@ -325,6 +330,11 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * and additional data for a CCM encryption or decryption * operation. * + * This function and mbedtls_ccm_starts() must be called + * before calling mbedtls_ccm_update_ad() or + * mbedtls_ccm_update(). This function can be called before + * or after mbedtls_ccm_starts(). + * * \note This function is not implemented in Mbed TLS yet. * * \param ctx The CCM context. This must be initialized. From f059e74a22cba36ed1ea93754c0be4da8b211b96 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 1 Jun 2021 11:17:07 +0200 Subject: [PATCH 0085/1065] Re-wording ChangeLog and reverting overzealous removal from config.h Signed-off-by: TRodziewicz --- ChangeLog.d/issue4367.txt | 7 ++++--- include/mbedtls/config.h | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/issue4367.txt b/ChangeLog.d/issue4367.txt index 8c31d719d4..9012fc062c 100644 --- a/ChangeLog.d/issue4367.txt +++ b/ChangeLog.d/issue4367.txt @@ -1,6 +1,5 @@ Removals - * Remove the MBEDTLS_REMOVE_3DES_CIPHERSUITES config.h option and makke as if - it was disabled. Remove all the 3DES ciphersuites: + * Remove all the 3DES ciphersuites: MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, @@ -9,4 +8,6 @@ Removals MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA . Fixes #4367. + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA. Remove the + MBEDTLS_REMOVE_3DES_CIPHERSUITES option which is no longer relevant. + Fixes #4367. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 12f8c95cef..3aa0877c5b 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2340,7 +2340,7 @@ * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying * implementation of the CMAC algorithm is provided by an alternate * implementation, that alternate implementation may opt to not support - * AES-192 as underlying block ciphers for the CMAC operation. + * AES-192 or 3DES as underlying block ciphers for the CMAC operation. * * Module: library/cmac.c * From e13d3083ee5b8c8bb9f552e06520ae22c3600d6f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 1 Jun 2021 13:35:40 +0200 Subject: [PATCH 0086/1065] Add invalid context as a possible reason for _BAD_INPUT error code Signed-off-by: Ronald Cron --- include/mbedtls/ccm.h | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index c4fc6b55d9..ea03a3579c 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -315,7 +315,8 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * 15 - \p iv_len. * * \return \c 0 on success. - * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p ctx is in an invalid state, * \p mode is invalid, * \p iv_len is invalid (lower than \c 7 or greater than * \c 13). @@ -345,7 +346,8 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * additional data that are not encrypted). * * \return \c 0 on success. - * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p ctx is in an invalid state, * \p total_ad_len is greater than \c 0xFF00. */ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, @@ -378,7 +380,8 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, * \p ad may be \c NULL. * * \return \c 0 on success. - * \return \#MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p ctx is in an invalid state, * total input length too long. */ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, @@ -444,6 +447,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p ctx is in an invalid state, * total input length too long, * or \p output_size too small. */ @@ -474,6 +478,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: + * \p ctx is in an invalid state, * invalid value of \p tag_len, * the total amount of additional data passed to * mbedtls_ccm_update_ad() was lower than the total length of From 8f4eacaac6a7f2b6345ad11c0cba375c9d38eb96 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 27 May 2021 13:45:38 +0100 Subject: [PATCH 0087/1065] Removes MBEDTLS_ECDH_LEGACY_CONTEXT from config.h Commit removes the definition of MBEDTLS_ECDH_LEGACY_CONTEXT from config.h. Additionally removes the unset calls to MBEDTLS_ECDH_LEGACY_CONTEXT in all.sh. Signed-off-by: Thomas Daubney --- include/mbedtls/config.h | 28 ---------------------------- tests/scripts/all.sh | 4 ---- 2 files changed, 32 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 715c73ada0..c6882dbb27 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -784,34 +784,6 @@ */ //#define MBEDTLS_ECP_RESTARTABLE -/** - * \def MBEDTLS_ECDH_LEGACY_CONTEXT - * - * Use a backward compatible ECDH context. - * - * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context - * defined in `ecdh.h`). For most applications, the choice of format makes - * no difference, since all library functions can work with either format, - * except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE. - - * The new format used when this option is disabled is smaller - * (56 bytes on a 32-bit platform). In future versions of the library, it - * will support alternative implementations of ECDH operations. - * The new format is incompatible with applications that access - * context fields directly and with restartable ECP operations. - * - * Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you - * want to access ECDH context fields directly. Otherwise you should - * comment out this macro definition. - * - * This option has no effect if #MBEDTLS_ECDH_C is not enabled. - * - * \note This configuration option is experimental. Future versions of the - * library may modify the way the ECDH context layout is configured - * and may modify the layout of the new context type. - */ -#define MBEDTLS_ECDH_LEGACY_CONTEXT - /** * \def MBEDTLS_ECDSA_DETERMINISTIC * diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ef2b6363bb..aff186b1d8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1078,7 +1078,6 @@ component_test_ecp_restartable_no_internal_rng () { component_test_new_ecdh_context () { msg "build: new ECDH context (ASan build)" # ~ 6 min - scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1095,7 +1094,6 @@ component_test_new_ecdh_context () { component_test_everest () { msg "build: Everest ECDH context (ASan build)" # ~ 6 min - scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1113,7 +1111,6 @@ component_test_everest () { component_test_everest_curve25519_only () { msg "build: Everest ECDH context, only Curve25519" # ~ 6 min - scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED scripts/config.py unset MBEDTLS_ECDSA_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED @@ -2317,7 +2314,6 @@ support_test_m32_o1 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min - scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" From c8901ed98d445de91a021e91b621d430adcfc06f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 27 May 2021 15:31:15 +0100 Subject: [PATCH 0088/1065] Removes MBEDTLS_ECDH_LEGACY_CONTEXT from check_config.h Commit removes MBEDTLS_ECDH_LEGACY_CONTEXT checks from check_config.h. Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 389ae2a718..298c91d608 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -130,16 +130,6 @@ #error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative or PSA-based ECP implementation" #endif -#if defined(MBEDTLS_ECP_RESTARTABLE) && \ - ! defined(MBEDTLS_ECDH_LEGACY_CONTEXT) -#error "MBEDTLS_ECP_RESTARTABLE defined, but not MBEDTLS_ECDH_LEGACY_CONTEXT" -#endif - -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) && \ - defined(MBEDTLS_ECDH_LEGACY_CONTEXT) -#error "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED defined, but MBEDTLS_ECDH_LEGACY_CONTEXT not disabled" -#endif - #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif From 416c46ffe524edec3c8c45f1fc47445056ec8f33 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 27 May 2021 15:51:44 +0100 Subject: [PATCH 0089/1065] Defines MBEDTLS_ECDH_LEGACY_CONTEXT in ecdh.h Commit adds the conditional definition of MBEDTLS_ECDH_LEGACY_CONTEXT to ecdh.h. MBEDTLS_ECDH_LEGACY_CONTEXT is only defined if MBEDTLS_ECP_RESTARTABLE is definied. Signed-off-by: Thomas Daubney --- include/mbedtls/ecdh.h | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 05855cdf10..82d3de0084 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -40,6 +40,39 @@ #include "mbedtls/ecp.h" +/** + * \def MBEDTLS_ECDH_LEGACY_CONTEXT + * + * Use a backward compatible ECDH context. + * + * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context + * defined in `ecdh.h`). For most applications, the choice of format makes + * no difference, since all library functions can work with either format, + * except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE. + + * The new format used when this option is disabled is smaller + * (56 bytes on a 32-bit platform). In future versions of the library, it + * will support alternative implementations of ECDH operations. + * The new format is incompatible with applications that access + * context fields directly and with restartable ECP operations. + * + * Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you + * want to access ECDH context fields directly. Otherwise you should + * comment out this macro definition. + * + * This option has no effect if #MBEDTLS_ECDH_C is not enabled. + * + * \note This configuration option is experimental. Future versions of the + * library may modify the way the ECDH context layout is configured + * and may modify the layout of the new context type. + */ + +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_ECDH_LEGACY_CONTEXT +#else +#undef MBEDTLS_ECDH_LEGACY_CONTEXT +#endif + #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #undef MBEDTLS_ECDH_LEGACY_CONTEXT #include "everest/everest.h" From 42aaf7a7183914f64f1446477c821eb611084b7a Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 1 Jun 2021 17:48:40 +0100 Subject: [PATCH 0090/1065] Removes component_test_new_ecdh_context in all.sh Commit removes the component_test_new_new_ecdh_context in all.sh. Signed-off-by: Thomas Daubney --- tests/scripts/all.sh | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aff186b1d8..c187af6bab 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1076,22 +1076,6 @@ component_test_ecp_restartable_no_internal_rng () { # no SSL tests as they all depend on having a DRBG } -component_test_new_ecdh_context () { - msg "build: new ECDH context (ASan build)" # ~ 6 min - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: new ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s - make test - - msg "test: new ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s - if_build_succeeded tests/ssl-opt.sh -f ECDH - - msg "test: new ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min - # Exclude some symmetric ciphers that are redundant here to gain time. - if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4' -} - component_test_everest () { msg "build: Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED From 3726db4750e2990762b29ac0195a49fed85dcd0e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 1 Jun 2021 19:03:08 +0100 Subject: [PATCH 0091/1065] Removes obsolete test Removal of obsolete test in test_suite_ecdh.function and corresponding .data file. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_ecdh.data | 4 --- tests/suites/test_suite_ecdh.function | 41 --------------------------- 2 files changed, 45 deletions(-) diff --git a/tests/suites/test_suite_ecdh.data b/tests/suites/test_suite_ecdh.data index fb4a232fc3..d9e81a6b04 100644 --- a/tests/suites/test_suite_ecdh.data +++ b/tests/suites/test_suite_ecdh.data @@ -76,10 +76,6 @@ ECDH restartable rfc 5903 p256 restart disabled max_ops=250 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE":0:250:0:0 -ECDH exchange legacy context -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED -ecdh_exchange_legacy:MBEDTLS_ECP_DP_SECP192R1 - ECDH calc_secret: ours first, SECP256R1 (RFC 5903) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecdh_exchange_calc_secret:MBEDTLS_ECP_DP_SECP256R1:"c6ef9c5d78ae012a011164acb397ce2088685d8f06bf9be0b283ab46476bee53":"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":0:"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 3ab96fa111..cd8eca855b 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -465,47 +465,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDH_LEGACY_CONTEXT */ -void ecdh_exchange_legacy( int id ) -{ - mbedtls_ecdh_context srv, cli; - unsigned char buf[1000]; - const unsigned char *vbuf; - size_t len; - - mbedtls_test_rnd_pseudo_info rnd_info; - - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_ecp_group_load( &srv.grp, id ) == 0 ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); - - memset( buf, 0x00, sizeof( buf ) ); - TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); - - TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &len, buf, 1000, NULL, - NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &srv.z, &cli.z ) == 0 ); - -exit: - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); -} -/* END_CASE */ - /* BEGIN_CASE */ void ecdh_exchange_calc_secret( int grp_id, data_t *our_private_key, From 1483fe4c217786f530fda73931738a9a75d5d8a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Jun 2021 22:29:06 +0200 Subject: [PATCH 0092/1065] Document what we mean by backward compatibility Signed-off-by: Gilles Peskine --- BRANCHES.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/BRANCHES.md b/BRANCHES.md index 8486ef0637..dbdc1738e4 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -28,6 +28,15 @@ undocumented features, then you should be able to re-compile it without modification with any later release x.y'.z' with the same major version number, and your code will still build, be secure, and work. +Note that new releases of Mbed TLS may extend the API. Here are some example of changes that are common in minor releases of Mbed TLS, and are not considered compatibility breaks: + +* Adding or reordering fields in a structure or union. +* Removing a field from a structure, unless the field is documented as public. +* Adding items to an enum. +* Returning an error code that was not previously documented for a function when a new error condition arises. +* Changing which error code is returned in a case where multiple error conditions apply. +* Changing the behavior of a function from failing to succeeding, when the change is a reasonable extension of the current behavior, i.e. the addition of a new feature. + There are rare exceptions: code that was relying on something that became insecure in the meantime (for example, crypto that was found to be weak) may need to be changed. In case security comes in conflict with backwards From 58d6eb5024ff23a887798feb411b77b7d4469a4f Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 2 Jun 2021 14:43:11 +0200 Subject: [PATCH 0093/1065] Removing unneeded comment Signed-off-by: TRodziewicz --- library/psa_crypto.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c3dc6e7549..214c405b30 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1019,10 +1019,6 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); - /* - * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected lock counter. - */ if( slot->lock_count != 1 ) { status = PSA_ERROR_CORRUPTION_DETECTED; From adb93d732f4f77b092c4f54f1fd2b98eb7fd7276 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 2 Jun 2021 13:45:57 +0100 Subject: [PATCH 0094/1065] Adds ChangeLog entry Commit adds required ChangeLog entry. Signed-off-by: Thomas Daubney --- ChangeLog.d/rm-ecdh-legacy-context-option.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/rm-ecdh-legacy-context-option.txt diff --git a/ChangeLog.d/rm-ecdh-legacy-context-option.txt b/ChangeLog.d/rm-ecdh-legacy-context-option.txt new file mode 100644 index 0000000000..d5a527b94a --- /dev/null +++ b/ChangeLog.d/rm-ecdh-legacy-context-option.txt @@ -0,0 +1,3 @@ +Removals + * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for + backward compatibility which is no longer supported. Addresses #4404. From 782c2b9f362adfd1fa1d61cdfa957f2d18a53280 Mon Sep 17 00:00:00 2001 From: kXuan Date: Wed, 2 Jun 2021 16:53:42 +0800 Subject: [PATCH 0095/1065] fix comment, ChangeLog & migration-guide for MBEDTLS_ECP_FIXED_POINT_OPTIM Signed-off-by: kXuan --- ChangeLog.d/issue4128.txt | 6 +++--- .../modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md | 11 +++++++---- include/mbedtls/ecp.h | 7 ++++--- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/ChangeLog.d/issue4128.txt b/ChangeLog.d/issue4128.txt index 421740397d..bc41874fd4 100644 --- a/ChangeLog.d/issue4128.txt +++ b/ChangeLog.d/issue4128.txt @@ -1,4 +1,4 @@ API changes - * The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` use pre-computed comb tables - instead of computing tables in runtime. Thus, this option now use more - ROM, and it does not increase RAM usage in runtime anymore. + * The option MBEDTLS_ECP_FIXED_POINT_OPTIM use pre-computed comb tables + instead of computing tables in runtime. Thus, this option now increase + code size, and it does not increase RAM usage in runtime anymore. diff --git a/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md b/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md index 02a083c44b..91bec7269d 100644 --- a/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md +++ b/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md @@ -1,8 +1,11 @@ Change MBEDTLS_ECP_FIXED_POINT_OPTIM behaviour ------------------------------------------------------ -The option MBEDTLS_ECP_FIXED_POINT_OPTIM now use more ROM and does not increase -peak RAM usage anymore. +The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does +not increase peak RAM usage anymore. + +If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` +to `0` in your config file. The impact depends on the number and size of +enabled curves. For example, for P-256 the difference is 1KB; see the documentation +of this option for details. -If you are limited by ROM space, you can define MBEDTLS_ECP_FIXED_POINT_OPTIM -to `0` in your config file. This will save about 50 KiB ROM space. diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 0c351fae12..f53a828971 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -276,15 +276,16 @@ mbedtls_ecp_group; #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) /* - * Trade ROM usage for speed on fixed-point multiplication. + * Trade code size for speed on fixed-point multiplication. * * This speeds up repeated multiplication of the generator (that is, the * multiplication in ECDSA signatures, and half of the multiplications in * ECDSA verification and ECDHE) by a factor roughly 3 to 4. * - * The cost is increasing ROM usage by a factor roughly 2. + * For each n-bit Short Weierstrass curve that is enabled, this adds 4n bytes + * of code size if n < 384 and 8n otherwise. * - * Change this value to 0 to reduce ROM usage. + * Change this value to 0 to reduce code size. */ #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */ #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ From 4e9fb3985e214e66b0319baf79416895fa33fcd4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 3 Jun 2021 11:51:08 +0100 Subject: [PATCH 0096/1065] Corrects documentation in ecdh.h Commit corrects the documentation for MBEDTLS_ECDH_LEGACY_CONTEXT in ecdh.h. Signed-off-by: Thomas Daubney --- include/mbedtls/ecdh.h | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 82d3de0084..e5edb46e6b 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -40,11 +40,7 @@ #include "mbedtls/ecp.h" -/** - * \def MBEDTLS_ECDH_LEGACY_CONTEXT - * - * Use a backward compatible ECDH context. - * +/* * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context * defined in `ecdh.h`). For most applications, the choice of format makes * no difference, since all library functions can work with either format, @@ -56,15 +52,8 @@ * The new format is incompatible with applications that access * context fields directly and with restartable ECP operations. * - * Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you - * want to access ECDH context fields directly. Otherwise you should - * comment out this macro definition. - * * This option has no effect if #MBEDTLS_ECDH_C is not enabled. * - * \note This configuration option is experimental. Future versions of the - * library may modify the way the ECDH context layout is configured - * and may modify the layout of the new context type. */ #if defined(MBEDTLS_ECP_RESTARTABLE) From 5e5dcaced3276417a8fd25f9023b0c34e3577eeb Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sat, 20 Mar 2021 14:35:20 +0000 Subject: [PATCH 0097/1065] PSA PAKE: Add function declarations Add function declarations for the draft version of PSA Crypto API PAKE interface. Signed-off-by: Janos Follath --- include/psa/crypto.h | 359 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 359 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6aa7ccc924..0992a65109 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4126,6 +4126,365 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /**@}*/ + +/** \defgroup Password-authenticated key agreement + * @{ + */ + +/** The type of the state data structure for PAKE operations. + * + * Before calling any function on a PAKE operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_pake_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_pake_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_PAKE_OPERATION_INIT, + * for example: + * \code + * psa_pake_operation_t operation = PSA_PAKE_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_pake_operation_init() + * to the structure, for example: + * \code + * psa_pake_operation_t operation; + * operation = psa_pake_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_pake_operation_s psa_pake_operation_t; + +/** \def PSA_PAKE_OPERATION_INIT + * + * This macro returns a suitable initializer for an PAKE operation object of + * type #psa_pake_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_PAKE_OPERATION_INIT {0} +#endif + +/** Return an initial value for an PAKE operation object. + */ +static psa_pake_operation_t psa_pake_operation_init(void); + +/** Set the session information for a password-authenticated key exchange. + * + * The sequence of operations to set up a password-authenticated key exchange + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_pake_operation_t, e.g. + * #PSA_PAKE_OPERATION_INIT. + * -# Call psa_pake_setup() to specify the algorithm, the key, cipher suite, + * identities and additional session information. + * + * A typical sequence of calls to perform a password-authenticated key + * exchange: + * -# Call psa_pake_get_key_share() to get the key share that needs to be sent + * to the peer. + * -# Call psa_pake_set_key_share() to provide the key share that was received + * from the peer. + * -# Call psa_pake_get_implicit_key() for accessing the shared secret. + * + * The exact sequence of calls to perform a password-authenticated key exchange + * depends on the protocol in use: + * -# Some protocols exchange more data than just a single key share. When using + * such a protocol, call psa_pake_output() and psa_pake_input() one or more + * times to exchange any further data that is needed to derive the shared + * secret. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * If an error occurs at any step after a call to psa_pake_setup(), + * the operation will need to be reset by a call to psa_pake_abort(). The + * application may call psa_pake_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_pake_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A call to psa_pake_abort(). + * - A successful call to psa_pake_get_implicit_key(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_pake_operation_t and not yet in use. + * \param password Identifier of the key holding the password or a + * value derived from the password (eg. by a + * memory-hard function). It must remain valid + * until the operation terminates. It must allow + * the usage #PSA_KEY_USAGE_PAKE. + * \param alg The PAKE protocol to use + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param cipher_suite The cipher suite to use with the PAKE algorithm. + * \param[in] user_id The user ID to authenticate with. + * \param user_id_length Size of the \p user_id buffer in bytes. + * \param[in] peer_id The peer's ID to authenticate. + * \param peer_id_length Size of the \p peer_id buffer in bytes. + * \param[in] session_data Additional session related data if it is allowed + * or required by the protocol. This must be empty + * if additional session data is not used by the + * protocol. + * \param session_data_length Size of the \p session_data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p session_data is not empty and is not allowed in \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p cipher_suite is not compatible with \p alg. (Eg. \p cipher_suite + * mandates algorithms or sets options that do not make sense for \p alg + * or are not supported with \p alg.) + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a PAKE algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_setup(psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password, + psa_algorithm_t alg, + psa_pake_cipher_suite_t cipher_suite, + psa_pake_side_t side, + const uint8_t *user_id, + size_t user_id_len, + const uint8_t *peer_id, + size_t peer_id_len, + const uint8_t *session_data, + size_t session_data_len); + +/** Get the key share from a password-authenticated key exchange operation. + * + * This function returns a simple key share (eg. group element). + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the protocol in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param[out] key_share Buffer where the key share is to be written. + * \param key_share_size Size of the \p key_share buffer in bytes. + * \param[out] key_share_length On success, the number of bytes of the + * returned key_share. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the protocol). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p key_share buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_get_key_share(psa_pake_operation_t *operation, + uint8_t *key_share, + size_t key_share_size, + size_t *key_share_length); + +/** Get additional key share from a password-authenticated key exchange. + * + * Depending on the protocol being executed, you might need to call this + * function several times or you might not need to call this at all. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the protocol in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param type The type of the data that is requested. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes of the returned + * output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the protocol). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_output(psa_pake_operation_t *operation, + psa_pake_data_t type, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Provide peer key share to a password-authenticated key exchange operation. + * + * This function inputs a simple key share (eg. group element). + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the protocol in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * \param[in,out] operation Active PAKE operation. + * \param[in] key_share Buffer containing the peer's key share. + * \param key_share_length Size of the \p key_share buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the protocol). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_key_share(psa_pake_operation_t *operation, + const uint8_t *key_share, + size_t key_share_length); + +/** Provide additional peer key share for a password-authenticated key exchange. + * + * Depending on the protocol being executed, you might need to call this + * function several times or you might not need to call this at all. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the protocol in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param type The type of the data provided. + * \param[out] input Buffer containing the input. + * \param[out] input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the protocol). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_input(psa_pake_operation_t *operation, + psa_pake_data_t type, + uint8_t *input, + size_t input_length); + +/** Get implicitly confirmed shared secret from a PAKE. + * + * This function can be called after the key exchange phase of the operation + * has completed. It imports the shared secret output of the PAKE into the + * provided derivation operation. The input step + * #PSA_KEY_DERIVATION_INPUT_SECRET is used when placing the shared key + * material in the key derivation operation. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the protocol in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * When this function returns successfully, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param[out] output A key derivation operation that has been + * initialized and set up. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the protocol). + * \retval #PSA_ERROR_BAD_STATE + * The state of \p output is not valid for + * the #PSA_KEY_DERIVATION_INPUT_SECRET step. This can happen if the + * step is out of order or the application has done this step already + * and it may not be repeated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * #PSA_KEY_DERIVATION_INPUT_SECRET is not compatible with the output’s + * algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, + psa_key_derivation_operation_t *output); +/**@}*/ + #ifdef __cplusplus } #endif From b86273a6dc60a450a21841b2b9dc7c825619773a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sat, 20 Mar 2021 14:58:52 +0000 Subject: [PATCH 0098/1065] PSA PAKE: Add integral types Add integral types for the draft version of PSA Crypto API PAKE interface. Signed-off-by: Janos Follath --- include/psa/crypto_types.h | 11 +++++++++++ include/psa/crypto_values.h | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 386c7d794b..cd8ac4b1cf 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -380,4 +380,15 @@ typedef uint16_t psa_key_derivation_step_t; /**@}*/ +/** \defgroup pake Password-authenticated key exchange + * @{ + */ + +/** \brief Encoding of the side of PAKE */ +typedef uint16_t psa_pake_side_t; + +/** \brief Encoding of the type of input/output for PAKE */ +typedef uint16_t psa_pake_data_t; + +/**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 497bd8f01f..3c2b7bec2c 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2381,4 +2381,38 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /**@}*/ +/** \defgroup pake Password-authenticated key exchange + * @{ + */ + +/** The first peer in a balanced PAKE. + * + * Although balanced PAKE protocols are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the protocol does not + * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are + * accepted. + */ +#define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x0001) + +/** The second peer in a balanced PAKE. + * + * Although balanced PAKE protocols are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the protocol does not + * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are + * accepted. + */ +#define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x0002) + +/** The client in an augmented PAKE. + * + * Augmented PAKE protocols need to differentiate between client and server. + */ +#define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x0101) + +/** The server in an augmented PAKE. + * + * Augmented PAKE protocols need to differentiate between client and server. + */ +#define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) +/**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 38a5d3564633f1e74aff0124f05d1f8e9895f74b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sun, 21 Mar 2021 07:01:53 +0000 Subject: [PATCH 0099/1065] PSA PAKE: Add type for representing primitives In most of the PAKEs the primitives are prime order groups, but some of them might need the ring structure or just are using completely different algebraic structures (eg. SRP or PQC schemes). Signed-off-by: Janos Follath --- include/psa/crypto_types.h | 22 ++++++++++++++++++++++ include/psa/crypto_values.h | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index cd8ac4b1cf..1c40f5bf7c 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -390,5 +390,27 @@ typedef uint16_t psa_pake_side_t; /** \brief Encoding of the type of input/output for PAKE */ typedef uint16_t psa_pake_data_t; +/** Encoding of the type of the PAKE's primitive. + * + * Values defined by this standard will never be in the range 0x80-0xff. + * Vendors who define additional types must use an encoding in this range. + */ +typedef uint8_t psa_pake_primitive_type_t; + +/** Encoding of the bitsize for the PAKE's primitive. + * + * The type and family is not enough to identify the primitive to use in the + * PAKE, the implementation needs to know the bitsize too. + */ +typedef uint16_t psa_pake_bits_t; + +/** Encoding of the PAKE's primitive. + * + * In most of the PAKEs the primitives are prime order groups, but some of + * them might need the ring structure or just are using completely different + * algebraic structures (eg. SRP or PQC schemes). + */ +typedef uint32_t psa_pake_primitive_t; + /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 3c2b7bec2c..afdcaa9f6f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2414,5 +2414,42 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * Augmented PAKE protocols need to differentiate between client and server. */ #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) + +/** The pake uses finite fields. + * + * The corresponding family type is ::psa_dh_family_t. In determining a + * specific curve in the family ::psa_pake_bits_t values are interpreted in the + * exact same way as ::psa_key_bits_t would. + */ +#define PSA_PAKE_PRIMITIVE_TYPE_FIELD ((psa_pake_primitive_type_t)0x01) + +/** The pake uses elliptic curves. + * + * The corresponding family type is ::psa_ecc_family_t. in determining a + * specific curve in the family ::psa_pake_bits_t values are interpreted in the + * exact same way as ::psa_key_bits_t would. + */ +#define PSA_PAKE_PRIMITIVE_TYPE_CURVE ((psa_pake_primitive_type_t)0x02) + +/** Construct a PAKE primitive from type, family and bitsize. + * + * \param type The type of the primitive + * (value of type ::psa_pake_primitive_type_t). + * \param family The family of the primitive + * (the type and interpretation of this parameter depends + * on \p type, for more information consult the + * documentation of individual ::psa_pake_primitive_type_t + * constants). + * \param bits The bitwise of the primitive + * (Value of type ::psa_pake_bits_t. The interpretation + * of this parameter depends on \p family, for more + * information consult the documentation of individual + * ::psa_pake_primitive_type_t constants). + * + * \return The constructed primitive value. + */ +#define PSA_PAKE_PRIMITIVE(type, family, bits) \ + ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits))) + /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 508afeca67799a11631f68d8c45e846c7fc76dbc Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sun, 21 Mar 2021 09:42:37 +0000 Subject: [PATCH 0100/1065] PSA PAKE: Add cipher suite structure PAKE protocols make use of a range of cryptographic schemes and primitives. Standards allow for several options to use for each of them. They call the combination of specific algorithms cipher suites, configurations or options. Cipher suites are represented by a separate data type for several reasons: 1. To allow for individual PAKE protocols to provide pre-defined cipher suites. 2. To organise cipher suites into a unit that can be handled separately from the operation context. The PAKE operation flow is already complex, will be even more so when key confirmation is added. Handling them separately should reduce the surface of the interface the application developer needs to pay attention at any given time. Signed-off-by: Janos Follath --- include/psa/crypto.h | 41 +++++++++++++++++++++++++++++++++++++ include/psa/crypto_struct.h | 33 +++++++++++++++++++++++++++++ include/psa/crypto_types.h | 10 ++++++++- 3 files changed, 83 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0992a65109..a0f5b135ed 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4131,6 +4131,47 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, * @{ */ +/** The type of the data strucure for PAKE cipher suites. + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. + */ +typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t; + +/** Construct a cipher suite for a password-authenticated key exchange. + * + * \param primitive The primitive used in the cipher suite. + * \param hash The hash involved in the cipher suite. + * (`PSA_ALG_XXX` values of type ::psa_algorithm_t + * such that #PSA_ALG_IS_HASH(\c alg) is true.) + * \param algorithm1 Additional algorithm if needed in the cipher suite, + * 0 otherwise. + * \param bits1 A bit size qualifier if needed for \p algorithm1, + * 0 otherwise. + * \param algorithm2 Additional algorithm if needed in the cipher suite, + * 0 otherwise. + * \param bits2 A bit size qualifier if needed for \p algorithm2, + * 0 otherwise. + * \param options Additional options to be included with the cipher + * suite if needed, 0 otherwise. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \retval The constructed cipher suite. + */ +static psa_pake_cipher_suite_t psa_pake_cipher_suite( + psa_pake_primitive_t primitive, + psa_algorithm_t hash, + psa_algorithm_t algorithm1, + psa_pake_bits_t bits1, + psa_algorithm_t algorithm2, + psa_pake_bits_t bits2, + psa_pake_cipher_suite_options_t options + ); + /** The type of the state data structure for PAKE operations. * * Before calling any function on a PAKE operation object, the application diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 47012fdd00..a4e6cca8e2 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -461,6 +461,39 @@ static inline size_t psa_get_key_bits( return( attributes->core.bits ); } +struct psa_pake_cipher_suite_s +{ + psa_pake_primitive_t primitive; + psa_algorithm_t hash; + psa_algorithm_t algorithm1; + psa_pake_bits_t bits1; + psa_algorithm_t algorithm2; + psa_pake_bits_t bits2; + psa_pake_cipher_suite_options_t options; +}; + +static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite( + psa_pake_primitive_t primitive, + psa_algorithm_t hash, + psa_algorithm_t algorithm1, + psa_pake_bits_t bits1, + psa_algorithm_t algorithm2, + psa_pake_bits_t bits2, + psa_pake_cipher_suite_options_t options + ) +{ + struct psa_pake_cipher_suite_s cipher_suite; + + cipher_suite.primitive = primitive; + cipher_suite.hash = hash; + cipher_suite.algorithm1 = algorithm1; + cipher_suite.bits1 = bits1; + cipher_suite.algorithm2 = algorithm2; + cipher_suite.bits2 = bits2; + cipher_suite.options = options; + + return cipher_suite; +} #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 1c40f5bf7c..8031c9d27c 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -380,7 +380,7 @@ typedef uint16_t psa_key_derivation_step_t; /**@}*/ -/** \defgroup pake Password-authenticated key exchange +/** \defgroup pake Password-authenticated key exchange (PAKE) * @{ */ @@ -412,5 +412,13 @@ typedef uint16_t psa_pake_bits_t; */ typedef uint32_t psa_pake_primitive_t; +/** Encoding of additional options for PAKE. + * + * This type is for encoding additional options into PAKE cipher suites. + * (Options like for example EnvelopeMode in OPAQUE or "Per-User M and N" in + * SPAKE2.) + */ +typedef uint32_t psa_pake_cipher_suite_options_t; + /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ From 8a09ca9d94da0963e003b7f28ddfc48e5fff5359 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sun, 21 Mar 2021 10:14:08 +0000 Subject: [PATCH 0101/1065] PSA PAKE: Add dummy operation context Signed-off-by: Janos Follath --- include/psa/crypto_struct.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index a4e6cca8e2..f289caf16b 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -494,6 +494,25 @@ static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite( return cipher_suite; } + +struct psa_pake_operation_s +{ + psa_algorithm_t alg; + union + { + /* Make the union non-empty even with no supported algorithms. */ + uint8_t dummy; + } ctx; +}; + +/* This only zeroes out the first byte in the union, the rest is unspecified. */ +#define PSA_PAKE_OPERATION_INIT {0, {0}} +static inline struct psa_pake_operation_s psa_pake_operation_init( void ) +{ + const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT; + return( v ); +} + #ifdef __cplusplus } #endif From 9c6b147d98fac6a12ea0be7337fb4c679432d2ae Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Sun, 21 Mar 2021 15:11:01 +0000 Subject: [PATCH 0102/1065] PSA PAKE: Add J-PAKE to the interface Signed-off-by: Janos Follath --- include/psa/crypto.h | 6 + include/psa/crypto_types.h | 9 +- include/psa/crypto_values.h | 185 +++++++++++++++++- .../test_suite_psa_crypto_metadata.data | 3 + .../test_suite_psa_crypto_metadata.function | 26 +++ 5 files changed, 217 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a0f5b135ed..88cc2d149d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4366,6 +4366,9 @@ psa_status_t psa_pake_get_key_share(psa_pake_operation_t *operation, * Depending on the protocol being executed, you might need to call this * function several times or you might not need to call this at all. * + * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent + * to calling psa_pake_get_key_share(). + * * The exact sequence of calls to perform a password-authenticated key * exchange depends on the protocol in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type @@ -4443,6 +4446,9 @@ psa_status_t psa_pake_set_key_share(psa_pake_operation_t *operation, * Depending on the protocol being executed, you might need to call this * function several times or you might not need to call this at all. * + * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent + * to calling psa_pake_set_key_share(). + * * The exact sequence of calls to perform a password-authenticated key * exchange depends on the protocol in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 8031c9d27c..4fa7395474 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -387,8 +387,13 @@ typedef uint16_t psa_key_derivation_step_t; /** \brief Encoding of the side of PAKE */ typedef uint16_t psa_pake_side_t; -/** \brief Encoding of the type of input/output for PAKE */ -typedef uint16_t psa_pake_data_t; +/** Encoding of input and output indicators for PAKE. + * + * Some PAKE protocols need to exchange more data than just a single key share. + * This type is for encoding additional input and output data for such + * protocols. + */ +typedef uint8_t psa_pake_data_t; /** Encoding of the type of the PAKE's primitive. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index afdcaa9f6f..be3325890c 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -731,6 +731,7 @@ #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) +#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000) /** Whether an algorithm is vendor-defined. * @@ -848,6 +849,18 @@ (PSA_ALG_IS_KEY_DERIVATION(alg) && \ (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG) +/** Whether the specified algorithm is a password-authenticated key exchange. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a password-authenticated key exchange (PAKE) + * algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_PAKE(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE) + #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) /** MD2 */ #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) @@ -1953,6 +1966,58 @@ #define PSA_ALG_GET_HASH(alg) \ (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff)) +/** The Password-authenticated key exchange by juggling (J-PAKE) protocol. + * + * J-PAKE can be instantiated over finite fields or elliptic curves. This can + * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_FIELD or + * #PSA_PAKE_PRIMITIVE_TYPE_CURVE to #PSA_PAKE_PRIMITIVE respectively, when + * creating the cipher suite. + * + * In theory the protocol works with any non-interactive zero-knowledge proof. + * Implementations of the present specification use Schnorr NIZK and this does + * not need to be configured in the cipher suites. + * + * J-PAKE can be used with any secure cryptographic hash function, the choice + * of hash must be supplied to the psa_pake_cipher_suite() as the second + * parameter (\p hash). + * + * All the remaining parameters passed to psa_pake_cipher_suite() when creating + * the cipher suite must be 0. + * + * The key exchange flow for JPAKE is as follows: + * -# To get the first round data that needs to be sent to the peer, call + * psa_pake_get_key_share(operation, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); + * -# To provide the first round data received from the peer to the operation, + * call + * psa_pake_set_key_share(operation, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); + * -# To get the second round data that needs to be sent to the peer, call + * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); + * -# To provide the second round data received from the peer to the operation, + * call + * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); + * -# Call psa_pake_get_implicit_key() for accessing the shared secret. + * + * For more information consult the documentation of the individual + * PSA_PAKE_DATA_XXX constants. + * + * J-PAKE is standardised for example in RFC 8236 and in THREAD. + */ +#define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000001) + /**@}*/ /** \defgroup key_lifetimes Key lifetimes @@ -2415,21 +2480,39 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) -/** The pake uses finite fields. - * - * The corresponding family type is ::psa_dh_family_t. In determining a - * specific curve in the family ::psa_pake_bits_t values are interpreted in the - * exact same way as ::psa_key_bits_t would. - */ -#define PSA_PAKE_PRIMITIVE_TYPE_FIELD ((psa_pake_primitive_type_t)0x01) - -/** The pake uses elliptic curves. +/** The PAKE uses elliptic curves. * * The corresponding family type is ::psa_ecc_family_t. in determining a * specific curve in the family ::psa_pake_bits_t values are interpreted in the * exact same way as ::psa_key_bits_t would. + * + * Input and output during the operation can involve group elements and scalar + * values: + * -# The format for group elements is the same as for public keys on the + * specific curve would be. For more information, consult the documentation of + * psa_export_public_key(). + * -# The format for scalars is the same as for private keys on the specific + * curve would be. For more information, consult the documentation of + * psa_export_key(). */ -#define PSA_PAKE_PRIMITIVE_TYPE_CURVE ((psa_pake_primitive_type_t)0x02) +#define PSA_PAKE_PRIMITIVE_TYPE_CURVE ((psa_pake_primitive_type_t)0x01) + +/** The PAKE uses finite fields based Diffie-Hellman groups. + * + * The corresponding family type is ::psa_dh_family_t. In determining a + * specific group in the family ::psa_pake_bits_t values are interpreted in the + * exact same way as ::psa_key_bits_t would. + * + * Input and output during the operation can involve group elements and scalar + * values: + * -# The format for group elements is the same as for public keys on the + * specific group would be. For more information, consult the documentation of + * psa_export_public_key(). + * -# The format for scalars is the same as for private keys on the specific + * group would be. For more information, consult the documentation of + * psa_export_key(). + */ +#define PSA_PAKE_PRIMITIVE_TYPE_FIELD_DH ((psa_pake_primitive_type_t)0x02) /** Construct a PAKE primitive from type, family and bitsize. * @@ -2451,5 +2534,87 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) #define PSA_PAKE_PRIMITIVE(type, family, bits) \ ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits))) + +/** The key share being sent to or received from the peer. + * + * Unless the documentation of the PAKE algorithm says otherwise this is a + * group element. + * + * For information regarding representation consult the documentation of + * individual ::psa_pake_primitive_type_t constants. + * + * Some PAKE protocols need to exchange several key shares. If that is the + * case, this value marks the first key share sent and the first key share + * received. For values sent or received afterwards, use + * #PSA_PAKE_DATA_KEY_SHARE_2 and #PSA_PAKE_DATA_KEY_SHARE_3. + */ +#define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_data_t)0x01) + + +/** A Schnorr NIZKP public key. + * + * This is a group element. + * + * For information regarding representation consult the documentation of + * individual ::psa_pake_primitive_type_t constants. + * + * Some PAKE protocols need to perform several zero-knowledge proofs. If that + * is the case, this value marks the first public key sent and the first public + * key received. For values sent or received afterwards, use + * #PSA_PAKE_DATA_ZK_PUBLIC_2 and #PSA_PAKE_DATA_ZK_PUBLIC_3. + */ +#define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_data_t)0x02) + + +/** A Schnorr NIZKP proof. + * + * This is a skalar value. + * + * For information regarding representation consult the documentation of + * individual ::psa_pake_primitive_type_t constants. + * + * Some PAKE protocols need to perform several zero-knowledge proofs. If that + * is the case, this value marks the first proof sent and the first proof + * received. For values sent or received afterwards, use + * #PSA_PAKE_DATA_ZK_PROOF_2 and #PSA_PAKE_DATA_ZK_PROOF_3. + */ +#define PSA_PAKE_DATA_ZK_PROOF ((psa_pake_data_t)0x03) + +/** Marks the second key share sent and received. + * + * See #PSA_PAKE_DATA_KEY_SHARE. + */ +#define PSA_PAKE_DATA_KEY_SHARE_2 ((psa_pake_data_t)0x04) + +/** Marks the second Schnorr NIZKP public key sent and received. + * + * See #PSA_PAKE_DATA_ZK_PUBLIC. + */ +#define PSA_PAKE_DATA_ZK_PUBLIC_2 ((psa_pake_data_t)0x05) + +/** Marks the second Schnorr NIZKP proof sent and received. + * + * See #PSA_PAKE_DATA_ZK_PROOF. + */ +#define PSA_PAKE_DATA_ZK_PROOF_2 ((psa_pake_data_t)0x06) + +/** Marks the third key share sent and received. + * + * See #PSA_PAKE_DATA_KEY_SHARE. + */ +#define PSA_PAKE_DATA_KEY_SHARE_3 ((psa_pake_data_t)0x07) + +/** Marks the third Schnorr NIZKP public key sent and received. + * + * See #PSA_PAKE_DATA_ZK_PUBLIC. + */ +#define PSA_PAKE_DATA_ZK_PUBLIC_3 ((psa_pake_data_t)0x08) + +/** Marks the third Schnorr NIZKP proof sent and received. + * + * See #PSA_PAKE_DATA_ZK_PROOF. + */ +#define PSA_PAKE_DATA_ZK_PROOF_3 ((psa_pake_data_t)0x09) + /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 4e2f4d5af2..0845b55d7b 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -294,6 +294,9 @@ Key agreement: ECDH, HKDF using SHA-384 depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 ) +PAKE: J-PAKE +pake_algorithm:PSA_ALG_PAKE_JPAKE + Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 8134f44710..3ed08a6a04 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -156,6 +156,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); /* Length */ @@ -181,6 +182,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); /* Tag length */ @@ -220,6 +222,7 @@ void hash_algorithm( int alg_arg, int length_arg ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, 0 ); /* Dependent algorithms */ @@ -362,6 +365,7 @@ void cipher_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -462,6 +466,7 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -491,6 +496,7 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -511,6 +517,7 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); /* Check combinations with key agreements */ @@ -540,6 +547,7 @@ void key_agreement_algorithm( int alg_arg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) ); algorithm_classification( alg, classification_flags ); /* Shared secret derivation properties */ @@ -548,6 +556,24 @@ void key_agreement_algorithm( int alg_arg, int classification_flags, } /* END_CASE */ +/* BEGIN_CASE */ +void pake_algorithm( int alg_arg ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( PSA_ALG_IS_PAKE( alg ) ); +} + +/* END_CASE */ /* BEGIN_CASE */ void key_type( int type_arg, int classification_flags ) { From b378d5784021405fb9801eed17a81714798532ae Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 8 Apr 2021 13:53:12 +0100 Subject: [PATCH 0103/1065] PSA PAKE: add output size macros Signed-off-by: Janos Follath --- include/psa/crypto_sizes.h | 50 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 79f96739ba..8497b14d02 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1132,4 +1132,54 @@ #define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE \ (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) +/** A sufficient output buffer size for psa_pake_get_key_share(). + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_pake_get_key_share() will not fail due to an + * insufficient ciphertext buffer size. The actual size of the output might be + * smaller in any given call. + * + * See also #PSA_PAKE_OUTPUT_MAX_SIZE + * + * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. + * \return A sufficient key share buffer size for the specified + * cipher suite and algorithm. If the cipher suite or PAKE + * algorithm is not recognized, or the parameters are + * incompatible, return 0. + */ +#define PSA_PAKE_KEY_SHARE_SIZE(alg, cipher_suite) \ + (PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, PSA_PAKE_DATA_KEY_SHARE) + +/** A sufficient output buffer size for psa_pake_output(). + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_pake_output() will not fail due to an + * insufficient ciphertext buffer size. The actual size of the output might be + * smaller in any given call. + * + * See also #PSA_PAKE_OUTPUT_MAX_SIZE + * + * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. + * \param output An output type used with algorithm \p alg. + * \return A sufficient output buffer size for the specified + * output, cipher suite and algorithm. If the cipher suite, + * the output type or PAKE algorithm is not recognized, or + * the parameters are incompatible, return 0. + */ +#define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output) + +/** Output buffer size for psa_pake_output() and psa_pake_get_key_share(), + * for any of the supported cipher suites and PAKE algorithms. + * + * This macro must expand to a compile-time constant integer. + * + * See also #PSA_PAKE_KEY_SHARE_SIZE(\p alg, \p cipher_suite) and + * #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). + */ +#define PSA_PAKE_OUTPUT_MAX_SIZE + #endif /* PSA_CRYPTO_SIZES_H */ From 7f1e81a98dd783edf1d572883d11e2de5ffd9bce Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 8 Apr 2021 14:20:55 +0100 Subject: [PATCH 0104/1065] PSA PAKE: specify key type and usage The PSA_KEY_TYPE_PASSWORD key type to which this documentation change refers to is not yet present in the code and will be introduced by a parallel line of work. Signed-off-by: Janos Follath --- include/psa/crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 88cc2d149d..79d997672e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4266,8 +4266,10 @@ static psa_pake_operation_t psa_pake_operation_init(void); * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a * memory-hard function). It must remain valid - * until the operation terminates. It must allow - * the usage #PSA_KEY_USAGE_PAKE. + * until the operation terminates. It must be of + * type #PSA_KEY_TYPE_PASSWORD or + * #PSA_KEY_TYPE_DERIVE. It has to allow the usage + * #PSA_KEY_USAGE_DERIVE. * \param alg The PAKE protocol to use * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). From ca2c167dcbb1e46c904f32fb24c219c16a7e64ab Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 12 Apr 2021 10:00:43 +0100 Subject: [PATCH 0105/1065] PSA PAKE: fix doxygen warnings Signed-off-by: Janos Follath --- include/psa/crypto.h | 12 ++++++++---- include/psa/crypto_types.h | 6 +++++- include/psa/crypto_values.h | 4 ++-- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 79d997672e..8bc92e1f6c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4267,22 +4267,26 @@ static psa_pake_operation_t psa_pake_operation_init(void); * value derived from the password (eg. by a * memory-hard function). It must remain valid * until the operation terminates. It must be of - * type #PSA_KEY_TYPE_PASSWORD or + * type PSA_KEY_TYPE_PASSWORD or * #PSA_KEY_TYPE_DERIVE. It has to allow the usage * #PSA_KEY_USAGE_DERIVE. * \param alg The PAKE protocol to use * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param cipher_suite The cipher suite to use with the PAKE algorithm. + * \param side A value of type ::psa_pake_side_t signaling the + * side of the protocol that is being set up. For + * more information see the documentation of \c + * PSA_PAKE_SIDE_XXX constants. * \param[in] user_id The user ID to authenticate with. - * \param user_id_length Size of the \p user_id buffer in bytes. + * \param user_id_len Size of the \p user_id buffer in bytes. * \param[in] peer_id The peer's ID to authenticate. - * \param peer_id_length Size of the \p peer_id buffer in bytes. + * \param peer_id_len Size of the \p peer_id buffer in bytes. * \param[in] session_data Additional session related data if it is allowed * or required by the protocol. This must be empty * if additional session data is not used by the * protocol. - * \param session_data_length Size of the \p session_data buffer in bytes. + * \param session_data_len Size of the \p session_data buffer in bytes. * * \retval #PSA_SUCCESS * Success. diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 4fa7395474..e434e01e33 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -384,7 +384,11 @@ typedef uint16_t psa_key_derivation_step_t; * @{ */ -/** \brief Encoding of the side of PAKE */ +/** \brief Encoding of the side of PAKE + * + * Encodes which side of the protocol is being executed. For more information + * see the documentation of individual PSA_PAKE_SIDE_XXX constants. + */ typedef uint16_t psa_pake_side_t; /** Encoding of input and output indicators for PAKE. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index be3325890c..3650fd7724 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1969,7 +1969,7 @@ /** The Password-authenticated key exchange by juggling (J-PAKE) protocol. * * J-PAKE can be instantiated over finite fields or elliptic curves. This can - * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_FIELD or + * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_FIELD_DH or * #PSA_PAKE_PRIMITIVE_TYPE_CURVE to #PSA_PAKE_PRIMITIVE respectively, when * creating the cipher suite. * @@ -2446,7 +2446,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /**@}*/ -/** \defgroup pake Password-authenticated key exchange +/** \defgroup pake Password-authenticated key exchange (PAKE) * @{ */ From 1101edb948fbe1e172eeb5a24233075e317b3b75 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 09:34:44 +0100 Subject: [PATCH 0106/1065] PSA PAKE: typo fixes in documentation Also removes the mention of THREAD as we can't give a publicly available reference for it. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 3650fd7724..04b0303e85 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1974,7 +1974,7 @@ * creating the cipher suite. * * In theory the protocol works with any non-interactive zero-knowledge proof. - * Implementations of the present specification use Schnorr NIZK and this does + * Implementations of the present specification use Schnorr NIZKP and this does * not need to be configured in the cipher suites. * * J-PAKE can be used with any secure cryptographic hash function, the choice @@ -2014,7 +2014,7 @@ * For more information consult the documentation of the individual * PSA_PAKE_DATA_XXX constants. * - * J-PAKE is standardised for example in RFC 8236 and in THREAD. + * J-PAKE is standardised for example in RFC 8236. */ #define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000001) @@ -2482,7 +2482,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The PAKE uses elliptic curves. * - * The corresponding family type is ::psa_ecc_family_t. in determining a + * The corresponding family type is ::psa_ecc_family_t. In determining a * specific curve in the family ::psa_pake_bits_t values are interpreted in the * exact same way as ::psa_key_bits_t would. * @@ -2523,7 +2523,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * on \p type, for more information consult the * documentation of individual ::psa_pake_primitive_type_t * constants). - * \param bits The bitwise of the primitive + * \param bits The bitsize of the primitive * (Value of type ::psa_pake_bits_t. The interpretation * of this parameter depends on \p family, for more * information consult the documentation of individual @@ -2568,7 +2568,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** A Schnorr NIZKP proof. * - * This is a skalar value. + * This is a scalar value. * * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. From 020da462d27b3a1de288a93a4ad0cee215eb46b7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 09:43:45 +0100 Subject: [PATCH 0107/1065] Fix PSA_PAKE_PRIMITIVE macro Fix the typo in the macro definition and more specific parameter names allow for future scripts to check validity of arguments. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 04b0303e85..2d86136e0f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2516,14 +2516,14 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** Construct a PAKE primitive from type, family and bitsize. * - * \param type The type of the primitive + * \param pake_type The type of the primitive * (value of type ::psa_pake_primitive_type_t). - * \param family The family of the primitive + * \param pake_family The family of the primitive * (the type and interpretation of this parameter depends * on \p type, for more information consult the * documentation of individual ::psa_pake_primitive_type_t * constants). - * \param bits The bitsize of the primitive + * \param pake_bits The bitsize of the primitive * (Value of type ::psa_pake_bits_t. The interpretation * of this parameter depends on \p family, for more * information consult the documentation of individual @@ -2531,8 +2531,9 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * \return The constructed primitive value. */ -#define PSA_PAKE_PRIMITIVE(type, family, bits) \ - ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits))) +#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ + ((psa_pake_primitive_t) (((pake_type) << 24 | \ + (pake_family) << 16) | (pake_bits))) /** The key share being sent to or received from the peer. From fb4203dcffafeb5eb047373f9e550671673933b2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 09:53:17 +0100 Subject: [PATCH 0108/1065] PSA PAKE: Call the scheme algorithm The documentation is calling PAKEs protocols but it has an psa_algorithm_t identifier. To align the terminology, the documentation should call them algorithms as well. Signed-off-by: Janos Follath --- include/psa/crypto.h | 38 ++++++++++++++++++------------------- include/psa/crypto_types.h | 6 +++--- include/psa/crypto_values.h | 22 ++++++++++----------- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8bc92e1f6c..e6e78eb1c7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4239,9 +4239,9 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Call psa_pake_get_implicit_key() for accessing the shared secret. * * The exact sequence of calls to perform a password-authenticated key exchange - * depends on the protocol in use: - * -# Some protocols exchange more data than just a single key share. When using - * such a protocol, call psa_pake_output() and psa_pake_input() one or more + * depends on the algorithm in use: + * -# Some algorithms exchange more data than just a single key share. When using + * such a algorithm, call psa_pake_output() and psa_pake_input() one or more * times to exchange any further data that is needed to derive the shared * secret. * @@ -4270,12 +4270,12 @@ static psa_pake_operation_t psa_pake_operation_init(void); * type PSA_KEY_TYPE_PASSWORD or * #PSA_KEY_TYPE_DERIVE. It has to allow the usage * #PSA_KEY_USAGE_DERIVE. - * \param alg The PAKE protocol to use + * \param alg The PAKE algorithm to use * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param cipher_suite The cipher suite to use with the PAKE algorithm. * \param side A value of type ::psa_pake_side_t signaling the - * side of the protocol that is being set up. For + * side of the algorithm that is being set up. For * more information see the documentation of \c * PSA_PAKE_SIDE_XXX constants. * \param[in] user_id The user ID to authenticate with. @@ -4283,9 +4283,9 @@ static psa_pake_operation_t psa_pake_operation_init(void); * \param[in] peer_id The peer's ID to authenticate. * \param peer_id_len Size of the \p peer_id buffer in bytes. * \param[in] session_data Additional session related data if it is allowed - * or required by the protocol. This must be empty + * or required by the algorithm. This must be empty * if additional session data is not used by the - * protocol. + * algorithm. * \param session_data_len Size of the \p session_data buffer in bytes. * * \retval #PSA_SUCCESS @@ -4331,7 +4331,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * This function returns a simple key share (eg. group element). * * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the protocol in use. Refer to the documentation of + * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. @@ -4349,7 +4349,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, but beyond that - * validity is specific to the protocol). + * validity is specific to the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p key_share buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -4369,14 +4369,14 @@ psa_status_t psa_pake_get_key_share(psa_pake_operation_t *operation, /** Get additional key share from a password-authenticated key exchange. * - * Depending on the protocol being executed, you might need to call this + * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. * * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent * to calling psa_pake_get_key_share(). * * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the protocol in use. Refer to the documentation of + * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. @@ -4395,7 +4395,7 @@ psa_status_t psa_pake_get_key_share(psa_pake_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, but beyond that - * validity is specific to the protocol). + * validity is specific to the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -4419,7 +4419,7 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * This function inputs a simple key share (eg. group element). * * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the protocol in use. Refer to the documentation of + * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. @@ -4432,7 +4432,7 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, but beyond that - * validity is specific to the protocol). + * validity is specific to the algorithm). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -4449,14 +4449,14 @@ psa_status_t psa_pake_set_key_share(psa_pake_operation_t *operation, /** Provide additional peer key share for a password-authenticated key exchange. * - * Depending on the protocol being executed, you might need to call this + * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. * * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent * to calling psa_pake_set_key_share(). * * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the protocol in use. Refer to the documentation of + * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. @@ -4473,7 +4473,7 @@ psa_status_t psa_pake_set_key_share(psa_pake_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, but beyond that - * validity is specific to the protocol). + * validity is specific to the algorithm). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -4498,7 +4498,7 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * material in the key derivation operation. * * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the protocol in use. Refer to the documentation of + * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. @@ -4515,7 +4515,7 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, but beyond that - * validity is specific to the protocol). + * validity is specific to the algorithm). * \retval #PSA_ERROR_BAD_STATE * The state of \p output is not valid for * the #PSA_KEY_DERIVATION_INPUT_SECRET step. This can happen if the diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index e434e01e33..8635afd74d 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -386,16 +386,16 @@ typedef uint16_t psa_key_derivation_step_t; /** \brief Encoding of the side of PAKE * - * Encodes which side of the protocol is being executed. For more information + * Encodes which side of the algorithm is being executed. For more information * see the documentation of individual PSA_PAKE_SIDE_XXX constants. */ typedef uint16_t psa_pake_side_t; /** Encoding of input and output indicators for PAKE. * - * Some PAKE protocols need to exchange more data than just a single key share. + * Some PAKE algorithms need to exchange more data than just a single key share. * This type is for encoding additional input and output data for such - * protocols. + * algorithms. */ typedef uint8_t psa_pake_data_t; diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 2d86136e0f..4a6b06c76e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1966,14 +1966,14 @@ #define PSA_ALG_GET_HASH(alg) \ (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff)) -/** The Password-authenticated key exchange by juggling (J-PAKE) protocol. +/** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. * * J-PAKE can be instantiated over finite fields or elliptic curves. This can * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_FIELD_DH or * #PSA_PAKE_PRIMITIVE_TYPE_CURVE to #PSA_PAKE_PRIMITIVE respectively, when * creating the cipher suite. * - * In theory the protocol works with any non-interactive zero-knowledge proof. + * In theory the algorithm works with any non-interactive zero-knowledge proof. * Implementations of the present specification use Schnorr NIZKP and this does * not need to be configured in the cipher suites. * @@ -2452,8 +2452,8 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The first peer in a balanced PAKE. * - * Although balanced PAKE protocols are symmetric, some of them needs an - * ordering of peers for the transcript calculations. If the protocol does not + * Although balanced PAKE algorithms are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the algorithm does not * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are * accepted. */ @@ -2461,8 +2461,8 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The second peer in a balanced PAKE. * - * Although balanced PAKE protocols are symmetric, some of them needs an - * ordering of peers for the transcript calculations. If the protocol does not + * Although balanced PAKE algorithms are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the algorithm does not * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are * accepted. */ @@ -2470,13 +2470,13 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The client in an augmented PAKE. * - * Augmented PAKE protocols need to differentiate between client and server. + * Augmented PAKE algorithms need to differentiate between client and server. */ #define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x0101) /** The server in an augmented PAKE. * - * Augmented PAKE protocols need to differentiate between client and server. + * Augmented PAKE algorithms need to differentiate between client and server. */ #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) @@ -2544,7 +2544,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. * - * Some PAKE protocols need to exchange several key shares. If that is the + * Some PAKE algorithms need to exchange several key shares. If that is the * case, this value marks the first key share sent and the first key share * received. For values sent or received afterwards, use * #PSA_PAKE_DATA_KEY_SHARE_2 and #PSA_PAKE_DATA_KEY_SHARE_3. @@ -2559,7 +2559,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. * - * Some PAKE protocols need to perform several zero-knowledge proofs. If that + * Some PAKE algorithms need to perform several zero-knowledge proofs. If that * is the case, this value marks the first public key sent and the first public * key received. For values sent or received afterwards, use * #PSA_PAKE_DATA_ZK_PUBLIC_2 and #PSA_PAKE_DATA_ZK_PUBLIC_3. @@ -2574,7 +2574,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. * - * Some PAKE protocols need to perform several zero-knowledge proofs. If that + * Some PAKE algorithms need to perform several zero-knowledge proofs. If that * is the case, this value marks the first proof sent and the first proof * received. For values sent or received afterwards, use * #PSA_PAKE_DATA_ZK_PROOF_2 and #PSA_PAKE_DATA_ZK_PROOF_3. From 7ebcbf34f99c62581f83c32e2dc294418c3af8cd Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 13:57:13 +0100 Subject: [PATCH 0109/1065] Remove psa_pake_get/set_key_share() functions The main purpose of psa_pake_get_key_share() is to provide a more straightforward and convenient call flow for regular PAKEs. Most PAKEs have a single key share and need a flow like this: op=PSA_PAKE_OPERATION_INIT; psa_pake_setup(); psa_pake_get_key_share(); psa_pake_set_key_share(); psa_pake_get_implicit_key(); Adding psa_pake_get/set_key_share() functions cuts out the psa_pake_data_t constants from the users vision, hiding complexity that exists only for unrelated PAKEs that aren't relevant for the user. This comes with the cost of the two additional API functions that we need to maintain. Since the current stream of work focuses on enabling J-PAKE, there are no benefits to these functions for now. Once algorithms that can benefit from this simplification are added, adding back these functions can be reconsidered. Signed-off-by: Janos Follath --- include/psa/crypto.h | 88 ++----------------------------------- include/psa/crypto_sizes.h | 24 +--------- include/psa/crypto_values.h | 4 +- 3 files changed, 8 insertions(+), 108 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e6e78eb1c7..632006dfbc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4232,10 +4232,10 @@ static psa_pake_operation_t psa_pake_operation_init(void); * * A typical sequence of calls to perform a password-authenticated key * exchange: - * -# Call psa_pake_get_key_share() to get the key share that needs to be sent - * to the peer. - * -# Call psa_pake_set_key_share() to provide the key share that was received - * from the peer. + * -# Call psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...) to get the + * key share that needs to be sent to the peer. + * -# Call psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...) to provide + * the key share that was received from the peer. * -# Call psa_pake_get_implicit_key() for accessing the shared secret. * * The exact sequence of calls to perform a password-authenticated key exchange @@ -4326,55 +4326,11 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, const uint8_t *session_data, size_t session_data_len); -/** Get the key share from a password-authenticated key exchange operation. - * - * This function returns a simple key share (eg. group element). - * - * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the algorithm in use. Refer to the documentation of - * individual PAKE algorithm types (`PSA_ALG_XXX` values of type - * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more - * information. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_pake_abort(). - * - * \param[in,out] operation Active PAKE operation. - * \param[out] key_share Buffer where the key share is to be written. - * \param key_share_size Size of the \p key_share buffer in bytes. - * \param[out] key_share_length On success, the number of bytes of the - * returned key_share. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p key_share buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_get_key_share(psa_pake_operation_t *operation, - uint8_t *key_share, - size_t key_share_size, - size_t *key_share_length); - /** Get additional key share from a password-authenticated key exchange. * * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. * - * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent - * to calling psa_pake_get_key_share(). - * * The exact sequence of calls to perform a password-authenticated key * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type @@ -4414,47 +4370,11 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, size_t output_size, size_t *output_length); -/** Provide peer key share to a password-authenticated key exchange operation. - * - * This function inputs a simple key share (eg. group element). - * - * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the algorithm in use. Refer to the documentation of - * individual PAKE algorithm types (`PSA_ALG_XXX` values of type - * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more - * information. - * - * \param[in,out] operation Active PAKE operation. - * \param[in] key_share Buffer containing the peer's key share. - * \param key_share_length Size of the \p key_share buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_key_share(psa_pake_operation_t *operation, - const uint8_t *key_share, - size_t key_share_length); - /** Provide additional peer key share for a password-authenticated key exchange. * * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. * - * Calling this function with PSA_PAKE_DATA_KEY_SHARE as \p type is equivalent - * to calling psa_pake_set_key_share(). - * * The exact sequence of calls to perform a password-authenticated key * exchange depends on the algorithm in use. Refer to the documentation of * individual PAKE algorithm types (`PSA_ALG_XXX` values of type diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 8497b14d02..482ff6806d 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1132,26 +1132,6 @@ #define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE \ (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) -/** A sufficient output buffer size for psa_pake_get_key_share(). - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_pake_get_key_share() will not fail due to an - * insufficient ciphertext buffer size. The actual size of the output might be - * smaller in any given call. - * - * See also #PSA_PAKE_OUTPUT_MAX_SIZE - * - * \param alg A PAKE algorithm (PSA_ALG_XXX value such that - * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. - * \return A sufficient key share buffer size for the specified - * cipher suite and algorithm. If the cipher suite or PAKE - * algorithm is not recognized, or the parameters are - * incompatible, return 0. - */ -#define PSA_PAKE_KEY_SHARE_SIZE(alg, cipher_suite) \ - (PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, PSA_PAKE_DATA_KEY_SHARE) - /** A sufficient output buffer size for psa_pake_output(). * * If the size of the ciphertext buffer is at least this large, it is @@ -1172,8 +1152,8 @@ */ #define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output) -/** Output buffer size for psa_pake_output() and psa_pake_get_key_share(), - * for any of the supported cipher suites and PAKE algorithms. +/** Output buffer size for psa_pake_output() for any of the supported cipher + * suites and PAKE algorithms. * * This macro must expand to a compile-time constant integer. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 4a6b06c76e..1e8c9fe38d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1986,7 +1986,7 @@ * * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call - * psa_pake_get_key_share(operation, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); @@ -1994,7 +1994,7 @@ * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); * -# To provide the first round data received from the peer to the operation, * call - * psa_pake_set_key_share(operation, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); From ef1b8c9a76167937dd7e79f538250c3a309c9c7f Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 14:35:03 +0100 Subject: [PATCH 0110/1065] PSA PAKE: Relate JPAKE documentation to RFC8236 Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 1e8c9fe38d..21d0202ffc 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1986,30 +1986,50 @@ * * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call + * // Get g1 * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * // Get the ZKP public key for x1 * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * // Get the ZKP proof for x1 * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * // Get g2 * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * // Get the ZKP public key for x2 * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * // Get the ZKP proof for x2 * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); * -# To provide the first round data received from the peer to the operation, * call + * // Set g3 * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * // Set the ZKP public key for x3 * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * // Set the ZKP proof for x3 * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * // Set g4 * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * // Set the ZKP public key for x4 * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * // Set the ZKP proof for x4 * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); * -# To get the second round data that needs to be sent to the peer, call + * // Get A * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * // Get ZKP public key for x2*s * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * // Get ZKP proof for x2*s * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); * -# To provide the second round data received from the peer to the operation, * call + * // Set B * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * // Set ZKP public key for x4*s * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * // Set ZKP proof for x4*s * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); - * -# Call psa_pake_get_implicit_key() for accessing the shared secret. + * -# To access the shared secret call + * // Get Ka=Kb=K + * psa_pake_get_implicit_key() * * For more information consult the documentation of the individual * PSA_PAKE_DATA_XXX constants. From 8005e8a167c196f1b10bdaf924c14eadc47bf629 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 14:46:54 +0100 Subject: [PATCH 0111/1065] Shrink psa_pake_side_t to uint8_t Signed-off-by: Janos Follath --- include/psa/crypto_types.h | 2 +- include/psa/crypto_values.h | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 8635afd74d..3ec77f28f8 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -389,7 +389,7 @@ typedef uint16_t psa_key_derivation_step_t; * Encodes which side of the algorithm is being executed. For more information * see the documentation of individual PSA_PAKE_SIDE_XXX constants. */ -typedef uint16_t psa_pake_side_t; +typedef uint8_t psa_pake_side_t; /** Encoding of input and output indicators for PAKE. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 21d0202ffc..0e3d9231a8 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2477,7 +2477,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are * accepted. */ -#define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x0001) +#define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01) /** The second peer in a balanced PAKE. * @@ -2486,19 +2486,19 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are * accepted. */ -#define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x0002) +#define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x02) /** The client in an augmented PAKE. * * Augmented PAKE algorithms need to differentiate between client and server. */ -#define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x0101) +#define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x11) /** The server in an augmented PAKE. * * Augmented PAKE algorithms need to differentiate between client and server. */ -#define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x0102) +#define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12) /** The PAKE uses elliptic curves. * From 8603fb09fe6864ad2be31ab996c6524bff129045 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 19 Apr 2021 15:12:46 +0100 Subject: [PATCH 0112/1065] PSA PAKE: add to PSA constant name test Signed-off-by: Janos Follath --- scripts/mbedtls_dev/macro_collector.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 0e76435f38..395e038ca1 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -95,6 +95,7 @@ class PSAMacroEnumerator: self.mac_algorithms = set() #type: Set[str] self.ka_algorithms = set() #type: Set[str] self.kdf_algorithms = set() #type: Set[str] + self.pake_algorithms = set() #type: Set[str] self.aead_algorithms = set() #type: Set[str] # macro name -> list of argument names self.argspecs = {} #type: Dict[str, List[str]] @@ -364,6 +365,7 @@ enumerate 'asymmetric_signature_algorithm': [], 'asymmetric_signature_wildcard': [self.algorithms], 'asymmetric_encryption_algorithm': [], + 'pake_algorithm': [self.pake_algorithms], 'other_algorithm': [], } #type: Dict[str, List[Set[str]]] self.arguments_for['mac_length'] += ['1', '63'] @@ -389,6 +391,7 @@ enumerate self.mac_algorithms.add('0x03007fff') self.ka_algorithms.add('0x09fc0000') self.kdf_algorithms.add('0x080000ff') + self.pake_algorithms.add('0x0a0000ff') # For AEAD algorithms, the only variability is over the tag length, # and this only applies to known algorithms, so don't test an # unknown algorithm. From 2ba6079d473971b7271ca469b68ac2e4b72ff1a9 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 28 Apr 2021 09:37:34 +0100 Subject: [PATCH 0113/1065] PSA: fix wording for implementation defined types There were remnants of the PSA specification wording in the documentation that can be confusing in Mbed TLS. We need to make it clear what the consequences of being implementation defined are in Mbed TLS. Signed-off-by: Janos Follath --- include/psa/crypto.h | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 632006dfbc..074cc93e17 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -938,8 +938,8 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg, * \endcode * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_hash_operation_s psa_hash_operation_t; /** \def PSA_HASH_OPERATION_INIT @@ -1307,9 +1307,10 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, * operation = psa_mac_operation_init(); * \endcode * + * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_mac_operation_s psa_mac_operation_t; /** \def PSA_MAC_OPERATION_INIT @@ -1732,8 +1733,8 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, * \endcode * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_cipher_operation_s psa_cipher_operation_t; /** \def PSA_CIPHER_OPERATION_INIT @@ -2261,8 +2262,8 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, * \endcode * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_aead_operation_s psa_aead_operation_t; /** \def PSA_AEAD_OPERATION_INIT @@ -3260,8 +3261,8 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, * \endcode * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; @@ -4134,8 +4135,8 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /** The type of the data strucure for PAKE cipher suites. * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t; @@ -4198,8 +4199,8 @@ static psa_pake_cipher_suite_t psa_pake_cipher_suite( * \endcode * * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ typedef struct psa_pake_operation_s psa_pake_operation_t; /** \def PSA_PAKE_OPERATION_INIT From fc3577daae6058b01c89cebb1b067c9712e85c62 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 28 Apr 2021 09:51:55 +0100 Subject: [PATCH 0114/1065] Remove reference to PSA_PAKE_KEY_SHARE_SIZE The macro PSA_PAKE_KEY_SHARE_SIZE has been removed, we need to remove references to it from the documentation as well. Signed-off-by: Janos Follath --- include/psa/crypto_sizes.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 482ff6806d..bb01d53158 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1157,8 +1157,7 @@ * * This macro must expand to a compile-time constant integer. * - * See also #PSA_PAKE_KEY_SHARE_SIZE(\p alg, \p cipher_suite) and - * #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). + * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). */ #define PSA_PAKE_OUTPUT_MAX_SIZE From 82b54b96d3e5be4d491a17e9e369a973bd51cbff Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 28 Apr 2021 13:47:12 +0100 Subject: [PATCH 0115/1065] PSA PAKE: Align macro names In the key types API, PSA Crypto uses ECC to denote Elliptic curve cryptography and DH to denote Finite Field Diffie-Hellman. Change PSA_PAKE_PRIMITIVE_TYPE_XXX macros to be aligned. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 0e3d9231a8..9a9f69e611 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1969,8 +1969,8 @@ /** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. * * J-PAKE can be instantiated over finite fields or elliptic curves. This can - * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_FIELD_DH or - * #PSA_PAKE_PRIMITIVE_TYPE_CURVE to #PSA_PAKE_PRIMITIVE respectively, when + * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_DH or + * #PSA_PAKE_PRIMITIVE_TYPE_ECC to #PSA_PAKE_PRIMITIVE respectively, when * creating the cipher suite. * * In theory the algorithm works with any non-interactive zero-knowledge proof. @@ -2515,7 +2515,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * curve would be. For more information, consult the documentation of * psa_export_key(). */ -#define PSA_PAKE_PRIMITIVE_TYPE_CURVE ((psa_pake_primitive_type_t)0x01) +#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) /** The PAKE uses finite fields based Diffie-Hellman groups. * @@ -2532,7 +2532,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * group would be. For more information, consult the documentation of * psa_export_key(). */ -#define PSA_PAKE_PRIMITIVE_TYPE_FIELD_DH ((psa_pake_primitive_type_t)0x02) +#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) /** Construct a PAKE primitive from type, family and bitsize. * From cd56ff9c596d591e738b54ee274ff6082d0d6b81 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 30 Apr 2021 11:51:55 +0100 Subject: [PATCH 0116/1065] PSA PAKE: make cipher suite opaque Hiding the structure of the cipher suite implementation allows for greater flexibility. To preserve maximum flexibility, the constructor is replaced by individual setter/getter functions. Convenience macros and or functions can be added later. Signed-off-by: Janos Follath --- include/psa/crypto.h | 200 +++++++++++++++++++++++++++++++----- include/psa/crypto_struct.h | 94 ++++++++++++----- include/psa/crypto_values.h | 21 ++-- 3 files changed, 256 insertions(+), 59 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 074cc93e17..9220b2ea79 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4140,38 +4140,188 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, */ typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t; -/** Construct a cipher suite for a password-authenticated key exchange. +/** Retrieve the PAKE algorithm from a PAKE cipher suite. * - * \param primitive The primitive used in the cipher suite. - * \param hash The hash involved in the cipher suite. - * (`PSA_ALG_XXX` values of type ::psa_algorithm_t - * such that #PSA_ALG_IS_HASH(\c alg) is true.) - * \param algorithm1 Additional algorithm if needed in the cipher suite, - * 0 otherwise. - * \param bits1 A bit size qualifier if needed for \p algorithm1, - * 0 otherwise. - * \param algorithm2 Additional algorithm if needed in the cipher suite, - * 0 otherwise. - * \param bits2 A bit size qualifier if needed for \p algorithm2, - * 0 otherwise. - * \param options Additional options to be included with the cipher - * suite if needed, 0 otherwise. + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The PAKE algorithm stored in the cipher suite structure. + */ +static psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the PAKE algorithm for the cipher suite. + * + * This function overwrites any PAKE algorithm + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param algorithm The PAKE algorithm to write. + * (`PSA_ALG_XXX` values of type ::psa_algorithm_t + * such that #PSA_ALG_IS_PAKE(\c alg) is true.) + * If this is 0, the PAKE algorithm in + * \p cipher_suite becomes unspecified. + */ +static void psa_pake_cs_set_algorithm( + psa_pake_cipher_suite_t* cipher_suite, + psa_algorithm_t algorithm + ); + +/** Retrieve the primitive type from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external linkage). + * This function may be provided as a function-like macro, but in this case it + * must evaluate its argument exactly once. * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. * - * \retval The constructed cipher suite. + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The primitive type stored in the cipher suite structure. */ -static psa_pake_cipher_suite_t psa_pake_cipher_suite( - psa_pake_primitive_t primitive, - psa_algorithm_t hash, - psa_algorithm_t algorithm1, - psa_pake_bits_t bits1, - psa_algorithm_t algorithm2, - psa_pake_bits_t bits2, - psa_pake_cipher_suite_options_t options - ); +static psa_pake_primitive_type_t psa_pake_cs_get_type( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the primitive type for a PAKE cipher suite. + * + * This function overwrites any primitive type + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param type The primitive type to write. + * If this is 0, the primitive type in + * \p cipher_suite becomes unspecified. + */ +static void psa_pake_cs_set_type( + psa_pake_cipher_suite_t* cipher_suite, + psa_pake_primitive_type_t type + ); + +/** Retrieve the primitive family from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The primitive family stored in the cipher suite structure. + */ +static uint8_t psa_pake_cs_get_family( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the primitive family for a PAKE cipher suite. + * + * This function overwrites any primitive family + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param family The primitive family to write. + * If this is 0, the primitive family in + * \p cipher_suite becomes unspecified. The + * interpretation of this parameter depends on + * the primitive type, for more information consult the + * documentation of individual + * ::psa_pake_primitive_type_t constants). + */ +static void psa_pake_cs_set_family( + psa_pake_cipher_suite_t* cipher_suite, + uint8_t family + ); + +/** Retrieve the primitive bits from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The primitive bits stored in the cipher suite structure. + */ +static size_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t* cipher_suite); + +/** Declare the primitive bits for a PAKE cipher suite. + * + * This function overwrites any primitive bits + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param bits The primitive bits to write. + * If this is 0, the primitive bits in + * \p cipher_suite becomes unspecified. The + * interpretation of this parameter depends on + * the family, for more information consult the + * documentation of individual + * ::psa_pake_primitive_type_t constants). + */ +static void psa_pake_cs_set_bits( + psa_pake_cipher_suite_t* cipher_suite, + size_t bits + ); + +/** Retrieve the hash algorithm from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The hash algorithm stored in the cipher suite structure. + */ +static psa_algorithm_t psa_pake_cs_get_hash( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the hash algorithm for a PAKE cipher suite. + * + * This function overwrites any hash algorithm + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param hash The hash involved in the cipher suite. + * (`PSA_ALG_XXX` values of type ::psa_algorithm_t + * such that #PSA_ALG_IS_HASH(\c alg) is true.) + * If this is 0, the hash algorithm in + * \p cipher_suite becomes unspecified. + */ +static void psa_pake_cs_set_hash( + psa_pake_cipher_suite_t* cipher_suite, + psa_algorithm_t hash + ); /** The type of the state data structure for PAKE operations. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f289caf16b..881abcb2a7 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -463,36 +463,82 @@ static inline size_t psa_get_key_bits( struct psa_pake_cipher_suite_s { - psa_pake_primitive_t primitive; + psa_algorithm_t algorithm; + psa_pake_primitive_type_t type; + uint8_t family; + size_t bits; psa_algorithm_t hash; - psa_algorithm_t algorithm1; - psa_pake_bits_t bits1; - psa_algorithm_t algorithm2; - psa_pake_bits_t bits2; - psa_pake_cipher_suite_options_t options; }; -static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite( - psa_pake_primitive_t primitive, - psa_algorithm_t hash, - psa_algorithm_t algorithm1, - psa_pake_bits_t bits1, - psa_algorithm_t algorithm2, - psa_pake_bits_t bits2, - psa_pake_cipher_suite_options_t options - ) +static inline void psa_pake_cs_set_algorithm( + psa_pake_cipher_suite_t *cipher_suite, + psa_algorithm_t algorithm) { - struct psa_pake_cipher_suite_s cipher_suite; + if( !PSA_ALG_IS_PAKE(algorithm) ) + cipher_suite->algorithm = 0; + else + cipher_suite->algorithm = algorithm; +} - cipher_suite.primitive = primitive; - cipher_suite.hash = hash; - cipher_suite.algorithm1 = algorithm1; - cipher_suite.bits1 = bits1; - cipher_suite.algorithm2 = algorithm2; - cipher_suite.bits2 = bits2; - cipher_suite.options = options; +static inline psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->algorithm ); +} - return cipher_suite; +static inline psa_pake_primitive_type_t psa_pake_cs_get_type( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->type ); +} + +static inline void psa_pake_cs_set_type( + psa_pake_cipher_suite_t *cipher_suite, + psa_pake_primitive_type_t type) +{ + cipher_suite->type = type; +} + +static inline uint8_t psa_pake_cs_get_family( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->family ); +} + +static inline void psa_pake_cs_set_family( + psa_pake_cipher_suite_t *cipher_suite, + uint8_t family) +{ + cipher_suite->family = family; +} + +static inline size_t psa_pake_cs_get_bits( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->bits ); +} + +static inline void psa_pake_cs_set_bits( + psa_pake_cipher_suite_t *cipher_suite, + size_t bits) +{ + cipher_suite->bits = bits; +} + +static inline psa_algorithm_t psa_pake_cs_get_hash( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->hash ); +} + +static inline void psa_pake_cs_set_hash( + psa_pake_cipher_suite_t *cipher_suite, + psa_algorithm_t hash) +{ + if( !PSA_ALG_IS_HASH(hash) ) + cipher_suite->hash = 0; + else + cipher_suite->hash = hash; } struct psa_pake_operation_s diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 9a9f69e611..bed48f79c4 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1969,21 +1969,22 @@ /** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. * * J-PAKE can be instantiated over finite fields or elliptic curves. This can - * be achieved by passing either #PSA_PAKE_PRIMITIVE_TYPE_DH or - * #PSA_PAKE_PRIMITIVE_TYPE_ECC to #PSA_PAKE_PRIMITIVE respectively, when - * creating the cipher suite. + * be achieved by setting either #PSA_PAKE_PRIMITIVE_TYPE_DH or + * #PSA_PAKE_PRIMITIVE_TYPE_ECC respectively in the cipher suite (see + * ::psa_pake_cipher_suite_t) via psa_pake_cs_set_type(). (Before using the + * cipher suite the field or curve must be fully specified by calling + * psa_pake_cs_set_family() and psa_pake_cs_set_bits() as well. For more + * information refer to the documentation of the individual + * `PSA_PAKE_PRIMITIVE_TYPE_XXX` constants.) + * + * J-PAKE can be used with any secure cryptographic hash function. The choice + * of hash must be supplied to the cipher suite by calling + * psa_pake_cs_set_hash(). * * In theory the algorithm works with any non-interactive zero-knowledge proof. * Implementations of the present specification use Schnorr NIZKP and this does * not need to be configured in the cipher suites. * - * J-PAKE can be used with any secure cryptographic hash function, the choice - * of hash must be supplied to the psa_pake_cipher_suite() as the second - * parameter (\p hash). - * - * All the remaining parameters passed to psa_pake_cipher_suite() when creating - * the cipher suite must be 0. - * * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call * // Get g1 From 684da035322b3b0e1d06dd9658235ceb1e7340cb Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 30 Apr 2021 12:50:32 +0100 Subject: [PATCH 0117/1065] PSA PAKE: remove obsolete types and macros Making the cipher suite struct internal made a number of types and macros in the interface unused. Signed-off-by: Janos Follath --- include/psa/crypto_types.h | 23 ----------------------- include/psa/crypto_values.h | 34 ++++++---------------------------- 2 files changed, 6 insertions(+), 51 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 3ec77f28f8..7c560b3a5a 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -406,28 +406,5 @@ typedef uint8_t psa_pake_data_t; */ typedef uint8_t psa_pake_primitive_type_t; -/** Encoding of the bitsize for the PAKE's primitive. - * - * The type and family is not enough to identify the primitive to use in the - * PAKE, the implementation needs to know the bitsize too. - */ -typedef uint16_t psa_pake_bits_t; - -/** Encoding of the PAKE's primitive. - * - * In most of the PAKEs the primitives are prime order groups, but some of - * them might need the ring structure or just are using completely different - * algebraic structures (eg. SRP or PQC schemes). - */ -typedef uint32_t psa_pake_primitive_t; - -/** Encoding of additional options for PAKE. - * - * This type is for encoding additional options into PAKE cipher suites. - * (Options like for example EnvelopeMode in OPAQUE or "Per-User M and N" in - * SPAKE2.) - */ -typedef uint32_t psa_pake_cipher_suite_options_t; - /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index bed48f79c4..78d431b9be 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2504,8 +2504,9 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The PAKE uses elliptic curves. * * The corresponding family type is ::psa_ecc_family_t. In determining a - * specific curve in the family ::psa_pake_bits_t values are interpreted in the - * exact same way as ::psa_key_bits_t would. + * specific curve in the family the cipher suite (see + * ::psa_pake_cipher_suite_t) bits are interpreted in the exact same way + * as key bits are. * * Input and output during the operation can involve group elements and scalar * values: @@ -2521,8 +2522,9 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The PAKE uses finite fields based Diffie-Hellman groups. * * The corresponding family type is ::psa_dh_family_t. In determining a - * specific group in the family ::psa_pake_bits_t values are interpreted in the - * exact same way as ::psa_key_bits_t would. + * specific group in the family the cipher suite (see + * ::psa_pake_cipher_suite_t) bits are interpreted in the exact same way + * as key bits are. * * Input and output during the operation can involve group elements and scalar * values: @@ -2535,28 +2537,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) -/** Construct a PAKE primitive from type, family and bitsize. - * - * \param pake_type The type of the primitive - * (value of type ::psa_pake_primitive_type_t). - * \param pake_family The family of the primitive - * (the type and interpretation of this parameter depends - * on \p type, for more information consult the - * documentation of individual ::psa_pake_primitive_type_t - * constants). - * \param pake_bits The bitsize of the primitive - * (Value of type ::psa_pake_bits_t. The interpretation - * of this parameter depends on \p family, for more - * information consult the documentation of individual - * ::psa_pake_primitive_type_t constants). - * - * \return The constructed primitive value. - */ -#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ - ((psa_pake_primitive_t) (((pake_type) << 24 | \ - (pake_family) << 16) | (pake_bits))) - - /** The key share being sent to or received from the peer. * * Unless the documentation of the PAKE algorithm says otherwise this is a @@ -2572,7 +2552,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_data_t)0x01) - /** A Schnorr NIZKP public key. * * This is a group element. @@ -2587,7 +2566,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_data_t)0x02) - /** A Schnorr NIZKP proof. * * This is a scalar value. From 5b44cfd430af591940845bc2c5ef6a4416007cea Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 30 Apr 2021 13:06:27 +0100 Subject: [PATCH 0118/1065] PSA PAKE: remove alg parameter from setup The cipher suite now defines the algorithm itself as well. Passing the algorithm separately is redundant and error prone. Signed-off-by: Janos Follath --- include/psa/crypto.h | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9220b2ea79..17316795db 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4421,10 +4421,9 @@ static psa_pake_operation_t psa_pake_operation_init(void); * type PSA_KEY_TYPE_PASSWORD or * #PSA_KEY_TYPE_DERIVE. It has to allow the usage * #PSA_KEY_USAGE_DERIVE. - * \param alg The PAKE algorithm to use - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param cipher_suite The cipher suite to use with the PAKE algorithm. + * \param cipher_suite The cipher suite to use. (A cipher suite fully + * characterizes a PAKE algorithm and determines + * the algorithm as well.) * \param side A value of type ::psa_pake_side_t signaling the * side of the algorithm that is being set up. For * more information see the documentation of \c @@ -4446,15 +4445,12 @@ static psa_pake_operation_t psa_pake_operation_init(void); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p key is not compatible with the algorithm in \p cipher_suite. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p session_data is not empty and is not allowed in \p alg. + * \p session_data is not empty and is not allowed in the algorithm in + * \p cipher_suite. * \retval #PSA_ERROR_NOT_SUPPORTED - * \p cipher_suite is not compatible with \p alg. (Eg. \p cipher_suite - * mandates algorithms or sets options that do not make sense for \p alg - * or are not supported with \p alg.) - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a PAKE algorithm. + * The \p cipher_suite is not supported or is not valid. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -4467,7 +4463,6 @@ static psa_pake_operation_t psa_pake_operation_init(void); */ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password, - psa_algorithm_t alg, psa_pake_cipher_suite_t cipher_suite, psa_pake_side_t side, const uint8_t *user_id, From f75be64ef555f63f7b5bf4863f00d652f2300483 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 30 Apr 2021 13:11:05 +0100 Subject: [PATCH 0119/1065] PSA PAKE: fix identifier value Identifier value was not consistent with PSA conventions (last byte is reserved for hash algorithms or used in algorithms parametrized by a hash). Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 78d431b9be..a243370817 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2037,7 +2037,7 @@ * * J-PAKE is standardised for example in RFC 8236. */ -#define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000001) +#define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000100) /**@}*/ From 1459aa5656935a07737ab1769403ff7f4eae8a3a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 May 2021 08:24:56 +0100 Subject: [PATCH 0120/1065] PSA PAKE: improve documentation Minor documentation improvement and fixes. Signed-off-by: Janos Follath --- include/psa/crypto.h | 36 +++++++++++++++++++++++------------- include/psa/crypto_sizes.h | 5 +++-- include/psa/crypto_values.h | 24 ++++++++++++++---------- 3 files changed, 40 insertions(+), 25 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 17316795db..df8d4d4e96 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4240,8 +4240,8 @@ static uint8_t psa_pake_cs_get_family( * If this is 0, the primitive family in * \p cipher_suite becomes unspecified. The * interpretation of this parameter depends on - * the primitive type, for more information consult the - * documentation of individual + * the primitive type. For more information + * consult the documentation of individual * ::psa_pake_primitive_type_t constants). */ static void psa_pake_cs_set_family( @@ -4249,7 +4249,7 @@ static void psa_pake_cs_set_family( uint8_t family ); -/** Retrieve the primitive bits from a PAKE cipher suite. +/** Retrieve the size associated with the primitive from a PAKE cipher suite. * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, @@ -4292,7 +4292,9 @@ static void psa_pake_cs_set_bits( * * \param[in] cipher_suite The cipher suite structure to query. * - * \return The hash algorithm stored in the cipher suite structure. + * \return The hash algorithm stored in the cipher suite structure. The return + * value is 0 if the PAKE is not parametrised by a hash algorithm or if + * the hash algorithm is not set. */ static psa_algorithm_t psa_pake_cs_get_hash( const psa_pake_cipher_suite_t* cipher_suite @@ -4378,8 +4380,8 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Initialize the operation object with one of the methods described in the * documentation for #psa_pake_operation_t, e.g. * #PSA_PAKE_OPERATION_INIT. - * -# Call psa_pake_setup() to specify the algorithm, the key, cipher suite, - * identities and additional session information. + * -# Call psa_pake_setup() to specify the algorithm, the password, cipher + * suite, identities and additional session information. * * A typical sequence of calls to perform a password-authenticated key * exchange: @@ -4388,13 +4390,17 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Call psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...) to provide * the key share that was received from the peer. * -# Call psa_pake_get_implicit_key() for accessing the shared secret. + * -# Make a sequence of function calls to execute the password-authenticated + * key exchange as described below. + * -# Terminate the operation by a call to psa_pake_get_implicit_key() or + * psa_pake_abort(). * * The exact sequence of calls to perform a password-authenticated key exchange * depends on the algorithm in use: - * -# Some algorithms exchange more data than just a single key share. When using - * such a algorithm, call psa_pake_output() and psa_pake_input() one or more - * times to exchange any further data that is needed to derive the shared - * secret. + * - Some algorithms exchange more data than just a single key share. When using + * such a algorithm, call psa_pake_output() and psa_pake_input() one or more + * times to exchange any further data that is needed to derive the shared + * secret. * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) @@ -4489,7 +4495,10 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * \param[in,out] operation Active PAKE operation. * \param type The type of the data that is requested. * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \p output buffer in bytes. + * \param output_size Size of the \p output buffer in bytes. This must + * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \c + * cipher_suite, \p type). + * * \param[out] output_length On success, the number of bytes of the returned * output. * @@ -4574,8 +4583,9 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * state and must be aborted by calling psa_pake_abort(). * * \param[in,out] operation Active PAKE operation. - * \param[out] output A key derivation operation that has been - * initialized and set up. + * \param[out] output A key derivation operation that is ready + * for an input step of type + * #PSA_KEY_DERIVATION_INPUT_SECRET. * * \retval #PSA_SUCCESS * Success. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index bb01d53158..4428fc01fe 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1144,13 +1144,14 @@ * \param alg A PAKE algorithm (PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. - * \param output An output type used with algorithm \p alg. + * \param output_step A value of type ::psa_pake_data_t that is valid for the + * algorithm \p alg. * \return A sufficient output buffer size for the specified * output, cipher suite and algorithm. If the cipher suite, * the output type or PAKE algorithm is not recognized, or * the parameters are incompatible, return 0. */ -#define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output) +#define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output_step) /** Output buffer size for psa_pake_output() for any of the supported cipher * suites and PAKE algorithms. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a243370817..ab064dbdd9 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2501,12 +2501,14 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12) -/** The PAKE uses elliptic curves. +/** The PAKE primitive type indicating the use of elliptic curves. * - * The corresponding family type is ::psa_ecc_family_t. In determining a - * specific curve in the family the cipher suite (see - * ::psa_pake_cipher_suite_t) bits are interpreted in the exact same way - * as key bits are. + * The values of the \c family and \c bits fields of the cipher suite identify a + * specific elliptic curve, using the same mapping that is used for ECC + * (::psa_ecc_family_t) keys. + * + * (Here \c familiy means the value returned by psa_pake_cs_get_family() and + * \c bits means the value returned by psa_pake_cs_get_bits().) * * Input and output during the operation can involve group elements and scalar * values: @@ -2519,12 +2521,14 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) -/** The PAKE uses finite fields based Diffie-Hellman groups. +/** The PAKE primitive type indicating the use of Diffie-Hellman groups. * - * The corresponding family type is ::psa_dh_family_t. In determining a - * specific group in the family the cipher suite (see - * ::psa_pake_cipher_suite_t) bits are interpreted in the exact same way - * as key bits are. + * The values of the \c family and \c bits fields of the cipher suite identify + * a specific Diffie-Hellman group, using the same mapping that is used for + * Diffie-Hellman (::psa_dh_family_t) keys. + * + * (Here \c familiy means the value returned by psa_pake_cs_get_family() and + * \c bits means the value returned by psa_pake_cs_get_bits().) * * Input and output during the operation can involve group elements and scalar * values: From f53c7af916877bfacf5fb9c27fbe0bfd21ff713d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 May 2021 08:35:31 +0100 Subject: [PATCH 0121/1065] PSA PAKE: introduce psa_pake_family_t It is the size of something that has no a priori reason to consist of 8 bits. This should be psa_pake_family_t, both for documentation (and possibly static analysis) and in case 8 bits turn out not to be enough. Signed-off-by: Janos Follath --- include/psa/crypto.h | 4 ++-- include/psa/crypto_struct.h | 6 +++--- include/psa/crypto_types.h | 9 +++++++++ 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index df8d4d4e96..970aea324a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4222,7 +4222,7 @@ static void psa_pake_cs_set_type( * * \return The primitive family stored in the cipher suite structure. */ -static uint8_t psa_pake_cs_get_family( +static psa_pake_family_t psa_pake_cs_get_family( const psa_pake_cipher_suite_t* cipher_suite ); @@ -4246,7 +4246,7 @@ static uint8_t psa_pake_cs_get_family( */ static void psa_pake_cs_set_family( psa_pake_cipher_suite_t* cipher_suite, - uint8_t family + psa_pake_family_t family ); /** Retrieve the size associated with the primitive from a PAKE cipher suite. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 881abcb2a7..97d5d2b416 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -465,7 +465,7 @@ struct psa_pake_cipher_suite_s { psa_algorithm_t algorithm; psa_pake_primitive_type_t type; - uint8_t family; + psa_pake_family_t family; size_t bits; psa_algorithm_t hash; }; @@ -499,7 +499,7 @@ static inline void psa_pake_cs_set_type( cipher_suite->type = type; } -static inline uint8_t psa_pake_cs_get_family( +static inline psa_pake_family_t psa_pake_cs_get_family( const psa_pake_cipher_suite_t *cipher_suite) { return( cipher_suite->family ); @@ -507,7 +507,7 @@ static inline uint8_t psa_pake_cs_get_family( static inline void psa_pake_cs_set_family( psa_pake_cipher_suite_t *cipher_suite, - uint8_t family) + psa_pake_family_t family) { cipher_suite->family = family; } diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 7c560b3a5a..09ff1c5eda 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -403,8 +403,17 @@ typedef uint8_t psa_pake_data_t; * * Values defined by this standard will never be in the range 0x80-0xff. * Vendors who define additional types must use an encoding in this range. + * + * For more information see the documentation of individual + * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. */ typedef uint8_t psa_pake_primitive_type_t; +/** \brief Encoding of the family of the primitive associated with the PAKE. + * + * For more information see the documentation of individual + * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + */ +typedef uint8_t psa_pake_family_t; /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ From 57cfc407e0ad421143e31fc6f8a656e560a249a2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 May 2021 09:05:25 +0100 Subject: [PATCH 0122/1065] Remove obsolete __DOXYGEN_ONLY__ blocks __DOXYGEN_ONLY__ blocks were only used to typeset the PSA specification back when it was extracted from Mbed TLS headers. They are no longer used and should be removed. The PSA Crypto Driver API is still under development and might be extracted from Mbed TLS headers, leaving them there for now. Signed-off-by: Janos Follath --- include/psa/crypto.h | 42 ------------------------------------------ 1 file changed, 42 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 970aea324a..7efa3154cd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -112,12 +112,6 @@ psa_status_t psa_crypto_init(void); * This macro returns a suitable initializer for a key attribute structure * of type #psa_key_attributes_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_ATTRIBUTES_INIT {0} -#endif /** Return an initial value for a key attributes structure. */ @@ -947,12 +941,6 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * This macro returns a suitable initializer for a hash operation object * of type #psa_hash_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_HASH_OPERATION_INIT {0} -#endif /** Return an initial value for a hash operation object. */ @@ -1318,12 +1306,6 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * This macro returns a suitable initializer for a MAC operation object of type * #psa_mac_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_MAC_OPERATION_INIT {0} -#endif /** Return an initial value for a MAC operation object. */ @@ -1742,12 +1724,6 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * This macro returns a suitable initializer for a cipher operation object of * type #psa_cipher_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_CIPHER_OPERATION_INIT {0} -#endif /** Return an initial value for a cipher operation object. */ @@ -2271,12 +2247,6 @@ typedef struct psa_aead_operation_s psa_aead_operation_t; * This macro returns a suitable initializer for an AEAD operation object of * type #psa_aead_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_AEAD_OPERATION_INIT {0} -#endif /** Return an initial value for an AEAD operation object. */ @@ -3271,12 +3241,6 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; * This macro returns a suitable initializer for a key derivation operation * object of type #psa_key_derivation_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0} -#endif /** Return an initial value for a key derivation operation object. */ @@ -4360,12 +4324,6 @@ typedef struct psa_pake_operation_s psa_pake_operation_t; * This macro returns a suitable initializer for an PAKE operation object of * type #psa_pake_operation_t. */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_PAKE_OPERATION_INIT {0} -#endif /** Return an initial value for an PAKE operation object. */ From beb78d4d415fd68a6262194ccdf6fa4d84737bdd Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 May 2021 09:11:39 +0100 Subject: [PATCH 0123/1065] Rename psa_pake_data_t "Data" is too vague, renaming it to psa_pake_step_t. It is still somewhat vague, but at least consistent with the naming used in key derivation. Signed-off-by: Janos Follath --- include/psa/crypto.h | 4 ++-- include/psa/crypto_sizes.h | 2 +- include/psa/crypto_types.h | 2 +- include/psa/crypto_values.h | 18 +++++++++--------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7efa3154cd..9ceac0a580 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4478,7 +4478,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_output(psa_pake_operation_t *operation, - psa_pake_data_t type, + psa_pake_step_t type, uint8_t *output, size_t output_size, size_t *output_length); @@ -4518,7 +4518,7 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_input(psa_pake_operation_t *operation, - psa_pake_data_t type, + psa_pake_step_t type, uint8_t *input, size_t input_length); diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 4428fc01fe..9d2f6c49c2 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1144,7 +1144,7 @@ * \param alg A PAKE algorithm (PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. - * \param output_step A value of type ::psa_pake_data_t that is valid for the + * \param output_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. * \return A sufficient output buffer size for the specified * output, cipher suite and algorithm. If the cipher suite, diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 09ff1c5eda..bf8ab15a79 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -397,7 +397,7 @@ typedef uint8_t psa_pake_side_t; * This type is for encoding additional input and output data for such * algorithms. */ -typedef uint8_t psa_pake_data_t; +typedef uint8_t psa_pake_step_t; /** Encoding of the type of the PAKE's primitive. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ab064dbdd9..06aeec5e49 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2554,7 +2554,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * received. For values sent or received afterwards, use * #PSA_PAKE_DATA_KEY_SHARE_2 and #PSA_PAKE_DATA_KEY_SHARE_3. */ -#define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_data_t)0x01) +#define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_step_t)0x01) /** A Schnorr NIZKP public key. * @@ -2568,7 +2568,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * key received. For values sent or received afterwards, use * #PSA_PAKE_DATA_ZK_PUBLIC_2 and #PSA_PAKE_DATA_ZK_PUBLIC_3. */ -#define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_data_t)0x02) +#define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_step_t)0x02) /** A Schnorr NIZKP proof. * @@ -2582,43 +2582,43 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * received. For values sent or received afterwards, use * #PSA_PAKE_DATA_ZK_PROOF_2 and #PSA_PAKE_DATA_ZK_PROOF_3. */ -#define PSA_PAKE_DATA_ZK_PROOF ((psa_pake_data_t)0x03) +#define PSA_PAKE_DATA_ZK_PROOF ((psa_pake_step_t)0x03) /** Marks the second key share sent and received. * * See #PSA_PAKE_DATA_KEY_SHARE. */ -#define PSA_PAKE_DATA_KEY_SHARE_2 ((psa_pake_data_t)0x04) +#define PSA_PAKE_DATA_KEY_SHARE_2 ((psa_pake_step_t)0x04) /** Marks the second Schnorr NIZKP public key sent and received. * * See #PSA_PAKE_DATA_ZK_PUBLIC. */ -#define PSA_PAKE_DATA_ZK_PUBLIC_2 ((psa_pake_data_t)0x05) +#define PSA_PAKE_DATA_ZK_PUBLIC_2 ((psa_pake_step_t)0x05) /** Marks the second Schnorr NIZKP proof sent and received. * * See #PSA_PAKE_DATA_ZK_PROOF. */ -#define PSA_PAKE_DATA_ZK_PROOF_2 ((psa_pake_data_t)0x06) +#define PSA_PAKE_DATA_ZK_PROOF_2 ((psa_pake_step_t)0x06) /** Marks the third key share sent and received. * * See #PSA_PAKE_DATA_KEY_SHARE. */ -#define PSA_PAKE_DATA_KEY_SHARE_3 ((psa_pake_data_t)0x07) +#define PSA_PAKE_DATA_KEY_SHARE_3 ((psa_pake_step_t)0x07) /** Marks the third Schnorr NIZKP public key sent and received. * * See #PSA_PAKE_DATA_ZK_PUBLIC. */ -#define PSA_PAKE_DATA_ZK_PUBLIC_3 ((psa_pake_data_t)0x08) +#define PSA_PAKE_DATA_ZK_PUBLIC_3 ((psa_pake_step_t)0x08) /** Marks the third Schnorr NIZKP proof sent and received. * * See #PSA_PAKE_DATA_ZK_PROOF. */ -#define PSA_PAKE_DATA_ZK_PROOF_3 ((psa_pake_data_t)0x09) +#define PSA_PAKE_DATA_ZK_PROOF_3 ((psa_pake_step_t)0x09) /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From a86c3131a8981d632585f83d8f5f61384b70c072 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 10:51:01 +0100 Subject: [PATCH 0124/1065] PSA PAKE: divide setup into several steps There are too many parameters to the setup function. This makes it hard to figure out how to call the function and read code that calls the function. This also opens the suspicion that there's yet another parameter that we're missing. Signed-off-by: Janos Follath --- include/psa/crypto.h | 195 ++++++++++++++++++++++++++---------- include/psa/crypto_values.h | 5 + 2 files changed, 147 insertions(+), 53 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9ceac0a580..a2f34cab03 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4319,12 +4319,6 @@ static void psa_pake_cs_set_hash( * Implementation details can change in future versions without notice. */ typedef struct psa_pake_operation_s psa_pake_operation_t; -/** \def PSA_PAKE_OPERATION_INIT - * - * This macro returns a suitable initializer for an PAKE operation object of - * type #psa_pake_operation_t. - */ - /** Return an initial value for an PAKE operation object. */ static psa_pake_operation_t psa_pake_operation_init(void); @@ -4338,8 +4332,21 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Initialize the operation object with one of the methods described in the * documentation for #psa_pake_operation_t, e.g. * #PSA_PAKE_OPERATION_INIT. - * -# Call psa_pake_setup() to specify the algorithm, the password, cipher - * suite, identities and additional session information. + * -# Call psa_pake_setup() to specify cipher suite. + * -# Call \c psa_pake_set_xxx() functions on the operation to complete the + * setup. The exact sequence of \c psa_pake_set_xxx() functions that needs + * to be called depends on the algorithm in use. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * Like in the case of completing setup, the exact sequence of calls to perform + * a password-authenticated key exchange depends on the algorithm in use: + * - Some algorithms exchange more data than just a single key share. When using + * such a algorithm, call psa_pake_output() and psa_pake_input() one or more + * times to exchange any further data that is needed to derive the shared + * secret. * * A typical sequence of calls to perform a password-authenticated key * exchange: @@ -4353,13 +4360,6 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Terminate the operation by a call to psa_pake_get_implicit_key() or * psa_pake_abort(). * - * The exact sequence of calls to perform a password-authenticated key exchange - * depends on the algorithm in use: - * - Some algorithms exchange more data than just a single key share. When using - * such a algorithm, call psa_pake_output() and psa_pake_input() one or more - * times to exchange any further data that is needed to derive the shared - * secret. - * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. @@ -4378,6 +4378,29 @@ static psa_pake_operation_t psa_pake_operation_init(void); * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_pake_operation_t and not yet in use. + * \param cipher_suite The cipher suite to use. (A cipher suite fully + * characterizes a PAKE algorithm and determines + * the algorithm as well.) + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_NOT_SUPPORTED + * The \p cipher_suite is not supported or is not valid. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_setup(psa_pake_operation_t *operation, + psa_pake_cipher_suite_t cipher_suite); + +/** Set the password for a password-authenticated key exchange. + * * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a * memory-hard function). It must remain valid @@ -4385,56 +4408,122 @@ static psa_pake_operation_t psa_pake_operation_init(void); * type PSA_KEY_TYPE_PASSWORD or * #PSA_KEY_TYPE_DERIVE. It has to allow the usage * #PSA_KEY_USAGE_DERIVE. - * \param cipher_suite The cipher suite to use. (A cipher suite fully - * characterizes a PAKE algorithm and determines - * the algorithm as well.) - * \param side A value of type ::psa_pake_side_t signaling the - * side of the algorithm that is being set up. For - * more information see the documentation of \c - * PSA_PAKE_SIDE_XXX constants. - * \param[in] user_id The user ID to authenticate with. - * \param user_id_len Size of the \p user_id buffer in bytes. - * \param[in] peer_id The peer's ID to authenticate. - * \param peer_id_len Size of the \p peer_id buffer in bytes. - * \param[in] session_data Additional session related data if it is allowed - * or required by the algorithm. This must be empty - * if additional session data is not used by the - * algorithm. - * \param session_data_len Size of the \p session_data buffer in bytes. * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with the algorithm in \p cipher_suite. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p session_data is not empty and is not allowed in the algorithm in - * \p cipher_suite. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The \p cipher_suite is not supported or is not valid. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_pake_setup(psa_pake_operation_t *operation, - mbedtls_svc_key_id_t password, - psa_pake_cipher_suite_t cipher_suite, - psa_pake_side_t side, - const uint8_t *user_id, - size_t user_id_len, - const uint8_t *peer_id, - size_t peer_id_len, - const uint8_t *session_data, - size_t session_data_len); +psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password); + +/** Set the user ID for a password-authenticated key exchange. + * + * Some PAKE algorithms assiciate only a single user identifier with the + * session. Such algorithms must call this function (psa_pake_set_user()) to + * set the identifier for the PAKE context. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[in] user_id The user ID to authenticate with. + * \param user_id_len Size of the \p user_id buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p user_id is NULL. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, + const uint8_t *user_id, + size_t user_id_len); + +/** Set the peer ID for a password-authenticated key exchange. + * + * Some PAKE algorithms assiciate only a single user identifier with the + * session. Such algorithms must call psa_pake_set_user() to set the + * identifier for the PAKE context. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[in] peer_id The peer's ID to authenticate. + * \param peer_id_len Size of the \p peer_id buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The algorithm doesn't associate a second identity with the session. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p user_id is NULL. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, + const uint8_t *peer_id, + size_t peer_id_len); + +/** Set the side for a password-authenticated key exchange. + * + * Not all PAKE algorithms need to differentiate the communicating entities. + * It is optional to call this function for PAKEs that don't require a side + * parameter. For such PAKEs the side parameter is ignored. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param side A value of type ::psa_pake_side_t signaling the + * side of the algorithm that is being set up. For + * more information see the documentation of \c + * PSA_PAKE_SIDE_XXX constants. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must have been set up). + * \retval #PSA_ERROR_NOT_SUPPORTED + * The \p side for this algorithm is not supported or is not valid. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, + psa_pake_side_t side); /** Get additional key share from a password-authenticated key exchange. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 06aeec5e49..a92002304a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1985,6 +1985,11 @@ * Implementations of the present specification use Schnorr NIZKP and this does * not need to be configured in the cipher suites. * + * J-PAKE doesn't differentiate between sides and has a distinct identifier + * associated with each entity. This means that both psa_pake_set_user() and + * psa_pake_set_peer() needs to be called before commencing the operation. + * Another conseque is that psa_pake_set_side() is optional and is ignored. + * * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call * // Get g1 From 78b9e40662bca1b594537433594dc130fffbc507 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 11:45:14 +0100 Subject: [PATCH 0125/1065] PSA PAKE: reintroduce psa_pake_primitive_t If PSA_PAKE_OUTPUT_SIZE takes cipher_suite as a parameter and it is a structure it can't be a compile-time constant anymore. Reintroducing psa_pake_primitive_t, because it can be constructed as an integral type and holds enough information to allow PSA_PAKE_OUTPUT_SIZE calculating accurate estimates on the output size in compile time. Signed-off-by: Janos Follath --- include/psa/crypto.h | 93 ++++--------------------------------- include/psa/crypto_sizes.h | 4 +- include/psa/crypto_struct.h | 53 ++++++--------------- include/psa/crypto_types.h | 6 +++ include/psa/crypto_values.h | 24 ++++++++++ 5 files changed, 55 insertions(+), 125 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a2f34cab03..ec5c16c488 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4145,107 +4145,30 @@ static void psa_pake_cs_set_algorithm( * This function may be provided as a function-like macro, but in this case it * must evaluate its argument exactly once. * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * * \param[in] cipher_suite The cipher suite structure to query. * - * \return The primitive type stored in the cipher suite structure. + * \return The primitive stored in the cipher suite structure. */ -static psa_pake_primitive_type_t psa_pake_cs_get_type( +static psa_pake_primitive_t psa_pake_cs_get_primitive( const psa_pake_cipher_suite_t* cipher_suite ); /** Declare the primitive type for a PAKE cipher suite. * - * This function overwrites any primitive type - * previously set in \p cipher_suite. + * This function overwrites any primitive previously set in \p cipher_suite. * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, * but in this case it must evaluate each of its arguments exactly once. * * \param[out] cipher_suite The cipher suite structure to write to. - * \param type The primitive type to write. - * If this is 0, the primitive type in - * \p cipher_suite becomes unspecified. + * \param primitive The primitive to write. If this is 0, the + * primitive type in \p cipher_suite becomes + * unspecified. */ -static void psa_pake_cs_set_type( +static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t* cipher_suite, - psa_pake_primitive_type_t type - ); - -/** Retrieve the primitive family from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The primitive family stored in the cipher suite structure. - */ -static psa_pake_family_t psa_pake_cs_get_family( - const psa_pake_cipher_suite_t* cipher_suite - ); - -/** Declare the primitive family for a PAKE cipher suite. - * - * This function overwrites any primitive family - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param family The primitive family to write. - * If this is 0, the primitive family in - * \p cipher_suite becomes unspecified. The - * interpretation of this parameter depends on - * the primitive type. For more information - * consult the documentation of individual - * ::psa_pake_primitive_type_t constants). - */ -static void psa_pake_cs_set_family( - psa_pake_cipher_suite_t* cipher_suite, - psa_pake_family_t family - ); - -/** Retrieve the size associated with the primitive from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The primitive bits stored in the cipher suite structure. - */ -static size_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t* cipher_suite); - -/** Declare the primitive bits for a PAKE cipher suite. - * - * This function overwrites any primitive bits - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param bits The primitive bits to write. - * If this is 0, the primitive bits in - * \p cipher_suite becomes unspecified. The - * interpretation of this parameter depends on - * the family, for more information consult the - * documentation of individual - * ::psa_pake_primitive_type_t constants). - */ -static void psa_pake_cs_set_bits( - psa_pake_cipher_suite_t* cipher_suite, - size_t bits + psa_pake_primitive_t primitive ); /** Retrieve the hash algorithm from a PAKE cipher suite. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 9d2f6c49c2..d8fc9979bd 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1143,7 +1143,7 @@ * * \param alg A PAKE algorithm (PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. + * \param primitive A primitive that is compatible with algorithm \p alg. * \param output_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. * \return A sufficient output buffer size for the specified @@ -1151,7 +1151,7 @@ * the output type or PAKE algorithm is not recognized, or * the parameters are incompatible, return 0. */ -#define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output_step) +#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) /** Output buffer size for psa_pake_output() for any of the supported cipher * suites and PAKE algorithms. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 97d5d2b416..a5f35cb9cf 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -466,10 +466,16 @@ struct psa_pake_cipher_suite_s psa_algorithm_t algorithm; psa_pake_primitive_type_t type; psa_pake_family_t family; - size_t bits; + uint16_t bits; psa_algorithm_t hash; }; +static inline psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->algorithm ); +} + static inline void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm) @@ -480,49 +486,20 @@ static inline void psa_pake_cs_set_algorithm( cipher_suite->algorithm = algorithm; } -static inline psa_algorithm_t psa_pake_cs_get_algorithm( +static inline psa_pake_primitive_t psa_pake_cs_get_primitive( const psa_pake_cipher_suite_t *cipher_suite) { - return( cipher_suite->algorithm ); + return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family, + cipher_suite->bits) ); } -static inline psa_pake_primitive_type_t psa_pake_cs_get_type( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->type ); -} - -static inline void psa_pake_cs_set_type( +static inline void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite, - psa_pake_primitive_type_t type) + psa_pake_primitive_t primitive) { - cipher_suite->type = type; -} - -static inline psa_pake_family_t psa_pake_cs_get_family( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->family ); -} - -static inline void psa_pake_cs_set_family( - psa_pake_cipher_suite_t *cipher_suite, - psa_pake_family_t family) -{ - cipher_suite->family = family; -} - -static inline size_t psa_pake_cs_get_bits( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->bits ); -} - -static inline void psa_pake_cs_set_bits( - psa_pake_cipher_suite_t *cipher_suite, - size_t bits) -{ - cipher_suite->bits = bits; + cipher_suite->type = (psa_pake_primitive_type_t) primitive >> 24; + cipher_suite->family = (psa_pake_family_t) ( 0xFF & (primitive >> 16) ); + cipher_suite->bits = (uint16_t) ( 0xFFFF & primitive ); } static inline psa_algorithm_t psa_pake_cs_get_hash( diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index bf8ab15a79..5418bd76ea 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -415,5 +415,11 @@ typedef uint8_t psa_pake_primitive_type_t; * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. */ typedef uint8_t psa_pake_family_t; + +/** \brief Encoding of the primitive associated with the PAKE. + * + * For more information see the documentation of the #PSA_PAKE_PRIMITIVE macro. + */ +typedef uint32_t psa_pake_primitive_t; /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a92002304a..cb4c604a68 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2546,6 +2546,30 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) +/** Construct a PAKE primitive from type, family and bitsize. + * + * \param pake_type The type of the primitive + * (value of type ::psa_pake_primitive_type_t). + * \param pake_family The family of the primitive + * (the type and interpretation of this parameter depends + * on \p type, for more information consult the + * documentation of individual ::psa_pake_primitive_type_t + * constants). + * \param pake_bits The bitsize of the primitive + * (Value of type \c size_t. The interpretation + * of this parameter depends on \p family, for more + * information consult the documentation of individual + * ::psa_pake_primitive_type_t constants). + * + * \return The constructed primitive value of type ::psa_pake_primitive_t. + * Return 0 if the requested primitive can't be encoded as + * ::psa_pake_primitive_t. + */ +#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ + (pake_bits > 0xFFFF) ? 0 : \ + ((psa_pake_primitive_t) (((pake_type) << 24 | \ + (pake_family) << 16) | (pake_bits))) + /** The key share being sent to or received from the peer. * * Unless the documentation of the PAKE algorithm says otherwise this is a From a71811aa4c4958998a1a750dd99f4cb3be8b249d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 11:50:01 +0100 Subject: [PATCH 0126/1065] Fix typo Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index cb4c604a68..9fc84f34d8 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2512,7 +2512,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * specific elliptic curve, using the same mapping that is used for ECC * (::psa_ecc_family_t) keys. * - * (Here \c familiy means the value returned by psa_pake_cs_get_family() and + * (Here \c family means the value returned by psa_pake_cs_get_family() and * \c bits means the value returned by psa_pake_cs_get_bits().) * * Input and output during the operation can involve group elements and scalar @@ -2532,7 +2532,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * a specific Diffie-Hellman group, using the same mapping that is used for * Diffie-Hellman (::psa_dh_family_t) keys. * - * (Here \c familiy means the value returned by psa_pake_cs_get_family() and + * (Here \c family means the value returned by psa_pake_cs_get_family() and * \c bits means the value returned by psa_pake_cs_get_bits().) * * Input and output during the operation can involve group elements and scalar From 3c09c4733342ab0a142df1d7ec263ce4f4bb68e0 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 11:57:49 +0100 Subject: [PATCH 0127/1065] PSA PAKE: remove redundant steps PAKE constructions that have multiple key shares will always consume and produce the key shares in numerical order. So using PSA_PAKE_DATA_XXX_X would demand step-sequence validation, and provides no functional utility over having only PSA_PAKE_DATA_XXX. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 75 ++++++------------------------------- 1 file changed, 12 insertions(+), 63 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 9fc84f34d8..229485e663 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1999,11 +1999,11 @@ * // Get the ZKP proof for x1 * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * // Get g2 - * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * // Get the ZKP public key for x2 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * // Get the ZKP proof for x2 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * -# To provide the first round data received from the peer to the operation, * call * // Set g3 @@ -2013,26 +2013,26 @@ * // Set the ZKP proof for x3 * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * // Set g4 - * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_2, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * // Set the ZKP public key for x4 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_2, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * // Set the ZKP proof for x4 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_2, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * -# To get the second round data that needs to be sent to the peer, call * // Get A - * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * // Get ZKP public key for x2*s - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * // Get ZKP proof for x2*s - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); + * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * -# To provide the second round data received from the peer to the operation, * call * // Set B - * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE_3, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); * // Set ZKP public key for x4*s - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC_3, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); * // Set ZKP proof for x4*s - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF_3, ...); + * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); * -# To access the shared secret call * // Get Ka=Kb=K * psa_pake_get_implicit_key() @@ -2577,11 +2577,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. - * - * Some PAKE algorithms need to exchange several key shares. If that is the - * case, this value marks the first key share sent and the first key share - * received. For values sent or received afterwards, use - * #PSA_PAKE_DATA_KEY_SHARE_2 and #PSA_PAKE_DATA_KEY_SHARE_3. */ #define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_step_t)0x01) @@ -2591,11 +2586,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. - * - * Some PAKE algorithms need to perform several zero-knowledge proofs. If that - * is the case, this value marks the first public key sent and the first public - * key received. For values sent or received afterwards, use - * #PSA_PAKE_DATA_ZK_PUBLIC_2 and #PSA_PAKE_DATA_ZK_PUBLIC_3. */ #define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_step_t)0x02) @@ -2605,49 +2595,8 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. - * - * Some PAKE algorithms need to perform several zero-knowledge proofs. If that - * is the case, this value marks the first proof sent and the first proof - * received. For values sent or received afterwards, use - * #PSA_PAKE_DATA_ZK_PROOF_2 and #PSA_PAKE_DATA_ZK_PROOF_3. */ #define PSA_PAKE_DATA_ZK_PROOF ((psa_pake_step_t)0x03) -/** Marks the second key share sent and received. - * - * See #PSA_PAKE_DATA_KEY_SHARE. - */ -#define PSA_PAKE_DATA_KEY_SHARE_2 ((psa_pake_step_t)0x04) - -/** Marks the second Schnorr NIZKP public key sent and received. - * - * See #PSA_PAKE_DATA_ZK_PUBLIC. - */ -#define PSA_PAKE_DATA_ZK_PUBLIC_2 ((psa_pake_step_t)0x05) - -/** Marks the second Schnorr NIZKP proof sent and received. - * - * See #PSA_PAKE_DATA_ZK_PROOF. - */ -#define PSA_PAKE_DATA_ZK_PROOF_2 ((psa_pake_step_t)0x06) - -/** Marks the third key share sent and received. - * - * See #PSA_PAKE_DATA_KEY_SHARE. - */ -#define PSA_PAKE_DATA_KEY_SHARE_3 ((psa_pake_step_t)0x07) - -/** Marks the third Schnorr NIZKP public key sent and received. - * - * See #PSA_PAKE_DATA_ZK_PUBLIC. - */ -#define PSA_PAKE_DATA_ZK_PUBLIC_3 ((psa_pake_step_t)0x08) - -/** Marks the third Schnorr NIZKP proof sent and received. - * - * See #PSA_PAKE_DATA_ZK_PROOF. - */ -#define PSA_PAKE_DATA_ZK_PROOF_3 ((psa_pake_step_t)0x09) - /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 56cc9ccc39b45a384a4ad5e60061bb4f49a63bd9 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 12:01:11 +0100 Subject: [PATCH 0128/1065] PSA PAKE: Align macro names with psa_pake_step_t Signed-off-by: Janos Follath --- include/psa/crypto.h | 4 ++-- include/psa/crypto_values.h | 44 ++++++++++++++++++------------------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ec5c16c488..5473fbfd05 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4273,9 +4273,9 @@ static psa_pake_operation_t psa_pake_operation_init(void); * * A typical sequence of calls to perform a password-authenticated key * exchange: - * -# Call psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...) to get the + * -# Call psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to get the * key share that needs to be sent to the peer. - * -# Call psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...) to provide + * -# Call psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to provide * the key share that was received from the peer. * -# Call psa_pake_get_implicit_key() for accessing the shared secret. * -# Make a sequence of function calls to execute the password-authenticated diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 229485e663..174a1f1e0d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1993,52 +1993,52 @@ * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call * // Get g1 - * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Get the ZKP public key for x1 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Get the ZKP proof for x1 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * // Get g2 - * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Get the ZKP public key for x2 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Get the ZKP proof for x2 - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * -# To provide the first round data received from the peer to the operation, * call * // Set g3 - * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Set the ZKP public key for x3 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Set the ZKP proof for x3 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * // Set g4 - * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Set the ZKP public key for x4 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Set the ZKP proof for x4 - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * -# To get the second round data that needs to be sent to the peer, call * // Get A - * psa_pake_output(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Get ZKP public key for x2*s - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Get ZKP proof for x2*s - * psa_pake_output(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * -# To provide the second round data received from the peer to the operation, * call * // Set B - * psa_pake_input(operation, #PSA_PAKE_DATA_KEY_SHARE, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); * // Set ZKP public key for x4*s - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PUBLIC, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); * // Set ZKP proof for x4*s - * psa_pake_input(operation, #PSA_PAKE_DATA_ZK_PROOF, ...); + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); * -# To access the shared secret call * // Get Ka=Kb=K * psa_pake_get_implicit_key() * * For more information consult the documentation of the individual - * PSA_PAKE_DATA_XXX constants. + * PSA_PAKE_STEP_XXX constants. * * J-PAKE is standardised for example in RFC 8236. */ @@ -2578,7 +2578,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. */ -#define PSA_PAKE_DATA_KEY_SHARE ((psa_pake_step_t)0x01) +#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) /** A Schnorr NIZKP public key. * @@ -2587,7 +2587,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. */ -#define PSA_PAKE_DATA_ZK_PUBLIC ((psa_pake_step_t)0x02) +#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) /** A Schnorr NIZKP proof. * @@ -2596,7 +2596,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * For information regarding representation consult the documentation of * individual ::psa_pake_primitive_type_t constants. */ -#define PSA_PAKE_DATA_ZK_PROOF ((psa_pake_step_t)0x03) +#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From fe0c4493f5a3118d56759ad0f4b4478aadfdb077 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 12:25:15 +0100 Subject: [PATCH 0129/1065] Add psa_pake_set_password_mhf() Using memory hard functions with PAKEs is the more secure option. It should be as convenient and efficient to use as less secure options, but so far it required creating an additional temporary key object. With psa_pake_set_password_mhf() this eliminates the need for this. Similarly we could add a convenience function to supply the password directly from character strings, but that would make the less secure option more convenient again and therfore we are not doing it now. Signed-off-by: Janos Follath --- include/psa/crypto.h | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5473fbfd05..e94a957137 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4322,7 +4322,7 @@ static psa_pake_operation_t psa_pake_operation_init(void); psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_pake_cipher_suite_t cipher_suite); -/** Set the password for a password-authenticated key exchange. +/** Set the password for a password-authenticated key exchange from key ID. * * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a @@ -4350,6 +4350,37 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password); +/** Set the password for a password-authenticated key exchange with memory hard + * function. + * + * Some protocols require using values derived from passwords via memory hard + * functions to mitigate dictionary attacks. Memory hard functions can be + * accessed through the key derivation interface and the result can be supplied + * to the PAKE operation in the form of a key derivation object. + * + * \param key_derivation An ongoing key derivation operation set up from + * the password and in a state suitable for + * calling psa_key_derivation_output_bytes(). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key_derivation is not ready for a call to + * psa_key_derivation_output_bytes(). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, + psa_pake_operation_t *key_derivation); + /** Set the user ID for a password-authenticated key exchange. * * Some PAKE algorithms assiciate only a single user identifier with the From b0bcb633ffb567aaa9ff2a17fe5043df6485bfd7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 13:21:43 +0100 Subject: [PATCH 0130/1065] Link PSA_KEY_TYPE_PASSWORD in the documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e94a957137..8759d69756 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4328,7 +4328,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * value derived from the password (eg. by a * memory-hard function). It must remain valid * until the operation terminates. It must be of - * type PSA_KEY_TYPE_PASSWORD or + * type #PSA_KEY_TYPE_PASSWORD or * #PSA_KEY_TYPE_DERIVE. It has to allow the usage * #PSA_KEY_USAGE_DERIVE. * From 60fa7c59b26aa1f5eee0aeaca00428159c391b0d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 13:36:32 +0100 Subject: [PATCH 0131/1065] PSA PAKE: document operation parameters Signed-off-by: Janos Follath --- include/psa/crypto.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8759d69756..f49286ca7f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4324,6 +4324,9 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, /** Set the password for a password-authenticated key exchange from key ID. * + * \param[in,out] operation The operation object to set the password for. It + * must have been set up by psa_pake_setup() and + * not yet in use. * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a * memory-hard function). It must remain valid @@ -4358,6 +4361,9 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * accessed through the key derivation interface and the result can be supplied * to the PAKE operation in the form of a key derivation object. * + * \param[in,out] operation The operation object to set the password for. It + * must have been set up by psa_pake_setup() and + * not yet in use. * \param key_derivation An ongoing key derivation operation set up from * the password and in a state suitable for * calling psa_key_derivation_output_bytes(). @@ -4391,6 +4397,9 @@ psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. * + * \param[in,out] operation The operation object to set the user ID for. It + * must have been set up by psa_pake_setup() and + * not yet in use. * \param[in] user_id The user ID to authenticate with. * \param user_id_len Size of the \p user_id buffer in bytes. * @@ -4423,6 +4432,9 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. * + * \param[in,out] operation The operation object to set the peer ID for. It + * must have been set up by psa_pake_setup() and + * not yet in use. * \param[in] peer_id The peer's ID to authenticate. * \param peer_id_len Size of the \p peer_id buffer in bytes. * @@ -4457,6 +4469,9 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. * + * \param[in,out] operation The operation object to set the side for. It + * must have been set up by psa_pake_setup() and + * not yet in use. * \param side A value of type ::psa_pake_side_t signaling the * side of the algorithm that is being set up. For * more information see the documentation of \c From ed82716546567583b42419338ffd0448f66a6171 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 14:38:15 +0100 Subject: [PATCH 0132/1065] Remove always false comparison PSA_PAKE_PRIMITIVE Always false comparison triggered compiler warnings. Removing comparison while preserving semantics to achieve clean build. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 174a1f1e0d..94616aad72 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2566,7 +2566,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * ::psa_pake_primitive_t. */ #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ - (pake_bits > 0xFFFF) ? 0 : \ + ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \ ((psa_pake_primitive_t) (((pake_type) << 24 | \ (pake_family) << 16) | (pake_bits))) From ef816f37be9e1d33639152bb4349680c973b8449 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 16:01:47 +0100 Subject: [PATCH 0133/1065] Fix precedence in psa_pake_cs_set_primitive() Signed-off-by: Janos Follath --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index a5f35cb9cf..b20a179729 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -497,7 +497,7 @@ static inline void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite, psa_pake_primitive_t primitive) { - cipher_suite->type = (psa_pake_primitive_type_t) primitive >> 24; + cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24); cipher_suite->family = (psa_pake_family_t) ( 0xFF & (primitive >> 16) ); cipher_suite->bits = (uint16_t) ( 0xFFFF & primitive ); } From 14ce06afe270687e6490e038ab5d2e647b193b17 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 May 2021 11:26:23 +0100 Subject: [PATCH 0134/1065] PSA PAKE: fix documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 6 +++--- include/psa/crypto_values.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f49286ca7f..87b4526eb4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4139,7 +4139,7 @@ static void psa_pake_cs_set_algorithm( psa_algorithm_t algorithm ); -/** Retrieve the primitive type from a PAKE cipher suite. +/** Retrieve the primitive from a PAKE cipher suite. * * This function may be declared as `static` (i.e. without external linkage). * This function may be provided as a function-like macro, but in this case it @@ -4153,7 +4153,7 @@ static psa_pake_primitive_t psa_pake_cs_get_primitive( const psa_pake_cipher_suite_t* cipher_suite ); -/** Declare the primitive type for a PAKE cipher suite. +/** Declare the primitive for a PAKE cipher suite. * * This function overwrites any primitive previously set in \p cipher_suite. * @@ -4353,7 +4353,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password); -/** Set the password for a password-authenticated key exchange with memory hard +/** Set the password for a password-authenticated key exchange via a memory hard * function. * * Some protocols require using values derived from passwords via memory hard diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 94616aad72..d1924db67b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1988,7 +1988,7 @@ * J-PAKE doesn't differentiate between sides and has a distinct identifier * associated with each entity. This means that both psa_pake_set_user() and * psa_pake_set_peer() needs to be called before commencing the operation. - * Another conseque is that psa_pake_set_side() is optional and is ignored. + * Another consequence is that psa_pake_set_side() is optional and is ignored. * * The key exchange flow for JPAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call From 1062a24152c32228ff0750256e84d77f97d39cb8 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 May 2021 12:02:55 +0100 Subject: [PATCH 0135/1065] Fix psa_pake_set_password_mhf() parameter list The type of the key derivation operation was incorrect. Also neither the PAKE nor key_derivation algorithm knows how many bytes to transfer at this stage. There is no optimal or recommended size, PAKEs don't mandate it either (with the exception of OPAQUE, but that uses it internally and won't be using this interface). Adding an input length parameter to allow the application to control how many bytes the PAKE takes from the key derivation. Signed-off-by: Janos Follath --- include/psa/crypto.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 87b4526eb4..00317f7ffd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4367,6 +4367,8 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * \param key_derivation An ongoing key derivation operation set up from * the password and in a state suitable for * calling psa_key_derivation_output_bytes(). + * \param input_length Number of bytes to input from the + * \p key_derivation operation. * * \retval #PSA_SUCCESS * Success. @@ -4385,7 +4387,8 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, - psa_pake_operation_t *key_derivation); + psa_key_derivation_operation_t *key_derivation, + size_t input_length); /** Set the user ID for a password-authenticated key exchange. * From e1a080f1f8c82386da370d2893cf9d2b985d1e51 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 May 2021 12:16:36 +0100 Subject: [PATCH 0136/1065] Improve psa_pake_set_password_mhf() documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 00317f7ffd..205c5fd8ae 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4361,14 +4361,14 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * accessed through the key derivation interface and the result can be supplied * to the PAKE operation in the form of a key derivation object. * - * \param[in,out] operation The operation object to set the password for. It - * must have been set up by psa_pake_setup() and - * not yet in use. - * \param key_derivation An ongoing key derivation operation set up from - * the password and in a state suitable for - * calling psa_key_derivation_output_bytes(). - * \param input_length Number of bytes to input from the - * \p key_derivation operation. + * \param[in,out] operation The operation object to set the password for. + * It must have been set up by psa_pake_setup() + * and not yet in use. + * \param[in,out] key_derivation An ongoing key derivation operation set up + * from the password and in a state suitable for + * calling psa_key_derivation_output_bytes(). + * \param input_length Number of bytes to input from the + * \p key_derivation operation. * * \retval #PSA_SUCCESS * Success. From 7b8910322c701bb85a1ba7690ce1634537f0845a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 May 2021 15:42:46 +0100 Subject: [PATCH 0137/1065] PSA PAKE: refine documentation of return values The key derivation operation passed to psa_pake_set_password_mhf() might enter an error state before the function returns. If this happens, the user needs to know about it so that they can properly abort it. Signed-off-by: Janos Follath --- include/psa/crypto.h | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 205c5fd8ae..6706ef8ea5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4337,6 +4337,8 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must have been set up.) * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -4361,6 +4363,16 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * accessed through the key derivation interface and the result can be supplied * to the PAKE operation in the form of a key derivation object. * + * This function draws bytes from a key derivation algorithm and sets those + * bytes as a password for the password-authenticated key exchange. If you + * view the key derivation's output as a stream of bytes, this function + * destructively reads the requested number of bytes from the stream. + * The key derivation operation's capacity decreases by the number of bytes read. + * + * If this function returns #PSA_ERROR_INVALID_ARGUMENT, \p key_derivation + * enters an error state and must be aborted by calling + * psa_key_derivation_abort(). + * * \param[in,out] operation The operation object to set the password for. * It must have been set up by psa_pake_setup() * and not yet in use. @@ -4372,6 +4384,11 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must have been set up.) + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * The \p key_derivation operation's capacity was less than + * \p input_length bytes. * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -4379,8 +4396,8 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key_derivation is not ready for a call to - * psa_key_derivation_output_bytes(). + * The call to psa_key_derivation_output_bytes() returned something + * other than #PSA_ERROR_INSUFFICIENT_DATA. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -4409,7 +4426,7 @@ psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. + * The operation state is not valid (it must have been set up.) * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -4444,7 +4461,7 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. + * The operation state is not valid (it must have been set up.) * \retval #PSA_ERROR_NOT_SUPPORTED * The algorithm doesn't associate a second identity with the session. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY From 9a04aeaff5e01abde65a972030e23ce9cf700c99 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 20 May 2021 16:21:01 +0100 Subject: [PATCH 0138/1065] PSA PAKE: improve and fix documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 30 ++++++++++++++++++------------ include/psa/crypto_sizes.h | 3 ++- include/psa/crypto_types.h | 6 +++--- include/psa/crypto_values.h | 12 ++++++------ 4 files changed, 29 insertions(+), 22 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6706ef8ea5..fa4102278e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4092,7 +4092,7 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /**@}*/ -/** \defgroup Password-authenticated key agreement +/** \defgroup pake Password-authenticated key exchange (PAKE) * @{ */ @@ -4255,7 +4255,7 @@ static psa_pake_operation_t psa_pake_operation_init(void); * -# Initialize the operation object with one of the methods described in the * documentation for #psa_pake_operation_t, e.g. * #PSA_PAKE_OPERATION_INIT. - * -# Call psa_pake_setup() to specify cipher suite. + * -# Call psa_pake_setup() to specify the cipher suite. * -# Call \c psa_pake_set_xxx() functions on the operation to complete the * setup. The exact sequence of \c psa_pake_set_xxx() functions that needs * to be called depends on the algorithm in use. @@ -4323,6 +4323,11 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_pake_cipher_suite_t cipher_suite); /** Set the password for a password-authenticated key exchange from key ID. + * + * Call this function when the password, or a value derived from the password, + * is already present in the key store. To calculate the password-derived value + * from a password input, use the key derivation interface and + * psa_pake_set_password_stretch() instead. * * \param[in,out] operation The operation object to set the password for. It * must have been set up by psa_pake_setup() and @@ -4332,8 +4337,8 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * memory-hard function). It must remain valid * until the operation terminates. It must be of * type #PSA_KEY_TYPE_PASSWORD or - * #PSA_KEY_TYPE_DERIVE. It has to allow the usage - * #PSA_KEY_USAGE_DERIVE. + * #PSA_KEY_TYPE_PASSWORD_HASH. It has to allow + * the usage #PSA_KEY_USAGE_DERIVE. * * \retval #PSA_SUCCESS * Success. @@ -4409,7 +4414,7 @@ psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, /** Set the user ID for a password-authenticated key exchange. * - * Some PAKE algorithms assiciate only a single user identifier with the + * Some PAKE algorithms associate only a single user identifier with the * session. Such algorithms must call this function (psa_pake_set_user()) to * set the identifier for the PAKE context. * @@ -4444,7 +4449,7 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, /** Set the peer ID for a password-authenticated key exchange. * - * Some PAKE algorithms assiciate only a single user identifier with the + * Some PAKE algorithms associate only a single user identifier with the * session. Such algorithms must call psa_pake_set_user() to set the * identifier for the PAKE context. * @@ -4514,7 +4519,7 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, psa_pake_side_t side); -/** Get additional key share from a password-authenticated key exchange. +/** Get output for a step of a password-authenticated key exchange. * * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. @@ -4529,7 +4534,8 @@ psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, * state and must be aborted by calling psa_pake_abort(). * * \param[in,out] operation Active PAKE operation. - * \param type The type of the data that is requested. + * \param step The step of the algorithm for which the output is + * requested. * \param[out] output Buffer where the output is to be written. * \param output_size Size of the \p output buffer in bytes. This must * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \c @@ -4556,12 +4562,12 @@ psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_output(psa_pake_operation_t *operation, - psa_pake_step_t type, + psa_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length); -/** Provide additional peer key share for a password-authenticated key exchange. +/** Provide input for a step of a password-authenticated key exchange. * * Depending on the algorithm being executed, you might need to call this * function several times or you might not need to call this at all. @@ -4576,7 +4582,7 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * state and must be aborted by calling psa_pake_abort(). * * \param[in,out] operation Active PAKE operation. - * \param type The type of the data provided. + * \param step The step for which the input is provided. * \param[out] input Buffer containing the input. * \param[out] input_length Size of the \p input buffer in bytes. * @@ -4596,7 +4602,7 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_input(psa_pake_operation_t *operation, - psa_pake_step_t type, + psa_pake_step_t step, uint8_t *input, size_t input_length); diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index d8fc9979bd..a603c9d298 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1143,7 +1143,8 @@ * * \param alg A PAKE algorithm (PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param primitive A primitive that is compatible with algorithm \p alg. + * \param primitive A primitive of type ::psa_pake_primitive_t that is + * compatible with algorithm \p alg. * \param output_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. * \return A sufficient output buffer size for the specified diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 5418bd76ea..5a66a8709e 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -387,7 +387,7 @@ typedef uint16_t psa_key_derivation_step_t; /** \brief Encoding of the side of PAKE * * Encodes which side of the algorithm is being executed. For more information - * see the documentation of individual PSA_PAKE_SIDE_XXX constants. + * see the documentation of individual \c PSA_PAKE_SIDE_XXX constants. */ typedef uint8_t psa_pake_side_t; @@ -405,14 +405,14 @@ typedef uint8_t psa_pake_step_t; * Vendors who define additional types must use an encoding in this range. * * For more information see the documentation of individual - * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. */ typedef uint8_t psa_pake_primitive_type_t; /** \brief Encoding of the family of the primitive associated with the PAKE. * * For more information see the documentation of individual - * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. */ typedef uint8_t psa_pake_family_t; diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d1924db67b..c8a074caef 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1975,7 +1975,7 @@ * cipher suite the field or curve must be fully specified by calling * psa_pake_cs_set_family() and psa_pake_cs_set_bits() as well. For more * information refer to the documentation of the individual - * `PSA_PAKE_PRIMITIVE_TYPE_XXX` constants.) + * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants.) * * J-PAKE can be used with any secure cryptographic hash function. The choice * of hash must be supplied to the cipher suite by calling @@ -1987,7 +1987,7 @@ * * J-PAKE doesn't differentiate between sides and has a distinct identifier * associated with each entity. This means that both psa_pake_set_user() and - * psa_pake_set_peer() needs to be called before commencing the operation. + * psa_pake_set_peer() need to be called before commencing the operation. * Another consequence is that psa_pake_set_side() is optional and is ignored. * * The key exchange flow for JPAKE is as follows: @@ -2038,7 +2038,7 @@ * psa_pake_get_implicit_key() * * For more information consult the documentation of the individual - * PSA_PAKE_STEP_XXX constants. + * \c PSA_PAKE_STEP_XXX constants. * * J-PAKE is standardised for example in RFC 8236. */ @@ -2480,7 +2480,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * Although balanced PAKE algorithms are symmetric, some of them needs an * ordering of peers for the transcript calculations. If the algorithm does not - * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are + * need this, both #PSA_PAKE_SIDE_FIRST and #PSA_PAKE_SIDE_SECOND are * accepted. */ #define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01) @@ -2546,7 +2546,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) -/** Construct a PAKE primitive from type, family and bitsize. +/** Construct a PAKE primitive from type, family and bit-size. * * \param pake_type The type of the primitive * (value of type ::psa_pake_primitive_type_t). @@ -2555,7 +2555,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * on \p type, for more information consult the * documentation of individual ::psa_pake_primitive_type_t * constants). - * \param pake_bits The bitsize of the primitive + * \param pake_bits The bit-size of the primitive * (Value of type \c size_t. The interpretation * of this parameter depends on \p family, for more * information consult the documentation of individual From 19271ea1833b3fb24e9ca4e940cfcb87357fcd72 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 21 May 2021 12:38:12 +0100 Subject: [PATCH 0139/1065] PSA PAKE: Clarify documentation of valid states Signed-off-by: Janos Follath --- include/psa/crypto.h | 72 ++++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fa4102278e..ce941ed2e1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4300,7 +4300,9 @@ static psa_pake_operation_t psa_pake_operation_init(void); * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for - * #psa_pake_operation_t and not yet in use. + * #psa_pake_operation_t and not yet in use (no + * other function has been called on it since the + * last initialization). * \param cipher_suite The cipher suite to use. (A cipher suite fully * characterizes a PAKE algorithm and determines * the algorithm as well.) @@ -4308,7 +4310,7 @@ static psa_pake_operation_t psa_pake_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). + * The operation state is not valid. * \retval #PSA_ERROR_NOT_SUPPORTED * The \p cipher_suite is not supported or is not valid. * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -4331,7 +4333,13 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * * \param[in,out] operation The operation object to set the password for. It * must have been set up by psa_pake_setup() and - * not yet in use. + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the password hasn't + * been set yet (neither + * psa_pake_set_password_mhf() nor + * psa_pake_set_password_key() has been called + * yet). * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a * memory-hard function). It must remain valid @@ -4374,13 +4382,19 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * destructively reads the requested number of bytes from the stream. * The key derivation operation's capacity decreases by the number of bytes read. * - * If this function returns #PSA_ERROR_INVALID_ARGUMENT, \p key_derivation - * enters an error state and must be aborted by calling - * psa_key_derivation_abort(). + * If this function returns anything other than #PSA_SUCCESS, both \p operation + * and \p key_derivation operations enter an error state and must be aborted by + * calling psa_pake_abort() and psa_key_derivation_abort() respectively. * * \param[in,out] operation The operation object to set the password for. * It must have been set up by psa_pake_setup() - * and not yet in use. + * and not yet in use (neither psa_pake_output() + * nor psa_pake_input() has been called yet). It + * must be on operation for which the password + * hasn't been set yet (neither + * psa_pake_set_password_mhf() nor + * psa_pake_set_password_key() has been called + * yet). * \param[in,out] key_derivation An ongoing key derivation operation set up * from the password and in a state suitable for * calling psa_key_derivation_output_bytes(). @@ -4390,7 +4404,7 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must have been set up.) + * The state of \p operation or \p key_derivation is not valid. * \retval #PSA_ERROR_INSUFFICIENT_DATA * The \p key_derivation operation's capacity was less than * \p input_length bytes. @@ -4400,9 +4414,8 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The call to psa_key_derivation_output_bytes() returned something - * other than #PSA_ERROR_INSUFFICIENT_DATA. + * One of the inputs to \p key_derivation was a key whose policy didn't + * allow #PSA_KEY_USAGE_DERIVE. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -4424,14 +4437,18 @@ psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, * * \param[in,out] operation The operation object to set the user ID for. It * must have been set up by psa_pake_setup() and - * not yet in use. + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the user ID hasn't + * been set (psa_pake_set_user() hasn't been + * called yet). * \param[in] user_id The user ID to authenticate with. * \param user_id_len Size of the \p user_id buffer in bytes. * * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must have been set up.) + * The operation state is not valid. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -4459,14 +4476,18 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, * * \param[in,out] operation The operation object to set the peer ID for. It * must have been set up by psa_pake_setup() and - * not yet in use. + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the peer ID hasn't + * been set (psa_pake_set_peer() hasn't been + * called yet). * \param[in] peer_id The peer's ID to authenticate. * \param peer_id_len Size of the \p peer_id buffer in bytes. * * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must have been set up.) + * The operation state is not valid. * \retval #PSA_ERROR_NOT_SUPPORTED * The algorithm doesn't associate a second identity with the session. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -4496,7 +4517,11 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, * * \param[in,out] operation The operation object to set the side for. It * must have been set up by psa_pake_setup() and - * not yet in use. + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the side hasn't been + * set (psa_pake_set_side() hasn't been called + * yet). * \param side A value of type ::psa_pake_side_t signaling the * side of the algorithm that is being set up. For * more information see the documentation of \c @@ -4505,7 +4530,7 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must have been set up). + * The operation state is not valid. * \retval #PSA_ERROR_NOT_SUPPORTED * The \p side for this algorithm is not supported or is not valid. * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -4602,9 +4627,9 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * results in this error code. */ psa_status_t psa_pake_input(psa_pake_operation_t *operation, - psa_pake_step_t step, - uint8_t *input, - size_t input_length); + psa_pake_step_t step, + uint8_t *input, + size_t input_length); /** Get implicitly confirmed shared secret from a PAKE. * @@ -4620,9 +4645,10 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more * information. * - * When this function returns successfully, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_pake_abort(). + * When this function returns successfully, \p operation becomes inactive. + * If this function returns an error status, both \p operation + * and \p key_derivation operations enter an error state and must be aborted by + * calling psa_pake_abort() and psa_key_derivation_abort() respectively. * * \param[in,out] operation Active PAKE operation. * \param[out] output A key derivation operation that is ready From 3ae6696811089c7211a69139fed840e489798b42 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 24 May 2021 12:09:00 +0100 Subject: [PATCH 0140/1065] Clarify psa_pake_setup() documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ce941ed2e1..02ed575574 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4264,24 +4264,15 @@ static psa_pake_operation_t psa_pake_operation_init(void); * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) * for more information. * - * Like in the case of completing setup, the exact sequence of calls to perform - * a password-authenticated key exchange depends on the algorithm in use: - * - Some algorithms exchange more data than just a single key share. When using - * such a algorithm, call psa_pake_output() and psa_pake_input() one or more - * times to exchange any further data that is needed to derive the shared - * secret. - * * A typical sequence of calls to perform a password-authenticated key * exchange: * -# Call psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to get the * key share that needs to be sent to the peer. * -# Call psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to provide * the key share that was received from the peer. + * -# Depending on the algorithm additional calls to psa_pake_output() and + * psa_pake_input() might be necessary. * -# Call psa_pake_get_implicit_key() for accessing the shared secret. - * -# Make a sequence of function calls to execute the password-authenticated - * key exchange as described below. - * -# Terminate the operation by a call to psa_pake_get_implicit_key() or - * psa_pake_abort(). * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) From d416838ffd590563e819e7a1fac8f4389b216b3c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 24 May 2021 12:20:12 +0100 Subject: [PATCH 0141/1065] Rename psa_pake_set_password_mhf() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This step is not necessarily a memory-hard function. Memory-hard functions are the best of the breed at the moment, but that's due to current hardware designs, and CPU-hard-but-not-memory-hard functions like PBKDF2 are acceptable as well. We're using “key stretching” as the generic term for such functions. Signed-off-by: Janos Follath --- include/psa/crypto.h | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 02ed575574..abf3da0df9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4328,7 +4328,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * psa_pake_input() has been called yet). It must * be on operation for which the password hasn't * been set yet (neither - * psa_pake_set_password_mhf() nor + * psa_pake_set_password_stretch() nor * psa_pake_set_password_key() has been called * yet). * \param password Identifier of the key holding the password or a @@ -4359,11 +4359,11 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password); -/** Set the password for a password-authenticated key exchange via a memory hard - * function. +/** Set the password for a password-authenticated key exchange via a key + * stretching function. * - * Some protocols require using values derived from passwords via memory hard - * functions to mitigate dictionary attacks. Memory hard functions can be + * Some protocols use values derived from passwords via key stretching + * functions to mitigate dictionary attacks. Key stretching functions can be * accessed through the key derivation interface and the result can be supplied * to the PAKE operation in the form of a key derivation object. * @@ -4383,7 +4383,7 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * nor psa_pake_input() has been called yet). It * must be on operation for which the password * hasn't been set yet (neither - * psa_pake_set_password_mhf() nor + * psa_pake_set_password_stretch() nor * psa_pake_set_password_key() has been called * yet). * \param[in,out] key_derivation An ongoing key derivation operation set up @@ -4412,9 +4412,11 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_pake_set_password_mhf(psa_pake_operation_t *operation, - psa_key_derivation_operation_t *key_derivation, - size_t input_length); +psa_status_t psa_pake_set_password_stretch( + psa_pake_operation_t *operation, + psa_key_derivation_operation_t *key_derivation, + size_t input_length + ); /** Set the user ID for a password-authenticated key exchange. * From ead0e4fc7b6b9be06992d4e584f6eb93b0c899bc Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 May 2021 14:16:52 +0100 Subject: [PATCH 0142/1065] PSA PAKE: Clarify J-PAKE algorithm documentation - Transformed setup description to a more explicit pseudocode based approach. - Explained implicit vs explicit key confirmation Signed-off-by: Janos Follath --- include/psa/crypto.h | 4 ++- include/psa/crypto_values.h | 65 +++++++++++++++++++++++++------------ 2 files changed, 48 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index abf3da0df9..2fe797a3b9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4350,7 +4350,7 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with the algorithm in \p cipher_suite. + * \p key is not compatible with the algorithm or the cipher suite. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -4407,6 +4407,8 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * \retval #PSA_ERROR_NOT_PERMITTED * One of the inputs to \p key_derivation was a key whose policy didn't * allow #PSA_KEY_USAGE_DERIVE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with the algorithm or the cipher suite. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c8a074caef..527b9c30d2 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1968,29 +1968,44 @@ /** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. * - * J-PAKE can be instantiated over finite fields or elliptic curves. This can - * be achieved by setting either #PSA_PAKE_PRIMITIVE_TYPE_DH or - * #PSA_PAKE_PRIMITIVE_TYPE_ECC respectively in the cipher suite (see - * ::psa_pake_cipher_suite_t) via psa_pake_cs_set_type(). (Before using the - * cipher suite the field or curve must be fully specified by calling - * psa_pake_cs_set_family() and psa_pake_cs_set_bits() as well. For more - * information refer to the documentation of the individual - * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants.) + * This is J-PAKE as defined by RFC 8236, instantiated with the following + * parameters: * - * J-PAKE can be used with any secure cryptographic hash function. The choice - * of hash must be supplied to the cipher suite by calling - * psa_pake_cs_set_hash(). + * - The group can be either an elliptic curve or defined over a finite field. + * - Schnorr NIZK proof as defined by RFC 8235 and using the same group as the + * J-PAKE algorithm. + * - A secure cryptographic hash function. * - * In theory the algorithm works with any non-interactive zero-knowledge proof. - * Implementations of the present specification use Schnorr NIZKP and this does - * not need to be configured in the cipher suites. + * To select these parameters and set up the cipher suite, call + * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_PAKE_JPAKE); + * psa_pake_cs_set_primitive(cipher_suite, + * PSA_PAKE_PRIMITIVE(type, family, bits)); + * psa_pake_cs_set_hash(cipher_suite, hash); * - * J-PAKE doesn't differentiate between sides and has a distinct identifier - * associated with each entity. This means that both psa_pake_set_user() and - * psa_pake_set_peer() need to be called before commencing the operation. - * Another consequence is that psa_pake_set_side() is optional and is ignored. + * For more information on how to set a specific curve or field, refer to the + * documentation of the individual \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. * - * The key exchange flow for JPAKE is as follows: + * After initializing a J-PAKE operation, call + * psa_pake_setup(operation, cipher_suite); + * psa_pake_set_user(operation, ...); + * psa_pake_set_peer(operation, ...); + * and either + * psa_pake_set_password_stretch(operation, ...); + * or + * psa_pake_set_password_key(operation, ...); + * + * Either way the password is read as a byte array and must be non-empty. This + * can be the password itself (in some pre-defined character encoding) or some + * value derived from the password as mandated by some higher level protocol. + * + * (The implementation converts this byte array to a number as described in + * Section 2.3.8 of _SEC 1: Elliptic Curve Cryptography_ + * (https://www.secg.org/sec1-v2.pdf), before reducing it modulo \c q. Here + * \c q is order of the group defined by the primitive set in the cipher suite. + * The \c psa_pake_set_password_xxx() functions return an error if the result + * of the reduction is 0.) + * + * The key exchange flow for J-PAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call * // Get g1 * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); @@ -2040,7 +2055,17 @@ * For more information consult the documentation of the individual * \c PSA_PAKE_STEP_XXX constants. * - * J-PAKE is standardised for example in RFC 8236. + * At this point there is a cryptographic guarantee that only the authenticated + * party who used the same password is able to compute the key. But there is no + * guarantee that the peer is the party he claims to be and was able to do so. + * + * That is, the authentication is only implicit (the peer is not authenticated + * at this point, and no action should be taken that assume that they are - like + * for example accessing restricted files). + * + * To make the authentication explicit there are various methods, see Section 5 + * of RFC 8236 for two examples. + * */ #define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000100) From 56a4d7a59fb171f4c16ca4fde54ba04aaf7e8d91 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 May 2021 15:35:11 +0100 Subject: [PATCH 0143/1065] Simplify PAKE input/output format documentation Make input/output format documentation easier to find: - Add direct reference to the steps from the input/output functions - Move the format description directly to the step constants Signed-off-by: Janos Follath --- include/psa/crypto.h | 12 ++++++++++-- include/psa/crypto_values.h | 38 +++++++++++++++++++++++++++---------- 2 files changed, 38 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2fe797a3b9..3df82d91d8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4556,7 +4556,11 @@ psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, * \param[in,out] operation Active PAKE operation. * \param step The step of the algorithm for which the output is * requested. - * \param[out] output Buffer where the output is to be written. + * \param[out] output Buffer where the output is to be written in the + * format appropriate for this \p step. Refer to + * the documentation of the individual + * \c PSA_PAKE_STEP_XXX constants for more + * information. * \param output_size Size of the \p output buffer in bytes. This must * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \c * cipher_suite, \p type). @@ -4603,7 +4607,11 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * * \param[in,out] operation Active PAKE operation. * \param step The step for which the input is provided. - * \param[out] input Buffer containing the input. + * \param[out] input Buffer containing the input in the format + * appropriate for this \p step. Refer to the + * documentation of the individual + * \c PSA_PAKE_STEP_XXX constants for more + * information. * \param[out] input_length Size of the \p input buffer in bytes. * * \retval #PSA_SUCCESS diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 527b9c30d2..ab9bb5b8bd 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2597,29 +2597,47 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** The key share being sent to or received from the peer. * - * Unless the documentation of the PAKE algorithm says otherwise this is a - * group element. + * The format for both input and output at this step is the same as for public + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. * - * For information regarding representation consult the documentation of - * individual ::psa_pake_primitive_type_t constants. + * For more information on the format, consult the documentation of + * psa_export_public_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. */ #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) /** A Schnorr NIZKP public key. * - * This is a group element. + * The format for both input and output at this step is the same as for public + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. * - * For information regarding representation consult the documentation of - * individual ::psa_pake_primitive_type_t constants. + * For more information on the format, consult the documentation of + * psa_export_public_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. */ #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) /** A Schnorr NIZKP proof. * - * This is a scalar value. + * The format for both input and output at this step is the same as for private + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. * - * For information regarding representation consult the documentation of - * individual ::psa_pake_primitive_type_t constants. + * Some public key algorithms mask the private keys and this might be reflected + * in the export format. Even if this is the case the masking is omitted at + * this step. + * + * For more information on the format, consult the documentation of + * psa_export_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. */ #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) From 7c59b7a073fc6430bda38177769eb4e93c82ba0e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 May 2021 15:46:56 +0100 Subject: [PATCH 0144/1065] Improve psa_pake_set_peer()/user() documentation Signed-off-by: Janos Follath --- include/psa/crypto.h | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3df82d91d8..2d4c80df92 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4422,9 +4422,10 @@ psa_status_t psa_pake_set_password_stretch( /** Set the user ID for a password-authenticated key exchange. * - * Some PAKE algorithms associate only a single user identifier with the - * session. Such algorithms must call this function (psa_pake_set_user()) to - * set the identifier for the PAKE context. + * Call this function to set the user ID. For PAKE algorithms that associate a + * user identifier with each side of the session you need to call + * psa_pake_set_peer() as well. For PAKE algorithms that associate a single + * user identifier with the session, call psa_pake_set_user() only. * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) @@ -4461,9 +4462,10 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, /** Set the peer ID for a password-authenticated key exchange. * - * Some PAKE algorithms associate only a single user identifier with the - * session. Such algorithms must call psa_pake_set_user() to set the - * identifier for the PAKE context. + * Call this function in addition to psa_pake_set_user() for PAKE algorithms + * that associate a user identifier with each side of the session. For PAKE + * algorithms that associate a single user identifier with the session, call + * psa_pake_set_user() only. * * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) From 79e1c47a54c0504b42827343df0b61a2e10ef721 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 May 2021 15:53:13 +0100 Subject: [PATCH 0145/1065] PSA PAKE: explain implicit key confirmation Signed-off-by: Janos Follath --- include/psa/crypto.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2d4c80df92..bbdd06d5ae 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4637,6 +4637,14 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, size_t input_length); /** Get implicitly confirmed shared secret from a PAKE. + * + * At this point there is a cryptographic guarantee that only the authenticated + * party who used the same password is able to compute the key. But there is no + * guarantee that the peer is the party he claims to be and was able to do so. + * + * That is, the authentication is only implicit (the peer is not authenticated + * at this point, and no action should be taken that assume that they are - like + * for example accessing restricted files). * * This function can be called after the key exchange phase of the operation * has completed. It imports the shared secret output of the PAKE into the From 537e64305d167449f999cbd434eb5666974731e3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 3 Jun 2021 15:46:33 +0100 Subject: [PATCH 0146/1065] Corrects documentation issues Commit corrects incorrect docs in ecdh.h and config.h. Signed-off-by: Thomas Daubney --- include/mbedtls/config.h | 3 +-- include/mbedtls/ecdh.h | 3 --- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c6882dbb27..79165876b2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -779,8 +779,7 @@ * * \note This option only works with the default software implementation of * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT - * and MBEDTLS_ECDH_LEGACY_CONTEXT. + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. */ //#define MBEDTLS_ECP_RESTARTABLE diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index e5edb46e6b..765ac5e626 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -51,9 +51,6 @@ * will support alternative implementations of ECDH operations. * The new format is incompatible with applications that access * context fields directly and with restartable ECP operations. - * - * This option has no effect if #MBEDTLS_ECDH_C is not enabled. - * */ #if defined(MBEDTLS_ECP_RESTARTABLE) From cce0601485dfe1330635d821e2161131b6ae3509 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Mar 2021 21:58:14 +0100 Subject: [PATCH 0147/1065] mbedtls_ecp_gen_privkey: minor refactoring Prepare to isolate the Montgomery and short Weierstrass implementations of mbedtls_ecp_gen_privkey into their own function. Signed-off-by: Gilles Peskine --- library/ecp.c | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 1ad5b6748e..858dd5ed8d 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3066,36 +3066,39 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, void *p_rng ) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - size_t n_size; + size_t n_bits; + const mbedtls_mpi *N = NULL; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( d != NULL ); ECP_VALIDATE_RET( f_rng != NULL ); - n_size = ( grp->nbits + 7 ) / 8; + N = &grp->N; + n_bits = grp->nbits; #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) { - /* [M225] page 5 */ size_t b; + size_t n_bytes = ( n_bits + 7 ) / 8; + /* [Curve25519] page 5 */ do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); } while( mbedtls_mpi_bitlen( d ) == 0); - /* Make sure the most significant bit is nbits */ + /* Make sure the most significant bit is n_bits */ b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */ - if( b > grp->nbits ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) ); + if( b > n_bits ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - n_bits ) ); else - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, n_bits, 1 ) ); /* Make sure the last two bits are unset for Curve448, three bits for Curve25519 */ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); - if( grp->nbits == 254 ) + if( n_bits == 254 ) { MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); } @@ -3108,18 +3111,20 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, /* SEC1 3.2.1: Generate d such that 1 <= n < N */ int count = 0; unsigned cmp = 0; + size_t n_bytes = ( n_bits + 7 ) / 8; /* - * Match the procedure given in RFC 6979 (deterministic ECDSA): + * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) + * when f_rng is a suitably parametrized instance of HMAC_DRBG: * - use the same byte ordering; - * - keep the leftmost nbits bits of the generated octet string; + * - keep the leftmost n_bits bits of the generated octet string; * - try until result is in the desired range. - * This also avoids any biais, which is especially important for ECDSA. + * This also avoids any bias, which is especially important for ECDSA. */ do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - n_bits ) ); /* * Each try has at worst a probability 1/2 of failing (the msb has @@ -3136,7 +3141,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, goto cleanup; } - ret = mbedtls_mpi_lt_mpi_ct( d, &grp->N, &cmp ); + ret = mbedtls_mpi_lt_mpi_ct( d, N, &cmp ); if( ret != 0 ) { goto cleanup; From 72fcc98d2361330411b8c6ccce346d5cc3c9e962 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Mar 2021 22:31:31 +0100 Subject: [PATCH 0148/1065] mbedtls_ecp_gen_privkey: create subfunctions for each curve type Put the Montgomery and short Weierstrass implementations of mbedtls_ecp_gen_privkey into their own function which can be tested independently, but will not be part of the public ABI/API. Signed-off-by: Gilles Peskine --- library/ecp.c | 171 +++++++++++++++++++++++------------------ library/ecp_invasive.h | 52 +++++++++++++ 2 files changed, 147 insertions(+), 76 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 858dd5ed8d..506f0cbaf3 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3057,6 +3057,97 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } +#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_gen_privkey_mx( size_t n_bits, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + size_t b; + size_t n_bytes = ( n_bits + 7 ) / 8; + + /* [Curve25519] page 5 */ + do { + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); + } while( mbedtls_mpi_bitlen( d ) == 0); + + /* Make sure the most significant bit is n_bits */ + b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */ + if( b > n_bits ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - n_bits ) ); + else + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, n_bits, 1 ) ); + + /* Make sure the last two bits are unset for Curve448, three bits for + Curve25519 */ + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); + if( n_bits == 254 ) + { + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); + } + +cleanup: + return( ret ); +} +#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ + +#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + /* SEC1 3.2.1: Generate d such that 1 <= n < N */ + int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + int count = 0; + unsigned cmp = 0; + size_t n_bytes = ( n_bits + 7 ) / 8; + + /* + * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) + * when f_rng is a suitably parametrized instance of HMAC_DRBG: + * - use the same byte ordering; + * - keep the leftmost n_bits bits of the generated octet string; + * - try until result is in the desired range. + * This also avoids any bias, which is especially important for ECDSA. + */ + do + { + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - n_bits ) ); + + /* + * Each try has at worst a probability 1/2 of failing (the msb has + * a probability 1/2 of being 0, and then the result will be < N), + * so after 30 tries failure probability is a most 2**(-30). + * + * For most curves, 1 try is enough with overwhelming probability, + * since N starts with a lot of 1s in binary, but some curves + * such as secp224k1 are actually very close to the worst case. + */ + if( ++count > 30 ) + { + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; + goto cleanup; + } + + ret = mbedtls_mpi_lt_mpi_ct( d, N, &cmp ); + if( ret != 0 ) + { + goto cleanup; + } + } + while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 ); + +cleanup: + return( ret ); +} +#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ + /* * Generate a private key */ @@ -3065,94 +3156,22 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - size_t n_bits; - const mbedtls_mpi *N = NULL; - ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( d != NULL ); ECP_VALIDATE_RET( f_rng != NULL ); - N = &grp->N; - n_bits = grp->nbits; - #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - size_t b; - size_t n_bytes = ( n_bits + 7 ) / 8; - - /* [Curve25519] page 5 */ - do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); - } while( mbedtls_mpi_bitlen( d ) == 0); - - /* Make sure the most significant bit is n_bits */ - b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */ - if( b > n_bits ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - n_bits ) ); - else - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, n_bits, 1 ) ); - - /* Make sure the last two bits are unset for Curve448, three bits for - Curve25519 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); - if( n_bits == 254 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); - } - } + return( mbedtls_ecp_gen_privkey_mx( grp->nbits, d, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - /* SEC1 3.2.1: Generate d such that 1 <= n < N */ - int count = 0; - unsigned cmp = 0; - size_t n_bytes = ( n_bits + 7 ) / 8; - - /* - * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) - * when f_rng is a suitably parametrized instance of HMAC_DRBG: - * - use the same byte ordering; - * - keep the leftmost n_bits bits of the generated octet string; - * - try until result is in the desired range. - * This also avoids any bias, which is especially important for ECDSA. - */ - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - n_bits ) ); - - /* - * Each try has at worst a probability 1/2 of failing (the msb has - * a probability 1/2 of being 0, and then the result will be < N), - * so after 30 tries failure probability is a most 2**(-30). - * - * For most curves, 1 try is enough with overwhelming probability, - * since N starts with a lot of 1s in binary, but some curves - * such as secp224k1 are actually very close to the worst case. - */ - if( ++count > 30 ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - - ret = mbedtls_mpi_lt_mpi_ct( d, N, &cmp ); - if( ret != 0 ) - { - goto cleanup; - } - } - while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 ); - } + return( mbedtls_ecp_gen_privkey_sw( &grp->N, grp->nbits, d, + f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -cleanup: - return( ret ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } /* diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index b5239676f7..2895b19e1b 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -27,6 +27,7 @@ #define MBEDTLS_ECP_INVASIVE_H #include "common.h" +#include "mbedtls/bignum.h" #include "mbedtls/ecp.h" #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C) @@ -46,6 +47,57 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); #endif +#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) +/** Generate a private key on a Montgomery curve (Curve25519 or Curve448). + * + * This function implements key generation for the set of secret keys + * specified in [Curve25519] p. 5 and in [Curve448]. The resulting value + * has the lower bits masked but is not necessarily canonical. + * + * \note - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf + * - [RFC7748] https://tools.ietf.org/html/rfc7748 + * + * \p n_bits The position of the high-order bit of the key to generate. + * This is the bit-size of the key minus 1: + * 254 for Curve25519 or 447 for Curve448. + * \param d The randomly generated key. This is a number of size + * exactly \p n_bits + 1 bits, with the least significant bits + * masked as specified in [Curve25519] and in [RFC7748] §5. + * \param f_rng The RNG function. + * \param p_rng The RNG context to be passed to \p f_rng. + * + * \return \c 0 on success. + * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. + */ +int mbedtls_ecp_gen_privkey_mx( size_t n_bits, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ + +#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +/** Generate a private key on a short Weierstrass curve. + * + * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) + * when the RNG is a suitably parametrized instance of HMAC_DRBG. + * + * \p N The upper bound of the range. + * \p n_bits The size of \p N in bits. This value must be correct, + * otherwise the result is unpredictable. + * \param d A random number, uniformly generated in the range [1, N-1]. + * \param f_rng The RNG function. + * \param p_rng The RNG context to be passed to \p f_rng. + * + * \return \c 0 on success. + * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. + */ +int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); +#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ + #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_INVASIVE_H */ From 55c46040f6e7b1f0b9bd63f5dbc832a6c96a3451 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 12:34:40 +0100 Subject: [PATCH 0149/1065] mbedtls_ecp_gen_privkey_mx: rename n_bits to high_bit For Montgomery keys, n_bits is actually the position of the highest bit and not the number of bits, which would be 1 more (fence vs posts). Rename the variable accordingly to lessen the confusion. No semantic change. Signed-off-by: Gilles Peskine --- library/ecp.c | 16 ++++++++-------- library/ecp_invasive.h | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 506f0cbaf3..584e0242cb 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3059,32 +3059,32 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) MBEDTLS_STATIC_TESTABLE -int mbedtls_ecp_gen_privkey_mx( size_t n_bits, +int mbedtls_ecp_gen_privkey_mx( size_t high_bit, mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; size_t b; - size_t n_bytes = ( n_bits + 7 ) / 8; + size_t n_bytes = ( high_bit + 7 ) / 8; /* [Curve25519] page 5 */ do { MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); } while( mbedtls_mpi_bitlen( d ) == 0); - /* Make sure the most significant bit is n_bits */ - b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */ - if( b > n_bits ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - n_bits ) ); + /* Make sure the most significant bit is high_bit */ + b = mbedtls_mpi_bitlen( d ) - 1; /* position of the highest bit in d */ + if( b > high_bit ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - high_bit ) ); else - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, n_bits, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); /* Make sure the last two bits are unset for Curve448, three bits for Curve25519 */ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); - if( n_bits == 254 ) + if( high_bit == 254 ) { MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); } diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index 2895b19e1b..eeb4305118 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -57,7 +57,7 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); * \note - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf * - [RFC7748] https://tools.ietf.org/html/rfc7748 * - * \p n_bits The position of the high-order bit of the key to generate. + * \p high_bit The position of the high-order bit of the key to generate. * This is the bit-size of the key minus 1: * 254 for Curve25519 or 447 for Curve448. * \param d The randomly generated key. This is a number of size From 0b1b0abe33d6c9717176e7a8254a2d16ad418d5d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 00:14:53 +0100 Subject: [PATCH 0150/1065] Update references in some test function documentation Signed-off-by: Gilles Peskine --- tests/include/test/random.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/include/test/random.h b/tests/include/test/random.h index 5e7e4e6ef0..22b9b5c9f6 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -67,24 +67,24 @@ int mbedtls_test_rnd_std_rand( void *rng_state, size_t len ); /** - * This function only returns zeros + * This function only returns zeros. * - * rng_state shall be NULL. + * \p rng_state shall be \c NULL. */ int mbedtls_test_rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ); /** - * This function returns random based on a buffer it receives. + * This function returns random data based on a buffer it receives. * - * rng_state shall be a pointer to a rnd_buf_info structure. + * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure. * * The number of bytes released from the buffer on each call to * the random function is specified by per_call. (Can be between * 1 and 4) * - * After the buffer is empty it will return rand(); + * After the buffer is empty it will return mbedtls_test_rnd_std_rand(). */ int mbedtls_test_rnd_buffer_rand( void *rng_state, unsigned char *output, @@ -96,7 +96,7 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state, * Pseudo random is based on the XTEA encryption algorithm to * generate pseudorandom. * - * rng_state shall be a pointer to a rnd_pseudo_info structure. + * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure. */ int mbedtls_test_rnd_pseudo_rand( void *rng_state, unsigned char *output, From ecacc3c9d21b1e0dc264777aa69969fbefc6aa7f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 00:48:57 +0100 Subject: [PATCH 0151/1065] Make the fallback behavior of mbedtls_test_rnd_buffer_rand optional If a fallback is not explicitly configured in the mbedtls_test_rnd_buf_info structure, fail after the buffer is exhausted. There is no intended behavior change in this commit: all existing uses of mbedtls_test_rnd_buffer_rand() have been updated to set mbedtls_test_rnd_std_rand as the fallback. Signed-off-by: Gilles Peskine --- tests/include/test/random.h | 9 +++++++-- tests/src/random.c | 14 ++++++++++++-- tests/suites/test_suite_ecdh.function | 8 ++++++++ tests/suites/test_suite_ecdsa.function | 2 ++ tests/suites/test_suite_pkcs1_v15.function | 4 ++++ tests/suites/test_suite_pkcs1_v21.function | 4 ++++ 6 files changed, 37 insertions(+), 4 deletions(-) diff --git a/tests/include/test/random.h b/tests/include/test/random.h index 22b9b5c9f6..b64a072b3e 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -36,8 +36,11 @@ typedef struct { - unsigned char *buf; + unsigned char *buf; /* Pointer to a buffer of length bytes. */ size_t length; + /* If fallback_f_rng is NULL, fail after delivering length bytes. */ + int ( *fallback_f_rng )( void*, unsigned char *, size_t ); + void *fallback_p_rng; } mbedtls_test_rnd_buf_info; /** @@ -84,7 +87,9 @@ int mbedtls_test_rnd_zero_rand( void *rng_state, * the random function is specified by per_call. (Can be between * 1 and 4) * - * After the buffer is empty it will return mbedtls_test_rnd_std_rand(). + * After the buffer is empty, this function will call the fallback RNG in the + * #mbedtls_test_rnd_buf_info structure if there is one, and + * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise. */ int mbedtls_test_rnd_buffer_rand( void *rng_state, unsigned char *output, diff --git a/tests/src/random.c b/tests/src/random.c index e01bd4d2dd..7f3f40166c 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -35,6 +35,8 @@ #include #include +#include + int mbedtls_test_rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) @@ -91,8 +93,16 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state, } if( len - use_len > 0 ) - return( mbedtls_test_rnd_std_rand( NULL, output + use_len, - len - use_len ) ); + { + if( info->fallback_f_rng != NULL ) + { + return( info->fallback_f_rng( info->fallback_p_rng, + output + use_len, + len - use_len ) ); + } + else + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + } return( 0 ); } diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 3ab96fa111..da0531b455 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -240,6 +240,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_A.buf = rnd_buf_A->x; rnd_info_A.length = rnd_buf_A->len; + rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand; + rnd_info_A.fallback_p_rng = NULL; /* Fix rnd_buf_A->x by shifting it left if necessary */ if( grp.nbits % 8 != 0 ) @@ -256,6 +258,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_B.buf = rnd_buf_B->x; rnd_info_B.length = rnd_buf_B->len; + rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand; + rnd_info_B.fallback_p_rng = NULL; /* Fix rnd_buf_B->x by shifting it left if necessary */ if( grp.nbits % 8 != 0 ) @@ -362,9 +366,13 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, mbedtls_ecdh_init( &srv ); mbedtls_ecdh_init( &cli ); + rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand; + rnd_info_A.fallback_p_rng = NULL; rnd_info_A.buf = dA->x; rnd_info_A.length = dA->len; + rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand; + rnd_info_B.fallback_p_rng = NULL; rnd_info_B.buf = dB->x; rnd_info_B.length = dB->len; diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 58cedc13c4..2cb892591b 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -292,6 +292,8 @@ void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str, TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); + rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand; + rnd_info.fallback_p_rng = NULL; rnd_info.buf = rnd_buf->x; rnd_info.length = rnd_buf->len; diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d1c0fc1292..a7fb2a5ff8 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -19,6 +19,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, mbedtls_test_rnd_buf_info info; mbedtls_mpi N, E; + info.fallback_f_rng = mbedtls_test_rnd_std_rand; + info.fallback_p_rng = NULL; info.buf = rnd_buf->x; info.length = rnd_buf->len; @@ -268,6 +270,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_buf_info info; + info.fallback_f_rng = mbedtls_test_rnd_std_rand; + info.fallback_p_rng = NULL; info.buf = rnd_buf->x; info.length = rnd_buf->len; diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 8f22f20943..f7e1e24ac7 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -18,6 +18,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, mbedtls_test_rnd_buf_info info; mbedtls_mpi N, E; + info.fallback_f_rng = mbedtls_test_rnd_std_rand; + info.fallback_p_rng = NULL; info.buf = rnd_buf->x; info.length = rnd_buf->len; @@ -122,6 +124,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, mbedtls_test_rnd_buf_info info; mbedtls_mpi N, P, Q, E; + info.fallback_f_rng = mbedtls_test_rnd_std_rand; + info.fallback_p_rng = NULL; info.buf = rnd_buf->x; info.length = rnd_buf->len; From 6ff8a01a57f27f1795aa36e23fc0c24a11b70450 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 12:01:02 +0100 Subject: [PATCH 0152/1065] Add unit tests for mbedtls_ecp_gen_privkey_mx Test the exact output from known RNG input. This is overly constraining, but ensures that the code has good properties. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.data | 42 ++++++++++++++++++++++++ tests/suites/test_suite_ecp.function | 49 ++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 106791cb88..f66522a62c 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -276,6 +276,48 @@ ECP gen keypair wrapper depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1 +ECP generate Montgomery key: Curve25519, random in range +genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" + +ECP generate Montgomery key: Curve25519, set high bit +genkey_mx_known_answer:254:"0f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" + +ECP generate Montgomery key: Curve25519, clear higher bit +## If the bit 255 is set, the library shifts the random number right. +genkey_mx_known_answer:254:"ff0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"7f808101820283038404850586068707880889098a0a8b0b8c0c8d0d8e0e8f78" + +ECP generate Montgomery key: Curve25519, clear low bits +genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1eff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" + +# ECP generate Montgomery key: Curve25519, random = all-bits-zero +## Currently explicitly rejected in the library, but the specification +## says it shouldn't be. +# genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000" + +ECP generate Montgomery key: Curve25519, random = all-bits-one +genkey_mx_known_answer:254:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8" + +ECP generate Montgomery key: Curve25519, not enough entropy +genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" + +ECP generate Montgomery key: Curve448, random in range +genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc" + +ECP generate Montgomery key: Curve448, set high bit +genkey_mx_known_answer:447:"0f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"8f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc" + +ECP generate Montgomery key: Curve448, clear low bits +genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536ff":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc" + +# ECP generate Montgomery key: Curve448, random = all-bits-zero +# genkey_mx_known_answer:447:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + +ECP generate Montgomery key: Curve448, random = all-bits-one +genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc" + +ECP generate Montgomery key: Curve448, not enough entropy +genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":"" + ECP read key #1 (short weierstrass, too small) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 6d23377f36..1492b9531c 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1237,6 +1237,55 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */ +void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected ) +{ + mbedtls_test_rnd_buf_info rnd_info; + mbedtls_mpi d; + int ret; + uint8_t *actual = NULL; + + mbedtls_mpi_init( &d ); + rnd_info.buf = seed->x; + rnd_info.length = seed->len; + rnd_info.fallback_f_rng = NULL; + rnd_info.fallback_p_rng = NULL; + + ASSERT_ALLOC( actual, expected->len ); + + ret = mbedtls_ecp_gen_privkey_mx( bits, &d, + mbedtls_test_rnd_buffer_rand, &rnd_info ); + + if( expected->len == 0 ) + { + /* Expecting an error (happens if there isn't enough randomness) */ + TEST_ASSERT( ret != 0 ); + } + else + { + TEST_EQUAL( ret, 0 ); + TEST_EQUAL( (size_t) bits + 1, mbedtls_mpi_bitlen( &d ) ); + TEST_EQUAL( 0, mbedtls_mpi_write_binary( &d, actual, expected->len ) ); + /* Test the exact result. This assumes that the output of the + * RNG is used in a specific way, which is overly constraining. + * The advantage is that it's easier to test the expected properties + * of the generated key: + * - The most significant bit must be at a specific positions + * (can be enforced by checking the bit-length). + * - The least significant bits must have specific values + * (can be enforced by checking these bits). + * - Other bits must be random (by testing with different RNG outputs, + * we validate that those bits are indeed influenced by the RNG). */ + ASSERT_COMPARE( expected->x, expected->len, + actual, expected->len ); + } + +exit: + mbedtls_free( actual ); + mbedtls_mpi_free( &d ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ecp_selftest( ) { From 96449ceebeb3024123ff41bc88a6f275bb602eac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 12:04:43 +0100 Subject: [PATCH 0153/1065] mbedtls_ecp_gen_privkey_mx: remove the exception for all-zero The library rejected an RNG input of all-bits-zero, which led to the key 2^{254} (for Curve25519) having a 31/32 chance of being generated compared to other keys. This had no practical impact because the probability of non-compliance was 2^{-256}, but needlessly complicated the code. The exception was added in 98e28a74e33f32bcb855e16f8d5d2016b2102129 to avoid the case where b - 1 wraps because b is 0. Instead, change the comparison code to avoid calculating b - 1. Signed-off-by: Gilles Peskine --- library/ecp.c | 10 ++++------ tests/suites/test_suite_ecp.data | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 584e0242cb..1592e87de2 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3069,14 +3069,12 @@ int mbedtls_ecp_gen_privkey_mx( size_t high_bit, size_t n_bytes = ( high_bit + 7 ) / 8; /* [Curve25519] page 5 */ - do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); - } while( mbedtls_mpi_bitlen( d ) == 0); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); /* Make sure the most significant bit is high_bit */ - b = mbedtls_mpi_bitlen( d ) - 1; /* position of the highest bit in d */ - if( b > high_bit ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - high_bit ) ); + b = mbedtls_mpi_bitlen( d ); /* mbedtls_mpi_bitlen is one-based */ + if( b > high_bit + 1 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - 1 - high_bit ) ); else MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index f66522a62c..21a71922ef 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -289,10 +289,8 @@ genkey_mx_known_answer:254:"ff0102030405060708090a0b0c0d0e0f10111213141516171819 ECP generate Montgomery key: Curve25519, clear low bits genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1eff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" -# ECP generate Montgomery key: Curve25519, random = all-bits-zero -## Currently explicitly rejected in the library, but the specification -## says it shouldn't be. -# genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000" +ECP generate Montgomery key: Curve25519, random = all-bits-zero +genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000" ECP generate Montgomery key: Curve25519, random = all-bits-one genkey_mx_known_answer:254:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8" @@ -309,8 +307,8 @@ genkey_mx_known_answer:447:"0f0102030405060708090a0b0c0d0e0f10111213141516171819 ECP generate Montgomery key: Curve448, clear low bits genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536ff":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc" -# ECP generate Montgomery key: Curve448, random = all-bits-zero -# genkey_mx_known_answer:447:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" +ECP generate Montgomery key: Curve448, random = all-bits-zero +genkey_mx_known_answer:447:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" ECP generate Montgomery key: Curve448, random = all-bits-one genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc" From 67986d06135c2edcb911123461ee84b2ee639347 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 12:25:59 +0100 Subject: [PATCH 0154/1065] mbedtls_ecp_gen_privkey_mx: make bit manipulations unconditional Don't calculate the bit-size of the initially generated random number. This is not necessary to reach the desired distribution of private keys, and creates a (tiny) side channel opportunity. This changes the way the result is derived from the random number, but does not affect the resulting distribution. Signed-off-by: Gilles Peskine --- library/ecp.c | 10 +++------- tests/suites/test_suite_ecp.data | 8 ++------ 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 1592e87de2..81ba933061 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3065,18 +3065,14 @@ int mbedtls_ecp_gen_privkey_mx( size_t high_bit, void *p_rng ) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - size_t b; size_t n_bytes = ( high_bit + 7 ) / 8; /* [Curve25519] page 5 */ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); - /* Make sure the most significant bit is high_bit */ - b = mbedtls_mpi_bitlen( d ); /* mbedtls_mpi_bitlen is one-based */ - if( b > high_bit + 1 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - 1 - high_bit ) ); - else - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); + /* Make sure the most significant bit is exactly at high_bit */ + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - high_bit - 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); /* Make sure the last two bits are unset for Curve448, three bits for Curve25519 */ diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 21a71922ef..5f92ca459e 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -277,17 +277,13 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1 ECP generate Montgomery key: Curve25519, random in range -genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" - -ECP generate Montgomery key: Curve25519, set high bit -genkey_mx_known_answer:254:"0f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" +genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3df0":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" ECP generate Montgomery key: Curve25519, clear higher bit -## If the bit 255 is set, the library shifts the random number right. genkey_mx_known_answer:254:"ff0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"7f808101820283038404850586068707880889098a0a8b0b8c0c8d0d8e0e8f78" ECP generate Montgomery key: Curve25519, clear low bits -genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1eff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" +genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3dff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8" ECP generate Montgomery key: Curve25519, random = all-bits-zero genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000" From 61f1f5febf119f8661ec21acfbe70f2279c484f1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Mar 2021 12:46:46 +0100 Subject: [PATCH 0155/1065] mbedtls_ecp_gen_privkey_mx: simplify the size calculation logic mbedtls_ecp_gen_privkey_mx generates a random number with a certain top bit set. Depending on the size, it would either generate a number with that top bit being random, then forcibly set the top bit to 1 (when high_bit is not a multiple of 8); or generate a number with that top bit being 0, then set the top bit to 1 (when high_bit is a multiple of 8). Change it to always generate the top bit randomly first. This doesn't make any difference in practice: the probability distribution is the same either way, and no supported or plausible curve has a size of the form 8n+1 anyway. But it slightly simplifies reasoning about the behavior of this function. Signed-off-by: Gilles Peskine --- library/ecp.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 81ba933061..cb7c2ae1cc 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3065,13 +3065,16 @@ int mbedtls_ecp_gen_privkey_mx( size_t high_bit, void *p_rng ) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - size_t n_bytes = ( high_bit + 7 ) / 8; + size_t n_random_bytes = high_bit / 8 + 1; /* [Curve25519] page 5 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); + /* Generate a (high_bit+1)-bit random number by generating just enough + * random bytes, then shifting out extra bits from the top (necessary + * when (high_bit+1) is not a multiple of 8). */ + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_random_bytes, + f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_random_bytes - high_bit - 1 ) ); - /* Make sure the most significant bit is exactly at high_bit */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - high_bit - 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); /* Make sure the last two bits are unset for Curve448, three bits for From 7888073147d69ea70febf51bae55b06c181fd977 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 21:32:16 +0200 Subject: [PATCH 0156/1065] mbedtls_ecp_gen_privkey_sw: range and coverage tests Add unit tests for private key generation on short Weierstrass curves. These tests validate that the result is within the desired range. Additionally, they validate that after performing many iterations, the range is covered to an acceptable extent: for tiny ranges, all values must be reached; for larger ranges, all value bits must reach both 0 and 1. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.data | 90 +++++++++++++++++ tests/suites/test_suite_ecp.function | 145 +++++++++++++++++++++++++++ 2 files changed, 235 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 5f92ca459e..0c344561b0 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -312,6 +312,96 @@ genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffff ECP generate Montgomery key: Curve448, not enough entropy genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":"" +ECP generate in range: 4 +genkey_sw_many:"04":1000 + +ECP generate in range: 5 +genkey_sw_many:"05":1000 + +ECP generate in range: 6 +genkey_sw_many:"06":1000 + +ECP generate in range: 7 +genkey_sw_many:"07":1000 + +ECP generate in range: 8 +genkey_sw_many:"08":1000 + +ECP generate in range: 9 +genkey_sw_many:"09":1000 + +ECP generate in range: 10 +genkey_sw_many:"0a":1000 + +ECP generate in range: 11 +genkey_sw_many:"0b":1000 + +ECP generate in range: 12 +genkey_sw_many:"0c":1000 + +ECP generate in range: 255 +genkey_sw_many:"ff":100 + +ECP generate in range: 256 +genkey_sw_many:"0100":100 + +ECP generate in range: 257 +genkey_sw_many:"0101":100 + +ECP generate in range: 272 +genkey_sw_many:"0110":100 + +ECP generate in range: 2^64-1 +genkey_sw_many:"ffffffffffffffff":100 + +ECP generate in range: 2^64 +genkey_sw_many:"010000000000000000":100 + +ECP generate in range: 2^64+1 +genkey_sw_many:"010000000000000001":100 + +ECP generate in range: 2^64+2^63 +genkey_sw_many:"018000000000000000":100 + +ECP generate in range: 2^65-1 +genkey_sw_many:"01ffffffffffffffff":100 + +ECP generate in range: 2^65 +genkey_sw_many:"020000000000000000":100 + +ECP generate in range: 2^65+1 +genkey_sw_many:"020000000000000001":100 + +ECP generate in range: 2^65+2^64 +genkey_sw_many:"030000000000000000":100 + +ECP generate in range: 2^66+2^65 +genkey_sw_many:"060000000000000000":100 + +ECP generate in range: 2^71-1 +genkey_sw_many:"7fffffffffffffffff":100 + +ECP generate in range: 2^71 +genkey_sw_many:"800000000000000000":100 + +ECP generate in range: 2^71+1 +genkey_sw_many:"800000000000000001":100 + +ECP generate in range: 2^71+2^63 +genkey_sw_many:"c00000000000000000":100 + +ECP generate in range: 2^72-1 +genkey_sw_many:"ffffffffffffffffff":100 + +ECP generate in range: 2^72 +genkey_sw_many:"01000000000000000000":100 + +ECP generate in range: 2^72+1 +genkey_sw_many:"01000000000000000001":100 + +ECP generate in range: 2^72+2^63 +genkey_sw_many:"01800000000000000000":100 + ECP read key #1 (short weierstrass, too small) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 1492b9531c..1049c96a19 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -15,6 +15,43 @@ #define ECP_PT_RESET( x ) \ mbedtls_ecp_point_free( x ); \ mbedtls_ecp_point_init( x ); + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +/* Test whether bytes represents (in big-endian base 256) a number B that + * is "significantly" above a power of 2, which is defined as follows. + * Let n be the integer such that 2^n <= B < 2^{n+1}. B is significantly + * above a power of 2 if (B - 2^n) / 2^n is not negligible. "Negligible" + * is defined as having a negligible chance that if you draw an integer + * in the range [1, B-1] K times, the number will always be less than 2^n, + * where K is the iteration count passed to genkey_sw_many. + */ +static int is_significantly_above_a_power_of_2( data_t *bytes ) +{ + const uint8_t *p = bytes->x; + size_t len = bytes->len; + unsigned x; + while( len > 0 && p[0] == 0 ) + { + ++p; + --len; + } + if( len == 0 ) + return( 0 ); + else if( len == 1 ) + x = p[0]; + else + x = ( p[0] << 8 ) | p[1]; + + if( x <= 4 ) + return( 0 ); + + while( ( x & 0x8000 ) == 0 ) + x <<= 1; + x &= 0x7fff; + return( x >= 0x1000 ); +} +#endif + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1286,6 +1323,114 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +void genkey_sw_many( data_t *bound_bytes, int iterations ) +{ + /* Generate numbers in the range 1..bound-1. Do it iterations times. + * This function assumes that the value of bound is at least 2 and + * that iterations is large enough that a one-in-2^iterations chance + * effectively never occurs. + */ + + mbedtls_mpi bound; + size_t n_bits; + mbedtls_mpi result; + size_t b; + /* If bound is small, stats[b] is the number of times the value b + * has been generated. Otherwise stats[b] is the number of times a + * value with bit b set has been generated. */ + size_t *stats = NULL; + size_t stats_len; + int full_stats; + size_t i; + + mbedtls_mpi_init( &bound ); + mbedtls_mpi_init( &result ); + + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &bound, + bound_bytes->x, bound_bytes->len ) ); + n_bits = mbedtls_mpi_bitlen( &bound ); + /* Consider a bound "small" if it's less than 2^5. This value is chosen + * to be small enough that the probability of missing one value is + * negligible given the number of iterations. It must be less than + * 256 because some of the code below assumes that "small" values + * fit in a byte. */ + if( n_bits <= 5 ) + { + full_stats = 1; + stats_len = bound_bytes->x[bound_bytes->len - 1]; + } + else + { + full_stats = 0; + stats_len = n_bits; + } + ASSERT_ALLOC( stats, stats_len ); + + for( i = 0; i < (size_t) iterations; i++ ) + { + mbedtls_test_set_step( i ); + TEST_EQUAL( 0, mbedtls_ecp_gen_privkey_sw( + &bound, n_bits, &result, + mbedtls_test_rnd_std_rand, NULL ) ); + + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &bound ) < 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &result, 1 ) >= 0 ); + if( full_stats ) + { + uint8_t value; + TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) ); + TEST_ASSERT( value < stats_len ); + ++stats[value]; + } + else + { + for( b = 0; b < n_bits; b++ ) + stats[b] += mbedtls_mpi_get_bit( &result, b ); + } + } + + if( full_stats ) + { + for( b = 1; b < stats_len; b++ ) + { + mbedtls_test_set_step( 1000000 + b ); + /* Assert that each value has been reached at least once. + * This is almost guaranteed if the iteration count is large + * enough. This is a very crude way of checking the distribution. + */ + TEST_ASSERT( stats[b] > 0 ); + } + } + else + { + for( b = 0; b < n_bits; b++ ) + { + mbedtls_test_set_step( 1000000 + b ); + /* Assert that each bit has been set in at least one result and + * clear in at least one result. Provided that iterations is not + * too small, it would be extremely unlikely for this not to be + * the case if the results are uniformly distributed. + * + * As an exception, the top bit may legitimately never be set + * if bound is a power of 2 or only slightly above. + */ + if( b != n_bits - 1 || + is_significantly_above_a_power_of_2( bound_bytes ) ) + { + TEST_ASSERT( stats[b] > 0 ); + } + TEST_ASSERT( stats[b] < (size_t) iterations ); + } + } + +exit: + mbedtls_mpi_free( &bound ); + mbedtls_mpi_free( &result ); + mbedtls_free( stats ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ecp_selftest( ) { From 8cfffb30b3343d8d31c225e9382ea8d72a10df8c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 21:53:58 +0200 Subject: [PATCH 0157/1065] mbedtls_ecp_gen_privkey_sw: generalize to mbedtls_mpi_random Rename mbedtls_ecp_gen_privkey_sw to mbedtls_mpi_random since it has no particular connection to elliptic curves beyond the fact that its operation is defined by the deterministic ECDSA specification. This is a generic function that generates a random MPI between 1 inclusive and N exclusive. Slightly generalize the function to accept a different lower bound, which adds a negligible amount of complexity. Signed-off-by: Gilles Peskine --- library/ecp.c | 27 +++--- library/ecp_invasive.h | 39 +++++--- tests/suites/test_suite_ecp.data | 129 ++++++++++++++------------- tests/suites/test_suite_ecp.function | 23 +++-- 4 files changed, 119 insertions(+), 99 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index cb7c2ae1cc..98ada82837 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3093,15 +3093,17 @@ cleanup: #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) MBEDTLS_STATIC_TESTABLE -int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_random( mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { - /* SEC1 3.2.1: Generate d such that 1 <= n < N */ - int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + /* SEC1 3.2.1: Generate X such that 1 <= n < N */ + int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int count = 0; unsigned cmp = 0; + size_t n_bits = mbedtls_mpi_bitlen( N ); size_t n_bytes = ( n_bits + 7 ) / 8; /* @@ -3114,8 +3116,8 @@ int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, */ do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_bytes, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_bytes - n_bits ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n_bytes, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); /* * Each try has at worst a probability 1/2 of failing (the msb has @@ -3128,17 +3130,17 @@ int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, */ if( ++count > 30 ) { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; + ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - ret = mbedtls_mpi_lt_mpi_ct( d, N, &cmp ); + ret = mbedtls_mpi_lt_mpi_ct( X, N, &cmp ); if( ret != 0 ) { goto cleanup; } } - while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 ); + while( mbedtls_mpi_cmp_int( X, min ) < 0 || cmp != 1 ); cleanup: return( ret ); @@ -3164,8 +3166,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( mbedtls_ecp_gen_privkey_sw( &grp->N, grp->nbits, d, - f_rng, p_rng ) ); + return( mbedtls_mpi_random( d, 1, &grp->N, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index eeb4305118..1ca65fd78e 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -77,25 +77,36 @@ int mbedtls_ecp_gen_privkey_mx( size_t n_bits, #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) -/** Generate a private key on a short Weierstrass curve. +/** Generate a random number uniformly in a range. + * + * This function generates a random number between \p min inclusive and + * \p N exclusive. * * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) - * when the RNG is a suitably parametrized instance of HMAC_DRBG. + * when the RNG is a suitably parametrized instance of HMAC_DRBG + * and \p min is \c 1. * - * \p N The upper bound of the range. - * \p n_bits The size of \p N in bits. This value must be correct, - * otherwise the result is unpredictable. - * \param d A random number, uniformly generated in the range [1, N-1]. - * \param f_rng The RNG function. - * \param p_rng The RNG context to be passed to \p f_rng. + * \note There are `N - min` possible outputs. The lower bound + * \p min can be reached, but the upper bound \p N cannot. * - * \return \c 0 on success. - * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. + * \param X The destination MPI. This must point to an initialized MPI. + * \param min The minimum value to return. + * It must be nonnegative. + * \param N The upper bound of the range, exclusive. + * In other words, this is one plus the maximum value to return. + * \p N must be strictly larger than \p min. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on failure. */ -int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, size_t n_bits, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_random( mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */ diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 0c344561b0..c007cad389 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -312,95 +312,104 @@ genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffff ECP generate Montgomery key: Curve448, not enough entropy genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":"" -ECP generate in range: 4 -genkey_sw_many:"04":1000 +MPI random in range: 1..4 +mpi_random_many:1:"04":1000 -ECP generate in range: 5 -genkey_sw_many:"05":1000 +MPI random in range: 1..5 +mpi_random_many:1:"05":1000 -ECP generate in range: 6 -genkey_sw_many:"06":1000 +MPI random in range: 1..6 +mpi_random_many:1:"06":1000 -ECP generate in range: 7 -genkey_sw_many:"07":1000 +MPI random in range: 1..7 +mpi_random_many:1:"07":1000 -ECP generate in range: 8 -genkey_sw_many:"08":1000 +MPI random in range: 1..8 +mpi_random_many:1:"08":1000 -ECP generate in range: 9 -genkey_sw_many:"09":1000 +MPI random in range: 1..9 +mpi_random_many:1:"09":1000 -ECP generate in range: 10 -genkey_sw_many:"0a":1000 +MPI random in range: 1..10 +mpi_random_many:1:"0a":1000 -ECP generate in range: 11 -genkey_sw_many:"0b":1000 +MPI random in range: 1..11 +mpi_random_many:1:"0b":1000 -ECP generate in range: 12 -genkey_sw_many:"0c":1000 +MPI random in range: 1..12 +mpi_random_many:1:"0c":1000 -ECP generate in range: 255 -genkey_sw_many:"ff":100 +MPI random in range: 1..255 +mpi_random_many:1:"ff":100 -ECP generate in range: 256 -genkey_sw_many:"0100":100 +MPI random in range: 1..256 +mpi_random_many:1:"0100":100 -ECP generate in range: 257 -genkey_sw_many:"0101":100 +MPI random in range: 1..257 +mpi_random_many:1:"0101":100 -ECP generate in range: 272 -genkey_sw_many:"0110":100 +MPI random in range: 1..272 +mpi_random_many:1:"0110":100 -ECP generate in range: 2^64-1 -genkey_sw_many:"ffffffffffffffff":100 +MPI random in range: 1..2^64-1 +mpi_random_many:1:"ffffffffffffffff":100 -ECP generate in range: 2^64 -genkey_sw_many:"010000000000000000":100 +MPI random in range: 1..2^64 +mpi_random_many:1:"010000000000000000":100 -ECP generate in range: 2^64+1 -genkey_sw_many:"010000000000000001":100 +MPI random in range: 1..2^64+1 +mpi_random_many:1:"010000000000000001":100 -ECP generate in range: 2^64+2^63 -genkey_sw_many:"018000000000000000":100 +MPI random in range: 1..2^64+2^63 +mpi_random_many:1:"018000000000000000":100 -ECP generate in range: 2^65-1 -genkey_sw_many:"01ffffffffffffffff":100 +MPI random in range: 1..2^65-1 +mpi_random_many:1:"01ffffffffffffffff":100 -ECP generate in range: 2^65 -genkey_sw_many:"020000000000000000":100 +MPI random in range: 1..2^65 +mpi_random_many:1:"020000000000000000":100 -ECP generate in range: 2^65+1 -genkey_sw_many:"020000000000000001":100 +MPI random in range: 1..2^65+1 +mpi_random_many:1:"020000000000000001":100 -ECP generate in range: 2^65+2^64 -genkey_sw_many:"030000000000000000":100 +MPI random in range: 1..2^65+2^64 +mpi_random_many:1:"030000000000000000":100 -ECP generate in range: 2^66+2^65 -genkey_sw_many:"060000000000000000":100 +MPI random in range: 1..2^66+2^65 +mpi_random_many:1:"060000000000000000":100 -ECP generate in range: 2^71-1 -genkey_sw_many:"7fffffffffffffffff":100 +MPI random in range: 1..2^71-1 +mpi_random_many:1:"7fffffffffffffffff":100 -ECP generate in range: 2^71 -genkey_sw_many:"800000000000000000":100 +MPI random in range: 1..2^71 +mpi_random_many:1:"800000000000000000":100 -ECP generate in range: 2^71+1 -genkey_sw_many:"800000000000000001":100 +MPI random in range: 1..2^71+1 +mpi_random_many:1:"800000000000000001":100 -ECP generate in range: 2^71+2^63 -genkey_sw_many:"c00000000000000000":100 +MPI random in range: 1..2^71+2^63 +mpi_random_many:1:"c00000000000000000":100 -ECP generate in range: 2^72-1 -genkey_sw_many:"ffffffffffffffffff":100 +MPI random in range: 1..2^72-1 +mpi_random_many:1:"ffffffffffffffffff":100 -ECP generate in range: 2^72 -genkey_sw_many:"01000000000000000000":100 +MPI random in range: 1..2^72 +mpi_random_many:1:"01000000000000000000":100 -ECP generate in range: 2^72+1 -genkey_sw_many:"01000000000000000001":100 +MPI random in range: 1..2^72+1 +mpi_random_many:1:"01000000000000000001":100 -ECP generate in range: 2^72+2^63 -genkey_sw_many:"01800000000000000000":100 +MPI random in range: 1..2^72+2^63 +mpi_random_many:1:"01800000000000000000":100 + +MPI random in range: 0..4 +mpi_random_many:0:"04":1000 + +MPI random in range: 2..4 +mpi_random_many:1:"04":1000 + +MPI random in range: 3..4 +mpi_random_many:1:"04":1000 ECP read key #1 (short weierstrass, too small) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 1049c96a19..fadc3001c1 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1324,7 +1324,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -void genkey_sw_many( data_t *bound_bytes, int iterations ) +void mpi_random_many( int min, data_t *bound_bytes, int iterations ) { /* Generate numbers in the range 1..bound-1. Do it iterations times. * This function assumes that the value of bound is at least 2 and @@ -1332,11 +1332,11 @@ void genkey_sw_many( data_t *bound_bytes, int iterations ) * effectively never occurs. */ - mbedtls_mpi bound; + mbedtls_mpi upper_bound; size_t n_bits; mbedtls_mpi result; size_t b; - /* If bound is small, stats[b] is the number of times the value b + /* If upper_bound is small, stats[b] is the number of times the value b * has been generated. Otherwise stats[b] is the number of times a * value with bit b set has been generated. */ size_t *stats = NULL; @@ -1344,12 +1344,12 @@ void genkey_sw_many( data_t *bound_bytes, int iterations ) int full_stats; size_t i; - mbedtls_mpi_init( &bound ); + mbedtls_mpi_init( &upper_bound ); mbedtls_mpi_init( &result ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &bound, + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, bound_bytes->x, bound_bytes->len ) ); - n_bits = mbedtls_mpi_bitlen( &bound ); + n_bits = mbedtls_mpi_bitlen( &upper_bound ); /* Consider a bound "small" if it's less than 2^5. This value is chosen * to be small enough that the probability of missing one value is * negligible given the number of iterations. It must be less than @@ -1370,12 +1370,11 @@ void genkey_sw_many( data_t *bound_bytes, int iterations ) for( i = 0; i < (size_t) iterations; i++ ) { mbedtls_test_set_step( i ); - TEST_EQUAL( 0, mbedtls_ecp_gen_privkey_sw( - &bound, n_bits, &result, - mbedtls_test_rnd_std_rand, NULL ) ); + TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, 1 ) >= 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); if( full_stats ) { uint8_t value; @@ -1425,7 +1424,7 @@ void genkey_sw_many( data_t *bound_bytes, int iterations ) } exit: - mbedtls_mpi_free( &bound ); + mbedtls_mpi_free( &upper_bound ); mbedtls_mpi_free( &result ); mbedtls_free( stats ); } From 02ac93a1a3bd7fe4de82866b3da2df68b9d0c622 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 22:02:55 +0200 Subject: [PATCH 0158/1065] Move mbedtls_mpi_random to the bignum module Since mbedtls_mpi_random() is not specific to ECC code, move it from the ECP module to the bignum module. This increases the code size in builds without short Weierstrass curves (including builds without ECC at all) that do not optimize out unused functions. Signed-off-by: Gilles Peskine --- include/mbedtls/bignum.h | 31 ++++++ library/bignum.c | 53 ++++++++++ library/ecp.c | 56 ----------- library/ecp_invasive.h | 33 ------- tests/suites/test_suite_ecp.data | 99 ------------------- tests/suites/test_suite_ecp.function | 143 --------------------------- tests/suites/test_suite_mpi.data | 99 +++++++++++++++++++ tests/suites/test_suite_mpi.function | 141 ++++++++++++++++++++++++++ 8 files changed, 324 insertions(+), 331 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 073b4a40c9..e938232ad8 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -871,6 +871,37 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** Generate a random number uniformly in a range. + * + * This function generates a random number between \p min inclusive and + * \p N exclusive. + * + * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) + * when the RNG is a suitably parametrized instance of HMAC_DRBG + * and \p min is \c 1. + * + * \note There are `N - min` possible outputs. The lower bound + * \p min can be reached, but the upper bound \p N cannot. + * + * \param X The destination MPI. This must point to an initialized MPI. + * \param min The minimum value to return. + * It must be nonnegative. + * \param N The upper bound of the range, exclusive. + * In other words, this is one plus the maximum value to return. + * \p N must be strictly larger than \p min. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on failure. + */ +int mbedtls_mpi_random( mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + /** * \brief Compute the greatest common divisor: G = gcd(A, B) * diff --git a/library/bignum.c b/library/bignum.c index c20c6b77b2..aa4b1ce2d2 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2432,6 +2432,59 @@ cleanup: return( ret ); } +int mbedtls_mpi_random( mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + /* SEC1 3.2.1: Generate X such that 1 <= n < N */ + int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + int count = 0; + unsigned cmp = 0; + size_t n_bits = mbedtls_mpi_bitlen( N ); + size_t n_bytes = ( n_bits + 7 ) / 8; + + /* + * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) + * when f_rng is a suitably parametrized instance of HMAC_DRBG: + * - use the same byte ordering; + * - keep the leftmost n_bits bits of the generated octet string; + * - try until result is in the desired range. + * This also avoids any bias, which is especially important for ECDSA. + */ + do + { + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n_bytes, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); + + /* + * Each try has at worst a probability 1/2 of failing (the msb has + * a probability 1/2 of being 0, and then the result will be < N), + * so after 30 tries failure probability is a most 2**(-30). + * + * For most curves, 1 try is enough with overwhelming probability, + * since N starts with a lot of 1s in binary, but some curves + * such as secp224k1 are actually very close to the worst case. + */ + if( ++count > 30 ) + { + ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + goto cleanup; + } + + ret = mbedtls_mpi_lt_mpi_ct( X, N, &cmp ); + if( ret != 0 ) + { + goto cleanup; + } + } + while( mbedtls_mpi_cmp_int( X, min ) < 0 || cmp != 1 ); + +cleanup: + return( ret ); +} + /* * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) */ diff --git a/library/ecp.c b/library/ecp.c index 98ada82837..3e5cebc298 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3091,62 +3091,6 @@ cleanup: } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ -#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) -MBEDTLS_STATIC_TESTABLE -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - /* SEC1 3.2.1: Generate X such that 1 <= n < N */ - int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - int count = 0; - unsigned cmp = 0; - size_t n_bits = mbedtls_mpi_bitlen( N ); - size_t n_bytes = ( n_bits + 7 ) / 8; - - /* - * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) - * when f_rng is a suitably parametrized instance of HMAC_DRBG: - * - use the same byte ordering; - * - keep the leftmost n_bits bits of the generated octet string; - * - try until result is in the desired range. - * This also avoids any bias, which is especially important for ECDSA. - */ - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n_bytes, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); - - /* - * Each try has at worst a probability 1/2 of failing (the msb has - * a probability 1/2 of being 0, and then the result will be < N), - * so after 30 tries failure probability is a most 2**(-30). - * - * For most curves, 1 try is enough with overwhelming probability, - * since N starts with a lot of 1s in binary, but some curves - * such as secp224k1 are actually very close to the worst case. - */ - if( ++count > 30 ) - { - ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; - goto cleanup; - } - - ret = mbedtls_mpi_lt_mpi_ct( X, N, &cmp ); - if( ret != 0 ) - { - goto cleanup; - } - } - while( mbedtls_mpi_cmp_int( X, min ) < 0 || cmp != 1 ); - -cleanup: - return( ret ); -} -#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - /* * Generate a private key */ diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index 1ca65fd78e..71c7702758 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -76,39 +76,6 @@ int mbedtls_ecp_gen_privkey_mx( size_t n_bits, #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ -#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) -/** Generate a random number uniformly in a range. - * - * This function generates a random number between \p min inclusive and - * \p N exclusive. - * - * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) - * when the RNG is a suitably parametrized instance of HMAC_DRBG - * and \p min is \c 1. - * - * \note There are `N - min` possible outputs. The lower bound - * \p min can be reached, but the upper bound \p N cannot. - * - * \param X The destination MPI. This must point to an initialized MPI. - * \param min The minimum value to return. - * It must be nonnegative. - * \param N The upper bound of the range, exclusive. - * In other words, this is one plus the maximum value to return. - * \p N must be strictly larger than \p min. - * \param f_rng The RNG function to use. This must not be \c NULL. - * \param p_rng The RNG parameter to be passed to \p f_rng. - * - * \return \c 0 if successful. - * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. - * \return Another negative error code on failure. - */ -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_INVASIVE_H */ diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index c007cad389..5f92ca459e 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -312,105 +312,6 @@ genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffff ECP generate Montgomery key: Curve448, not enough entropy genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":"" -MPI random in range: 1..4 -mpi_random_many:1:"04":1000 - -MPI random in range: 1..5 -mpi_random_many:1:"05":1000 - -MPI random in range: 1..6 -mpi_random_many:1:"06":1000 - -MPI random in range: 1..7 -mpi_random_many:1:"07":1000 - -MPI random in range: 1..8 -mpi_random_many:1:"08":1000 - -MPI random in range: 1..9 -mpi_random_many:1:"09":1000 - -MPI random in range: 1..10 -mpi_random_many:1:"0a":1000 - -MPI random in range: 1..11 -mpi_random_many:1:"0b":1000 - -MPI random in range: 1..12 -mpi_random_many:1:"0c":1000 - -MPI random in range: 1..255 -mpi_random_many:1:"ff":100 - -MPI random in range: 1..256 -mpi_random_many:1:"0100":100 - -MPI random in range: 1..257 -mpi_random_many:1:"0101":100 - -MPI random in range: 1..272 -mpi_random_many:1:"0110":100 - -MPI random in range: 1..2^64-1 -mpi_random_many:1:"ffffffffffffffff":100 - -MPI random in range: 1..2^64 -mpi_random_many:1:"010000000000000000":100 - -MPI random in range: 1..2^64+1 -mpi_random_many:1:"010000000000000001":100 - -MPI random in range: 1..2^64+2^63 -mpi_random_many:1:"018000000000000000":100 - -MPI random in range: 1..2^65-1 -mpi_random_many:1:"01ffffffffffffffff":100 - -MPI random in range: 1..2^65 -mpi_random_many:1:"020000000000000000":100 - -MPI random in range: 1..2^65+1 -mpi_random_many:1:"020000000000000001":100 - -MPI random in range: 1..2^65+2^64 -mpi_random_many:1:"030000000000000000":100 - -MPI random in range: 1..2^66+2^65 -mpi_random_many:1:"060000000000000000":100 - -MPI random in range: 1..2^71-1 -mpi_random_many:1:"7fffffffffffffffff":100 - -MPI random in range: 1..2^71 -mpi_random_many:1:"800000000000000000":100 - -MPI random in range: 1..2^71+1 -mpi_random_many:1:"800000000000000001":100 - -MPI random in range: 1..2^71+2^63 -mpi_random_many:1:"c00000000000000000":100 - -MPI random in range: 1..2^72-1 -mpi_random_many:1:"ffffffffffffffffff":100 - -MPI random in range: 1..2^72 -mpi_random_many:1:"01000000000000000000":100 - -MPI random in range: 1..2^72+1 -mpi_random_many:1:"01000000000000000001":100 - -MPI random in range: 1..2^72+2^63 -mpi_random_many:1:"01800000000000000000":100 - -MPI random in range: 0..4 -mpi_random_many:0:"04":1000 - -MPI random in range: 2..4 -mpi_random_many:1:"04":1000 - -MPI random in range: 3..4 -mpi_random_many:1:"04":1000 - ECP read key #1 (short weierstrass, too small) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index fadc3001c1..934598dd37 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -16,42 +16,6 @@ mbedtls_ecp_point_free( x ); \ mbedtls_ecp_point_init( x ); -#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) -/* Test whether bytes represents (in big-endian base 256) a number B that - * is "significantly" above a power of 2, which is defined as follows. - * Let n be the integer such that 2^n <= B < 2^{n+1}. B is significantly - * above a power of 2 if (B - 2^n) / 2^n is not negligible. "Negligible" - * is defined as having a negligible chance that if you draw an integer - * in the range [1, B-1] K times, the number will always be less than 2^n, - * where K is the iteration count passed to genkey_sw_many. - */ -static int is_significantly_above_a_power_of_2( data_t *bytes ) -{ - const uint8_t *p = bytes->x; - size_t len = bytes->len; - unsigned x; - while( len > 0 && p[0] == 0 ) - { - ++p; - --len; - } - if( len == 0 ) - return( 0 ); - else if( len == 1 ) - x = p[0]; - else - x = ( p[0] << 8 ) | p[1]; - - if( x <= 4 ) - return( 0 ); - - while( ( x & 0x8000 ) == 0 ) - x <<= 1; - x &= 0x7fff; - return( x >= 0x1000 ); -} -#endif - /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1323,113 +1287,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -void mpi_random_many( int min, data_t *bound_bytes, int iterations ) -{ - /* Generate numbers in the range 1..bound-1. Do it iterations times. - * This function assumes that the value of bound is at least 2 and - * that iterations is large enough that a one-in-2^iterations chance - * effectively never occurs. - */ - - mbedtls_mpi upper_bound; - size_t n_bits; - mbedtls_mpi result; - size_t b; - /* If upper_bound is small, stats[b] is the number of times the value b - * has been generated. Otherwise stats[b] is the number of times a - * value with bit b set has been generated. */ - size_t *stats = NULL; - size_t stats_len; - int full_stats; - size_t i; - - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); - - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - n_bits = mbedtls_mpi_bitlen( &upper_bound ); - /* Consider a bound "small" if it's less than 2^5. This value is chosen - * to be small enough that the probability of missing one value is - * negligible given the number of iterations. It must be less than - * 256 because some of the code below assumes that "small" values - * fit in a byte. */ - if( n_bits <= 5 ) - { - full_stats = 1; - stats_len = bound_bytes->x[bound_bytes->len - 1]; - } - else - { - full_stats = 0; - stats_len = n_bits; - } - ASSERT_ALLOC( stats, stats_len ); - - for( i = 0; i < (size_t) iterations; i++ ) - { - mbedtls_test_set_step( i ); - TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); - if( full_stats ) - { - uint8_t value; - TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) ); - TEST_ASSERT( value < stats_len ); - ++stats[value]; - } - else - { - for( b = 0; b < n_bits; b++ ) - stats[b] += mbedtls_mpi_get_bit( &result, b ); - } - } - - if( full_stats ) - { - for( b = 1; b < stats_len; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); - /* Assert that each value has been reached at least once. - * This is almost guaranteed if the iteration count is large - * enough. This is a very crude way of checking the distribution. - */ - TEST_ASSERT( stats[b] > 0 ); - } - } - else - { - for( b = 0; b < n_bits; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); - /* Assert that each bit has been set in at least one result and - * clear in at least one result. Provided that iterations is not - * too small, it would be extremely unlikely for this not to be - * the case if the results are uniformly distributed. - * - * As an exception, the top bit may legitimately never be set - * if bound is a power of 2 or only slightly above. - */ - if( b != n_bits - 1 || - is_significantly_above_a_power_of_2( bound_bytes ) ) - { - TEST_ASSERT( stats[b] > 0 ); - } - TEST_ASSERT( stats[b] < (size_t) iterations ); - } - } - -exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); - mbedtls_free( stats ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ecp_selftest( ) { diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 59fd7824bb..a057dcd88f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1033,6 +1033,105 @@ mpi_fill_random:16:15:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +MPI random in range: 1..4 +mpi_random_many:1:"04":1000 + +MPI random in range: 1..5 +mpi_random_many:1:"05":1000 + +MPI random in range: 1..6 +mpi_random_many:1:"06":1000 + +MPI random in range: 1..7 +mpi_random_many:1:"07":1000 + +MPI random in range: 1..8 +mpi_random_many:1:"08":1000 + +MPI random in range: 1..9 +mpi_random_many:1:"09":1000 + +MPI random in range: 1..10 +mpi_random_many:1:"0a":1000 + +MPI random in range: 1..11 +mpi_random_many:1:"0b":1000 + +MPI random in range: 1..12 +mpi_random_many:1:"0c":1000 + +MPI random in range: 1..255 +mpi_random_many:1:"ff":100 + +MPI random in range: 1..256 +mpi_random_many:1:"0100":100 + +MPI random in range: 1..257 +mpi_random_many:1:"0101":100 + +MPI random in range: 1..272 +mpi_random_many:1:"0110":100 + +MPI random in range: 1..2^64-1 +mpi_random_many:1:"ffffffffffffffff":100 + +MPI random in range: 1..2^64 +mpi_random_many:1:"010000000000000000":100 + +MPI random in range: 1..2^64+1 +mpi_random_many:1:"010000000000000001":100 + +MPI random in range: 1..2^64+2^63 +mpi_random_many:1:"018000000000000000":100 + +MPI random in range: 1..2^65-1 +mpi_random_many:1:"01ffffffffffffffff":100 + +MPI random in range: 1..2^65 +mpi_random_many:1:"020000000000000000":100 + +MPI random in range: 1..2^65+1 +mpi_random_many:1:"020000000000000001":100 + +MPI random in range: 1..2^65+2^64 +mpi_random_many:1:"030000000000000000":100 + +MPI random in range: 1..2^66+2^65 +mpi_random_many:1:"060000000000000000":100 + +MPI random in range: 1..2^71-1 +mpi_random_many:1:"7fffffffffffffffff":100 + +MPI random in range: 1..2^71 +mpi_random_many:1:"800000000000000000":100 + +MPI random in range: 1..2^71+1 +mpi_random_many:1:"800000000000000001":100 + +MPI random in range: 1..2^71+2^63 +mpi_random_many:1:"c00000000000000000":100 + +MPI random in range: 1..2^72-1 +mpi_random_many:1:"ffffffffffffffffff":100 + +MPI random in range: 1..2^72 +mpi_random_many:1:"01000000000000000000":100 + +MPI random in range: 1..2^72+1 +mpi_random_many:1:"01000000000000000001":100 + +MPI random in range: 1..2^72+2^63 +mpi_random_many:1:"01800000000000000000":100 + +MPI random in range: 0..4 +mpi_random_many:0:"04":1000 + +MPI random in range: 2..4 +mpi_random_many:1:"04":1000 + +MPI random in range: 3..4 +mpi_random_many:1:"04":1000 + MPI Selftest depends_on:MBEDTLS_SELF_TEST mpi_selftest: diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index c5bb5a678a..8cf53b302c 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -64,6 +64,40 @@ static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) return( 0 ); } +/* Test whether bytes represents (in big-endian base 256) a number B that + * is "significantly" above a power of 2, which is defined as follows. + * Let n be the integer such that 2^n <= B < 2^{n+1}. B is significantly + * above a power of 2 if (B - 2^n) / 2^n is not negligible. "Negligible" + * is defined as having a negligible chance that if you draw an integer + * in the range [1, B-1] K times, the number will always be less than 2^n, + * where K is the iteration count passed to genkey_sw_many. + */ +static int is_significantly_above_a_power_of_2( data_t *bytes ) +{ + const uint8_t *p = bytes->x; + size_t len = bytes->len; + unsigned x; + while( len > 0 && p[0] == 0 ) + { + ++p; + --len; + } + if( len == 0 ) + return( 0 ); + else if( len == 1 ) + x = p[0]; + else + x = ( p[0] << 8 ) | p[1]; + + if( x <= 4 ) + return( 0 ); + + while( ( x & 0x8000 ) == 0 ) + x <<= 1; + x &= 0x7fff; + return( x >= 0x1000 ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1396,6 +1430,113 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mpi_random_many( int min, data_t *bound_bytes, int iterations ) +{ + /* Generate numbers in the range 1..bound-1. Do it iterations times. + * This function assumes that the value of bound is at least 2 and + * that iterations is large enough that a one-in-2^iterations chance + * effectively never occurs. + */ + + mbedtls_mpi upper_bound; + size_t n_bits; + mbedtls_mpi result; + size_t b; + /* If upper_bound is small, stats[b] is the number of times the value b + * has been generated. Otherwise stats[b] is the number of times a + * value with bit b set has been generated. */ + size_t *stats = NULL; + size_t stats_len; + int full_stats; + size_t i; + + mbedtls_mpi_init( &upper_bound ); + mbedtls_mpi_init( &result ); + + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, + bound_bytes->x, bound_bytes->len ) ); + n_bits = mbedtls_mpi_bitlen( &upper_bound ); + /* Consider a bound "small" if it's less than 2^5. This value is chosen + * to be small enough that the probability of missing one value is + * negligible given the number of iterations. It must be less than + * 256 because some of the code below assumes that "small" values + * fit in a byte. */ + if( n_bits <= 5 ) + { + full_stats = 1; + stats_len = bound_bytes->x[bound_bytes->len - 1]; + } + else + { + full_stats = 0; + stats_len = n_bits; + } + ASSERT_ALLOC( stats, stats_len ); + + for( i = 0; i < (size_t) iterations; i++ ) + { + mbedtls_test_set_step( i ); + TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL ) ); + + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); + if( full_stats ) + { + uint8_t value; + TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) ); + TEST_ASSERT( value < stats_len ); + ++stats[value]; + } + else + { + for( b = 0; b < n_bits; b++ ) + stats[b] += mbedtls_mpi_get_bit( &result, b ); + } + } + + if( full_stats ) + { + for( b = 1; b < stats_len; b++ ) + { + mbedtls_test_set_step( 1000000 + b ); + /* Assert that each value has been reached at least once. + * This is almost guaranteed if the iteration count is large + * enough. This is a very crude way of checking the distribution. + */ + TEST_ASSERT( stats[b] > 0 ); + } + } + else + { + for( b = 0; b < n_bits; b++ ) + { + mbedtls_test_set_step( 1000000 + b ); + /* Assert that each bit has been set in at least one result and + * clear in at least one result. Provided that iterations is not + * too small, it would be extremely unlikely for this not to be + * the case if the results are uniformly distributed. + * + * As an exception, the top bit may legitimately never be set + * if bound is a power of 2 or only slightly above. + */ + if( b != n_bits - 1 || + is_significantly_above_a_power_of_2( bound_bytes ) ) + { + TEST_ASSERT( stats[b] > 0 ); + } + TEST_ASSERT( stats[b] < (size_t) iterations ); + } + } + +exit: + mbedtls_mpi_free( &upper_bound ); + mbedtls_mpi_free( &result ); + mbedtls_free( stats ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void mpi_selftest( ) { From 1e918f44c98bc0f820e174d1faf40c8382c93bee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 22:14:51 +0200 Subject: [PATCH 0159/1065] mbedtls_mpi_random: check for invalid arguments Signed-off-by: Gilles Peskine --- include/mbedtls/bignum.h | 2 ++ library/bignum.c | 5 +++++ tests/suites/test_suite_mpi.data | 9 +++++++++ tests/suites/test_suite_mpi.function | 22 ++++++++++++++++++++++ 4 files changed, 38 insertions(+) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index e938232ad8..3274422142 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -894,6 +894,8 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid + * or if they are incompatible. * \return Another negative error code on failure. */ int mbedtls_mpi_random( mbedtls_mpi *X, diff --git a/library/bignum.c b/library/bignum.c index aa4b1ce2d2..fba9acc5b0 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2445,6 +2445,11 @@ int mbedtls_mpi_random( mbedtls_mpi *X, size_t n_bits = mbedtls_mpi_bitlen( N ); size_t n_bytes = ( n_bits + 7 ) / 8; + if( min < 0 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( N, min ) <= 0 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) * when f_rng is a suitably parametrized instance of HMAC_DRBG: diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index a057dcd88f..fb2c553d0d 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1132,6 +1132,15 @@ mpi_random_many:1:"04":1000 MPI random in range: 3..4 mpi_random_many:1:"04":1000 +MPI random bad arguments: min < 0 +mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min = N = 0 +mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min = N = 1 +mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + MPI Selftest depends_on:MBEDTLS_SELF_TEST mpi_selftest: diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 8cf53b302c..0ca6b6439c 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1537,6 +1537,28 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret ) +{ + mbedtls_mpi upper_bound; + mbedtls_mpi result; + int actual_ret; + + mbedtls_mpi_init( &upper_bound ); + mbedtls_mpi_init( &result ); + + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, + bound_bytes->x, bound_bytes->len ) ); + actual_ret = mbedtls_mpi_random( &result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL ); + TEST_EQUAL( expected_ret, actual_ret ); + +exit: + mbedtls_mpi_free( &upper_bound ); + mbedtls_mpi_free( &result ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void mpi_selftest( ) { From fdc58c1e8b54455f48a7e6d0f374f009205a8686 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 23:15:00 +0200 Subject: [PATCH 0160/1065] Changelog entry for adding mbedtls_mpi_random() Signed-off-by: Gilles Peskine --- ChangeLog.d/mpi_random.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/mpi_random.txt diff --git a/ChangeLog.d/mpi_random.txt b/ChangeLog.d/mpi_random.txt new file mode 100644 index 0000000000..9e6a416239 --- /dev/null +++ b/ChangeLog.d/mpi_random.txt @@ -0,0 +1,3 @@ +Features + * The new function mbedtls_mpi_random() generates a random value in a + given range uniformly. From 60d8b98d4844475884b4a585cf38ac8a26184d91 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 22:28:21 +0200 Subject: [PATCH 0161/1065] Preserve MBEDTLS_ERR_ECP_RANDOM_FAILED in case of a hostile RNG Signed-off-by: Gilles Peskine --- library/ecp.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index 3e5cebc298..30d4d19230 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3091,6 +3091,22 @@ cleanup: } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ +#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +static int mbedtls_ecp_gen_privkey_sw( + const mbedtls_mpi *N, mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = mbedtls_mpi_random( d, 1, N, f_rng, p_rng ); + switch( ret ) + { + case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + default: + return( ret ); + } +} +#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ + /* * Generate a private key */ @@ -3110,7 +3126,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( mbedtls_mpi_random( d, 1, &grp->N, f_rng, p_rng ) ); + return( mbedtls_ecp_gen_privkey_sw( &grp->N, d, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); From 5921517126fcd87837c320075bf0dc2b108239c3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 22:28:50 +0200 Subject: [PATCH 0162/1065] ECP: use mbedtls_mpi_random for blinding Instead of generating blinding values in a not-quite-uniform way (https://github.com/ARMmbed/mbedtls/issues/4245) with copy-pasted code, use mbedtls_mpi_random(). Signed-off-by: Gilles Peskine --- library/ecp.c | 38 ++++++-------------------------------- 1 file changed, 6 insertions(+), 32 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 30d4d19230..f450056c06 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1713,26 +1713,11 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l, ll; - int count = 0; - size_t p_size = ( grp->pbits + 7 ) / 8; mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll ); /* Generate l such that 1 < l < p */ - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) ); - - if( count++ > 10 ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - } - while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); /* Z = l * Z */ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z, &pt->Z, &l ) ); @@ -1748,6 +1733,8 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p cleanup: mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll ); + if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; return( ret ); #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */ } @@ -2502,25 +2489,10 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l; - int count = 0; - size_t p_size = ( grp->pbits + 7 ) / 8; mbedtls_mpi_init( &l ); /* Generate l such that 1 < l < p */ - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) ); - - if( count++ > 10 ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - } - while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) ); @@ -2528,6 +2500,8 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P cleanup: mbedtls_mpi_free( &l ); + if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; return( ret ); #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */ } From 02db8f4cf76932e83823b4726c8133d25c21b768 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Mar 2021 23:28:51 +0200 Subject: [PATCH 0163/1065] Test range and format of dhm_make_params output Improve the validation of the output from mbedtls_dhm_make_params: * Test that the output in the byte buffer matches the value in the context structure. * Test that the calculated values are in the desired range. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.function | 63 ++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 1726b9eb75..b9dcde5804 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -1,5 +1,61 @@ /* BEGIN_HEADER */ #include "mbedtls/dhm.h" + +static int check_dhm_param_output( const mbedtls_mpi *expected, + const unsigned char *buffer, + size_t size, + size_t *offset ) +{ + size_t n; + mbedtls_mpi actual; + int ok = 0; + mbedtls_mpi_init( &actual ); + + ++mbedtls_test_info.step; + + TEST_ASSERT( size >= *offset + 2 ); + n = ( buffer[*offset] << 8 ) | buffer[*offset + 1]; + *offset += 2; + TEST_EQUAL( n, mbedtls_mpi_size( expected ) ); + TEST_ASSERT( size >= *offset + n ); + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &actual, buffer + *offset, n ) ); + TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( expected, &actual ) ); + *offset += n; + + ok = 1; +exit: + mbedtls_mpi_free( &actual ); + return( ok ); +} + +static int check_dhm_params( const mbedtls_dhm_context *ctx, + size_t x_size, + const unsigned char *ske, size_t ske_len ) +{ + size_t offset = 0; + + /* Check that ctx->X and ctx->GX are within range. */ + TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->X, 1 ) > 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) < 0 ); + TEST_ASSERT( mbedtls_mpi_size( &ctx->X ) <= x_size ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->GX, 1 ) > 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->GX, &ctx->P ) < 0 ); + + /* Check ske: it must contain P, G and G^X, each prefixed with a + * 2-byte size. */ + if( !check_dhm_param_output( &ctx->P, ske, ske_len, &offset ) ) + goto exit; + if( !check_dhm_param_output( &ctx->G, ske, ske_len, &offset ) ) + goto exit; + if( !check_dhm_param_output( &ctx->GX, ske, ske_len, &offset ) ) + goto exit; + TEST_EQUAL( offset, ske_len ); + + return( 1 ); +exit: + return( 0 ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -151,11 +207,14 @@ void dhm_do_dhm( int radix_P, char *input_P, /* * First key exchange */ + mbedtls_test_set_step( 10 ); TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == result ); if ( result != 0 ) goto exit; + if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + goto exit; ske[ske_len++] = 0; ske[ske_len++] = 0; @@ -179,6 +238,7 @@ void dhm_do_dhm( int radix_P, char *input_P, /* Re-do calc_secret on server a few times to test update of blinding values */ for( i = 0; i < 3; i++ ) { + mbedtls_test_set_step( 20 + i ); sec_srv_len = 1000; TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), &sec_srv_len, @@ -195,9 +255,12 @@ void dhm_do_dhm( int radix_P, char *input_P, */ p = ske; + mbedtls_test_set_step( 30 ); TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); + if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + goto exit; ske[ske_len++] = 0; ske[ske_len++] = 0; TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); From b27db0acff5a7e1199772821840f409ae3d03d01 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Mar 2021 23:33:49 +0200 Subject: [PATCH 0164/1065] Repeat a few DH tests Repeat a few tests that use random data. This way the code is exercised with a few different random values. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index c4795b6d34..063c1a6016 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -1,13 +1,37 @@ Diffie-Hellman parameter validation dhm_invalid_params: -Diffie-Hellman full exchange #1 +Diffie-Hellman full exchange: 5-bit #1 dhm_do_dhm:10:"23":10:"5":0 -Diffie-Hellman full exchange #2 +Diffie-Hellman full exchange: 5-bit #2 +dhm_do_dhm:10:"23":10:"5":0 + +Diffie-Hellman full exchange: 5-bit #3 +dhm_do_dhm:10:"23":10:"5":0 + +Diffie-Hellman full exchange: 5-bit #4 +dhm_do_dhm:10:"23":10:"5":0 + +Diffie-Hellman full exchange: 5-bit #5 +dhm_do_dhm:10:"23":10:"5":0 + +Diffie-Hellman full exchange: 97-bit #1 dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 -Diffie-Hellman full exchange #3 +Diffie-Hellman full exchange: 97-bit #2 +dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit #3 +dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit #4 +dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit #5 +dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 286-bit dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271":0 Diffie-Hellman trivial subgroup #1 From 2baf2b0532bcbabcabbb9fffd996ebfad1fbd893 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Mar 2021 23:44:22 +0200 Subject: [PATCH 0165/1065] Test mbedtls_dhm_make_params with different x_size mbedtls_dhm_make_params() with x_size != size of P is not likely to be useful, but it's supported, so test it. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 63 +++++++++++++++++++++------- tests/suites/test_suite_dhm.function | 7 ++-- 2 files changed, 51 insertions(+), 19 deletions(-) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index 063c1a6016..fcfc5cf7a8 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -1,50 +1,83 @@ +Diffie-Hellman full exchange: tiny x_size +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 + Diffie-Hellman parameter validation dhm_invalid_params: +Diffie-Hellman full exchange: 5-bit, x_size=3 +dhm_do_dhm:10:"23":3:10:"5":0 + +Diffie-Hellman full exchange: 5-bit, x_size=2 +dhm_do_dhm:10:"23":2:10:"5":0 + Diffie-Hellman full exchange: 5-bit #1 -dhm_do_dhm:10:"23":10:"5":0 +dhm_do_dhm:10:"23":1:10:"5":0 Diffie-Hellman full exchange: 5-bit #2 -dhm_do_dhm:10:"23":10:"5":0 +dhm_do_dhm:10:"23":1:10:"5":0 Diffie-Hellman full exchange: 5-bit #3 -dhm_do_dhm:10:"23":10:"5":0 +dhm_do_dhm:10:"23":1:10:"5":0 Diffie-Hellman full exchange: 5-bit #4 -dhm_do_dhm:10:"23":10:"5":0 +dhm_do_dhm:10:"23":1:10:"5":0 Diffie-Hellman full exchange: 5-bit #5 -dhm_do_dhm:10:"23":10:"5":0 +dhm_do_dhm:10:"23":1:10:"5":0 + +Diffie-Hellman full exchange: 97-bit, x_size=14 +dhm_do_dhm:10:"93450983094850938450983409623":14:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 97-bit #1 -dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 97-bit #2 -dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 97-bit #3 -dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 97-bit #4 -dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 97-bit #5 -dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=12 +dhm_do_dhm:10:"93450983094850938450983409623":12:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=11 +dhm_do_dhm:10:"93450983094850938450983409623":11:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=1 #1 +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=1 #2 +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=1 #3 +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=1 #4 +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 + +Diffie-Hellman full exchange: 97-bit, x_size=1 #5 +dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 Diffie-Hellman full exchange: 286-bit -dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271":0 +dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0 Diffie-Hellman trivial subgroup #1 -dhm_do_dhm:10:"23":10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:10:"23":1:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman trivial subgroup #2 -dhm_do_dhm:10:"23":10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman small modulus -dhm_do_dhm:10:"3":10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED +dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED Diffie-Hellman zero modulus -dhm_do_dhm:10:"0":10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman MPI_MAX_SIZE modulus dhm_make_public:MBEDTLS_MPI_MAX_SIZE:10:"5":0 diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index b9dcde5804..edd96989aa 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -171,7 +171,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dhm_do_dhm( int radix_P, char *input_P, +void dhm_do_dhm( int radix_P, char *input_P, int x_size, int radix_G, char *input_G, int result ) { mbedtls_dhm_context ctx_srv; @@ -185,7 +185,7 @@ void dhm_do_dhm( int radix_P, char *input_P, size_t pub_cli_len = 0; size_t sec_srv_len; size_t sec_cli_len; - int x_size, i; + int i; mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_dhm_init( &ctx_srv ); @@ -201,8 +201,7 @@ void dhm_do_dhm( int radix_P, char *input_P, */ TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 ); - x_size = mbedtls_mpi_size( &ctx_srv.P ); - pub_cli_len = x_size; + pub_cli_len = mbedtls_mpi_size( &ctx_srv.P ); /* * First key exchange From cb660f2bdaf8572243462bcd89f8d778f91d9ea4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 22:35:13 +0200 Subject: [PATCH 0166/1065] DHM refactoring: unify mbedtls_dhm_make_{params,public} Unify the common parts of mbedtls_dhm_make_params and mbedtls_dhm_make_public. No intended behavior change, except that the exact error code may change in some corner cases which are too exotic for the existing unit tests. Signed-off-by: Gilles Peskine --- library/dhm.c | 86 +++++++++++++++++++++++---------------------------- 1 file changed, 39 insertions(+), 47 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index 9758af7872..f2ad551ceb 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -150,21 +150,11 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, return( 0 ); } -/* - * Setup and write the ServerKeyExchange parameters - */ -int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret, count = 0; - size_t n1, n2, n3; - unsigned char *p; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( olen != NULL ); - DHM_VALIDATE_RET( f_rng != NULL ); if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); @@ -193,6 +183,30 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) return( ret ); +cleanup: + return( ret ); +} + +/* + * Setup and write the ServerKeyExchange parameters + */ +int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + size_t n1, n2, n3; + unsigned char *p; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( output != NULL ); + DHM_VALIDATE_RET( olen != NULL ); + DHM_VALIDATE_RET( f_rng != NULL ); + + ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); + if( ret != 0 ) + goto cleanup; + /* * export P, G, GX */ @@ -220,11 +234,9 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, ctx->len = n1; cleanup: - - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ) ); - - return( 0 ); + if( ret != 0 && ret > -128 ) + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ); + return( ret ); } /* @@ -276,7 +288,7 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret, count = 0; + int ret; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( output != NULL ); DHM_VALIDATE_RET( f_rng != NULL ); @@ -284,38 +296,18 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, if( olen < 1 || olen > ctx->len ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - - /* - * generate X and calculate GX = G^X mod P - */ - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) ); - - if( count++ > 10 ) - return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED ); - } - while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, - &ctx->P , &ctx->RP ) ); - - if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) - return( ret ); + ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); + if( ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ) + return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED ); + if( ret != 0 ) + goto cleanup; MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) ); cleanup: - - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ) ); - - return( 0 ); + if( ret != 0 && ret > -128 ) + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ); + return( ret ); } /* From 7b2b66e3f3cbe8b56288d741ac5909f86d1994b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 22:50:57 +0200 Subject: [PATCH 0167/1065] DHM blinding: don't accept P-1 as a blinding value P-1 is as bad as 1 as a blinding value. Don't accept it. The chance that P-1 would be randomly generated is infinitesimal, so this is not a practical issue, but it makes the code cleaner. It was inconsistent to accept P-1 as a blinding value but not as a private key. Signed-off-by: Gilles Peskine --- library/dhm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index f2ad551ceb..5e0864b329 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -329,7 +329,7 @@ static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, if( count++ > 10 ) return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); } - while( mbedtls_mpi_cmp_int( R, 1 ) <= 0 ); + while( dhm_check_range( R, M ) != 0 ); cleanup: return( ret ); @@ -382,7 +382,7 @@ static int dhm_update_blinding( mbedtls_dhm_context *ctx, * We need to generate blinding values from scratch */ - /* Vi = random( 2, P-1 ) */ + /* Vi = random( 2, P-2 ) */ MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) ); /* Vf = Vi^-X mod P From 17f1a265933b8090a38d16f247ac5234679456a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 22:48:14 +0200 Subject: [PATCH 0168/1065] DHM refactoring: use dhm_random_below in dhm_make_common dhm_make_common includes a piece of code that is identical to dhm_random_below except for returning a different error code in one case. Call dhm_random_below instead of repeating the code. Signed-off-by: Gilles Peskine --- library/dhm.c | 75 ++++++++++++++++++++++++++------------------------- 1 file changed, 38 insertions(+), 37 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index 5e0864b329..7168f26c2b 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -150,29 +150,55 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, return( 0 ); } +/* + * Pick a random R in the range [2, M) for blinding or key generation. + */ +static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret, count; + + count = 0; + do + { + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) ); + + while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) ); + + if( count++ > 10 ) + return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + } + while( dhm_check_range( R, M ) != 0 ); + +cleanup: + return( ret ); +} + static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret, count = 0; + int ret = 0; if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if( x_size < 0 ) + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - /* - * Generate X as large as possible ( < P ) - */ - do + if( (unsigned) x_size < mbedtls_mpi_size( &ctx->P ) ) { MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) ); - - if( count++ > 10 ) - return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ); } - while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); + else + { + /* Generate X as large as possible ( <= P - 2 ) */ + ret = dhm_random_below( &ctx->X, &ctx->P, f_rng, p_rng ); + if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ); + if( ret != 0 ) + return( ret ); + } /* * Calculate GX = G^X mod P @@ -310,31 +336,6 @@ cleanup: return( ret ); } -/* - * Pick a random R in the range [2, M) for blinding purposes - */ -static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) -{ - int ret, count; - - count = 0; - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) ); - - if( count++ > 10 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); - } - while( dhm_check_range( R, M ) != 0 ); - -cleanup: - return( ret ); -} - /* * Use the blinding method and optimisation suggested in section 10 of: From 8e38acc9a551a6d061ed409c993ab54020e60671 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 22:56:43 +0200 Subject: [PATCH 0169/1065] dhm_check_range: microoptimization No need to build a bignum for the value 2. Signed-off-by: Gilles Peskine --- library/dhm.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index 7168f26c2b..befa998504 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -100,22 +100,21 @@ static int dhm_read_bignum( mbedtls_mpi *X, */ static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P ) { - mbedtls_mpi L, U; + mbedtls_mpi U; int ret = 0; - mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U ); + mbedtls_mpi_init( &U ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) ); - if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 || + if( mbedtls_mpi_cmp_int( param, 2 ) < 0 || mbedtls_mpi_cmp_mpi( param, &U ) > 0 ) { ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } cleanup: - mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U ); + mbedtls_mpi_free( &U ); return( ret ); } From da7ee01589aff9d4dd432de7206f843f7175ff8b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 23:04:50 +0200 Subject: [PATCH 0170/1065] DHM: use mbedtls_mpi_random for blinding and key generation Instead of generating blinding values and keys in a not-quite-uniform way (https://github.com/ARMmbed/mbedtls/issues/4245) with copy-pasted code, use mbedtls_mpi_random(). Signed-off-by: Gilles Peskine --- library/dhm.c | 18 ++++-------------- tests/suites/test_suite_dhm.data | 2 +- 2 files changed, 5 insertions(+), 15 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index befa998504..e8055be713 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -150,25 +150,15 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, } /* - * Pick a random R in the range [2, M) for blinding or key generation. + * Pick a random R in the range [2, M-2] for blinding or key generation. */ static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret, count; + int ret; - count = 0; - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) ); - - while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) ); - - if( count++ > 10 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); - } - while( dhm_check_range( R, M ) != 0 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_random( R, 3, M, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( R, R, 1 ) ); cleanup: return( ret ); diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index fcfc5cf7a8..773fe3b9c7 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -74,7 +74,7 @@ Diffie-Hellman trivial subgroup #2 dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman small modulus -dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED +dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA Diffie-Hellman zero modulus dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA From 9367f4b1d9645bc1fc6b8ce070d9d5dd57e10f16 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Mar 2021 23:12:35 +0200 Subject: [PATCH 0171/1065] Add changelog entry for non-uniform MPI random generation Fix #4245. Signed-off-by: Gilles Peskine --- ChangeLog.d/random-range.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/random-range.txt diff --git a/ChangeLog.d/random-range.txt b/ChangeLog.d/random-range.txt new file mode 100644 index 0000000000..dc35ec6c66 --- /dev/null +++ b/ChangeLog.d/random-range.txt @@ -0,0 +1,4 @@ +Security +* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) + private keys and of blinding values for DHM and elliptic curves (ECP) + computations. Reported by FlorianF89 in #4245. From 1a7df4eda092a1b200c0151051f954f66dad7059 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Apr 2021 15:57:18 +0200 Subject: [PATCH 0172/1065] Fix mbedtls_mpi_random when N has leading zeros mbedtls_mpi_random() uses mbedtls_mpi_cmp_mpi_ct(), which requires its two arguments to have the same storage size. This was not the case when the upper bound passed to mbedtls_mpi_random() had leading zero limbs. Fix this by forcing the result MPI to the desired size. Since this is not what mbedtls_mpi_fill_random() does, don't call it from mbedtls_mpi_random(), but instead call a new auxiliary function. Add tests to cover this and other conditions with varying sizes for the two arguments. Signed-off-by: Gilles Peskine --- library/bignum.c | 46 +++++++++++++++++++++++----- tests/suites/test_suite_mpi.data | 27 ++++++++++++++++ tests/suites/test_suite_mpi.function | 23 ++++++++++++++ 3 files changed, 88 insertions(+), 8 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index fba9acc5b0..25fb9ae54e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2395,6 +2395,30 @@ cleanup: return( ret ); } +/* Fill X with n_bytes random bytes. + * X must already have room for those bytes. + * n_bytes must not be 0. + */ +static int mpi_fill_random_internal( + mbedtls_mpi *X, size_t n_bytes, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + const size_t limbs = CHARS_TO_LIMBS( n_bytes ); + const size_t overhead = ( limbs * ciL ) - n_bytes; + + if( X->n < limbs ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); + + MBEDTLS_MPI_CHK( f_rng( p_rng, (unsigned char *) X->p + overhead, n_bytes ) ); + mpi_bigendian_to_host( X->p, limbs ); + +cleanup: + return( ret ); +} + /* * Fill X with size bytes of random. * @@ -2408,8 +2432,6 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t const limbs = CHARS_TO_LIMBS( size ); - size_t const overhead = ( limbs * ciL ) - size; - unsigned char *Xp; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( f_rng != NULL ); @@ -2421,12 +2443,10 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, mbedtls_mpi_init( X ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); } - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + if( size == 0 ) + return( 0 ); - Xp = (unsigned char*) X->p; - MBEDTLS_MPI_CHK( f_rng( p_rng, Xp + overhead, size ) ); - - mpi_bigendian_to_host( X->p, limbs ); + ret = mpi_fill_random_internal( X, size, f_rng, p_rng ); cleanup: return( ret ); @@ -2450,6 +2470,16 @@ int mbedtls_mpi_random( mbedtls_mpi *X, if( mbedtls_mpi_cmp_int( N, min ) <= 0 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + /* Ensure that target MPI has exactly the same number of limbs + * as the upper bound, even if the upper bound has leading zeros. + * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ + if( X->n != N->n ) + { + mbedtls_mpi_free( X ); + mbedtls_mpi_init( X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, N->n ) ); + } + /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) * when f_rng is a suitably parametrized instance of HMAC_DRBG: @@ -2460,7 +2490,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, */ do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n_bytes, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mpi_fill_random_internal( X, n_bytes, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); /* diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index fb2c553d0d..3488854e22 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1132,6 +1132,33 @@ mpi_random_many:1:"04":1000 MPI random in range: 3..4 mpi_random_many:1:"04":1000 +MPI random in range: smaller result +mpi_random_grown:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1 + +MPI random in range: same size result (32-bit limbs) +mpi_random_grown:1:"aaaaaaaaaaaaaaaa":2 + +MPI random in range: same size result (64-bit limbs) +mpi_random_grown:1:"aaaaaaaaaaaaaaaa":1 + +MPI random in range: larger result +mpi_random_grown:1:"aaaaaaaaaaaaaaaa":3 + +MPI random in range: leading 0 limb in upper bound #0 +mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":0 + +MPI random in range: leading 0 limb in upper bound #1 +mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":1 + +MPI random in range: leading 0 limb in upper bound #2 +mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":2 + +MPI random in range: leading 0 limb in upper bound #3 +mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":3 + +MPI random in range: leading 0 limb in upper bound #4 +mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":4 + MPI random bad arguments: min < 0 mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 0ca6b6439c..f3c9107c3a 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1537,6 +1537,29 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mpi_random_grown( int min, data_t *bound_bytes, int nlimbs ) +{ + mbedtls_mpi upper_bound; + mbedtls_mpi result; + + mbedtls_mpi_init( &upper_bound ); + mbedtls_mpi_init( &result ); + + TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) ); + TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, + bound_bytes->x, bound_bytes->len ) ); + TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); + +exit: + mbedtls_mpi_free( &upper_bound ); + mbedtls_mpi_free( &result ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret ) { From 422e867acb43a9ca537d0cb20c6c656e4e1167e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Apr 2021 00:02:27 +0200 Subject: [PATCH 0173/1065] MPI random: add unit tests with a previously nonzero value Add unit tests for mbedtls_mpi_fill_random() and mbedtls_mpi_random() when the resulting MPI object previously had a nonzero value. I wrote those to catch a bug that I introduced during the development of mbedtls_mpi_random() (but does not appear in a committed version). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 88 ++++++++++++++++++++-------- tests/suites/test_suite_mpi.function | 23 +++++++- 2 files changed, 86 insertions(+), 25 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 3488854e22..6cd62f10cd 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -992,46 +992,76 @@ Test bit set (Invalid bit value) mbedtls_mpi_set_bit:16:"00":5:2:16:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Fill random: 0 bytes -mpi_fill_random:0:0:0 +mpi_fill_random:0:0:0:0 Fill random: 1 byte, good -mpi_fill_random:1:1:0 +mpi_fill_random:1:1:0:0 Fill random: 2 bytes, good, no leading zero -mpi_fill_random:2:2:0 +mpi_fill_random:2:2:0:0 Fill random: 2 bytes, good, 1 leading zero -mpi_fill_random:2:256:0 +mpi_fill_random:2:256:0:0 Fill random: MAX_SIZE - 7, good -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0 +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0:0 Fill random: MAX_SIZE, good -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0 +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0:0 + +Fill random: 0 bytes, previously small >0 +mpi_fill_random:0:0:1:0 + +Fill random: 0 bytes, previously small <0 +mpi_fill_random:0:0:-1:0 + +Fill random: 0 bytes, previously large >0 +mpi_fill_random:0:0:65:0 + +Fill random: 0 bytes, previously large <0 +mpi_fill_random:0:0:-65:0 + +Fill random: 1 byte, previously small >0 +mpi_fill_random:1:1:1:0 + +Fill random: 1 byte, previously small <0 +mpi_fill_random:1:1:-1:0 + +Fill random: 1 byte, previously large >0 +mpi_fill_random:1:1:65:0 + +Fill random: 1 byte, previously large <0 +mpi_fill_random:1:1:-65:0 + +Fill random: 9 bytes, previously small >0 +mpi_fill_random:1:1:1:0 + +Fill random: 9 bytes, previously small <0 +mpi_fill_random:1:1:-1:0 Fill random: 1 byte, RNG failure -mpi_fill_random:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:1:0:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 2 bytes, RNG failure after 1 byte -mpi_fill_random:2:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:2:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 4 bytes, RNG failure after 3 bytes -mpi_fill_random:4:3:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:4:3:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 8 bytes, RNG failure after 7 bytes -mpi_fill_random:8:7:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:8:7:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 16 bytes, RNG failure after 1 bytes -mpi_fill_random:16:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:16:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 16 bytes, RNG failure after 8 bytes -mpi_fill_random:16:8:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:16:8:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: 16 bytes, RNG failure after 15 bytes -mpi_fill_random:16:15:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED MPI random in range: 1..4 mpi_random_many:1:"04":1000 @@ -1133,31 +1163,43 @@ MPI random in range: 3..4 mpi_random_many:1:"04":1000 MPI random in range: smaller result -mpi_random_grown:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1 +mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0 MPI random in range: same size result (32-bit limbs) -mpi_random_grown:1:"aaaaaaaaaaaaaaaa":2 +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":2:0 MPI random in range: same size result (64-bit limbs) -mpi_random_grown:1:"aaaaaaaaaaaaaaaa":1 +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0 MPI random in range: larger result -mpi_random_grown:1:"aaaaaaaaaaaaaaaa":3 +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0 MPI random in range: leading 0 limb in upper bound #0 -mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":0 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0 MPI random in range: leading 0 limb in upper bound #1 -mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":1 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":1:0 MPI random in range: leading 0 limb in upper bound #2 -mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":2 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":2:0 MPI random in range: leading 0 limb in upper bound #3 -mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":3 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":3:0 MPI random in range: leading 0 limb in upper bound #4 -mpi_random_grown:1:"00aaaaaaaaaaaaaaaa":4 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":4:0 + +MPI random in range: previously small >0 +mpi_random_sizes:1:"1234567890":4:1 + +MPI random in range: previously small <0 +mpi_random_sizes:1:"1234567890":4:-1 + +MPI random in range: previously large >0 +mpi_random_sizes:1:"1234":4:65 + +MPI random in range: previously large <0 +mpi_random_sizes:1:"1234":4:-65 MPI random bad arguments: min < 0 mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index f3c9107c3a..e82fe99b50 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1400,13 +1400,23 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mpi_fill_random( int wanted_bytes, int rng_bytes, int expected_ret ) +void mpi_fill_random( int wanted_bytes, int rng_bytes, + int before, int expected_ret ) { mbedtls_mpi X; int ret; size_t bytes_left = rng_bytes; mbedtls_mpi_init( &X ); + if( before != 0 ) + { + /* Set X to sign(before) * 2^(|before|-1) */ + TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 ); + if( before < 0 ) + before = - before; + TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 ); + } + ret = mbedtls_mpi_fill_random( &X, wanted_bytes, f_rng_bytes_left, &bytes_left ); TEST_ASSERT( ret == expected_ret ); @@ -1538,7 +1548,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mpi_random_grown( int min, data_t *bound_bytes, int nlimbs ) +void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before ) { mbedtls_mpi upper_bound; mbedtls_mpi result; @@ -1546,6 +1556,15 @@ void mpi_random_grown( int min, data_t *bound_bytes, int nlimbs ) mbedtls_mpi_init( &upper_bound ); mbedtls_mpi_init( &result ); + if( before != 0 ) + { + /* Set result to sign(before) * 2^(|before|-1) */ + TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 ); + if( before < 0 ) + before = - before; + TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 ); + } + TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) ); TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, bound_bytes->x, bound_bytes->len ) ); From eedefa5627fb331830b613d8141da77beea5008a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 19:50:04 +0200 Subject: [PATCH 0174/1065] Better document and slightly simplify >>2^n heuristic Slightly simplify is_significantly_above_a_power_of_2() to make it easier to understand: * Remove the explicit negative answer for x <= 4. The only functional difference this makes is that is_significantly_above_a_power_of_2(3) is now true. * Shift the most significant bit of x to position 8 rather than 15. This makes the final comparison easier to explain. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 38 ++++++++++++++++++---------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index e82fe99b50..1709677527 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -64,38 +64,48 @@ static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) return( 0 ); } -/* Test whether bytes represents (in big-endian base 256) a number B that - * is "significantly" above a power of 2, which is defined as follows. - * Let n be the integer such that 2^n <= B < 2^{n+1}. B is significantly - * above a power of 2 if (B - 2^n) / 2^n is not negligible. "Negligible" - * is defined as having a negligible chance that if you draw an integer - * in the range [1, B-1] K times, the number will always be less than 2^n, - * where K is the iteration count passed to genkey_sw_many. +/* Test whether bytes represents (in big-endian base 256) a number b that + * is significantly above a power of 2. That is, b must not have a long run + * of unset bits after the most significant bit. + * + * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}. + * This function returns 1 if, when drawing a number between 0 and b, + * the probability that this number is at least 2^n is not negligible. + * This probability is (b - 2^n) / b and this function checks that this + * number is above some threshold A. The threshold value is heuristic and + * based on the needs of mpi_random_many(). */ static int is_significantly_above_a_power_of_2( data_t *bytes ) { const uint8_t *p = bytes->x; size_t len = bytes->len; unsigned x; + + /* Skip leading null bytes */ while( len > 0 && p[0] == 0 ) { ++p; --len; } + /* 0 is not significantly above a power of 2 */ if( len == 0 ) return( 0 ); - else if( len == 1 ) + /* Extract the (up to) 2 most significant bytes */ + if( len == 1 ) x = p[0]; else x = ( p[0] << 8 ) | p[1]; - if( x <= 4 ) - return( 0 ); + /* Shift the most significant bit of x to position 8 and mask it out */ + while( ( x & 0xfe00 ) != 0 ) + x >>= 1; + x &= 0x00ff; - while( ( x & 0x8000 ) == 0 ) - x <<= 1; - x &= 0x7fff; - return( x >= 0x1000 ); + /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above + * a power of 2 iff x is significantly above 0 compared to 2^8. + * Testing x >= 2^4 amounts to picking A = 1/16 in the function + * description above. */ + return( x >= 0x10 ); } /* END_HEADER */ From ee966c4ae4afea6ce1e5b107001d1205cad7acae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 19:59:21 +0200 Subject: [PATCH 0175/1065] Contextualize comment about mbedtls_mpi_random retries This comment is no longer in the specific context of generating a random point on an elliptic curve. Signed-off-by: Gilles Peskine --- library/bignum.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 25fb9ae54e..b504752e65 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2498,9 +2498,11 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * a probability 1/2 of being 0, and then the result will be < N), * so after 30 tries failure probability is a most 2**(-30). * - * For most curves, 1 try is enough with overwhelming probability, - * since N starts with a lot of 1s in binary, but some curves - * such as secp224k1 are actually very close to the worst case. + * When N is just below a power of 2, as is the case when generating + * a random point on most elliptic curves, 1 try is enough with + * overwhelming probability. When N is just above a power of 2, + * as when generating a random point on secp224k1, each try has + * a probability of failing that is almost 1/2. */ if( ++count > 30 ) { From fbb90098e8d0ec5573fdf3c469afa2c52337376a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 20:00:57 +0200 Subject: [PATCH 0176/1065] Fix copypasta in test case description Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 6cd62f10cd..aa58c94cd2 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1157,10 +1157,10 @@ MPI random in range: 0..4 mpi_random_many:0:"04":1000 MPI random in range: 2..4 -mpi_random_many:1:"04":1000 +mpi_random_many:2:"04":1000 MPI random in range: 3..4 -mpi_random_many:1:"04":1000 +mpi_random_many:3:"04":1000 MPI random in range: smaller result mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0 From 951b5695e3a4303ab3b3a8e63e46d549f0f1311f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 20:44:04 +0200 Subject: [PATCH 0177/1065] MPI random test: Add a few more small-range tests Do more iterations with small values. This makes it more likely that a mistake on bounds will be detected. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index aa58c94cd2..cf25e273d1 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1063,6 +1063,12 @@ mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +MPI random in range: 1..2 +mpi_random_many:1:"02":1000 + +MPI random in range: 1..3 +mpi_random_many:1:"03":1000 + MPI random in range: 1..4 mpi_random_many:1:"04":1000 @@ -1153,14 +1159,17 @@ mpi_random_many:1:"01000000000000000001":100 MPI random in range: 1..2^72+2^63 mpi_random_many:1:"01800000000000000000":100 +MPI random in range: 0..1 +mpi_random_many:0:"04":10000 + MPI random in range: 0..4 -mpi_random_many:0:"04":1000 +mpi_random_many:0:"04":10000 MPI random in range: 2..4 -mpi_random_many:2:"04":1000 +mpi_random_many:2:"04":10000 MPI random in range: 3..4 -mpi_random_many:3:"04":1000 +mpi_random_many:3:"04":10000 MPI random in range: smaller result mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0 From d463edf8c5345e72315bfcb266af7fae11c5d275 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 20:45:05 +0200 Subject: [PATCH 0178/1065] MPI random test: fix small-range test stats check when min > 1 Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 1709677527..a2d312f6af 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1518,7 +1518,7 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) if( full_stats ) { - for( b = 1; b < stats_len; b++ ) + for( b = min; b < stats_len; b++ ) { mbedtls_test_set_step( 1000000 + b ); /* Assert that each value has been reached at least once. From 0ad640ab8344cc30987a219c2fa7fd66f100937d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 20:47:07 +0200 Subject: [PATCH 0179/1065] MPI random test: Add test cases with lower_bound > upper_bound Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index cf25e273d1..66339c9da0 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1219,6 +1219,15 @@ mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA MPI random bad arguments: min = N = 1 mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +MPI random bad arguments: min > N = 0 +mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min > N = 1 +mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min > N = 001 +mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + MPI Selftest depends_on:MBEDTLS_SELF_TEST mpi_selftest: From e5381686ef4cc089b4209a7fcd2258bea6805570 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 21:23:25 +0200 Subject: [PATCH 0180/1065] MPI random test: use more iterations for small numbers In real life, min << N and the probability that mbedtls_mpi_random() fails to find a suitable value after 30 iterations is less than one in a billion. But at least for testing purposes, it's useful to not outright reject "silly" small values of N, and for such values, 30 iterations is not enough to have a good probability of success. Pick 250 iterations, which is enough for cases like (min=3, N=4), but not for cases like (min=255, N=256). Signed-off-by: Gilles Peskine --- library/bignum.c | 37 ++++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index b504752e65..c77d188ee2 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2460,7 +2460,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, { /* SEC1 3.2.1: Generate X such that 1 <= n < N */ int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - int count = 0; + int count; unsigned cmp = 0; size_t n_bits = mbedtls_mpi_bitlen( N ); size_t n_bytes = ( n_bits + 7 ) / 8; @@ -2470,6 +2470,28 @@ int mbedtls_mpi_random( mbedtls_mpi *X, if( mbedtls_mpi_cmp_int( N, min ) <= 0 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + /* + * When min == 0, each try has at worst a probability 1/2 of failing + * (the msb has a probability 1/2 of being 0, and then the result will + * be < N), so after 30 tries failure probability is a most 2**(-30). + * + * When N is just below a power of 2, as is the case when generating + * a random point on most elliptic curves, 1 try is enough with + * overwhelming probability. When N is just above a power of 2, + * as when generating a random point on secp224k1, each try has + * a probability of failing that is almost 1/2. + * + * The probabilities are almost the same if min is nonzero but negligible + * compared to N. This is always the case when N is crypto-sized, but + * it's convenient to support small N for testing purposes. When N + * is small, use a higher repeat count, otherwise the probability of + * failure is macroscopic. + */ + if( n_bytes <= 4 ) + count = 250; + else + count = 30; + /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ @@ -2493,18 +2515,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, MBEDTLS_MPI_CHK( mpi_fill_random_internal( X, n_bytes, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); - /* - * Each try has at worst a probability 1/2 of failing (the msb has - * a probability 1/2 of being 0, and then the result will be < N), - * so after 30 tries failure probability is a most 2**(-30). - * - * When N is just below a power of 2, as is the case when generating - * a random point on most elliptic curves, 1 try is enough with - * overwhelming probability. When N is just above a power of 2, - * as when generating a random point on secp224k1, each try has - * a probability of failing that is almost 1/2. - */ - if( ++count > 30 ) + if( --count == 0 ) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; From 7ed7c5a37d60cf441c86c7bb398e4551feb531b1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 21:28:38 +0200 Subject: [PATCH 0181/1065] mbedtls_mpi_random: document MBEDTLS_ERR_MPI_NOT_ACCEPTABLE Note that this error has a negligible probability with a "crypto-sized" bound, but macroscopic probability with a small bound. Signed-off-by: Gilles Peskine --- include/mbedtls/bignum.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 3274422142..6a790243df 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -896,6 +896,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid * or if they are incompatible. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was + * unable to find a suitable value within a limited number + * of attempts. This has a negligible probability if \p N + * is significantly larger than \p min, which is the case + * for all usual cryptographic applications. * \return Another negative error code on failure. */ int mbedtls_mpi_random( mbedtls_mpi *X, From 0cb493d2397f71011ceabd1238133ee5c3cc079f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 21:32:24 +0200 Subject: [PATCH 0182/1065] Note that the "0 limb in ..." tests rely on undocumented behavior Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 66339c9da0..24bbc6ad1f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1183,6 +1183,11 @@ mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0 MPI random in range: larger result mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0 +## The "0 limb in upper bound" tests rely on the fact that +## mbedtls_mpi_read_binary() bases the size of the MPI on the size of +## the input, without first checking for leading zeros. If this was +## not the case, the tests would still pass, but would not exercise +## the advertised behavior. MPI random in range: leading 0 limb in upper bound #0 mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0 @@ -1225,7 +1230,7 @@ mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA MPI random bad arguments: min > N = 1 mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -MPI random bad arguments: min > N = 001 +MPI random bad arguments: min > N = 1, 0 limb in upper bound mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA MPI Selftest From ebe9b6a51da1fa4f9ece249b80a2b47e826a6e83 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 21:55:35 +0200 Subject: [PATCH 0183/1065] mpi_fill_random_internal: remove spurious grow() call Since the internal function mpi_fill_random_internal() assumes that X has the right size, there is no need to call grow(). To further simplify the function, set the sign outside, and zero out the non-randomized part directly. Signed-off-by: Gilles Peskine --- library/bignum.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index c77d188ee2..ac9bda81e6 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2397,6 +2397,7 @@ cleanup: /* Fill X with n_bytes random bytes. * X must already have room for those bytes. + * The size and sign of X are unchanged. * n_bytes must not be 0. */ static int mpi_fill_random_internal( @@ -2409,9 +2410,9 @@ static int mpi_fill_random_internal( if( X->n < limbs ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); + memset( X->p, 0, overhead ); + memset( (unsigned char *) X->p + limbs * ciL, 0, ( X->n - limbs ) * ciL ); MBEDTLS_MPI_CHK( f_rng( p_rng, (unsigned char *) X->p + overhead, n_bytes ) ); mpi_bigendian_to_host( X->p, limbs ); @@ -2443,6 +2444,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, mbedtls_mpi_init( X ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); } + X->s = 1; if( size == 0 ) return( 0 ); @@ -2501,6 +2503,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, mbedtls_mpi_init( X ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, N->n ) ); } + X->s = 1; /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) From 03299dcf5b8d58b4878acc2d16fd1bc0177fc3d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 22:10:24 +0200 Subject: [PATCH 0184/1065] DHM: add notes about leading zeros Signed-off-by: Gilles Peskine --- library/dhm.c | 6 ++++-- tests/suites/test_suite_dhm.function | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index e8055be713..accd5a85cf 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -223,7 +223,8 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, goto cleanup; /* - * export P, G, GX + * Export P, G, GX. RFC 5246 §4.4 states that "leading zero octets are + * not required". We omit leading zeros for compactness. */ #define DHM_MPI_EXPORT( X, n ) \ do { \ @@ -436,8 +437,9 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); } + /* Output the secret without any leading zero byte. This is mandatory + * for TLS per RFC 5246 §8.1.2. */ *olen = mbedtls_mpi_size( &ctx->K ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) ); cleanup: diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index edd96989aa..c51ec946d7 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -16,6 +16,8 @@ static int check_dhm_param_output( const mbedtls_mpi *expected, TEST_ASSERT( size >= *offset + 2 ); n = ( buffer[*offset] << 8 ) | buffer[*offset + 1]; *offset += 2; + /* The DHM param output from Mbed TLS has leading zeros stripped, as + * permitted but not required by RFC 5246 \S4.4. */ TEST_EQUAL( n, mbedtls_mpi_size( expected ) ); TEST_ASSERT( size >= *offset + n ); TEST_EQUAL( 0, mbedtls_mpi_read_binary( &actual, buffer + *offset, n ) ); From 19e36207ba79da7a7ffd8b152cb39f0381150a22 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 22:16:45 +0200 Subject: [PATCH 0185/1065] DHM tests: add some explanations Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 2 ++ tests/suites/test_suite_dhm.function | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index 773fe3b9c7..1def7fca95 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -10,6 +10,8 @@ dhm_do_dhm:10:"23":3:10:"5":0 Diffie-Hellman full exchange: 5-bit, x_size=2 dhm_do_dhm:10:"23":2:10:"5":0 +## Repeat this test case and a few similar ones several times. The RNG state +## changes, so we get to exercise the code with a few different values. Diffie-Hellman full exchange: 5-bit #1 dhm_do_dhm:10:"23":1:10:"5":0 diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index c51ec946d7..6d3743f94b 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -1,6 +1,9 @@ /* BEGIN_HEADER */ #include "mbedtls/dhm.h" +/* Sanity checks on a Diffie-Hellman parameter: check the length-value + * syntax and check that the value is the expected one (taken from the + * DHM context by the caller). */ static int check_dhm_param_output( const mbedtls_mpi *expected, const unsigned char *buffer, size_t size, @@ -30,6 +33,8 @@ exit: return( ok ); } +/* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison + * against the context. */ static int check_dhm_params( const mbedtls_dhm_context *ctx, size_t x_size, const unsigned char *ske, size_t ske_len ) From 3270b14d4bedd948134f31b9dc4f4a44997a7cde Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 22:26:27 +0200 Subject: [PATCH 0186/1065] DHM: add test case with x_size < 0 Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index 1def7fca95..33c7216594 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -27,6 +27,10 @@ dhm_do_dhm:10:"23":1:10:"5":0 Diffie-Hellman full exchange: 5-bit #5 dhm_do_dhm:10:"23":1:10:"5":0 +## This is x_size = P_size + 1. Arguably x_size > P_size makes no sense, +## but it's the current undocumented behavior to treat it the same as when +## x_size = P_size. If this behavior changes in the future, change the expected +## return status from 0 to MBEDTLS_ERR_DHM_BAD_INPUT_DATA. Diffie-Hellman full exchange: 97-bit, x_size=14 dhm_do_dhm:10:"93450983094850938450983409623":14:10:"9345098304850938450983409622":0 @@ -81,6 +85,9 @@ dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BA Diffie-Hellman zero modulus dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +Diffie-Hellman: x_size < 0 +dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + Diffie-Hellman MPI_MAX_SIZE modulus dhm_make_public:MBEDTLS_MPI_MAX_SIZE:10:"5":0 From e842e58f61da961b57b9a462c6d094d20f122a7b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Apr 2021 11:45:19 +0200 Subject: [PATCH 0187/1065] Correct some comments about ECC in mbedtls_mpi_random Signed-off-by: Gilles Peskine --- library/bignum.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index ac9bda81e6..5f5728d67d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2460,7 +2460,6 @@ int mbedtls_mpi_random( mbedtls_mpi *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - /* SEC1 3.2.1: Generate X such that 1 <= n < N */ int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int count; unsigned cmp = 0; @@ -2478,9 +2477,9 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * be < N), so after 30 tries failure probability is a most 2**(-30). * * When N is just below a power of 2, as is the case when generating - * a random point on most elliptic curves, 1 try is enough with + * a random scalar on most elliptic curves, 1 try is enough with * overwhelming probability. When N is just above a power of 2, - * as when generating a random point on secp224k1, each try has + * as when generating a random scalar on secp224k1, each try has * a probability of failing that is almost 1/2. * * The probabilities are almost the same if min is nonzero but negligible From c7eeeb1e8dbb220bae3768df773c2dea0a5a61d5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 21:17:36 +0200 Subject: [PATCH 0188/1065] Fix long-standing obsolete comment Signed-off-by: Gilles Peskine --- tests/include/test/random.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/include/test/random.h b/tests/include/test/random.h index b64a072b3e..6428280780 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -84,8 +84,7 @@ int mbedtls_test_rnd_zero_rand( void *rng_state, * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure. * * The number of bytes released from the buffer on each call to - * the random function is specified by per_call. (Can be between - * 1 and 4) + * the random function is specified by \p len. * * After the buffer is empty, this function will call the fallback RNG in the * #mbedtls_test_rnd_buf_info structure if there is one, and From 87823d791355e21693c9b22248d3f07924cc2dfe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 21:18:59 +0200 Subject: [PATCH 0189/1065] Use ternary operator with the most common case first Signed-off-by: Gilles Peskine --- library/bignum.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 5f5728d67d..1c20e3cbfd 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2488,10 +2488,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * is small, use a higher repeat count, otherwise the probability of * failure is macroscopic. */ - if( n_bytes <= 4 ) - count = 250; - else - count = 30; + count = ( n_bytes > 4 ? 30 : 250 ); /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. From 9077e435c6e702745e6289f8499c016c53c530d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 21:22:25 +0200 Subject: [PATCH 0190/1065] Fix mistakes in test case descriptions Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 24bbc6ad1f..1671d6e1e8 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1144,7 +1144,7 @@ mpi_random_many:1:"800000000000000000":100 MPI random in range: 1..2^71+1 mpi_random_many:1:"800000000000000001":100 -MPI random in range: 1..2^71+2^63 +MPI random in range: 1..2^71+2^70 mpi_random_many:1:"c00000000000000000":100 MPI random in range: 1..2^72-1 @@ -1156,7 +1156,7 @@ mpi_random_many:1:"01000000000000000000":100 MPI random in range: 1..2^72+1 mpi_random_many:1:"01000000000000000001":100 -MPI random in range: 1..2^72+2^63 +MPI random in range: 1..2^72+2^71 mpi_random_many:1:"01800000000000000000":100 MPI random in range: 0..1 From ceefe5d2696877842c1325749c2dc8b8b16a5354 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 21:24:04 +0200 Subject: [PATCH 0191/1065] Lift function call out of inner loop Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index a2d312f6af..58079841c5 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1530,6 +1530,8 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) } else { + int statistically_safe_all_the_way = + is_significantly_above_a_power_of_2( bound_bytes ); for( b = 0; b < n_bits; b++ ) { mbedtls_test_set_step( 1000000 + b ); @@ -1541,8 +1543,7 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) * As an exception, the top bit may legitimately never be set * if bound is a power of 2 or only slightly above. */ - if( b != n_bits - 1 || - is_significantly_above_a_power_of_2( bound_bytes ) ) + if( statistically_safe_all_the_way || b != n_bits - 1 ) { TEST_ASSERT( stats[b] > 0 ); } From ed32b576a4ebfa2213236f53abb307375c651af6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 22:17:52 +0200 Subject: [PATCH 0192/1065] New internal function mbedtls_mpi_resize_clear The idiom "resize an mpi to a given size" appeared 4 times. Unify it in a single function. Guarantee that the value is set to 0, which is required by some of the callers and not a significant expense where not required. Signed-off-by: Gilles Peskine --- library/bignum.c | 58 ++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 31 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 1c20e3cbfd..45310fe15e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -181,6 +181,27 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) return( 0 ); } +/* Resize X to have exactly n limbs and set it to 0. */ +static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) +{ + if( limbs == 0 ) + { + mbedtls_mpi_free( X ); + return( 0 ); + } + else if( X->n == limbs ) + { + memset( X->p, 0, limbs * ciL ); + X->s = 1; + return( 0 ); + } + else + { + mbedtls_mpi_free( X ); + return( mbedtls_mpi_grow( X, limbs ) ); + } +} + /* * Copy the contents of Y into X */ @@ -838,14 +859,7 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, size_t const limbs = CHARS_TO_LIMBS( buflen ); /* Ensure that target MPI has exactly the necessary number of limbs */ - if( X->n != limbs ) - { - mbedtls_mpi_free( X ); - mbedtls_mpi_init( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); - } - - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); for( i = 0; i < buflen; i++ ) X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3); @@ -874,17 +888,11 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); /* Ensure that target MPI has exactly the necessary number of limbs */ - if( X->n != limbs ) - { - mbedtls_mpi_free( X ); - mbedtls_mpi_init( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); - } - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); - /* Avoid calling `memcpy` with NULL source argument, + /* Avoid calling `memcpy` with NULL source or destination argument, * even if buflen is 0. */ - if( buf != NULL ) + if( buflen != 0 ) { Xp = (unsigned char*) X->p; memcpy( Xp + overhead, buf, buflen ); @@ -2438,13 +2446,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, MPI_VALIDATE_RET( f_rng != NULL ); /* Ensure that target MPI has exactly the necessary number of limbs */ - if( X->n != limbs ) - { - mbedtls_mpi_free( X ); - mbedtls_mpi_init( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); - } - X->s = 1; + MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); if( size == 0 ) return( 0 ); @@ -2493,13 +2495,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ - if( X->n != N->n ) - { - mbedtls_mpi_free( X ); - mbedtls_mpi_init( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, N->n ) ); - } - X->s = 1; + MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) ); /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) From 405b091d9e3aefc5a9b2a4e51aabbb2bf002e51f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Jun 2021 11:38:26 +0200 Subject: [PATCH 0193/1065] Use MBEDTLS_MPI_CHK where warranted Signed-off-by: Gilles Peskine --- library/bignum.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 45310fe15e..670d6141cd 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2516,11 +2516,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X, goto cleanup; } - ret = mbedtls_mpi_lt_mpi_ct( X, N, &cmp ); - if( ret != 0 ) - { - goto cleanup; - } + MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, &cmp ) ); } while( mbedtls_mpi_cmp_int( X, min ) < 0 || cmp != 1 ); From afb2bd2f22dfa87414fb8e566853098241b5be63 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Jun 2021 11:51:09 +0200 Subject: [PATCH 0194/1065] Note that the byte order in mpi_fill_random_internal() is deliberate Signed-off-by: Gilles Peskine --- library/bignum.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index 670d6141cd..c49d63e037 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2405,6 +2405,8 @@ cleanup: /* Fill X with n_bytes random bytes. * X must already have room for those bytes. + * The ordering of the bytes returned from the RNG is suitable for + * deterministic ECDSA (see RFC 6979 §3.3 and mbedtls_mpi_random()). * The size and sign of X are unchanged. * n_bytes must not be 0. */ From d60b6c62d57563b04caa1ee0470fb0d1354302d5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 29 Apr 2021 12:04:11 +0100 Subject: [PATCH 0195/1065] Remove per-version ciphersuite configuration API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit removes the API ``` mbedtls_ssl_conf_ciphersuites_for_version() ``` which allows to configure lists of acceptable ciphersuites for each supported version of SSL/TLS: SSL3, TLS 1.{0,1,2}. With Mbed TLS 3.0, support for SSL3, TLS 1.0 and TLS 1.1 is dropped. Moreover, upcoming TLS 1.3 support has a different notion of cipher suite and will require a different API. This means that it's only for TLS 1.2 that we require a ciphersuite configuration API, and ``` mbedtls_ssl_conf_ciphersuites() ``` can be used for that. The version-specific ciphersuite configuration API `mbedtls_ssl_conf_ciphersuites_for_version()`, in turn, is no longer needed. Signed-off-by: Hanno Becker Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ssl.h | 38 +----------------- library/ssl_cli.c | 7 ++-- library/ssl_srv.c | 2 +- library/ssl_tls.c | 80 ++------------------------------------ programs/ssl/ssl_server2.c | 63 ------------------------------ tests/ssl-opt.sh | 11 ------ 6 files changed, 9 insertions(+), 192 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 677ed9869b..b5b91f3e17 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -976,10 +976,8 @@ struct mbedtls_ssl_config * Pointers */ - /** Allowed ciphersuites per version. To access list's elements, please use - * \c mbedtls_ssl_get_protocol_version_ciphersuites - */ - const int *ciphersuite_list[3]; + /** Allowed ciphersuites for (D)TLS 1.2 (0-terminated) */ + const int *ciphersuite_list; /** Callback for printing debug output */ void (*f_dbg)(void *, int, const char *, int, const char *); @@ -2508,17 +2506,6 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, const int *ciphersuites ); -/** - * \brief Get ciphersuite for given protocol's minor version. - * - * \param conf The SSL configuration. - * \param prot_version Protocol version. One of MBEDTLS_SSL_MINOR_VERSION_x macros. - * \return Ciphersuites pointer if successful. - * \return \c NULL if no ciphersuites where found. - */ -const int *mbedtls_ssl_get_protocol_version_ciphersuites( - const mbedtls_ssl_config *conf, int prot_version ); - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 #define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1 @@ -2558,27 +2545,6 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, int ignore_other_cids ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -/** - * \brief Set the list of allowed ciphersuites and the - * preference order for a specific version of the protocol. - * (Only useful on the server side) - * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_config. - * - * \param conf SSL configuration - * \param ciphersuites 0-terminated list of allowed ciphersuites - * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 - * supported) - * \param minor Minor version number (only MBEDTLS_SSL_MINOR_VERSION_3 - * supported) - * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 - */ -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ); - #if defined(MBEDTLS_X509_CRT_PARSE_C) /** * \brief Set the X.509 security profile used for verification diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 6cf283e1db..12ed0fbb27 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1155,8 +1155,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* * Ciphersuite list */ - ciphersuites = mbedtls_ssl_get_protocol_version_ciphersuites( ssl->conf, - ssl->minor_ver ); + ciphersuites = ssl->conf->ciphersuite_list; /* Skip writing ciphersuite length for now */ n = 0; @@ -2244,7 +2243,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) i = 0; while( 1 ) { - if( mbedtls_ssl_get_protocol_version_ciphersuites( ssl->conf, ssl->minor_ver )[i] == 0 ) + if( ssl->conf->ciphersuite_list[i] == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( @@ -2254,7 +2253,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - if( mbedtls_ssl_get_protocol_version_ciphersuites( ssl->conf, ssl->minor_ver )[i++] == + if( ssl->conf->ciphersuite_list[i++] == ssl->session_negotiate->ciphersuite ) { break; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 8f13a2cec0..4fe6b02f10 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1870,7 +1870,7 @@ read_record_header: * and certificate from the SNI callback triggered by the SNI extension.) */ got_common_suite = 0; - ciphersuites = mbedtls_ssl_get_protocol_version_ciphersuites( ssl->conf, ssl->minor_ver ); + ciphersuites = ssl->conf->ciphersuite_list; ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 342832f120..9b8c05f761 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3514,73 +3514,10 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session } #endif /* MBEDTLS_SSL_CLI_C */ -static int protocol_version_to_ciphersuites_list_index(int prot_version) -{ - switch(prot_version) { - case MBEDTLS_SSL_MINOR_VERSION_1: - return 0; - case MBEDTLS_SSL_MINOR_VERSION_2: - return 1; - case MBEDTLS_SSL_MINOR_VERSION_3: - return 2; - default: - return -1; - }; -} - -static void set_protocol_version_ciphersuites( mbedtls_ssl_config *conf, - int prot_version, - const int* ciphersuites ) -{ - int ciphersuite_list_index = - protocol_version_to_ciphersuites_list_index(prot_version); - if ( ciphersuite_list_index >= 0 && - (unsigned int)ciphersuite_list_index < - sizeof(conf->ciphersuite_list)/sizeof(conf->ciphersuite_list[0]) ) - { - conf->ciphersuite_list[ciphersuite_list_index] = ciphersuites; - } -} - void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, const int *ciphersuites ) { - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_1, - ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_2, - ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_3, - ciphersuites); -} - -const int *mbedtls_ssl_get_protocol_version_ciphersuites( - const mbedtls_ssl_config *conf, int prot_version ) -{ - int ciphersuite_list_index = - protocol_version_to_ciphersuites_list_index(prot_version); - if ( ciphersuite_list_index >= 0 && - (unsigned int)ciphersuite_list_index < - sizeof(conf->ciphersuite_list)/sizeof(conf->ciphersuite_list[0]) ) - { - return conf->ciphersuite_list[ciphersuite_list_index]; - } - else - { - return NULL; - } -} - -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ) -{ - if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) - return; - - if( minor != MBEDTLS_SSL_MINOR_VERSION_3 ) - return; - - set_protocol_version_ciphersuites(conf, minor, ciphersuites); + conf->ciphersuite_list = ciphersuites; } #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -6278,12 +6215,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_1, - ssl_preset_suiteb_ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_2, - ssl_preset_suiteb_ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_3, - ssl_preset_suiteb_ciphersuites); + conf->ciphersuite_list = ssl_preset_suiteb_ciphersuites; #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; @@ -6317,13 +6249,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; #endif - const int* default_ciphersuites = mbedtls_ssl_list_ciphersuites(); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_1, - default_ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_2, - default_ciphersuites); - set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_3, - default_ciphersuites); + conf->ciphersuite_list = mbedtls_ssl_list_ciphersuites(); #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_default; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ef55a7c250..0e7b7f929b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -93,7 +93,6 @@ int main( void ) #define DFL_ECJPAKE_PW NULL #define DFL_PSK_LIST NULL #define DFL_FORCE_CIPHER 0 -#define DFL_VERSION_SUITES NULL #define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 @@ -501,9 +500,6 @@ int main( void ) " force_version=%%s default: \"\" (none)\n" \ " options: tls1_2, dtls1_2\n" \ "\n" \ - " version_suites=a,b,c per-version ciphersuites\n" \ - " in order from tls1 to tls1_2\n" \ - " default: all enabled\n" \ " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -565,7 +561,6 @@ struct options char *psk_list; /* list of PSK id/key pairs for callback */ const char *ecjpake_pw; /* the EC J-PAKE password */ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ - const char *version_suites; /* per-version ciphersuites */ int renegotiation; /* enable / disable renegotiation */ int allow_legacy; /* allow legacy renegotiation */ int renegotiate; /* attempt renegotiation? */ @@ -1253,7 +1248,6 @@ int main( int argc, char *argv[] ) { int ret = 0, len, written, frags, exchanges_left; int query_config_ret = 0; - int version_suites[3][2]; io_ctx_t io_ctx; unsigned char* buf = 0; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -1481,7 +1475,6 @@ int main( int argc, char *argv[] ) opt.psk_list = DFL_PSK_LIST; opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; - opt.version_suites = DFL_VERSION_SUITES; opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; @@ -1669,8 +1662,6 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "curves" ) == 0 ) opt.curves = q; - else if( strcmp( p, "version_suites" ) == 0 ) - opt.version_suites = q; else if( strcmp( p, "renegotiation" ) == 0 ) { opt.renegotiation = (atoi( q )) ? @@ -2067,47 +2058,6 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ } - if( opt.version_suites != NULL ) - { - const char *name[3] = { 0 }; - - /* Parse 4-element coma-separated list */ - for( i = 0, p = (char *) opt.version_suites; - i < 3 && *p != '\0'; - i++ ) - { - name[i] = p; - - /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - } - - if( i != 3 ) - { - mbedtls_printf( "too few values for version_suites\n" ); - ret = 1; - goto exit; - } - - memset( version_suites, 0, sizeof( version_suites ) ); - - /* Get the suites identifiers from their name */ - for( i = 0; i < 3; i++ ) - { - version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); - - if( version_suites[i][0] == 0 ) - { - mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); - ret = 2; - goto usage; - } - } - } - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) if( mbedtls_test_unhexify( cid, sizeof( cid ), opt.cid_val, &cid_len ) != 0 ) @@ -2689,19 +2639,6 @@ int main( int argc, char *argv[] ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); - if( opt.version_suites != NULL ) - { - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_1 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_2 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3 ); - } - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); #if defined(MBEDTLS_SSL_RENEGOTIATION) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1d49dc5cbf..a54aab1f64 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5614,17 +5614,6 @@ run_test "ECJPAKE: working, DTLS, nolog" \ force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 0 -# Tests for ciphersuites per version - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.2" \ - "$P_SRV version_suites=TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1_2" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" - # Test for ClientHello without extensions requires_gnutls From cac90a15edff69afca15837d3187a4bf655d37be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 4 Jun 2021 11:42:30 +0200 Subject: [PATCH 0196/1065] Hide constants for TLS 1.0 and TLS 1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ssl_server2 had a check that we never try to use a minor version lower than 2 with DTLS, but that check is no longer needed, as there's no way that would happen now that MBEDTLS_SSL_MINOR_VERSION_1 is no longer public. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ssl.h | 4 ---- library/ssl_ciphersuites.c | 1 + library/ssl_misc.h | 10 ++++++++++ programs/ssl/ssl_server2.c | 4 ---- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b5b91f3e17..c6bd35814e 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -125,14 +125,10 @@ */ /* These are the high an low bytes of ProtocolVersion as defined by: - * - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0 - * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 * - RFC 5246: ProtocolVersion version = { 3, 3 }; // TLS v1.2 * - RFC 8446: see section 4.2.1 */ #define MBEDTLS_SSL_MAJOR_VERSION_3 3 -#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 deprecated */ -#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 deprecated */ #define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ #define MBEDTLS_SSL_MINOR_VERSION_4 4 /*!< TLS v1.3 (experimental) */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 00dcd07976..1bda9c0666 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -31,6 +31,7 @@ #include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/ssl.h" +#include "ssl_misc.h" #include diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 73ffdef92e..e5ec13118e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -65,6 +65,16 @@ #define inline __inline #endif +/* Legacy minor version numbers as defined by: + * - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0 + * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 + * + * We no longer support these versions, but some code still references those + * constants, for keep them for now until we clean up that code. + */ +#define MBEDTLS_SSL_MINOR_VERSION_1 1 +#define MBEDTLS_SSL_MINOR_VERSION_2 2 + /* Determine minimum supported version */ #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0e7b7f929b..151c811e31 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2027,10 +2027,6 @@ int main( int argc, char *argv[] ) if( opt.min_version < ciphersuite_info->min_minor_ver ) { opt.min_version = ciphersuite_info->min_minor_ver; - /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; } #if defined(MBEDTLS_USE_PSA_CRYPTO) From 9371a404767f8225f7ef7e0264e7c2f69bc459d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 4 Jun 2021 11:44:44 +0200 Subject: [PATCH 0197/1065] Stop referencing private constants in documentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ssl.h | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c6bd35814e..dc37bc310a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3191,8 +3191,7 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ss * * \param conf SSL configuration * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * \param minor Minor version number (only MBEDTLS_SSL_MINOR_VERSION_3 supported) */ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); @@ -3207,9 +3206,7 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino * * \param conf SSL configuration * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_1, - * MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * \param minor Minor version number (only MBEDTLS_SSL_MINOR_VERSION_3 supported) */ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); From 5b0589e9ab121ceb9fe19ede92d15fe86653b921 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 21:09:10 +0200 Subject: [PATCH 0198/1065] Fix non-constant-time comparison in mbedtls_mpi_random Calling mbedtls_mpi_cmp_int reveals the number of leading zero limbs to an adversary who is capable of very fine-grained timing measurements. This is very little information, but could be practical with secp521r1 (1/512 chance of the leading limb being 0) if the adversary can measure the precise timing of a large number of signature operations. Signed-off-by: Gilles Peskine --- ChangeLog.d/ecdsa-random-leading-zeros.txt | 7 +++++++ library/bignum.c | 13 ++++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/ecdsa-random-leading-zeros.txt diff --git a/ChangeLog.d/ecdsa-random-leading-zeros.txt b/ChangeLog.d/ecdsa-random-leading-zeros.txt new file mode 100644 index 0000000000..cbc674bd48 --- /dev/null +++ b/ChangeLog.d/ecdsa-random-leading-zeros.txt @@ -0,0 +1,7 @@ +Security +* Fix a potential side channel vulnerability in ECDSA ephemeral key generation. + An adversary who is capable of very precise timing measurements could + learn partial information about the leading bits of the nonce used for the + signature, allowing the recovery of the private key after observing a + large number of signature operations. This completes a partial fix in + Mbed TLS 2.20.0. diff --git a/library/bignum.c b/library/bignum.c index c49d63e037..b09e8e8302 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2466,9 +2466,10 @@ int mbedtls_mpi_random( mbedtls_mpi *X, { int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int count; - unsigned cmp = 0; + unsigned lt_lower = 1, lt_upper = 0; size_t n_bits = mbedtls_mpi_bitlen( N ); size_t n_bytes = ( n_bits + 7 ) / 8; + mbedtls_mpi lower_bound; if( min < 0 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -2494,10 +2495,14 @@ int mbedtls_mpi_random( mbedtls_mpi *X, */ count = ( n_bytes > 4 ? 30 : 250 ); + mbedtls_mpi_init( &lower_bound ); + /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &lower_bound, N->n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &lower_bound, min ) ); /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) @@ -2518,11 +2523,13 @@ int mbedtls_mpi_random( mbedtls_mpi *X, goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, &cmp ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, &lower_bound, <_lower ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, <_upper ) ); } - while( mbedtls_mpi_cmp_int( X, min ) < 0 || cmp != 1 ); + while( lt_lower != 0 || lt_upper == 0 ); cleanup: + mbedtls_mpi_free( &lower_bound ); return( ret ); } From d259e347e6e3a630acfc1a811709ca05e5d3b92e Mon Sep 17 00:00:00 2001 From: Chris Kay Date: Thu, 25 Mar 2021 16:03:25 +0000 Subject: [PATCH 0199/1065] Add CMake package config file This change enables automatic detection and consumption of Mbed TLS library targets from within other CMake projects. By generating an `MbedTLSConfig.cmake` file, consuming projects receive a more complete view of these targets, allowing them to be used as dependencies which properly inherit the transitive dependencies of the libraries. This is fairly fragile, as it seems Mbed TLS's libraries do not appear to properly model their dependencies on other targets, including third-party dependencies. It is, however, sufficient for building and linking the compiled Mbed TLS libraries when there are no third-party dependencies involved. Further work is needed for more complex use-cases, but this will likely meet the needs of most projects. Resolves #298. Probably useful for #2857. Signed-off-by: Chris Kay --- 3rdparty/CMakeLists.txt | 12 ----- 3rdparty/everest/CMakeLists.txt | 31 ++++++----- CMakeLists.txt | 37 ++++++++++++- ChangeLog.d/add-cmake-package-config.txt | 2 + README.md | 27 ++++++++++ cmake/MbedTLSConfig.cmake.in | 3 ++ library/CMakeLists.txt | 27 ++++++---- programs/test/cmake_package/.gitignore | 3 ++ programs/test/cmake_package/CMakeLists.txt | 36 +++++++++++++ programs/test/cmake_package/cmake_package.c | 53 ++++++++++++++++++ .../test/cmake_package_install/.gitignore | 3 ++ .../test/cmake_package_install/CMakeLists.txt | 39 ++++++++++++++ .../cmake_package_install.c | 54 +++++++++++++++++++ tests/scripts/all.sh | 38 ++++++++++++- 14 files changed, 324 insertions(+), 41 deletions(-) create mode 100644 ChangeLog.d/add-cmake-package-config.txt create mode 100644 cmake/MbedTLSConfig.cmake.in create mode 100644 programs/test/cmake_package/.gitignore create mode 100644 programs/test/cmake_package/CMakeLists.txt create mode 100644 programs/test/cmake_package/cmake_package.c create mode 100644 programs/test/cmake_package_install/.gitignore create mode 100644 programs/test/cmake_package_install/CMakeLists.txt create mode 100644 programs/test/cmake_package_install/cmake_package_install.c diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt index 18945e52ee..fbd0470de4 100644 --- a/3rdparty/CMakeLists.txt +++ b/3rdparty/CMakeLists.txt @@ -1,17 +1,5 @@ -list (APPEND thirdparty_src) -list (APPEND thirdparty_lib) -list (APPEND thirdparty_inc_public) -list (APPEND thirdparty_inc) -list (APPEND thirdparty_def) - execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) if(${result} EQUAL 0) add_subdirectory(everest) endif() - -set(thirdparty_src ${thirdparty_src} PARENT_SCOPE) -set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE) -set(thirdparty_inc_public ${thirdparty_inc_public} PARENT_SCOPE) -set(thirdparty_inc ${thirdparty_inc} PARENT_SCOPE) -set(thirdparty_def ${thirdparty_def} PARENT_SCOPE) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index d81d995f1f..ff9da7af7d 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -1,16 +1,15 @@ -list (APPEND everest_src) -list (APPEND everest_inc_public) -list (APPEND everest_inc) -list (APPEND everest_def) +add_library(everest + library/everest.c + library/x25519.c + library/Hacl_Curve25519_joined.c) -set(everest_src - ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c -) - -list(APPEND everest_inc_public ${CMAKE_CURRENT_SOURCE_DIR}/include) -list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) +target_include_directories(everest + PUBLIC $ + $ + $ + PRIVATE include/everest + include/everest/kremlib + ${MBEDTLS_DIR}/library/) if(INSTALL_MBEDTLS_HEADERS) @@ -22,7 +21,7 @@ if(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS) -set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE) -set(thirdparty_inc_public ${thirdparty_inc_public} ${everest_inc_public} PARENT_SCOPE) -set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE) -set(thirdparty_def ${thirdparty_def} ${everest_def} PARENT_SCOPE) +install(TARGETS everest + EXPORT MbedTLSTargets + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/CMakeLists.txt b/CMakeLists.txt index f648f2299b..4630eab050 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -18,6 +18,8 @@ cmake_minimum_required(VERSION 2.8.12) +include(CMakePackageConfigHelpers) + # https://cmake.org/cmake/help/latest/policy/CMP0011.html # Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD # policy setting is deprecated, and will be removed in future versions. @@ -221,7 +223,6 @@ endif() add_subdirectory(include) add_subdirectory(3rdparty) -list(APPEND libs ${thirdparty_lib}) add_subdirectory(library) @@ -300,3 +301,37 @@ if(ENABLE_TESTING) ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY) endif() endif() + +configure_package_config_file( + "cmake/MbedTLSConfig.cmake.in" + "cmake/MbedTLSConfig.cmake" + INSTALL_DESTINATION "cmake") + +write_basic_package_version_file( + "cmake/MbedTLSConfigVersion.cmake" + COMPATIBILITY SameMajorVersion + VERSION 2.26.0) + +install( + FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" + "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake" + DESTINATION "cmake") + +export( + EXPORT MbedTLSTargets + NAMESPACE MbedTLS:: + FILE "cmake/MbedTLSTargets.cmake") + +install( + EXPORT MbedTLSTargets + NAMESPACE MbedTLS:: + DESTINATION "cmake" + FILE "MbedTLSTargets.cmake") + +if(CMAKE_VERSION VERSION_GREATER 3.14) + # Do not export the package by default + cmake_policy(SET CMP0090 NEW) + + # Make this package visible to the system + export(PACKAGE MbedTLS) +endif() diff --git a/ChangeLog.d/add-cmake-package-config.txt b/ChangeLog.d/add-cmake-package-config.txt new file mode 100644 index 0000000000..3b738169b5 --- /dev/null +++ b/ChangeLog.d/add-cmake-package-config.txt @@ -0,0 +1,2 @@ +Changes + * Add CMake package config generation for CMake projects consuming Mbed TLS. diff --git a/README.md b/README.md index 3f41a0d76d..fdaab0a5ea 100644 --- a/README.md +++ b/README.md @@ -181,6 +181,33 @@ Regarding variables, also note that if you set CFLAGS when invoking cmake, your value of CFLAGS doesn't override the content provided by cmake (depending on the build mode as seen above), it's merely prepended to it. +#### Consuming Mbed TLS + +Mbed TLS provides a package config file for consumption as a dependency in other +CMake projects. You can include Mbed TLS's CMake targets yourself with: + + find_package(MbedTLS) + +If prompted, set `MbedTLS_DIR` to `${YOUR_MBEDTLS_INSTALL_DIR}/cmake`. This +creates the following targets: + +- `MbedTLS::mbedcrypto` (Crypto library) +- `MbedTLS::mbedtls` (TLS library) +- `MbedTLS::mbedx509` (X509 library) + +You can then use these directly through `target_link_libraries()`: + + add_executable(xyz) + + target_link_libraries(xyz + PUBLIC MbedTLS::mbedtls + MbedTLS::mbedcrypto + MbedTLS::mbedx509) + +This will link the Mbed TLS libraries to your library or application, and add +its include directories to your target (transitively, in the case of `PUBLIC` or +`INTERFACE` link libraries). + #### Mbed TLS as a subproject Mbed TLS supports being built as a CMake subproject. One can diff --git a/cmake/MbedTLSConfig.cmake.in b/cmake/MbedTLSConfig.cmake.in new file mode 100644 index 0000000000..b65bbaba57 --- /dev/null +++ b/cmake/MbedTLSConfig.cmake.in @@ -0,0 +1,3 @@ +@PACKAGE_INIT@ + +include("${CMAKE_CURRENT_LIST_DIR}/MbedTLSTargets.cmake") diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index f31820a2f8..def54a9503 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -87,8 +87,6 @@ set(src_crypto xtea.c ) -list(APPEND src_crypto ${thirdparty_src}) - set(src_x509 x509.c x509_create.c @@ -180,6 +178,10 @@ if(USE_STATIC_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) + if(TARGET everest) + target_link_libraries(${mbedcrypto_static_target} PUBLIC everest) + endif() + add_library(${mbedx509_static_target} STATIC ${src_x509}) set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) @@ -194,6 +196,10 @@ if(USE_SHARED_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.26.0 SOVERSION 6) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) + if(TARGET everest) + target_link_libraries(${mbedcrypto_target} PUBLIC everest) + endif() + add_library(${mbedx509_target} SHARED ${src_x509}) set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.26.0 SOVERSION 1) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) @@ -210,15 +216,14 @@ foreach(target IN LISTS target_libraries) # /library needs to be listed explicitly when building .c files outside # of /library (which currently means: under /3rdparty). target_include_directories(${target} - PUBLIC ${MBEDTLS_DIR}/include/ - PUBLIC ${thirdparty_inc_public} - PRIVATE ${MBEDTLS_DIR}/library/ - PRIVATE ${thirdparty_inc}) - target_compile_definitions(${target} - PRIVATE ${thirdparty_def}) - install(TARGETS ${target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + PUBLIC $ + $ + PRIVATE ${MBEDTLS_DIR}/library/) + install( + TARGETS ${target} + EXPORT MbedTLSTargets + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) endforeach(target) set(lib_target "${MBEDTLS_TARGET_PREFIX}lib") diff --git a/programs/test/cmake_package/.gitignore b/programs/test/cmake_package/.gitignore new file mode 100644 index 0000000000..9ae6b59c4b --- /dev/null +++ b/programs/test/cmake_package/.gitignore @@ -0,0 +1,3 @@ +build +Makefile +cmake_package diff --git a/programs/test/cmake_package/CMakeLists.txt b/programs/test/cmake_package/CMakeLists.txt new file mode 100644 index 0000000000..518d2e94f2 --- /dev/null +++ b/programs/test/cmake_package/CMakeLists.txt @@ -0,0 +1,36 @@ +cmake_minimum_required(VERSION 2.8.12) + +# +# Simulate configuring and building Mbed TLS as the user might do it. We'll +# skip installing it, and use the build directory directly instead. +# + +set(MbedTLS_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..") +set(MbedTLS_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + "-H${MbedTLS_SOURCE_DIR}" + "-B${MbedTLS_BINARY_DIR}" + "-DENABLE_PROGRAMS=NO" + "-DENABLE_TESTING=NO") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + --build "${MbedTLS_BINARY_DIR}") + +# +# Locate the package. +# + +set(MbedTLS_DIR "${MbedTLS_BINARY_DIR}/cmake") +find_package(MbedTLS REQUIRED) + +# +# At this point, the Mbed TLS targets should have been imported, and we can now +# link to them from our own program. +# + +add_executable(cmake_package cmake_package.c) +target_link_libraries(cmake_package + MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509) diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c new file mode 100644 index 0000000000..3f993a07b6 --- /dev/null +++ b/programs/test/cmake_package/cmake_package.c @@ -0,0 +1,53 @@ +/* + * Simple program to test that Mbed TLS builds correctly as a CMake package. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#include "mbedtls/version.h" + +/* The main reason to build this is for testing the CMake build, so the program + * doesn't need to do very much. It calls a single library function to ensure + * linkage works, but that is all. */ +int main() +{ + /* This version string is 18 bytes long, as advised by version.h. */ + char version[18]; + + mbedtls_version_get_string_full( version ); + + mbedtls_printf( "Built against %s\n", version ); + + return( 0 ); +} diff --git a/programs/test/cmake_package_install/.gitignore b/programs/test/cmake_package_install/.gitignore new file mode 100644 index 0000000000..b9b828288b --- /dev/null +++ b/programs/test/cmake_package_install/.gitignore @@ -0,0 +1,3 @@ +build +Makefile +cmake_package_install diff --git a/programs/test/cmake_package_install/CMakeLists.txt b/programs/test/cmake_package_install/CMakeLists.txt new file mode 100644 index 0000000000..711a1e506e --- /dev/null +++ b/programs/test/cmake_package_install/CMakeLists.txt @@ -0,0 +1,39 @@ +cmake_minimum_required(VERSION 2.8.12) + +# +# Simulate configuring and building Mbed TLS as the user might do it. We'll +# install into a directory inside our own build directory. +# + +set(MbedTLS_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..") +set(MbedTLS_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls") +set(MbedTLS_BINARY_DIR "${MbedTLS_INSTALL_DIR}${CMAKE_FILES_DIRECTORY}") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + "-H${MbedTLS_SOURCE_DIR}" + "-B${MbedTLS_BINARY_DIR}" + "-DENABLE_PROGRAMS=NO" + "-DENABLE_TESTING=NO" + "-DCMAKE_INSTALL_PREFIX=${MbedTLS_INSTALL_DIR}") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + --build "${MbedTLS_BINARY_DIR}" + --target install) + +# +# Locate the package. +# + +set(MbedTLS_DIR "${MbedTLS_INSTALL_DIR}/cmake") +find_package(MbedTLS REQUIRED) + +# +# At this point, the Mbed TLS targets should have been imported, and we can now +# link to them from our own program. +# + +add_executable(cmake_package_install cmake_package_install.c) +target_link_libraries(cmake_package_install + MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509) diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c new file mode 100644 index 0000000000..1ae0b8471a --- /dev/null +++ b/programs/test/cmake_package_install/cmake_package_install.c @@ -0,0 +1,54 @@ +/* + * Simple program to test that Mbed TLS builds correctly as an installable CMake + * package. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#include "mbedtls/version.h" + +/* The main reason to build this is for testing the CMake build, so the program + * doesn't need to do very much. It calls a single library function to ensure + * linkage works, but that is all. */ +int main() +{ + /* This version string is 18 bytes long, as advised by version.h. */ + char version[18]; + + mbedtls_version_get_string_full( version ); + + mbedtls_printf( "Built against %s\n", version ); + + return( 0 ); +} diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab8500b94c..c14021d50a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -273,7 +273,7 @@ cleanup() -iname CMakeFiles -exec rm -rf {} \+ -o \ \( -iname cmake_install.cmake -o \ -iname CTestTestfile.cmake -o \ - -iname CMakeCache.txt \) -exec rm {} \+ + -iname CMakeCache.txt \) -exec rm -f {} \+ # Recover files overwritten by in-tree CMake builds rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile @@ -284,6 +284,16 @@ cleanup() rm -f programs/test/cmake_subproject/Makefile rm -f programs/test/cmake_subproject/cmake_subproject + # Remove any artifacts from the component_test_cmake_as_package test. + rm -rf programs/test/cmake_package/build + rm -f programs/test/cmake_package/Makefile + rm -f programs/test/cmake_package/cmake_package + + # Remove any artifacts from the component_test_cmake_as_installed_package test. + rm -rf programs/test/cmake_package_install/build + rm -f programs/test/cmake_package_install/Makefile + rm -f programs/test/cmake_package_install/cmake_package_install + if [ -f "$CONFIG_BAK" ]; then mv "$CONFIG_BAK" "$CONFIG_H" fi @@ -2609,6 +2619,32 @@ component_test_cmake_as_subdirectory () { unset MBEDTLS_ROOT_DIR } +component_test_cmake_as_package () { + msg "build: cmake 'as-package' build" + MBEDTLS_ROOT_DIR="$PWD" + + cd programs/test/cmake_package + cmake . + make + if_build_succeeded ./cmake_package + + cd "$MBEDTLS_ROOT_DIR" + unset MBEDTLS_ROOT_DIR +} + +component_test_cmake_as_package_install () { + msg "build: cmake 'as-installed-package' build" + MBEDTLS_ROOT_DIR="$PWD" + + cd programs/test/cmake_package_install + cmake . + make + if_build_succeeded ./cmake_package_install + + cd "$MBEDTLS_ROOT_DIR" + unset MBEDTLS_ROOT_DIR +} + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an From 2f458d3dccb0405bdf006bb48522a9a03cce8870 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 3 Jun 2021 17:58:13 +0100 Subject: [PATCH 0200/1065] Update README to document minimum tool versions Fixes #4379. Signed-off-by: Dave Rodgman --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 3f41a0d76d..78d3c30cfd 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Documentation for the Mbed TLS interfaces in the default library configuration i To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration: -1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work. +1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. 1. Run `make apidoc`. 1. Browse `apidoc/index.html` or `apidoc/modules.html`. @@ -39,7 +39,7 @@ There are currently three active build systems used within Mbed TLS releases: - GNU Make - CMake -- Microsoft Visual Studio (Microsoft Visual Studio 2013 or later) +- Microsoft Visual Studio The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically. @@ -49,10 +49,13 @@ The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx You need the following tools to build the library with the provided makefiles: -* GNU Make or a build tool that CMake supports. -* A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work. -* Python 3 to generate the test code, and to generate sample programs in the development branch. +* GNU Make 3.82 or a build tool that CMake supports. +* A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR 8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work. +* Python 3.6 to generate the test code, and to generate sample programs in the development branch. * Perl to run the tests, and to generate some source files in the development branch. +* CMake 3.10.2 or later (if using CMake). +* Microsoft Visual Studio 2013 or later (if using Visual Studio). +* Doxygen 1.8.11 or later (if building the documentation; slightly older versions should work). ### Generated source files in the development branch From f21e4621f8933533e28d78402dc5c6d43d9f8555 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 4 Jun 2021 14:15:27 +0100 Subject: [PATCH 0201/1065] Changelog entry for updated tool versions Signed-off-by: Dave Rodgman --- ChangeLog.d/tool-versions.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/tool-versions.txt diff --git a/ChangeLog.d/tool-versions.txt b/ChangeLog.d/tool-versions.txt new file mode 100644 index 0000000000..b89b384aa3 --- /dev/null +++ b/ChangeLog.d/tool-versions.txt @@ -0,0 +1,4 @@ +Requirement changes + * Refresh the minimum supported versions of tools to build the + library. CMake versions older than 3.10.2 and Python older + than 3.6 are no longer supported. From be4af04fcffcfebe44fa12d39388817d9949a9f3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 4 Jun 2021 17:04:20 +0100 Subject: [PATCH 0202/1065] Update minimum CMake version in CMakeLists.txt Signed-off-by: Dave Rodgman --- CMakeLists.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f648f2299b..efe3cab65a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -16,7 +16,9 @@ # mbedtls, mbedx509, mbedcrypto and apidoc targets. # -cmake_minimum_required(VERSION 2.8.12) +# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here +# until our infrastructure catches up. +cmake_minimum_required(VERSION 3.5.1) # https://cmake.org/cmake/help/latest/policy/CMP0011.html # Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD From 2abe51cc751c16b618dfa55219e91172254bb463 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 11:08:01 +0200 Subject: [PATCH 0203/1065] Extend setup_and_run script to cover remaining configurations. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ecdh.h | 4 ++-- include/mbedtls/ecdsa.h | 1 + include/mbedtls/entropy.h | 2 +- include/mbedtls/ssl.h | 6 +++--- include/mbedtls/ssl_cookie.h | 2 +- include/psa/crypto_platform.h | 3 ++- setup_and_run_MBEDTLS_PRIVATE.sh | 21 +++++++++++++++++++++ 7 files changed, 31 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 807c884205..2a0980b39c 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -134,8 +134,8 @@ typedef struct mbedtls_ecdh_context mbedtls_ecp_point MBEDTLS_PRIVATE(Vf); /*!< The unblinding value. */ mbedtls_mpi MBEDTLS_PRIVATE(_d); /*!< The previous \p d. */ #if defined(MBEDTLS_ECP_RESTARTABLE) - int restart_enabled; /*!< The flag for restartable mode. */ - mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ + int MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. */ + mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(rs); /*!< The restart context for EC computations. */ #endif /* MBEDTLS_ECP_RESTARTABLE */ #else uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index cf063a0b52..735d37764f 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -29,6 +29,7 @@ #ifndef MBEDTLS_ECDSA_H #define MBEDTLS_ECDSA_H +#include "mbedtls/private_access.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index d707bddf02..78591e7654 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -124,7 +124,7 @@ typedef struct mbedtls_entropy_context #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator); #else - mbedtls_sha256_context accumulator; + mbedtls_sha256_context MBEDTLS_PRIVATE(accumulator); #endif int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */ mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES]; diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2dda6ad45d..b6b9c8ca10 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -940,9 +940,9 @@ struct mbedtls_ssl_session #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /*! The digest of the peer's end-CRT. This must be kept to detect CRT * changes during renegotiation, mitigating the triple handshake attack. */ - unsigned char *peer_cert_digest; - size_t peer_cert_digest_len; - mbedtls_md_type_t peer_cert_digest_type; + unsigned char *MBEDTLS_PRIVATE(peer_cert_digest); + size_t MBEDTLS_PRIVATE(peer_cert_digest_len); + mbedtls_md_type_t MBEDTLS_PRIVATE(peer_cert_digest_type); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ uint32_t MBEDTLS_PRIVATE(verify_result); /*!< verification result */ diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 6806dbddd6..c4f042c80b 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -59,7 +59,7 @@ typedef struct mbedtls_ssl_cookie_ctx { mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */ #if !defined(MBEDTLS_HAVE_TIME) - unsigned long serial; /*!< serial number for expiration */ + unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */ #endif unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME, or in number of tickets issued */ diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 8acf22c7f3..d60b7732f3 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -32,6 +32,7 @@ #ifndef PSA_CRYPTO_PLATFORM_H #define PSA_CRYPTO_PLATFORM_H +#include "mbedtls/private_access.h" /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ @@ -92,7 +93,7 @@ static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, * are expected to replace it with a custom definition. */ typedef struct { - uintptr_t opaque[2]; + uintptr_t MBEDTLS_PRIVATE(opaque)[2]; } mbedtls_psa_external_random_context_t; #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ diff --git a/setup_and_run_MBEDTLS_PRIVATE.sh b/setup_and_run_MBEDTLS_PRIVATE.sh index 9a0e599790..aaf0a1cf55 100755 --- a/setup_and_run_MBEDTLS_PRIVATE.sh +++ b/setup_and_run_MBEDTLS_PRIVATE.sh @@ -8,3 +8,24 @@ doxygen mbedtls.doxyfile cd .. python3 apply_MBEDTLS_PRIVATE.py git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile + +make clean +sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile +scripts/config.py set MBEDTLS_ECP_RESTARTABLE +scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +scripts/config.py unset MBEDTLS_HAVE_TIME +cd doxygen +doxygen mbedtls.doxyfile +cd .. +python3 apply_MBEDTLS_PRIVATE.py +git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile + +make clean +sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile +scripts/config.py realfull +cd doxygen +doxygen mbedtls.doxyfile +cd .. +python3 apply_MBEDTLS_PRIVATE.py +git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile + From 3b5a7c198c51e09342ed83947057375533aaff36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 7 Jun 2021 11:13:34 +0200 Subject: [PATCH 0204/1065] Update ChangeLog and migration guide MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/issue4286.txt | 15 ++++++++------ ...ve_support_for_tls_1.0_1.1_and_dtls_1.0.md | 20 +++++++++++++++++-- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index 813b2ecfba..427b37ccc9 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -1,11 +1,14 @@ Removals - * Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following - library constants: MBEDTLS_SSL_PROTO_TLS1, - MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING, + * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for + CBC record splitting, fallback SCSV, and the ability to configure + ciphersuites per version, which are no longer relevant. This removes the + following public constants: MBEDTLS_SSL_PROTO_TLS1, + MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING, MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, - MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: + MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions: mbedtls_ssl_conf_cbc_record_splitting(), - mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(). - Fixes #4286. + mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(), + mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286. diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md index 4beebe240d..b1afe64eb4 100644 --- a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md +++ b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md @@ -3,9 +3,25 @@ Remove suport for TLS 1.0, 1.1 and DTLS 1.0 This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. -The versions of (D)TLS that are being removed are not as secure as the latest -versions. Keeping them in the library creates opportunities for misconfiguration +These versions have been deprecated by RFC 8996. +Keeping them in the library creates opportunities for misconfiguration and possibly downgrade attacks. More generally, more code means a larger attack surface, even if the code is supposedly not used. The migration path is to adopt the latest versions of the protocol. + +As a consequence of removing 1.0, support for CBC record splitting was also +removed, as it was a work-around for a weakness in this particular version. +There is no migration path is no longer makes sense with newer versions. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different version negociation mechanism), support +for fallback SCSV (RFC 7507) was also removed. There is no migration path as +it's no longer useful with TLS 1.2 and later. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different concept of ciphersuites), support for +configuring ciphersuites separately for each version via +`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use +`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS +1.2; in the future a different API will be added for (D)TLS 1.3. From 8fc95a06a6b7695f1e2e04cacff49643ee109f63 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 11:28:24 +0200 Subject: [PATCH 0205/1065] Wrap variable missed by the python script. Signed-off-by: Mateusz Starzyk --- include/mbedtls/timing.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 9a8b1e0116..7669bb9b3e 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -52,7 +52,7 @@ struct mbedtls_timing_hr_time */ typedef struct mbedtls_timing_delay_context { - struct mbedtls_timing_hr_time timer; + struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer); uint32_t MBEDTLS_PRIVATE(int_ms); uint32_t MBEDTLS_PRIVATE(fin_ms); } mbedtls_timing_delay_context; From a74295fb526f3d6ac1468e6ef46212200db80418 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 11:30:55 +0200 Subject: [PATCH 0206/1065] Remove outdated note about direct manipulation of private members. Signed-off-by: Mateusz Starzyk --- include/mbedtls/rsa.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 08db213f45..d3b695ea13 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -82,10 +82,6 @@ extern "C" { /** * \brief The RSA context structure. - * - * \note Direct manipulation of the members of this structure - * is deprecated. All manipulation should instead be done through - * the public interface functions. */ typedef struct mbedtls_rsa_context { From 13a977667652ec3a7a3e9ad45b9e6bad09b2539b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 7 Jun 2021 12:00:04 +0200 Subject: [PATCH 0207/1065] Editorial improvements MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/issue4286.txt | 12 ++++-------- .../remove_support_for_tls_1.0_1.1_and_dtls_1.0.md | 6 +++--- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index 427b37ccc9..75d2f0928f 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -2,13 +2,9 @@ Removals * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for CBC record splitting, fallback SCSV, and the ability to configure ciphersuites per version, which are no longer relevant. This removes the - following public constants: MBEDTLS_SSL_PROTO_TLS1, - MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING, - MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, - MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, - MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions: + configuration options MBEDTLS_SSL_PROTO_TLS1, + MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING and + MBEDTLS_SSL_FALLBACK_SCSV as well as the functions mbedtls_ssl_conf_cbc_record_splitting(), mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(), - mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286. + and mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286. diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md index b1afe64eb4..73d621f781 100644 --- a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md +++ b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md @@ -10,9 +10,9 @@ surface, even if the code is supposedly not used. The migration path is to adopt the latest versions of the protocol. -As a consequence of removing 1.0, support for CBC record splitting was also -removed, as it was a work-around for a weakness in this particular version. -There is no migration path is no longer makes sense with newer versions. +As a consequence of removing TLS 1.0, support for CBC record splitting was +also removed, as it was a work-around for a weakness in this particular +version. There is no migration path since the feature is no longer relevant. As a consequence of currently supporting only one version of (D)TLS (and in the future 1.3 which will have a different version negociation mechanism), support From 442fdc22eac7ae24c507543529a887ec33482165 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 7 Jun 2021 13:52:23 +0200 Subject: [PATCH 0208/1065] Remove MBEDTLS_X509_CHECK_*_KEY_USAGE options but enable the code Signed-off-by: TRodziewicz --- ChangeLog.d/issue4405.txt | 4 +++ configs/config-no-entropy.h | 2 -- ..._MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md | 20 ++++++++++++++ include/mbedtls/config.h | 27 ------------------- include/mbedtls/x509_crt.h | 4 --- library/ssl_tls.c | 17 ------------ library/x509_crt.c | 8 ------ tests/suites/test_suite_x509parse.data | 6 ++--- tests/suites/test_suite_x509parse.function | 4 +-- 9 files changed, 29 insertions(+), 63 deletions(-) create mode 100644 ChangeLog.d/issue4405.txt create mode 100644 docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md diff --git a/ChangeLog.d/issue4405.txt b/ChangeLog.d/issue4405.txt new file mode 100644 index 0000000000..c36aefa154 --- /dev/null +++ b/ChangeLog.d/issue4405.txt @@ -0,0 +1,4 @@ +Removals + * Remove the MBEDTLS_X509_CHECK_KEY_USAGE and + MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code + behave as if they were always enabled. Fixes #4405. diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 09b3cf5e0a..7ca33c3816 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -49,8 +49,6 @@ #define MBEDTLS_PKCS1_V21 #define MBEDTLS_SELF_TEST #define MBEDTLS_VERSION_FEATURES -#define MBEDTLS_X509_CHECK_KEY_USAGE -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE /* mbed TLS modules */ #define MBEDTLS_AES_C diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md new file mode 100644 index 0000000000..348fe32f71 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md @@ -0,0 +1,20 @@ +Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `config.h` +-- + +This change affects users who have chosen the compilation time options to disable +the library's verification of the `keyUsage` and `extendedKeyUsage` fields of an x509 +certificate. + +The change is to remove MBEDTLS_X509_CHECK_KEY_USAGE and +MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE from the configuration. + +After the change the options are removed and the compilation is done in a way that +the verification of the key usage fields is allways enabled by default. + +This verification is an important step and disabling it can cause security issues. +If the verification is for some reason undesirable it can still be disabled at +a runtime with even more flexibility by using the callback parameter in +`mbedtls_x509_crt_verify()`. + +For example the user can disable the verification by using the callback which +clears the corresponding flags when they've been set. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 9cce3cd8ed..42f9867acb 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1910,33 +1910,6 @@ */ //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - /** * \def MBEDTLS_X509_REMOVE_INFO * diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 23a20d10be..18b03738c6 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -827,7 +827,6 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) /** * \brief Check usage of certificate against keyUsage extension. * @@ -851,9 +850,7 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, */ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, unsigned int usage ); -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) /** * \brief Check usage of certificate against extendedKeyUsage. * @@ -870,7 +867,6 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len ); -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ #if defined(MBEDTLS_X509_CRL_PARSE_C) /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 9b8c05f761..b9666e9b0e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6526,22 +6526,10 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, uint32_t *flags ) { int ret = 0; -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int usage = 0; -#endif -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) const char *ext_oid; size_t ext_len; -#endif -#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) && \ - !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - ((void) cert); - ((void) cert_endpoint); - ((void) flags); -#endif - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) { /* Server part of the key exchange */ @@ -6583,11 +6571,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; ret = -1; } -#else - ((void) ciphersuite); -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) { ext_oid = MBEDTLS_OID_SERVER_AUTH; @@ -6604,7 +6588,6 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; ret = -1; } -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ return( ret ); } diff --git a/library/x509_crt.c b/library/x509_crt.c index 8387de618b..2cc3381d18 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2238,7 +2238,6 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, } #endif /* MBEDTLS_X509_REMOVE_INFO */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, unsigned int usage ) { @@ -2261,9 +2260,7 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, return( 0 ); } -#endif -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len ) @@ -2293,7 +2290,6 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); } -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ #if defined(MBEDTLS_X509_CRL_PARSE_C) /* @@ -2344,14 +2340,12 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, /* * Check if the CA is configured to sign CRLs */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) if( mbedtls_x509_crt_check_key_usage( ca, MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } -#endif /* * Check if CRL is correctly signed by the trusted CA @@ -2488,13 +2482,11 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, if( need_ca_bit && ! parent->ca_istrue ) return( -1 ); -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) if( need_ca_bit && mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) { return( -1 ); } -#endif return( 0 ); } diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 59acc667a1..d9611e5daa 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -720,7 +720,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #53 (CA keyUsage missing cRLSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #54 (CA keyUsage missing cRLSign, no CRL) @@ -728,11 +728,11 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #55 (CA keyUsage missing keyCertSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #56 (CA keyUsage plain wrong) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-1) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index a6361d83a8..fea02f362c 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -1173,7 +1173,7 @@ void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ void x509_check_key_usage( char * crt_file, int usage, int ret ) { mbedtls_x509_crt crt; @@ -1189,7 +1189,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret ) { From 34428a6849e50728ed782094fb5f463db42b533a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 7 Jun 2021 15:33:15 +0200 Subject: [PATCH 0209/1065] Remove duplicated ASSERT_ALLOC define Signed-off-by: TRodziewicz --- tests/include/test/macros.h | 32 -------------------------------- 1 file changed, 32 deletions(-) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index df961aa049..87e86d38e5 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -174,38 +174,6 @@ } \ } while( 0 ) -/** Allocate memory dynamically and fail the test case if this fails. - * - * You must set \p pointer to \c NULL before calling this macro and - * put `mbedtls_free( pointer )` in the test's cleanup code. - * - * If \p length is zero, the resulting \p pointer will be \c NULL. - * This is usually what we want in tests since API functions are - * supposed to accept null pointers when a buffer size is zero. - * - * This macro expands to an instruction, not an expression. - * It may jump to the \c exit label. - * - * \param pointer An lvalue where the address of the allocated buffer - * will be stored. - * This expression may be evaluated multiple times. - * \param length Number of elements to allocate. - * This expression may be evaluated multiple times. - * - */ -#define ASSERT_ALLOC( pointer, length ) \ - do \ - { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ - { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSERT( ( pointer ) != NULL ); \ - } \ - } \ - while( 0 ) - #define TEST_HELPER_ASSERT(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ From d1a8cd5169d81308be85320ad39c80ea810970a7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:42:40 +0200 Subject: [PATCH 0210/1065] Minor clarifications Signed-off-by: Gilles Peskine --- BRANCHES.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index dbdc1738e4..d9de6957d7 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -28,7 +28,7 @@ undocumented features, then you should be able to re-compile it without modification with any later release x.y'.z' with the same major version number, and your code will still build, be secure, and work. -Note that new releases of Mbed TLS may extend the API. Here are some example of changes that are common in minor releases of Mbed TLS, and are not considered compatibility breaks: +Note that new releases of Mbed TLS may extend the API. Here are some example of changes that are common in minor releases of Mbed TLS, and are not considered API compatibility breaks: * Adding or reordering fields in a structure or union. * Removing a field from a structure, unless the field is documented as public. @@ -37,11 +37,11 @@ Note that new releases of Mbed TLS may extend the API. Here are some example of * Changing which error code is returned in a case where multiple error conditions apply. * Changing the behavior of a function from failing to succeeding, when the change is a reasonable extension of the current behavior, i.e. the addition of a new feature. -There are rare exceptions: code that was relying on something that became -insecure in the meantime (for example, crypto that was found to be weak) may -need to be changed. In case security comes in conflict with backwards -compatibility, we will put security first, but always attempt to provide a -compatibility option. +There are rare exceptions where we break API compatibility: code that was +relying on something that became insecure in the meantime (for example, +crypto that was found to be weak) may need to be changed. In case security +comes in conflict with backwards compatibility, we will put security first, +but always attempt to provide a compatibility option. For the LTS branches, additionally we try very hard to also maintain ABI compatibility (same definition as API except with re-linking instead of From 87d36e311bd043ce4170f31c94803fc05b4c312b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:42:50 +0200 Subject: [PATCH 0211/1065] Add a section heading for LTS branches Signed-off-by: Gilles Peskine --- BRANCHES.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/BRANCHES.md b/BRANCHES.md index d9de6957d7..a758d08b34 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -28,7 +28,7 @@ undocumented features, then you should be able to re-compile it without modification with any later release x.y'.z' with the same major version number, and your code will still build, be secure, and work. -Note that new releases of Mbed TLS may extend the API. Here are some example of changes that are common in minor releases of Mbed TLS, and are not considered API compatibility breaks: +Note that new releases of Mbed TLS may extend the API. Here are some examples of changes that are common in minor releases of Mbed TLS, and are not considered API compatibility breaks: * Adding or reordering fields in a structure or union. * Removing a field from a structure, unless the field is documented as public. @@ -43,6 +43,8 @@ crypto that was found to be weak) may need to be changed. In case security comes in conflict with backwards compatibility, we will put security first, but always attempt to provide a compatibility option. +## Long-time support branches + For the LTS branches, additionally we try very hard to also maintain ABI compatibility (same definition as API except with re-linking instead of re-compiling) and to avoid any increase in code size or RAM usage, or in the From df3b86343ac80a4874878c28108c88a157a8c076 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 8 Jun 2021 05:30:45 +0100 Subject: [PATCH 0212/1065] Fixup rebase slip in library/ssl_misc.h Signed-off-by: Hanno Becker --- library/ssl_misc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index ecbeb8ba8c..7fd5686bd6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -289,7 +289,7 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); /** * \brief Return the maximum fragment length (payload, in bytes) for * the input buffer. This is the negotiated maximum fragment - * length, or, if there is none, MBEDTLS_SSL_MAX_CONTENT_LEN. + * length, or, if there is none, MBEDTLS_SSL_IN_CONTENT_LEN. * If it is not defined either, the value is 2^14. This function * works as its predecessor, \c mbedtls_ssl_get_max_frag_len(). * From 59d3670fa557f5ed564b631e4299138a8bbf4e78 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 8 Jun 2021 05:35:29 +0100 Subject: [PATCH 0213/1065] Fix ssl-opt.sh test cases grepping for MFL configuration output Use and grep for the new max in/out record payload length API instead. Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 7 ++ programs/ssl/ssl_server2.c | 7 ++ tests/ssl-opt.sh | 188 ++++++++++++++++++------------------- 3 files changed, 108 insertions(+), 94 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 3cbf130003..6e9955ccf8 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2083,6 +2083,13 @@ int main( int argc, char *argv[] ) else mbedtls_printf( " [ Record expansion is unknown ]\n" ); +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + mbedtls_printf( " [ Maximum incoming record payload length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_in_record_payload( &ssl ) ); + mbedtls_printf( " [ Maximum outgoing record payload length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_out_record_payload( &ssl ) ); +#endif + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1ec8f09f77..914286cfc5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3164,6 +3164,13 @@ handshake: else mbedtls_printf( " [ Record expansion is unknown ]\n" ); +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + mbedtls_printf( " [ Maximum incoming record payload length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_in_record_payload( &ssl ) ); + mbedtls_printf( " [ Maximum outgoing record payload length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_out_record_payload( &ssl ) ); +#endif + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1041c87d4f..a42ff73aca 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3033,10 +3033,10 @@ run_test "Max fragment length: enabled, default" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3" \ 0 \ - -c "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -c "Maximum output fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum output fragment length is $MAX_CONTENT_LEN" \ + -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ -C "client hello, adding max_fragment_length extension" \ -S "found max fragment length extension" \ -S "server hello, max_fragment_length extension" \ @@ -3047,10 +3047,10 @@ run_test "Max fragment length: enabled, default, larger message" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 0 \ - -c "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -c "Maximum output fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum output fragment length is $MAX_CONTENT_LEN" \ + -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ -C "client hello, adding max_fragment_length extension" \ -S "found max fragment length extension" \ -S "server hello, max_fragment_length extension" \ @@ -3064,10 +3064,10 @@ run_test "Max fragment length, DTLS: enabled, default, larger message" \ "$P_SRV debug_level=3 dtls=1" \ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 1 \ - -c "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -c "Maximum output fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum output fragment length is $MAX_CONTENT_LEN" \ + -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ -C "client hello, adding max_fragment_length extension" \ -S "found max fragment length extension" \ -S "server hello, max_fragment_length extension" \ @@ -3083,10 +3083,10 @@ run_test "Max fragment length: disabled, larger message" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 0 \ - -C "Maximum input fragment length is 16384" \ - -C "Maximum output fragment length is 16384" \ - -S "Maximum input fragment length is 16384" \ - -S "Maximum output fragment length is 16384" \ + -C "Maximum incoming record payload length is 16384" \ + -C "Maximum outgoing record payload length is 16384" \ + -S "Maximum incoming record payload length is 16384" \ + -S "Maximum outgoing record payload length is 16384" \ -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ -s "$MAX_CONTENT_LEN bytes read" \ -s "1 bytes read" @@ -3096,10 +3096,10 @@ run_test "Max fragment length DTLS: disabled, larger message" \ "$P_SRV debug_level=3 dtls=1" \ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 1 \ - -C "Maximum input fragment length is 16384" \ - -C "Maximum output fragment length is 16384" \ - -S "Maximum input fragment length is 16384" \ - -S "Maximum output fragment length is 16384" \ + -C "Maximum incoming record payload length is 16384" \ + -C "Maximum outgoing record payload length is 16384" \ + -S "Maximum incoming record payload length is 16384" \ + -S "Maximum outgoing record payload length is 16384" \ -c "fragment larger than.*maximum " requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH @@ -3107,10 +3107,10 @@ run_test "Max fragment length: used by client" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ - -c "Maximum input fragment length is 4096" \ - -c "Maximum output fragment length is 4096" \ - -s "Maximum input fragment length is 4096" \ - -s "Maximum output fragment length is 4096" \ + -c "Maximum incoming record payload length is 4096" \ + -c "Maximum outgoing record payload length is 4096" \ + -s "Maximum incoming record payload length is 4096" \ + -s "Maximum outgoing record payload length is 4096" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3121,10 +3121,10 @@ run_test "Max fragment length: client 512, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ "$P_CLI debug_level=3 max_frag_len=512" \ 0 \ - -c "Maximum input fragment length is 512" \ - -c "Maximum output fragment length is 512" \ - -s "Maximum input fragment length is 512" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 512" \ + -c "Maximum outgoing record payload length is 512" \ + -s "Maximum incoming record payload length is 512" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3135,10 +3135,10 @@ run_test "Max fragment length: client 512, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ "$P_CLI debug_level=3 max_frag_len=512" \ 0 \ - -c "Maximum input fragment length is 512" \ - -c "Maximum output fragment length is 512" \ - -s "Maximum input fragment length is 512" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 512" \ + -c "Maximum outgoing record payload length is 512" \ + -s "Maximum incoming record payload length is 512" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3149,10 +3149,10 @@ run_test "Max fragment length: client 512, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ "$P_CLI debug_level=3 max_frag_len=512" \ 0 \ - -c "Maximum input fragment length is 512" \ - -c "Maximum output fragment length is 512" \ - -s "Maximum input fragment length is 512" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 512" \ + -c "Maximum outgoing record payload length is 512" \ + -s "Maximum incoming record payload length is 512" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3163,10 +3163,10 @@ run_test "Max fragment length: client 1024, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=1024" \ 0 \ - -c "Maximum input fragment length is 1024" \ - -c "Maximum output fragment length is 1024" \ - -s "Maximum input fragment length is 1024" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 1024" \ + -c "Maximum outgoing record payload length is 1024" \ + -s "Maximum incoming record payload length is 1024" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3177,10 +3177,10 @@ run_test "Max fragment length: client 1024, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ "$P_CLI debug_level=3 max_frag_len=1024" \ 0 \ - -c "Maximum input fragment length is 1024" \ - -c "Maximum output fragment length is 1024" \ - -s "Maximum input fragment length is 1024" \ - -s "Maximum output fragment length is 1024" \ + -c "Maximum incoming record payload length is 1024" \ + -c "Maximum outgoing record payload length is 1024" \ + -s "Maximum incoming record payload length is 1024" \ + -s "Maximum outgoing record payload length is 1024" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3191,10 +3191,10 @@ run_test "Max fragment length: client 1024, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ "$P_CLI debug_level=3 max_frag_len=1024" \ 0 \ - -c "Maximum input fragment length is 1024" \ - -c "Maximum output fragment length is 1024" \ - -s "Maximum input fragment length is 1024" \ - -s "Maximum output fragment length is 1024" \ + -c "Maximum incoming record payload length is 1024" \ + -c "Maximum outgoing record payload length is 1024" \ + -s "Maximum incoming record payload length is 1024" \ + -s "Maximum outgoing record payload length is 1024" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3205,10 +3205,10 @@ run_test "Max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=2048" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3219,10 +3219,10 @@ run_test "Max fragment length: client 2048, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ "$P_CLI debug_level=3 max_frag_len=2048" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 1024" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 1024" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3233,10 +3233,10 @@ run_test "Max fragment length: client 2048, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ "$P_CLI debug_level=3 max_frag_len=2048" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 2048" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 2048" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3247,10 +3247,10 @@ run_test "Max fragment length: client 4096, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ - -c "Maximum input fragment length is 4096" \ - -c "Maximum output fragment length is 4096" \ - -s "Maximum input fragment length is 4096" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 4096" \ + -c "Maximum outgoing record payload length is 4096" \ + -s "Maximum incoming record payload length is 4096" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3261,10 +3261,10 @@ run_test "Max fragment length: client 4096, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ - -c "Maximum input fragment length is 4096" \ - -c "Maximum output fragment length is 4096" \ - -s "Maximum input fragment length is 4096" \ - -s "Maximum output fragment length is 1024" \ + -c "Maximum incoming record payload length is 4096" \ + -c "Maximum outgoing record payload length is 4096" \ + -s "Maximum incoming record payload length is 4096" \ + -s "Maximum outgoing record payload length is 1024" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3275,10 +3275,10 @@ run_test "Max fragment length: client 4096, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ - -c "Maximum input fragment length is 4096" \ - -c "Maximum output fragment length is 4096" \ - -s "Maximum input fragment length is 4096" \ - -s "Maximum output fragment length is 2048" \ + -c "Maximum incoming record payload length is 4096" \ + -c "Maximum outgoing record payload length is 4096" \ + -s "Maximum incoming record payload length is 4096" \ + -s "Maximum outgoing record payload length is 2048" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3289,10 +3289,10 @@ run_test "Max fragment length: used by server" \ "$P_SRV debug_level=3 max_frag_len=4096" \ "$P_CLI debug_level=3" \ 0 \ - -c "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -c "Maximum output fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum input fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum output fragment length is 4096" \ + -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ + -s "Maximum outgoing record payload length is 4096" \ -C "client hello, adding max_fragment_length extension" \ -S "found max fragment length extension" \ -S "server hello, max_fragment_length extension" \ @@ -3304,8 +3304,8 @@ run_test "Max fragment length: gnutls server" \ "$G_SRV" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ - -c "Maximum input fragment length is 4096" \ - -c "Maximum output fragment length is 4096" \ + -c "Maximum incoming record payload length is 4096" \ + -c "Maximum outgoing record payload length is 4096" \ -c "client hello, adding max_fragment_length extension" \ -c "found max_fragment_length extension" @@ -3314,10 +3314,10 @@ run_test "Max fragment length: client, message just fits" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 2048" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 2048" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3330,10 +3330,10 @@ run_test "Max fragment length: client, larger message" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 2048" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 2048" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3347,10 +3347,10 @@ run_test "Max fragment length: DTLS client, larger message" \ "$P_SRV debug_level=3 dtls=1" \ "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ 1 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 2048" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 2048" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ @@ -3457,10 +3457,10 @@ run_test "Renegotiation with max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ - -c "Maximum input fragment length is 2048" \ - -c "Maximum output fragment length is 2048" \ - -s "Maximum input fragment length is 2048" \ - -s "Maximum output fragment length is 512" \ + -c "Maximum incoming record payload length is 2048" \ + -c "Maximum outgoing record payload length is 2048" \ + -s "Maximum incoming record payload length is 2048" \ + -s "Maximum outgoing record payload length is 512" \ -c "client hello, adding max_fragment_length extension" \ -s "found max fragment length extension" \ -s "server hello, max_fragment_length extension" \ From 61f292ea0a4b2e4388f69a80661ba8b22a547152 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 8 Jun 2021 07:50:55 +0100 Subject: [PATCH 0214/1065] Fix migration guide for now-removed deprecated functions Signed-off-by: Hanno Becker --- .../remove_deprecated_functions_and_constants.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md index b18b3109d8..31c2ce8621 100644 --- a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md +++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md @@ -50,7 +50,9 @@ The function `mbedtls_ssl_conf_dh_param()` was removed. Please use `mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use -`mbedtls_ssl_get_output_max_frag_len()` instead. +`mbedtls_ssl_get_max_out_record_payload()` and +`mbedtls_ssl_get_max_in_record_payload()` +instead. Deprecated hex-encoded primes were removed from DHM --------------------------------------------------- From 6dd92c3f6b2c3e2dc28d966607560b260a491e27 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:44:47 +0200 Subject: [PATCH 0215/1065] Wrap lines in the source to <80 columns Signed-off-by: Gilles Peskine --- BRANCHES.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index a758d08b34..df30ae1004 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -28,14 +28,20 @@ undocumented features, then you should be able to re-compile it without modification with any later release x.y'.z' with the same major version number, and your code will still build, be secure, and work. -Note that new releases of Mbed TLS may extend the API. Here are some examples of changes that are common in minor releases of Mbed TLS, and are not considered API compatibility breaks: +Note that new releases of Mbed TLS may extend the API. Here are some +examples of changes that are common in minor releases of Mbed TLS, and are +not considered API compatibility breaks: * Adding or reordering fields in a structure or union. * Removing a field from a structure, unless the field is documented as public. * Adding items to an enum. -* Returning an error code that was not previously documented for a function when a new error condition arises. -* Changing which error code is returned in a case where multiple error conditions apply. -* Changing the behavior of a function from failing to succeeding, when the change is a reasonable extension of the current behavior, i.e. the addition of a new feature. +* Returning an error code that was not previously documented for a function + when a new error condition arises. +* Changing which error code is returned in a case where multiple error + conditions apply. +* Changing the behavior of a function from failing to succeeding, when the + change is a reasonable extension of the current behavior, i.e. the + addition of a new feature. There are rare exceptions where we break API compatibility: code that was relying on something that became insecure in the meantime (for example, From ea7631be1c797f8b6363c44535aba7df0c348795 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 3 Jun 2021 18:51:59 +0200 Subject: [PATCH 0216/1065] Change mbedtls_rsa_set_padding() signature mbedtls_rsa_set_padding() now returns the error code MBEDTLS_ERR_RSA_INVALID_PADDING when padding parameters are invalid. Signed-off-by: Ronald Cron --- include/mbedtls/rsa.h | 10 +++- library/psa_crypto.c | 19 ++++++-- library/psa_crypto_rsa.c | 73 ++++++++++++++++------------ library/rsa.c | 22 +++++++-- programs/pkey/rsa_sign_pss.c | 8 ++- programs/pkey/rsa_verify_pss.c | 8 ++- tests/suites/test_suite_rsa.data | 3 ++ tests/suites/test_suite_rsa.function | 24 +++++++++ 8 files changed, 123 insertions(+), 44 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index ba00bff31b..eeb846e285 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -399,9 +399,15 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, * \param padding The padding mode to use. This must be either * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. + * #MBEDTLS_MD_NONE is accepted by this function but may be + * not suitable for some operations. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: + * \p padding or \p hash_id is invalid. */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ); +int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, + mbedtls_md_type_t hash_id ); /** * \brief This function retrieves the length of RSA modulus in Bytes. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 214c405b30..7921eb2313 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2838,13 +2838,14 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) -static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, - mbedtls_rsa_context *rsa ) +static int psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, + mbedtls_rsa_context *rsa ) { psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + + return( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ) ); } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ @@ -2917,7 +2918,11 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { - psa_rsa_oaep_set_padding_mode( alg, rsa ); + status = mbedtls_to_psa_error( + psa_rsa_oaep_set_padding_mode( alg, rsa ) ); + if( status != PSA_SUCCESS ) + goto rsa_exit; + status = mbedtls_to_psa_error( mbedtls_rsa_rsaes_oaep_encrypt( rsa, mbedtls_psa_get_random, @@ -3023,7 +3028,11 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { - psa_rsa_oaep_set_padding_mode( alg, rsa ); + status = mbedtls_to_psa_error( + psa_rsa_oaep_set_padding_mode( alg, rsa ) ); + if( status != PSA_SUCCESS ) + goto rsa_exit; + status = mbedtls_to_psa_error( mbedtls_rsa_rsaes_oaep_decrypt( rsa, mbedtls_psa_get_random, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index b5aec20031..33e22e7002 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -416,29 +416,36 @@ static psa_status_t rsa_sign_hash( #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - md_alg, - (unsigned int) hash_length, - hash, - signature ); + ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + if( ret == 0 ) + { + ret = mbedtls_rsa_pkcs1_sign( rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + md_alg, + (unsigned int) hash_length, + hash, + signature ); + } } else #endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_MD_NONE, - (unsigned int) hash_length, - hash, - signature ); + ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + + if( ret == 0 ) + { + ret = mbedtls_rsa_rsassa_pss_sign( rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_MD_NONE, + (unsigned int) hash_length, + hash, + signature ); + } } else #endif /* BUILTIN_ALG_RSA_PSS */ @@ -489,25 +496,31 @@ static psa_status_t rsa_verify_hash( #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_verify( rsa, - md_alg, - (unsigned int) hash_length, - hash, - signature ); + ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + if( ret == 0 ) + { + ret = mbedtls_rsa_pkcs1_verify( rsa, + md_alg, + (unsigned int) hash_length, + hash, + signature ); + } } else #endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_verify( rsa, - MBEDTLS_MD_NONE, - (unsigned int) hash_length, - hash, - signature ); + ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + if( ret == 0 ) + { + ret = mbedtls_rsa_rsassa_pss_verify( rsa, + MBEDTLS_MD_NONE, + (unsigned int) hash_length, + hash, + signature ); + } } else #endif /* BUILTIN_ALG_RSA_PSS */ diff --git a/library/rsa.c b/library/rsa.c index 36424bd193..5a1ae79bce 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -500,15 +500,27 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, /* * Set padding for an existing RSA context */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ) +int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, + mbedtls_md_type_t hash_id ) { - RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); + if( ( padding != MBEDTLS_RSA_PKCS_V15 ) && + ( padding != MBEDTLS_RSA_PKCS_V21 ) ) + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + + if( ( padding == MBEDTLS_RSA_PKCS_V21 ) && + ( hash_id != MBEDTLS_MD_NONE ) ) + { + const mbedtls_md_info_t *md_info; + + md_info = mbedtls_md_info_from_type( hash_id ); + if( md_info == NULL ) + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + } ctx->padding = padding; ctx->hash_id = hash_id; + + return( 0 ); } /* diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 9d5053a560..e7fcf511a9 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -115,7 +115,13 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + if( ( ret = mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), + MBEDTLS_RSA_PKCS_V21, + MBEDTLS_MD_SHA256 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! Invalid padding\n" ); + goto exit; + } /* * Compute the SHA-256 hash of the input file, diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 81b0fd644e..527d799167 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -98,7 +98,13 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + if( ( ret = mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), + MBEDTLS_RSA_PKCS_V21, + MBEDTLS_MD_SHA256 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! Invalid padding\n" ); + goto exit; + } /* * Extract the RSA signature from the file diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 2512ef24c6..cc5a047790 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -1,3 +1,6 @@ +RSA parameter validation +rsa_invalid_param: + RSA init-free-free rsa_init_free:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 9cf2fcf348..e057dfb19b 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -17,6 +17,30 @@ * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void rsa_invalid_param( ) +{ + mbedtls_rsa_context ctx; + const int invalid_padding = 42; + const int invalid_hash_id = 0xff; + + mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); + + TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, + invalid_padding, + MBEDTLS_MD_NONE ), + MBEDTLS_ERR_RSA_INVALID_PADDING ); + + TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, + invalid_hash_id ), + MBEDTLS_ERR_RSA_INVALID_PADDING ); + +exit: + mbedtls_rsa_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE */ void rsa_init_free( int reinit ) { From c1905a1c3debef865c6ecc19be121e4f205a13cb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 5 Jun 2021 11:11:14 +0200 Subject: [PATCH 0217/1065] Change mbedtls_rsa_init() signature Remove padding parameters as mbedtls_rsa_init() cannot return an error code when padding parameters are invalid. Signed-off-by: Ronald Cron --- include/mbedtls/rsa.h | 56 +++++++++++----------- library/pk_wrap.c | 2 +- library/psa_crypto_rsa.c | 2 +- library/rsa.c | 11 ++--- programs/pkey/dh_client.c | 3 +- programs/pkey/dh_server.c | 3 +- programs/pkey/rsa_decrypt.c | 2 +- programs/pkey/rsa_encrypt.c | 2 +- programs/pkey/rsa_genkey.c | 2 +- programs/pkey/rsa_sign.c | 2 +- programs/pkey/rsa_verify.c | 2 +- programs/test/benchmark.c | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_pkcs1_v15.function | 14 ++++-- tests/suites/test_suite_pkcs1_v21.function | 15 ++++-- tests/suites/test_suite_rsa.function | 53 +++++++++++--------- 16 files changed, 92 insertions(+), 81 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index eeb846e285..514484574e 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -134,33 +134,51 @@ mbedtls_rsa_context; /** * \brief This function initializes an RSA context. * + * \note This function initializes the padding and the hash + * identifier for #MBEDTLS_RSA_PKCS_V21 to respectively + * #MBEDTLS_RSA_PKCS_V15 and #MBEDTLS_MD_NONE. See + * mbedtls_rsa_set_padding() for more information about + * those parameters. + * + * \param ctx The RSA context to initialize. This must not be \c NULL. + */ +void mbedtls_rsa_init( mbedtls_rsa_context *ctx ); + +/** + * \brief This function sets padding for an already initialized RSA + * context. + * * \note Set padding to #MBEDTLS_RSA_PKCS_V21 for the RSAES-OAEP * encryption scheme and the RSASSA-PSS signature scheme. * * \note The \p hash_id parameter is ignored when using * #MBEDTLS_RSA_PKCS_V15 padding. * - * \note The choice of padding mode is strictly enforced for private key - * operations, since there might be security concerns in + * \note The choice of padding mode is strictly enforced for private + * key operations, since there might be security concerns in * mixing padding modes. For public key operations it is * a default value, which can be overridden by calling specific - * \c rsa_rsaes_xxx or \c rsa_rsassa_xxx functions. + * \c mbedtls_rsa_rsaes_xxx or \c mbedtls_rsa_rsassa_xxx + * functions. * * \note The hash selected in \p hash_id is always used for OEAP * encryption. For PSS signatures, it is always used for * making signatures, but can be overridden for verifying them. * If set to #MBEDTLS_MD_NONE, it is always overridden. * - * \param ctx The RSA context to initialize. This must not be \c NULL. + * \param ctx The initialized RSA context to be configured. * \param padding The padding mode to use. This must be either * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. - * \param hash_id The hash identifier of ::mbedtls_md_type_t type, if - * \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused - * otherwise. + * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. + * #MBEDTLS_MD_NONE is accepted by this function but may be + * not suitable for some operations. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: + * \p padding or \p hash_id is invalid. */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ); +int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, + mbedtls_md_type_t hash_id ); /** * \brief This function imports a set of core parameters into an @@ -391,24 +409,6 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ); -/** - * \brief This function sets padding for an already initialized RSA - * context. See mbedtls_rsa_init() for details. - * - * \param ctx The initialized RSA context to be configured. - * \param padding The padding mode to use. This must be either - * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. - * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. - * #MBEDTLS_MD_NONE is accepted by this function but may be - * not suitable for some operations. - * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: - * \p padding or \p hash_id is invalid. - */ -int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - mbedtls_md_type_t hash_id ); - /** * \brief This function retrieves the length of RSA modulus in Bytes. * diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c351113e04..ec0ff45ccb 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -165,7 +165,7 @@ static void *rsa_alloc_wrap( void ) void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); if( ctx != NULL ) - mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); + mbedtls_rsa_init( (mbedtls_rsa_context *) ctx ); return( ctx ); } diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 33e22e7002..f2e9a1c052 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -317,7 +317,7 @@ static psa_status_t rsa_generate_key( if( status != PSA_SUCCESS ) return( status ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); + mbedtls_rsa_init( &rsa ); ret = mbedtls_rsa_gen_key( &rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, diff --git a/library/rsa.c b/library/rsa.c index 5a1ae79bce..26a93c1b94 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -477,17 +477,14 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, /* * Initialize an RSA context */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ) +void mbedtls_rsa_init( mbedtls_rsa_context *ctx ) { RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); - mbedtls_rsa_set_padding( ctx, padding, hash_id ); + ctx->padding = MBEDTLS_RSA_PKCS_V15; + ctx->hash_id = MBEDTLS_MD_NONE; #if defined(MBEDTLS_THREADING_C) /* Set ctx->ver to nonzero to indicate that the mutex has been @@ -2592,7 +2589,7 @@ int mbedtls_rsa_self_test( int verbose ) mbedtls_mpi K; mbedtls_mpi_init( &K ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_N ) ); MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, &K, NULL, NULL, NULL, NULL ) ); diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index c6b3132005..3abf49edac 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -92,7 +92,6 @@ int main( void ) mbedtls_aes_context aes; mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); mbedtls_dhm_init( &dhm ); mbedtls_aes_init( &aes ); mbedtls_ctr_drbg_init( &ctr_drbg ); @@ -125,7 +124,7 @@ int main( void ) goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 63df77ee01..d87f75a554 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -95,7 +95,6 @@ int main( void ) mbedtls_net_init( &listen_fd ); mbedtls_net_init( &client_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); mbedtls_dhm_init( &dhm ); mbedtls_aes_init( &aes ); mbedtls_ctr_drbg_init( &ctr_drbg ); @@ -131,7 +130,7 @@ int main( void ) goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 1ba8c735db..88b80d1775 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -90,7 +90,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 6c654ad188..1113622058 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -87,7 +87,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy ); diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 26a8925044..1dcfc52f0f 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -75,7 +75,7 @@ int main( void ) const char *pers = "rsa_genkey"; mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 1cfa0a8dd9..427554ff11 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -67,7 +67,7 @@ int main( int argc, char *argv[] ) char filename[512]; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 6aca17134a..0cd17b0a3b 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -66,7 +66,7 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); if( argc != 2 ) { diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index e12345365f..5aa31f7250 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -786,7 +786,7 @@ int main( int argc, char *argv[] ) { mbedtls_snprintf( title, sizeof( title ), "RSA-%d", keysize ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa ); mbedtls_rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 ); TIME_PUBLIC( title, " public", diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2e24aecc7d..573c9d4306 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -863,7 +863,7 @@ void pk_rsa_alt( ) size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; - mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); + mbedtls_rsa_init( &raw ); mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt ); memset( hash, 0x2a, sizeof hash ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index a7fb2a5ff8..d558c386fc 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -25,7 +25,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, info.length = rnd_buf->len; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -71,7 +72,8 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -193,7 +195,7 @@ void pkcs1_v15_decode( data_t *input, memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi ); mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &ctx ); TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 ); @@ -277,7 +279,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -325,7 +328,8 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index f7e1e24ac7..e923e0b28f 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -24,7 +24,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, info.length = rnd_buf->len; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); @@ -67,7 +68,8 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -131,7 +133,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -189,7 +192,8 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); @@ -225,7 +229,8 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index e057dfb19b..aed05a4204 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -24,7 +24,7 @@ void rsa_invalid_param( ) const int invalid_padding = 42; const int invalid_hash_id = 0xff; - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); + mbedtls_rsa_init( &ctx ); TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, invalid_padding, @@ -51,11 +51,11 @@ void rsa_init_free( int reinit ) * unconditionally on an error path without checking whether it has * already been called in the success path. */ - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); mbedtls_rsa_free( &ctx ); if( reinit ) - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); mbedtls_rsa_free( &ctx ); /* This test case always succeeds, functionally speaking. A plausible @@ -79,7 +79,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -128,7 +129,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -162,7 +164,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); @@ -209,7 +212,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -243,7 +247,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -284,7 +289,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -329,7 +335,8 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -377,8 +384,8 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_init( &ctx2 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -435,8 +442,8 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &ctx ); + mbedtls_rsa_init( &ctx2 ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -512,7 +519,7 @@ void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E, mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &ctx ); if( strlen( input_N ) ) { @@ -543,7 +550,7 @@ void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P, { mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &ctx ); ctx.len = mod / 8; if( strlen( input_P ) ) @@ -604,8 +611,8 @@ void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub, { mbedtls_rsa_context pub, prv; - mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &pub ); + mbedtls_rsa_init( &prv ); pub.len = mod / 8; prv.len = mod / 8; @@ -676,7 +683,7 @@ void mbedtls_rsa_gen_key( int nrbits, int exponent, int result) mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init ( &ctx, 0, 0 ); + mbedtls_rsa_init ( &ctx ); TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, @@ -828,7 +835,7 @@ void mbedtls_rsa_import( int radix_N, char *input_N, mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); @@ -969,7 +976,7 @@ void mbedtls_rsa_export( int radix_N, char *input_N, mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); @@ -1149,7 +1156,7 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); /* Setup RSA context */ TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, @@ -1251,7 +1258,7 @@ void mbedtls_rsa_import_raw( data_t *input_N, mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init( &ctx ); TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, From 6fe1bc3f246e93b08d5c7c4f9e0a41f38556402c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 7 Jun 2021 09:35:02 +0200 Subject: [PATCH 0218/1065] Add change log and migration guide Signed-off-by: Ronald Cron --- ChangeLog.d/rsa-padding.txt | 5 ++++ docs/3.0-migration-guide.d/rsa-padding.md | 29 +++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 ChangeLog.d/rsa-padding.txt create mode 100644 docs/3.0-migration-guide.d/rsa-padding.md diff --git a/ChangeLog.d/rsa-padding.txt b/ChangeLog.d/rsa-padding.txt new file mode 100644 index 0000000000..5f9c11f717 --- /dev/null +++ b/ChangeLog.d/rsa-padding.txt @@ -0,0 +1,5 @@ +API changes + * mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA + key. To use an RSA key with PSS or OAEP, call mbedtls_rsa_set_padding() + after initializing the context. mbedtls_rsa_set_padding() now returns an + error if its parameters are invalid. diff --git a/docs/3.0-migration-guide.d/rsa-padding.md b/docs/3.0-migration-guide.d/rsa-padding.md new file mode 100644 index 0000000000..a04d9ee2ae --- /dev/null +++ b/docs/3.0-migration-guide.d/rsa-padding.md @@ -0,0 +1,29 @@ +Remove the padding parameters from mbedtls_rsa_init() +----------------------------------------------------- + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The function mbedtls_rsa_init() no longer supports selecting the PKCS#1 v2.1 +encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If +you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call +to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. + +Code migration examples: +```C + mbedtls_rsa_init(ctx, padding, hash_id); +``` +to +```C + mbedtls_rsa_init(ctx); + mbedtls_rsa_set_padding(ctx, padding, hash_id); +``` +or +```C + mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); +``` +to +```C + mbedtls_rsa_init(ctx); +``` + From d2cfa3e9809f62c7a5f7a873d900e9ca7714bf89 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 8 Jun 2021 09:09:04 +0200 Subject: [PATCH 0219/1065] Improve mbedtls_rsa_init/set_padding() descriptions Signed-off-by: Ronald Cron --- include/mbedtls/rsa.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 514484574e..34174b69b5 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -135,10 +135,9 @@ mbedtls_rsa_context; * \brief This function initializes an RSA context. * * \note This function initializes the padding and the hash - * identifier for #MBEDTLS_RSA_PKCS_V21 to respectively - * #MBEDTLS_RSA_PKCS_V15 and #MBEDTLS_MD_NONE. See - * mbedtls_rsa_set_padding() for more information about - * those parameters. + * identifier to respectively #MBEDTLS_RSA_PKCS_V15 and + * #MBEDTLS_MD_NONE. See mbedtls_rsa_set_padding() for more + * information about those parameters. * * \param ctx The RSA context to initialize. This must not be \c NULL. */ @@ -169,9 +168,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx ); * \param ctx The initialized RSA context to be configured. * \param padding The padding mode to use. This must be either * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. - * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. - * #MBEDTLS_MD_NONE is accepted by this function but may be - * not suitable for some operations. + * \param hash_id The hash identifier for PSS or OAEP, if \p padding is + * #MBEDTLS_RSA_PKCS_V21. #MBEDTLS_MD_NONE is accepted by this + * function but may be not suitable for some operations. + * Ignored if \p padding is #MBEDTLS_RSA_PKCS_V15. * * \return \c 0 on success. * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: From 266b6d2121eb2bbfb68725fa3b3ba63e9accbcc5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 8 Jun 2021 10:03:49 +0200 Subject: [PATCH 0220/1065] tests: Assert success of calls to mbedtls_rsa_set_padding() Signed-off-by: Ronald Cron --- tests/suites/test_suite_pkcs1_v15.function | 12 ++++++++---- tests/suites/test_suite_pkcs1_v21.function | 15 ++++++++++----- tests/suites/test_suite_rsa.function | 21 ++++++++++++++------- 3 files changed, 32 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d558c386fc..d78ee88959 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -26,7 +26,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -73,7 +74,8 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -280,7 +282,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -329,7 +332,8 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index e923e0b28f..ec5591f6d1 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -25,7 +25,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, hash ) == 0 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); @@ -69,7 +70,8 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, hash ) == 0 ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); @@ -134,7 +136,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -193,7 +196,8 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); @@ -230,7 +234,8 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, ctx_hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index aed05a4204..086544401b 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -80,7 +80,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); @@ -130,7 +131,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -165,7 +167,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); @@ -213,7 +216,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -248,7 +252,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -290,7 +295,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); @@ -336,7 +342,8 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx ); - mbedtls_rsa_set_padding( &ctx, padding_mode, MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); From 3a0375fff43fba25b95ea9b765c504eba9194b2a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 8 Jun 2021 10:22:28 +0200 Subject: [PATCH 0221/1065] Fail if a padding disabled by the build-time configuration is selected Signed-off-by: Ronald Cron --- library/rsa.c | 17 ++++++++++++++--- programs/pkey/rsa_sign_pss.c | 2 +- tests/suites/test_suite_rsa.function | 14 ++++++++++++++ 3 files changed, 29 insertions(+), 4 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 26a93c1b94..a788337a59 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -500,9 +500,20 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx ) int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, mbedtls_md_type_t hash_id ) { - if( ( padding != MBEDTLS_RSA_PKCS_V15 ) && - ( padding != MBEDTLS_RSA_PKCS_V21 ) ) - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + switch( padding ) + { +#if defined(MBEDTLS_PKCS1_V15) + case MBEDTLS_RSA_PKCS_V15: + break; +#endif + +#if defined(MBEDTLS_PKCS1_V21) + case MBEDTLS_RSA_PKCS_V21: + break; +#endif + default: + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + } if( ( padding == MBEDTLS_RSA_PKCS_V21 ) && ( hash_id != MBEDTLS_MD_NONE ) ) diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index e7fcf511a9..26056dd9b6 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -119,7 +119,7 @@ int main( int argc, char *argv[] ) MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ) ) != 0 ) { - mbedtls_printf( " failed\n ! Invalid padding\n" ); + mbedtls_printf( " failed\n ! Padding not supported\n" ); goto exit; } diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 086544401b..14b4afc3a3 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -36,6 +36,20 @@ void rsa_invalid_param( ) invalid_hash_id ), MBEDTLS_ERR_RSA_INVALID_PADDING ); +#if !defined(MBEDTLS_PKCS1_V15) + TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ), + MBEDTLS_ERR_RSA_INVALID_PADDING ); +#endif + +#if !defined(MBEDTLS_PKCS1_V21) + TEST_EQUAL( mbedtls_rsa_set_padding( &ctx, + MBEDTLS_RSA_PKCS_V21, + MBEDTLS_MD_NONE ), + MBEDTLS_ERR_RSA_INVALID_PADDING ); +#endif + exit: mbedtls_rsa_free( &ctx ); } From 73876cf9cb16ab8ca9c761ae9204692b0f626477 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jun 2021 15:33:53 +0200 Subject: [PATCH 0222/1065] Clarify "between major version changes" This was diversely interpreted as "compatibility in the period between two major version changes" (as intended) or "compatibility between two versions whose major version is different" (unintended). Signed-off-by: Gilles Peskine --- BRANCHES.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index df30ae1004..b9926ac9df 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -16,9 +16,10 @@ At any point in time, we have a number of maintained branches consisting of: these only get bug fixes and security fixes. We use [Semantic Versioning](https://semver.org/). In particular, we maintain -API compatibility in the `master` branch between major version changes. We -also maintain ABI compatibility within LTS branches; see the next section for -details. +API compatibility in the `master` branch across minor version changes (e.g. +the API of 3.(x+1) is backward compatible with 3.x). We only break API +compatibility on major version changes (e.g. from 3.x to 4.0). We also maintain +ABI compatibility within LTS branches; see the next section for details. ## Backwards Compatibility From 5e1948d2a311a64254265431a4ab8d10024b7941 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 09:27:03 +0100 Subject: [PATCH 0223/1065] PSA PAKE: define size macros as 0 Define the size macros to 0 rather than empty. That will lead to fewer weird errors when we start implementing. Signed-off-by: Janos Follath --- include/psa/crypto_sizes.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index a603c9d298..a1b89446e7 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1152,7 +1152,7 @@ * the output type or PAKE algorithm is not recognized, or * the parameters are incompatible, return 0. */ -#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) +#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0 /** Output buffer size for psa_pake_output() for any of the supported cipher * suites and PAKE algorithms. @@ -1161,6 +1161,6 @@ * * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). */ -#define PSA_PAKE_OUTPUT_MAX_SIZE +#define PSA_PAKE_OUTPUT_MAX_SIZE 0 #endif /* PSA_CRYPTO_SIZES_H */ From a2959185969fd26fb42643e135ae5ce4672d5eac Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 09:41:39 +0100 Subject: [PATCH 0224/1065] PSA PAKE: add input size macros The caller is likely to receive the inputs on the wire, and having a known size for which they can confidently reject longer inputs would be helpful in cases where the application can't just use the input in place. Signed-off-by: Janos Follath --- include/psa/crypto.h | 2 ++ include/psa/crypto_sizes.h | 36 ++++++++++++++++++++++++++++++++---- 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bbdd06d5ae..e84c757d10 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4626,6 +4626,8 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is not valid for the algorithm, ciphersuite or \p step. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index a1b89446e7..62254fab52 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1134,10 +1134,9 @@ /** A sufficient output buffer size for psa_pake_output(). * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_pake_output() will not fail due to an - * insufficient ciphertext buffer size. The actual size of the output might be - * smaller in any given call. + * If the size of the output buffer is at least this large, it is guaranteed + * that psa_pake_output() will not fail due to an insufficient output buffer + * size. The actual size of the output might be smaller in any given call. * * See also #PSA_PAKE_OUTPUT_MAX_SIZE * @@ -1154,6 +1153,26 @@ */ #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0 +/** A sufficient input buffer size for psa_pake_input(). + * + * If the size of the input is larger than this, it is guaranteed + * that psa_pake_input() will fail with #PSA_ERROR_INVALID_ARGUMENT. + * + * See also #PSA_PAKE_INPUT_MAX_SIZE + * + * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param primitive A primitive of type ::psa_pake_primitive_t that is + * compatible with algorithm \p alg. + * \param output_step A value of type ::psa_pake_step_t that is valid for the + * algorithm \p alg. + * \return A sufficient output buffer size for the specified + * output, cipher suite and algorithm. If the cipher suite, + * the output type or PAKE algorithm is not recognized, or + * the parameters are incompatible, return 0. + */ +#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0 + /** Output buffer size for psa_pake_output() for any of the supported cipher * suites and PAKE algorithms. * @@ -1163,4 +1182,13 @@ */ #define PSA_PAKE_OUTPUT_MAX_SIZE 0 +/** Input buffer size for psa_pake_input() for any of the supported cipher + * suites and PAKE algorithms. + * + * This macro must expand to a compile-time constant integer. + * + * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p cipher_suite, \p output). + */ +#define PSA_PAKE_INPUT_MAX_SIZE 0 + #endif /* PSA_CRYPTO_SIZES_H */ From 304766e11ef35d17c549b9df9e46617ce12c5291 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 09:48:08 +0100 Subject: [PATCH 0225/1065] PSA PAKE: make algorithm macro name consistent The API has PSA_ALG_GCM and not PSA_ALG_AEAD_GCM, PSA_ALG_MD5 and not PSA_ALG_HASH_MD5, etc., so PSA_ALG_PAKE_JPAKE should be PSA_ALG_JPAKE as well. Signed-off-by: Janos Follath --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ab9bb5b8bd..37cd030247 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1977,7 +1977,7 @@ * - A secure cryptographic hash function. * * To select these parameters and set up the cipher suite, call - * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_PAKE_JPAKE); + * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); * psa_pake_cs_set_primitive(cipher_suite, * PSA_PAKE_PRIMITIVE(type, family, bits)); * psa_pake_cs_set_hash(cipher_suite, hash); @@ -2067,7 +2067,7 @@ * of RFC 8236 for two examples. * */ -#define PSA_ALG_PAKE_JPAKE ((psa_algorithm_t)0x0a000100) +#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100) /**@}*/ From 702cf09ae9fdb180fc1a4b56206aaf9425d99e39 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 12:58:23 +0100 Subject: [PATCH 0226/1065] PSA PAKE: move the API to crypto_extra.h At this point this is a proposed PAKE interface for the PSA Crypto API and not part of the official standard. Place the interface in crypto_extra.h to make this clear. Signed-off-by: Janos Follath --- include/psa/crypto.h | 606 -------------------- include/psa/crypto_extra.h | 1041 +++++++++++++++++++++++++++++++++++ include/psa/crypto_sizes.h | 59 -- include/psa/crypto_struct.h | 75 --- include/psa/crypto_types.h | 42 -- include/psa/crypto_values.h | 261 --------- 6 files changed, 1041 insertions(+), 1043 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e84c757d10..534902f2df 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4091,612 +4091,6 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /**@}*/ - -/** \defgroup pake Password-authenticated key exchange (PAKE) - * @{ - */ - -/** The type of the data strucure for PAKE cipher suites. - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure. - * Implementation details can change in future versions without notice. - */ -typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t; - -/** Retrieve the PAKE algorithm from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The PAKE algorithm stored in the cipher suite structure. - */ -static psa_algorithm_t psa_pake_cs_get_algorithm( - const psa_pake_cipher_suite_t* cipher_suite - ); - -/** Declare the PAKE algorithm for the cipher suite. - * - * This function overwrites any PAKE algorithm - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param algorithm The PAKE algorithm to write. - * (`PSA_ALG_XXX` values of type ::psa_algorithm_t - * such that #PSA_ALG_IS_PAKE(\c alg) is true.) - * If this is 0, the PAKE algorithm in - * \p cipher_suite becomes unspecified. - */ -static void psa_pake_cs_set_algorithm( - psa_pake_cipher_suite_t* cipher_suite, - psa_algorithm_t algorithm - ); - -/** Retrieve the primitive from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external linkage). - * This function may be provided as a function-like macro, but in this case it - * must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The primitive stored in the cipher suite structure. - */ -static psa_pake_primitive_t psa_pake_cs_get_primitive( - const psa_pake_cipher_suite_t* cipher_suite - ); - -/** Declare the primitive for a PAKE cipher suite. - * - * This function overwrites any primitive previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param primitive The primitive to write. If this is 0, the - * primitive type in \p cipher_suite becomes - * unspecified. - */ -static void psa_pake_cs_set_primitive( - psa_pake_cipher_suite_t* cipher_suite, - psa_pake_primitive_t primitive - ); - -/** Retrieve the hash algorithm from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The hash algorithm stored in the cipher suite structure. The return - * value is 0 if the PAKE is not parametrised by a hash algorithm or if - * the hash algorithm is not set. - */ -static psa_algorithm_t psa_pake_cs_get_hash( - const psa_pake_cipher_suite_t* cipher_suite - ); - -/** Declare the hash algorithm for a PAKE cipher suite. - * - * This function overwrites any hash algorithm - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param hash The hash involved in the cipher suite. - * (`PSA_ALG_XXX` values of type ::psa_algorithm_t - * such that #PSA_ALG_IS_HASH(\c alg) is true.) - * If this is 0, the hash algorithm in - * \p cipher_suite becomes unspecified. - */ -static void psa_pake_cs_set_hash( - psa_pake_cipher_suite_t* cipher_suite, - psa_algorithm_t hash - ); - -/** The type of the state data structure for PAKE operations. - * - * Before calling any function on a PAKE operation object, the application - * must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_pake_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_pake_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_PAKE_OPERATION_INIT, - * for example: - * \code - * psa_pake_operation_t operation = PSA_PAKE_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_pake_operation_init() - * to the structure, for example: - * \code - * psa_pake_operation_t operation; - * operation = psa_pake_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure. - * Implementation details can change in future versions without notice. */ -typedef struct psa_pake_operation_s psa_pake_operation_t; - -/** Return an initial value for an PAKE operation object. - */ -static psa_pake_operation_t psa_pake_operation_init(void); - -/** Set the session information for a password-authenticated key exchange. - * - * The sequence of operations to set up a password-authenticated key exchange - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_pake_operation_t, e.g. - * #PSA_PAKE_OPERATION_INIT. - * -# Call psa_pake_setup() to specify the cipher suite. - * -# Call \c psa_pake_set_xxx() functions on the operation to complete the - * setup. The exact sequence of \c psa_pake_set_xxx() functions that needs - * to be called depends on the algorithm in use. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * A typical sequence of calls to perform a password-authenticated key - * exchange: - * -# Call psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to get the - * key share that needs to be sent to the peer. - * -# Call psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to provide - * the key share that was received from the peer. - * -# Depending on the algorithm additional calls to psa_pake_output() and - * psa_pake_input() might be necessary. - * -# Call psa_pake_get_implicit_key() for accessing the shared secret. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * If an error occurs at any step after a call to psa_pake_setup(), - * the operation will need to be reset by a call to psa_pake_abort(). The - * application may call psa_pake_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_pake_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A call to psa_pake_abort(). - * - A successful call to psa_pake_get_implicit_key(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_pake_operation_t and not yet in use (no - * other function has been called on it since the - * last initialization). - * \param cipher_suite The cipher suite to use. (A cipher suite fully - * characterizes a PAKE algorithm and determines - * the algorithm as well.) - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The \p cipher_suite is not supported or is not valid. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_setup(psa_pake_operation_t *operation, - psa_pake_cipher_suite_t cipher_suite); - -/** Set the password for a password-authenticated key exchange from key ID. - * - * Call this function when the password, or a value derived from the password, - * is already present in the key store. To calculate the password-derived value - * from a password input, use the key derivation interface and - * psa_pake_set_password_stretch() instead. - * - * \param[in,out] operation The operation object to set the password for. It - * must have been set up by psa_pake_setup() and - * not yet in use (neither psa_pake_output() nor - * psa_pake_input() has been called yet). It must - * be on operation for which the password hasn't - * been set yet (neither - * psa_pake_set_password_stretch() nor - * psa_pake_set_password_key() has been called - * yet). - * \param password Identifier of the key holding the password or a - * value derived from the password (eg. by a - * memory-hard function). It must remain valid - * until the operation terminates. It must be of - * type #PSA_KEY_TYPE_PASSWORD or - * #PSA_KEY_TYPE_PASSWORD_HASH. It has to allow - * the usage #PSA_KEY_USAGE_DERIVE. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must have been set up.) - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with the algorithm or the cipher suite. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, - mbedtls_svc_key_id_t password); - -/** Set the password for a password-authenticated key exchange via a key - * stretching function. - * - * Some protocols use values derived from passwords via key stretching - * functions to mitigate dictionary attacks. Key stretching functions can be - * accessed through the key derivation interface and the result can be supplied - * to the PAKE operation in the form of a key derivation object. - * - * This function draws bytes from a key derivation algorithm and sets those - * bytes as a password for the password-authenticated key exchange. If you - * view the key derivation's output as a stream of bytes, this function - * destructively reads the requested number of bytes from the stream. - * The key derivation operation's capacity decreases by the number of bytes read. - * - * If this function returns anything other than #PSA_SUCCESS, both \p operation - * and \p key_derivation operations enter an error state and must be aborted by - * calling psa_pake_abort() and psa_key_derivation_abort() respectively. - * - * \param[in,out] operation The operation object to set the password for. - * It must have been set up by psa_pake_setup() - * and not yet in use (neither psa_pake_output() - * nor psa_pake_input() has been called yet). It - * must be on operation for which the password - * hasn't been set yet (neither - * psa_pake_set_password_stretch() nor - * psa_pake_set_password_key() has been called - * yet). - * \param[in,out] key_derivation An ongoing key derivation operation set up - * from the password and in a state suitable for - * calling psa_key_derivation_output_bytes(). - * \param input_length Number of bytes to input from the - * \p key_derivation operation. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The state of \p operation or \p key_derivation is not valid. - * \retval #PSA_ERROR_INSUFFICIENT_DATA - * The \p key_derivation operation's capacity was less than - * \p input_length bytes. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_NOT_PERMITTED - * One of the inputs to \p key_derivation was a key whose policy didn't - * allow #PSA_KEY_USAGE_DERIVE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with the algorithm or the cipher suite. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_password_stretch( - psa_pake_operation_t *operation, - psa_key_derivation_operation_t *key_derivation, - size_t input_length - ); - -/** Set the user ID for a password-authenticated key exchange. - * - * Call this function to set the user ID. For PAKE algorithms that associate a - * user identifier with each side of the session you need to call - * psa_pake_set_peer() as well. For PAKE algorithms that associate a single - * user identifier with the session, call psa_pake_set_user() only. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * \param[in,out] operation The operation object to set the user ID for. It - * must have been set up by psa_pake_setup() and - * not yet in use (neither psa_pake_output() nor - * psa_pake_input() has been called yet). It must - * be on operation for which the user ID hasn't - * been set (psa_pake_set_user() hasn't been - * called yet). - * \param[in] user_id The user ID to authenticate with. - * \param user_id_len Size of the \p user_id buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p user_id is NULL. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, - const uint8_t *user_id, - size_t user_id_len); - -/** Set the peer ID for a password-authenticated key exchange. - * - * Call this function in addition to psa_pake_set_user() for PAKE algorithms - * that associate a user identifier with each side of the session. For PAKE - * algorithms that associate a single user identifier with the session, call - * psa_pake_set_user() only. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * \param[in,out] operation The operation object to set the peer ID for. It - * must have been set up by psa_pake_setup() and - * not yet in use (neither psa_pake_output() nor - * psa_pake_input() has been called yet). It must - * be on operation for which the peer ID hasn't - * been set (psa_pake_set_peer() hasn't been - * called yet). - * \param[in] peer_id The peer's ID to authenticate. - * \param peer_id_len Size of the \p peer_id buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The algorithm doesn't associate a second identity with the session. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p user_id is NULL. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, - const uint8_t *peer_id, - size_t peer_id_len); - -/** Set the side for a password-authenticated key exchange. - * - * Not all PAKE algorithms need to differentiate the communicating entities. - * It is optional to call this function for PAKEs that don't require a side - * parameter. For such PAKEs the side parameter is ignored. - * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * - * \param[in,out] operation The operation object to set the side for. It - * must have been set up by psa_pake_setup() and - * not yet in use (neither psa_pake_output() nor - * psa_pake_input() has been called yet). It must - * be on operation for which the side hasn't been - * set (psa_pake_set_side() hasn't been called - * yet). - * \param side A value of type ::psa_pake_side_t signaling the - * side of the algorithm that is being set up. For - * more information see the documentation of \c - * PSA_PAKE_SIDE_XXX constants. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The \p side for this algorithm is not supported or is not valid. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, - psa_pake_side_t side); - -/** Get output for a step of a password-authenticated key exchange. - * - * Depending on the algorithm being executed, you might need to call this - * function several times or you might not need to call this at all. - * - * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the algorithm in use. Refer to the documentation of - * individual PAKE algorithm types (`PSA_ALG_XXX` values of type - * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more - * information. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_pake_abort(). - * - * \param[in,out] operation Active PAKE operation. - * \param step The step of the algorithm for which the output is - * requested. - * \param[out] output Buffer where the output is to be written in the - * format appropriate for this \p step. Refer to - * the documentation of the individual - * \c PSA_PAKE_STEP_XXX constants for more - * information. - * \param output_size Size of the \p output buffer in bytes. This must - * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \c - * cipher_suite, \p type). - * - * \param[out] output_length On success, the number of bytes of the returned - * output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_output(psa_pake_operation_t *operation, - psa_pake_step_t step, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** Provide input for a step of a password-authenticated key exchange. - * - * Depending on the algorithm being executed, you might need to call this - * function several times or you might not need to call this at all. - * - * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the algorithm in use. Refer to the documentation of - * individual PAKE algorithm types (`PSA_ALG_XXX` values of type - * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more - * information. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_pake_abort(). - * - * \param[in,out] operation Active PAKE operation. - * \param step The step for which the input is provided. - * \param[out] input Buffer containing the input in the format - * appropriate for this \p step. Refer to the - * documentation of the individual - * \c PSA_PAKE_STEP_XXX constants for more - * information. - * \param[out] input_length Size of the \p input buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The input is not valid for the algorithm, ciphersuite or \p step. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_input(psa_pake_operation_t *operation, - psa_pake_step_t step, - uint8_t *input, - size_t input_length); - -/** Get implicitly confirmed shared secret from a PAKE. - * - * At this point there is a cryptographic guarantee that only the authenticated - * party who used the same password is able to compute the key. But there is no - * guarantee that the peer is the party he claims to be and was able to do so. - * - * That is, the authentication is only implicit (the peer is not authenticated - * at this point, and no action should be taken that assume that they are - like - * for example accessing restricted files). - * - * This function can be called after the key exchange phase of the operation - * has completed. It imports the shared secret output of the PAKE into the - * provided derivation operation. The input step - * #PSA_KEY_DERIVATION_INPUT_SECRET is used when placing the shared key - * material in the key derivation operation. - * - * The exact sequence of calls to perform a password-authenticated key - * exchange depends on the algorithm in use. Refer to the documentation of - * individual PAKE algorithm types (`PSA_ALG_XXX` values of type - * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more - * information. - * - * When this function returns successfully, \p operation becomes inactive. - * If this function returns an error status, both \p operation - * and \p key_derivation operations enter an error state and must be aborted by - * calling psa_pake_abort() and psa_key_derivation_abort() respectively. - * - * \param[in,out] operation Active PAKE operation. - * \param[out] output A key derivation operation that is ready - * for an input step of type - * #PSA_KEY_DERIVATION_INPUT_SECRET. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). - * \retval #PSA_ERROR_BAD_STATE - * The state of \p output is not valid for - * the #PSA_KEY_DERIVATION_INPUT_SECRET step. This can happen if the - * step is out of order or the application has done this step already - * and it may not be repeated. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * #PSA_KEY_DERIVATION_INPUT_SECRET is not compatible with the output’s - * algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, - psa_key_derivation_operation_t *output); -/**@}*/ - #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a7b4ab5994..615b6511c8 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -813,6 +813,1047 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( /** @} */ +/** \addtogroup crypto_types + * @{ + */ + +#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000) + +/** Whether the specified algorithm is a password-authenticated key exchange. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a password-authenticated key exchange (PAKE) + * algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_PAKE(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE) + +/** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. + * + * This is J-PAKE as defined by RFC 8236, instantiated with the following + * parameters: + * + * - The group can be either an elliptic curve or defined over a finite field. + * - Schnorr NIZK proof as defined by RFC 8235 and using the same group as the + * J-PAKE algorithm. + * - A secure cryptographic hash function. + * + * To select these parameters and set up the cipher suite, call + * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); + * psa_pake_cs_set_primitive(cipher_suite, + * PSA_PAKE_PRIMITIVE(type, family, bits)); + * psa_pake_cs_set_hash(cipher_suite, hash); + * + * For more information on how to set a specific curve or field, refer to the + * documentation of the individual \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + * + * After initializing a J-PAKE operation, call + * psa_pake_setup(operation, cipher_suite); + * psa_pake_set_user(operation, ...); + * psa_pake_set_peer(operation, ...); + * and either + * psa_pake_set_password_stretch(operation, ...); + * or + * psa_pake_set_password_key(operation, ...); + * + * Either way the password is read as a byte array and must be non-empty. This + * can be the password itself (in some pre-defined character encoding) or some + * value derived from the password as mandated by some higher level protocol. + * + * (The implementation converts this byte array to a number as described in + * Section 2.3.8 of _SEC 1: Elliptic Curve Cryptography_ + * (https://www.secg.org/sec1-v2.pdf), before reducing it modulo \c q. Here + * \c q is order of the group defined by the primitive set in the cipher suite. + * The \c psa_pake_set_password_xxx() functions return an error if the result + * of the reduction is 0.) + * + * The key exchange flow for J-PAKE is as follows: + * -# To get the first round data that needs to be sent to the peer, call + * // Get g1 + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get the ZKP public key for x1 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get the ZKP proof for x1 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * // Get g2 + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get the ZKP public key for x2 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get the ZKP proof for x2 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * -# To provide the first round data received from the peer to the operation, + * call + * // Set g3 + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set the ZKP public key for x3 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set the ZKP proof for x3 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * // Set g4 + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set the ZKP public key for x4 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set the ZKP proof for x4 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * -# To get the second round data that needs to be sent to the peer, call + * // Get A + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get ZKP public key for x2*s + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get ZKP proof for x2*s + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * -# To provide the second round data received from the peer to the operation, + * call + * // Set B + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set ZKP public key for x4*s + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set ZKP proof for x4*s + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * -# To access the shared secret call + * // Get Ka=Kb=K + * psa_pake_get_implicit_key() + * + * For more information consult the documentation of the individual + * \c PSA_PAKE_STEP_XXX constants. + * + * At this point there is a cryptographic guarantee that only the authenticated + * party who used the same password is able to compute the key. But there is no + * guarantee that the peer is the party he claims to be and was able to do so. + * + * That is, the authentication is only implicit (the peer is not authenticated + * at this point, and no action should be taken that assume that they are - like + * for example accessing restricted files). + * + * To make the authentication explicit there are various methods, see Section 5 + * of RFC 8236 for two examples. + * + */ +#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100) + +/** @} */ + +/** \defgroup pake Password-authenticated key exchange (PAKE) + * @{ + */ + +/** \brief Encoding of the side of PAKE + * + * Encodes which side of the algorithm is being executed. For more information + * see the documentation of individual \c PSA_PAKE_SIDE_XXX constants. + */ +typedef uint8_t psa_pake_side_t; + +/** Encoding of input and output indicators for PAKE. + * + * Some PAKE algorithms need to exchange more data than just a single key share. + * This type is for encoding additional input and output data for such + * algorithms. + */ +typedef uint8_t psa_pake_step_t; + +/** Encoding of the type of the PAKE's primitive. + * + * Values defined by this standard will never be in the range 0x80-0xff. + * Vendors who define additional types must use an encoding in this range. + * + * For more information see the documentation of individual + * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + */ +typedef uint8_t psa_pake_primitive_type_t; + +/** \brief Encoding of the family of the primitive associated with the PAKE. + * + * For more information see the documentation of individual + * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. + */ +typedef uint8_t psa_pake_family_t; + +/** \brief Encoding of the primitive associated with the PAKE. + * + * For more information see the documentation of the #PSA_PAKE_PRIMITIVE macro. + */ +typedef uint32_t psa_pake_primitive_t; + +/** The first peer in a balanced PAKE. + * + * Although balanced PAKE algorithms are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the algorithm does not + * need this, both #PSA_PAKE_SIDE_FIRST and #PSA_PAKE_SIDE_SECOND are + * accepted. + */ +#define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01) + +/** The second peer in a balanced PAKE. + * + * Although balanced PAKE algorithms are symmetric, some of them needs an + * ordering of peers for the transcript calculations. If the algorithm does not + * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are + * accepted. + */ +#define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x02) + +/** The client in an augmented PAKE. + * + * Augmented PAKE algorithms need to differentiate between client and server. + */ +#define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x11) + +/** The server in an augmented PAKE. + * + * Augmented PAKE algorithms need to differentiate between client and server. + */ +#define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12) + +/** The PAKE primitive type indicating the use of elliptic curves. + * + * The values of the \c family and \c bits fields of the cipher suite identify a + * specific elliptic curve, using the same mapping that is used for ECC + * (::psa_ecc_family_t) keys. + * + * (Here \c family means the value returned by psa_pake_cs_get_family() and + * \c bits means the value returned by psa_pake_cs_get_bits().) + * + * Input and output during the operation can involve group elements and scalar + * values: + * -# The format for group elements is the same as for public keys on the + * specific curve would be. For more information, consult the documentation of + * psa_export_public_key(). + * -# The format for scalars is the same as for private keys on the specific + * curve would be. For more information, consult the documentation of + * psa_export_key(). + */ +#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) + +/** The PAKE primitive type indicating the use of Diffie-Hellman groups. + * + * The values of the \c family and \c bits fields of the cipher suite identify + * a specific Diffie-Hellman group, using the same mapping that is used for + * Diffie-Hellman (::psa_dh_family_t) keys. + * + * (Here \c family means the value returned by psa_pake_cs_get_family() and + * \c bits means the value returned by psa_pake_cs_get_bits().) + * + * Input and output during the operation can involve group elements and scalar + * values: + * -# The format for group elements is the same as for public keys on the + * specific group would be. For more information, consult the documentation of + * psa_export_public_key(). + * -# The format for scalars is the same as for private keys on the specific + * group would be. For more information, consult the documentation of + * psa_export_key(). + */ +#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) + +/** Construct a PAKE primitive from type, family and bit-size. + * + * \param pake_type The type of the primitive + * (value of type ::psa_pake_primitive_type_t). + * \param pake_family The family of the primitive + * (the type and interpretation of this parameter depends + * on \p type, for more information consult the + * documentation of individual ::psa_pake_primitive_type_t + * constants). + * \param pake_bits The bit-size of the primitive + * (Value of type \c size_t. The interpretation + * of this parameter depends on \p family, for more + * information consult the documentation of individual + * ::psa_pake_primitive_type_t constants). + * + * \return The constructed primitive value of type ::psa_pake_primitive_t. + * Return 0 if the requested primitive can't be encoded as + * ::psa_pake_primitive_t. + */ +#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ + ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \ + ((psa_pake_primitive_t) (((pake_type) << 24 | \ + (pake_family) << 16) | (pake_bits))) + +/** The key share being sent to or received from the peer. + * + * The format for both input and output at this step is the same as for public + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. + * + * For more information on the format, consult the documentation of + * psa_export_public_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. + */ +#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) + +/** A Schnorr NIZKP public key. + * + * The format for both input and output at this step is the same as for public + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. + * + * For more information on the format, consult the documentation of + * psa_export_public_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. + */ +#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) + +/** A Schnorr NIZKP proof. + * + * The format for both input and output at this step is the same as for private + * keys on the group determined by the primitive (::psa_pake_primitive_t) would + * be. + * + * Some public key algorithms mask the private keys and this might be reflected + * in the export format. Even if this is the case the masking is omitted at + * this step. + * + * For more information on the format, consult the documentation of + * psa_export_key(). + * + * For information regarding how the group is determined, consult the + * documentation #PSA_PAKE_PRIMITIVE. + */ +#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) + +/** The type of the data strucure for PAKE cipher suites. + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. + */ +typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t; + +/** Retrieve the PAKE algorithm from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The PAKE algorithm stored in the cipher suite structure. + */ +static psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the PAKE algorithm for the cipher suite. + * + * This function overwrites any PAKE algorithm + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param algorithm The PAKE algorithm to write. + * (`PSA_ALG_XXX` values of type ::psa_algorithm_t + * such that #PSA_ALG_IS_PAKE(\c alg) is true.) + * If this is 0, the PAKE algorithm in + * \p cipher_suite becomes unspecified. + */ +static void psa_pake_cs_set_algorithm( + psa_pake_cipher_suite_t* cipher_suite, + psa_algorithm_t algorithm + ); + +/** Retrieve the primitive from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external linkage). + * This function may be provided as a function-like macro, but in this case it + * must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The primitive stored in the cipher suite structure. + */ +static psa_pake_primitive_t psa_pake_cs_get_primitive( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the primitive for a PAKE cipher suite. + * + * This function overwrites any primitive previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param primitive The primitive to write. If this is 0, the + * primitive type in \p cipher_suite becomes + * unspecified. + */ +static void psa_pake_cs_set_primitive( + psa_pake_cipher_suite_t* cipher_suite, + psa_pake_primitive_t primitive + ); + +/** Retrieve the hash algorithm from a PAKE cipher suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] cipher_suite The cipher suite structure to query. + * + * \return The hash algorithm stored in the cipher suite structure. The return + * value is 0 if the PAKE is not parametrised by a hash algorithm or if + * the hash algorithm is not set. + */ +static psa_algorithm_t psa_pake_cs_get_hash( + const psa_pake_cipher_suite_t* cipher_suite + ); + +/** Declare the hash algorithm for a PAKE cipher suite. + * + * This function overwrites any hash algorithm + * previously set in \p cipher_suite. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[out] cipher_suite The cipher suite structure to write to. + * \param hash The hash involved in the cipher suite. + * (`PSA_ALG_XXX` values of type ::psa_algorithm_t + * such that #PSA_ALG_IS_HASH(\c alg) is true.) + * If this is 0, the hash algorithm in + * \p cipher_suite becomes unspecified. + */ +static void psa_pake_cs_set_hash( + psa_pake_cipher_suite_t* cipher_suite, + psa_algorithm_t hash + ); + +/** The type of the state data structure for PAKE operations. + * + * Before calling any function on a PAKE operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_pake_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_pake_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_PAKE_OPERATION_INIT, + * for example: + * \code + * psa_pake_operation_t operation = PSA_PAKE_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_pake_operation_init() + * to the structure, for example: + * \code + * psa_pake_operation_t operation; + * operation = psa_pake_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ +typedef struct psa_pake_operation_s psa_pake_operation_t; + +/** Return an initial value for an PAKE operation object. + */ +static psa_pake_operation_t psa_pake_operation_init(void); + +/** Set the session information for a password-authenticated key exchange. + * + * The sequence of operations to set up a password-authenticated key exchange + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_pake_operation_t, e.g. + * #PSA_PAKE_OPERATION_INIT. + * -# Call psa_pake_setup() to specify the cipher suite. + * -# Call \c psa_pake_set_xxx() functions on the operation to complete the + * setup. The exact sequence of \c psa_pake_set_xxx() functions that needs + * to be called depends on the algorithm in use. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * A typical sequence of calls to perform a password-authenticated key + * exchange: + * -# Call psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to get the + * key share that needs to be sent to the peer. + * -# Call psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...) to provide + * the key share that was received from the peer. + * -# Depending on the algorithm additional calls to psa_pake_output() and + * psa_pake_input() might be necessary. + * -# Call psa_pake_get_implicit_key() for accessing the shared secret. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * If an error occurs at any step after a call to psa_pake_setup(), + * the operation will need to be reset by a call to psa_pake_abort(). The + * application may call psa_pake_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_pake_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A call to psa_pake_abort(). + * - A successful call to psa_pake_get_implicit_key(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_pake_operation_t and not yet in use (no + * other function has been called on it since the + * last initialization). + * \param cipher_suite The cipher suite to use. (A cipher suite fully + * characterizes a PAKE algorithm and determines + * the algorithm as well.) + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The \p cipher_suite is not supported or is not valid. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_setup(psa_pake_operation_t *operation, + psa_pake_cipher_suite_t cipher_suite); + +/** Set the password for a password-authenticated key exchange from key ID. + * + * Call this function when the password, or a value derived from the password, + * is already present in the key store. To calculate the password-derived value + * from a password input, use the key derivation interface and + * psa_pake_set_password_stretch() instead. + * + * \param[in,out] operation The operation object to set the password for. It + * must have been set up by psa_pake_setup() and + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the password hasn't + * been set yet (neither + * psa_pake_set_password_stretch() nor + * psa_pake_set_password_key() has been called + * yet). + * \param password Identifier of the key holding the password or a + * value derived from the password (eg. by a + * memory-hard function). It must remain valid + * until the operation terminates. It must be of + * type #PSA_KEY_TYPE_PASSWORD or + * #PSA_KEY_TYPE_PASSWORD_HASH. It has to allow + * the usage #PSA_KEY_USAGE_DERIVE. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must have been set up.) + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with the algorithm or the cipher suite. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password); + +/** Set the password for a password-authenticated key exchange via a key + * stretching function. + * + * Some protocols use values derived from passwords via key stretching + * functions to mitigate dictionary attacks. Key stretching functions can be + * accessed through the key derivation interface and the result can be supplied + * to the PAKE operation in the form of a key derivation object. + * + * This function draws bytes from a key derivation algorithm and sets those + * bytes as a password for the password-authenticated key exchange. If you + * view the key derivation's output as a stream of bytes, this function + * destructively reads the requested number of bytes from the stream. + * The key derivation operation's capacity decreases by the number of bytes read. + * + * If this function returns anything other than #PSA_SUCCESS, both \p operation + * and \p key_derivation operations enter an error state and must be aborted by + * calling psa_pake_abort() and psa_key_derivation_abort() respectively. + * + * \param[in,out] operation The operation object to set the password for. + * It must have been set up by psa_pake_setup() + * and not yet in use (neither psa_pake_output() + * nor psa_pake_input() has been called yet). It + * must be on operation for which the password + * hasn't been set yet (neither + * psa_pake_set_password_stretch() nor + * psa_pake_set_password_key() has been called + * yet). + * \param[in,out] key_derivation An ongoing key derivation operation set up + * from the password and in a state suitable for + * calling psa_key_derivation_output_bytes(). + * \param input_length Number of bytes to input from the + * \p key_derivation operation. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The state of \p operation or \p key_derivation is not valid. + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * The \p key_derivation operation's capacity was less than + * \p input_length bytes. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_PERMITTED + * One of the inputs to \p key_derivation was a key whose policy didn't + * allow #PSA_KEY_USAGE_DERIVE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with the algorithm or the cipher suite. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_password_stretch( + psa_pake_operation_t *operation, + psa_key_derivation_operation_t *key_derivation, + size_t input_length + ); + +/** Set the user ID for a password-authenticated key exchange. + * + * Call this function to set the user ID. For PAKE algorithms that associate a + * user identifier with each side of the session you need to call + * psa_pake_set_peer() as well. For PAKE algorithms that associate a single + * user identifier with the session, call psa_pake_set_user() only. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[in,out] operation The operation object to set the user ID for. It + * must have been set up by psa_pake_setup() and + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the user ID hasn't + * been set (psa_pake_set_user() hasn't been + * called yet). + * \param[in] user_id The user ID to authenticate with. + * \param user_id_len Size of the \p user_id buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p user_id is NULL. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, + const uint8_t *user_id, + size_t user_id_len); + +/** Set the peer ID for a password-authenticated key exchange. + * + * Call this function in addition to psa_pake_set_user() for PAKE algorithms + * that associate a user identifier with each side of the session. For PAKE + * algorithms that associate a single user identifier with the session, call + * psa_pake_set_user() only. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[in,out] operation The operation object to set the peer ID for. It + * must have been set up by psa_pake_setup() and + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the peer ID hasn't + * been set (psa_pake_set_peer() hasn't been + * called yet). + * \param[in] peer_id The peer's ID to authenticate. + * \param peer_id_len Size of the \p peer_id buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The algorithm doesn't associate a second identity with the session. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p user_id is NULL. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, + const uint8_t *peer_id, + size_t peer_id_len); + +/** Set the side for a password-authenticated key exchange. + * + * Not all PAKE algorithms need to differentiate the communicating entities. + * It is optional to call this function for PAKEs that don't require a side + * parameter. For such PAKEs the side parameter is ignored. + * + * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` + * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) + * for more information. + * + * \param[in,out] operation The operation object to set the side for. It + * must have been set up by psa_pake_setup() and + * not yet in use (neither psa_pake_output() nor + * psa_pake_input() has been called yet). It must + * be on operation for which the side hasn't been + * set (psa_pake_set_side() hasn't been called + * yet). + * \param side A value of type ::psa_pake_side_t signaling the + * side of the algorithm that is being set up. For + * more information see the documentation of \c + * PSA_PAKE_SIDE_XXX constants. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The \p side for this algorithm is not supported or is not valid. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_set_side(psa_pake_operation_t *operation, + psa_pake_side_t side); + +/** Get output for a step of a password-authenticated key exchange. + * + * Depending on the algorithm being executed, you might need to call this + * function several times or you might not need to call this at all. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the algorithm in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param step The step of the algorithm for which the output is + * requested. + * \param[out] output Buffer where the output is to be written in the + * format appropriate for this \p step. Refer to + * the documentation of the individual + * \c PSA_PAKE_STEP_XXX constants for more + * information. + * \param output_size Size of the \p output buffer in bytes. This must + * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \c + * cipher_suite, \p type). + * + * \param[out] output_length On success, the number of bytes of the returned + * output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_output(psa_pake_operation_t *operation, + psa_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Provide input for a step of a password-authenticated key exchange. + * + * Depending on the algorithm being executed, you might need to call this + * function several times or you might not need to call this at all. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the algorithm in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_pake_abort(). + * + * \param[in,out] operation Active PAKE operation. + * \param step The step for which the input is provided. + * \param[out] input Buffer containing the input in the format + * appropriate for this \p step. Refer to the + * documentation of the individual + * \c PSA_PAKE_STEP_XXX constants for more + * information. + * \param[out] input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the algorithm). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is not valid for the algorithm, ciphersuite or \p step. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_input(psa_pake_operation_t *operation, + psa_pake_step_t step, + uint8_t *input, + size_t input_length); + +/** Get implicitly confirmed shared secret from a PAKE. + * + * At this point there is a cryptographic guarantee that only the authenticated + * party who used the same password is able to compute the key. But there is no + * guarantee that the peer is the party he claims to be and was able to do so. + * + * That is, the authentication is only implicit (the peer is not authenticated + * at this point, and no action should be taken that assume that they are - like + * for example accessing restricted files). + * + * This function can be called after the key exchange phase of the operation + * has completed. It imports the shared secret output of the PAKE into the + * provided derivation operation. The input step + * #PSA_KEY_DERIVATION_INPUT_SECRET is used when placing the shared key + * material in the key derivation operation. + * + * The exact sequence of calls to perform a password-authenticated key + * exchange depends on the algorithm in use. Refer to the documentation of + * individual PAKE algorithm types (`PSA_ALG_XXX` values of type + * ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) for more + * information. + * + * When this function returns successfully, \p operation becomes inactive. + * If this function returns an error status, both \p operation + * and \p key_derivation operations enter an error state and must be aborted by + * calling psa_pake_abort() and psa_key_derivation_abort() respectively. + * + * \param[in,out] operation Active PAKE operation. + * \param[out] output A key derivation operation that is ready + * for an input step of type + * #PSA_KEY_DERIVATION_INPUT_SECRET. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, but beyond that + * validity is specific to the algorithm). + * \retval #PSA_ERROR_BAD_STATE + * The state of \p output is not valid for + * the #PSA_KEY_DERIVATION_INPUT_SECRET step. This can happen if the + * step is out of order or the application has done this step already + * and it may not be repeated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * #PSA_KEY_DERIVATION_INPUT_SECRET is not compatible with the output’s + * algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, + psa_key_derivation_operation_t *output); + +/**@}*/ + +/** A sufficient output buffer size for psa_pake_output(). + * + * If the size of the output buffer is at least this large, it is guaranteed + * that psa_pake_output() will not fail due to an insufficient output buffer + * size. The actual size of the output might be smaller in any given call. + * + * See also #PSA_PAKE_OUTPUT_MAX_SIZE + * + * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param primitive A primitive of type ::psa_pake_primitive_t that is + * compatible with algorithm \p alg. + * \param output_step A value of type ::psa_pake_step_t that is valid for the + * algorithm \p alg. + * \return A sufficient output buffer size for the specified + * output, cipher suite and algorithm. If the cipher suite, + * the output type or PAKE algorithm is not recognized, or + * the parameters are incompatible, return 0. + */ +#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0 + +/** A sufficient input buffer size for psa_pake_input(). + * + * If the size of the input is larger than this, it is guaranteed + * that psa_pake_input() will fail with #PSA_ERROR_INVALID_ARGUMENT. + * + * See also #PSA_PAKE_INPUT_MAX_SIZE + * + * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * #PSA_ALG_IS_PAKE(\p alg) is true). + * \param primitive A primitive of type ::psa_pake_primitive_t that is + * compatible with algorithm \p alg. + * \param output_step A value of type ::psa_pake_step_t that is valid for the + * algorithm \p alg. + * \return A sufficient output buffer size for the specified + * output, cipher suite and algorithm. If the cipher suite, + * the output type or PAKE algorithm is not recognized, or + * the parameters are incompatible, return 0. + */ +#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0 + +/** Output buffer size for psa_pake_output() for any of the supported cipher + * suites and PAKE algorithms. + * + * This macro must expand to a compile-time constant integer. + * + * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). + */ +#define PSA_PAKE_OUTPUT_MAX_SIZE 0 + +/** Input buffer size for psa_pake_input() for any of the supported cipher + * suites and PAKE algorithms. + * + * This macro must expand to a compile-time constant integer. + * + * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p cipher_suite, \p output). + */ +#define PSA_PAKE_INPUT_MAX_SIZE 0 + +struct psa_pake_cipher_suite_s +{ + psa_algorithm_t algorithm; + psa_pake_primitive_type_t type; + psa_pake_family_t family; + uint16_t bits; + psa_algorithm_t hash; +}; + +static inline psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return(cipher_suite->algorithm); +} + +static inline void psa_pake_cs_set_algorithm( + psa_pake_cipher_suite_t *cipher_suite, + psa_algorithm_t algorithm) +{ + if(!PSA_ALG_IS_PAKE(algorithm)) + cipher_suite->algorithm = 0; + else + cipher_suite->algorithm = algorithm; +} + +static inline psa_pake_primitive_t psa_pake_cs_get_primitive( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return(PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family, + cipher_suite->bits)); +} + +static inline void psa_pake_cs_set_primitive( + psa_pake_cipher_suite_t *cipher_suite, + psa_pake_primitive_t primitive) +{ + cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24); + cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16)); + cipher_suite->bits = (uint16_t) (0xFFFF & primitive); +} + +static inline psa_algorithm_t psa_pake_cs_get_hash( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return(cipher_suite->hash); +} + +static inline void psa_pake_cs_set_hash( + psa_pake_cipher_suite_t *cipher_suite, + psa_algorithm_t hash) +{ + if(!PSA_ALG_IS_HASH(hash)) + cipher_suite->hash = 0; + else + cipher_suite->hash = hash; +} + +struct psa_pake_operation_s +{ + psa_algorithm_t alg; + union + { + /* Make the union non-empty even with no supported algorithms. */ + uint8_t dummy; + } ctx; +}; + +/* This only zeroes out the first byte in the union, the rest is unspecified. */ +#define PSA_PAKE_OPERATION_INIT {0, {0}} +static inline struct psa_pake_operation_s psa_pake_operation_init(void) +{ + const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT; + return(v); +} + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 62254fab52..79f96739ba 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1132,63 +1132,4 @@ #define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE \ (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) -/** A sufficient output buffer size for psa_pake_output(). - * - * If the size of the output buffer is at least this large, it is guaranteed - * that psa_pake_output() will not fail due to an insufficient output buffer - * size. The actual size of the output might be smaller in any given call. - * - * See also #PSA_PAKE_OUTPUT_MAX_SIZE - * - * \param alg A PAKE algorithm (PSA_ALG_XXX value such that - * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param primitive A primitive of type ::psa_pake_primitive_t that is - * compatible with algorithm \p alg. - * \param output_step A value of type ::psa_pake_step_t that is valid for the - * algorithm \p alg. - * \return A sufficient output buffer size for the specified - * output, cipher suite and algorithm. If the cipher suite, - * the output type or PAKE algorithm is not recognized, or - * the parameters are incompatible, return 0. - */ -#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0 - -/** A sufficient input buffer size for psa_pake_input(). - * - * If the size of the input is larger than this, it is guaranteed - * that psa_pake_input() will fail with #PSA_ERROR_INVALID_ARGUMENT. - * - * See also #PSA_PAKE_INPUT_MAX_SIZE - * - * \param alg A PAKE algorithm (PSA_ALG_XXX value such that - * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param primitive A primitive of type ::psa_pake_primitive_t that is - * compatible with algorithm \p alg. - * \param output_step A value of type ::psa_pake_step_t that is valid for the - * algorithm \p alg. - * \return A sufficient output buffer size for the specified - * output, cipher suite and algorithm. If the cipher suite, - * the output type or PAKE algorithm is not recognized, or - * the parameters are incompatible, return 0. - */ -#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0 - -/** Output buffer size for psa_pake_output() for any of the supported cipher - * suites and PAKE algorithms. - * - * This macro must expand to a compile-time constant integer. - * - * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p cipher_suite, \p output). - */ -#define PSA_PAKE_OUTPUT_MAX_SIZE 0 - -/** Input buffer size for psa_pake_input() for any of the supported cipher - * suites and PAKE algorithms. - * - * This macro must expand to a compile-time constant integer. - * - * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p cipher_suite, \p output). - */ -#define PSA_PAKE_INPUT_MAX_SIZE 0 - #endif /* PSA_CRYPTO_SIZES_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b20a179729..47012fdd00 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -461,81 +461,6 @@ static inline size_t psa_get_key_bits( return( attributes->core.bits ); } -struct psa_pake_cipher_suite_s -{ - psa_algorithm_t algorithm; - psa_pake_primitive_type_t type; - psa_pake_family_t family; - uint16_t bits; - psa_algorithm_t hash; -}; - -static inline psa_algorithm_t psa_pake_cs_get_algorithm( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->algorithm ); -} - -static inline void psa_pake_cs_set_algorithm( - psa_pake_cipher_suite_t *cipher_suite, - psa_algorithm_t algorithm) -{ - if( !PSA_ALG_IS_PAKE(algorithm) ) - cipher_suite->algorithm = 0; - else - cipher_suite->algorithm = algorithm; -} - -static inline psa_pake_primitive_t psa_pake_cs_get_primitive( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family, - cipher_suite->bits) ); -} - -static inline void psa_pake_cs_set_primitive( - psa_pake_cipher_suite_t *cipher_suite, - psa_pake_primitive_t primitive) -{ - cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24); - cipher_suite->family = (psa_pake_family_t) ( 0xFF & (primitive >> 16) ); - cipher_suite->bits = (uint16_t) ( 0xFFFF & primitive ); -} - -static inline psa_algorithm_t psa_pake_cs_get_hash( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->hash ); -} - -static inline void psa_pake_cs_set_hash( - psa_pake_cipher_suite_t *cipher_suite, - psa_algorithm_t hash) -{ - if( !PSA_ALG_IS_HASH(hash) ) - cipher_suite->hash = 0; - else - cipher_suite->hash = hash; -} - -struct psa_pake_operation_s -{ - psa_algorithm_t alg; - union - { - /* Make the union non-empty even with no supported algorithms. */ - uint8_t dummy; - } ctx; -}; - -/* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_PAKE_OPERATION_INIT {0, {0}} -static inline struct psa_pake_operation_s psa_pake_operation_init( void ) -{ - const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT; - return( v ); -} - #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 5a66a8709e..386c7d794b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -380,46 +380,4 @@ typedef uint16_t psa_key_derivation_step_t; /**@}*/ -/** \defgroup pake Password-authenticated key exchange (PAKE) - * @{ - */ - -/** \brief Encoding of the side of PAKE - * - * Encodes which side of the algorithm is being executed. For more information - * see the documentation of individual \c PSA_PAKE_SIDE_XXX constants. - */ -typedef uint8_t psa_pake_side_t; - -/** Encoding of input and output indicators for PAKE. - * - * Some PAKE algorithms need to exchange more data than just a single key share. - * This type is for encoding additional input and output data for such - * algorithms. - */ -typedef uint8_t psa_pake_step_t; - -/** Encoding of the type of the PAKE's primitive. - * - * Values defined by this standard will never be in the range 0x80-0xff. - * Vendors who define additional types must use an encoding in this range. - * - * For more information see the documentation of individual - * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. - */ -typedef uint8_t psa_pake_primitive_type_t; - -/** \brief Encoding of the family of the primitive associated with the PAKE. - * - * For more information see the documentation of individual - * \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. - */ -typedef uint8_t psa_pake_family_t; - -/** \brief Encoding of the primitive associated with the PAKE. - * - * For more information see the documentation of the #PSA_PAKE_PRIMITIVE macro. - */ -typedef uint32_t psa_pake_primitive_t; -/**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 37cd030247..497bd8f01f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -731,7 +731,6 @@ #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) -#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000) /** Whether an algorithm is vendor-defined. * @@ -849,18 +848,6 @@ (PSA_ALG_IS_KEY_DERIVATION(alg) && \ (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG) -/** Whether the specified algorithm is a password-authenticated key exchange. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a password-authenticated key exchange (PAKE) - * algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_PAKE(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_PAKE) - #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) /** MD2 */ #define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) @@ -1966,109 +1953,6 @@ #define PSA_ALG_GET_HASH(alg) \ (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff)) -/** The Password-authenticated key exchange by juggling (J-PAKE) algorithm. - * - * This is J-PAKE as defined by RFC 8236, instantiated with the following - * parameters: - * - * - The group can be either an elliptic curve or defined over a finite field. - * - Schnorr NIZK proof as defined by RFC 8235 and using the same group as the - * J-PAKE algorithm. - * - A secure cryptographic hash function. - * - * To select these parameters and set up the cipher suite, call - * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); - * psa_pake_cs_set_primitive(cipher_suite, - * PSA_PAKE_PRIMITIVE(type, family, bits)); - * psa_pake_cs_set_hash(cipher_suite, hash); - * - * For more information on how to set a specific curve or field, refer to the - * documentation of the individual \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. - * - * After initializing a J-PAKE operation, call - * psa_pake_setup(operation, cipher_suite); - * psa_pake_set_user(operation, ...); - * psa_pake_set_peer(operation, ...); - * and either - * psa_pake_set_password_stretch(operation, ...); - * or - * psa_pake_set_password_key(operation, ...); - * - * Either way the password is read as a byte array and must be non-empty. This - * can be the password itself (in some pre-defined character encoding) or some - * value derived from the password as mandated by some higher level protocol. - * - * (The implementation converts this byte array to a number as described in - * Section 2.3.8 of _SEC 1: Elliptic Curve Cryptography_ - * (https://www.secg.org/sec1-v2.pdf), before reducing it modulo \c q. Here - * \c q is order of the group defined by the primitive set in the cipher suite. - * The \c psa_pake_set_password_xxx() functions return an error if the result - * of the reduction is 0.) - * - * The key exchange flow for J-PAKE is as follows: - * -# To get the first round data that needs to be sent to the peer, call - * // Get g1 - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get the ZKP public key for x1 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get the ZKP proof for x1 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * // Get g2 - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get the ZKP public key for x2 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get the ZKP proof for x2 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * -# To provide the first round data received from the peer to the operation, - * call - * // Set g3 - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set the ZKP public key for x3 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set the ZKP proof for x3 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * // Set g4 - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set the ZKP public key for x4 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set the ZKP proof for x4 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * -# To get the second round data that needs to be sent to the peer, call - * // Get A - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get ZKP public key for x2*s - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get ZKP proof for x2*s - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * -# To provide the second round data received from the peer to the operation, - * call - * // Set B - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set ZKP public key for x4*s - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set ZKP proof for x4*s - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * -# To access the shared secret call - * // Get Ka=Kb=K - * psa_pake_get_implicit_key() - * - * For more information consult the documentation of the individual - * \c PSA_PAKE_STEP_XXX constants. - * - * At this point there is a cryptographic guarantee that only the authenticated - * party who used the same password is able to compute the key. But there is no - * guarantee that the peer is the party he claims to be and was able to do so. - * - * That is, the authentication is only implicit (the peer is not authenticated - * at this point, and no action should be taken that assume that they are - like - * for example accessing restricted files). - * - * To make the authentication explicit there are various methods, see Section 5 - * of RFC 8236 for two examples. - * - */ -#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100) - /**@}*/ /** \defgroup key_lifetimes Key lifetimes @@ -2497,149 +2381,4 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /**@}*/ -/** \defgroup pake Password-authenticated key exchange (PAKE) - * @{ - */ - -/** The first peer in a balanced PAKE. - * - * Although balanced PAKE algorithms are symmetric, some of them needs an - * ordering of peers for the transcript calculations. If the algorithm does not - * need this, both #PSA_PAKE_SIDE_FIRST and #PSA_PAKE_SIDE_SECOND are - * accepted. - */ -#define PSA_PAKE_SIDE_FIRST ((psa_pake_side_t)0x01) - -/** The second peer in a balanced PAKE. - * - * Although balanced PAKE algorithms are symmetric, some of them needs an - * ordering of peers for the transcript calculations. If the algorithm does not - * need this, either #PSA_PAKE_SIDE_FIRST or #PSA_PAKE_SIDE_SECOND are - * accepted. - */ -#define PSA_PAKE_SIDE_SECOND ((psa_pake_side_t)0x02) - -/** The client in an augmented PAKE. - * - * Augmented PAKE algorithms need to differentiate between client and server. - */ -#define PSA_PAKE_SIDE_CLIENT ((psa_pake_side_t)0x11) - -/** The server in an augmented PAKE. - * - * Augmented PAKE algorithms need to differentiate between client and server. - */ -#define PSA_PAKE_SIDE_SERVER ((psa_pake_side_t)0x12) - -/** The PAKE primitive type indicating the use of elliptic curves. - * - * The values of the \c family and \c bits fields of the cipher suite identify a - * specific elliptic curve, using the same mapping that is used for ECC - * (::psa_ecc_family_t) keys. - * - * (Here \c family means the value returned by psa_pake_cs_get_family() and - * \c bits means the value returned by psa_pake_cs_get_bits().) - * - * Input and output during the operation can involve group elements and scalar - * values: - * -# The format for group elements is the same as for public keys on the - * specific curve would be. For more information, consult the documentation of - * psa_export_public_key(). - * -# The format for scalars is the same as for private keys on the specific - * curve would be. For more information, consult the documentation of - * psa_export_key(). - */ -#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) - -/** The PAKE primitive type indicating the use of Diffie-Hellman groups. - * - * The values of the \c family and \c bits fields of the cipher suite identify - * a specific Diffie-Hellman group, using the same mapping that is used for - * Diffie-Hellman (::psa_dh_family_t) keys. - * - * (Here \c family means the value returned by psa_pake_cs_get_family() and - * \c bits means the value returned by psa_pake_cs_get_bits().) - * - * Input and output during the operation can involve group elements and scalar - * values: - * -# The format for group elements is the same as for public keys on the - * specific group would be. For more information, consult the documentation of - * psa_export_public_key(). - * -# The format for scalars is the same as for private keys on the specific - * group would be. For more information, consult the documentation of - * psa_export_key(). - */ -#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) - -/** Construct a PAKE primitive from type, family and bit-size. - * - * \param pake_type The type of the primitive - * (value of type ::psa_pake_primitive_type_t). - * \param pake_family The family of the primitive - * (the type and interpretation of this parameter depends - * on \p type, for more information consult the - * documentation of individual ::psa_pake_primitive_type_t - * constants). - * \param pake_bits The bit-size of the primitive - * (Value of type \c size_t. The interpretation - * of this parameter depends on \p family, for more - * information consult the documentation of individual - * ::psa_pake_primitive_type_t constants). - * - * \return The constructed primitive value of type ::psa_pake_primitive_t. - * Return 0 if the requested primitive can't be encoded as - * ::psa_pake_primitive_t. - */ -#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ - ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \ - ((psa_pake_primitive_t) (((pake_type) << 24 | \ - (pake_family) << 16) | (pake_bits))) - -/** The key share being sent to or received from the peer. - * - * The format for both input and output at this step is the same as for public - * keys on the group determined by the primitive (::psa_pake_primitive_t) would - * be. - * - * For more information on the format, consult the documentation of - * psa_export_public_key(). - * - * For information regarding how the group is determined, consult the - * documentation #PSA_PAKE_PRIMITIVE. - */ -#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) - -/** A Schnorr NIZKP public key. - * - * The format for both input and output at this step is the same as for public - * keys on the group determined by the primitive (::psa_pake_primitive_t) would - * be. - * - * For more information on the format, consult the documentation of - * psa_export_public_key(). - * - * For information regarding how the group is determined, consult the - * documentation #PSA_PAKE_PRIMITIVE. - */ -#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) - -/** A Schnorr NIZKP proof. - * - * The format for both input and output at this step is the same as for private - * keys on the group determined by the primitive (::psa_pake_primitive_t) would - * be. - * - * Some public key algorithms mask the private keys and this might be reflected - * in the export format. Even if this is the case the masking is omitted at - * this step. - * - * For more information on the format, consult the documentation of - * psa_export_key(). - * - * For information regarding how the group is determined, consult the - * documentation #PSA_PAKE_PRIMITIVE. - */ -#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) - -/**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 7d69b3a993d2785bc75299d8c5dfe7b7c20bf3e4 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 13:10:56 +0100 Subject: [PATCH 0227/1065] PSA PAKE: add warning about stability We are not confident about the stability of the PAKE interface (it is just a proposal, not part of the standard yet). So we should explicitly document it as experimental, subject to change. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 615b6511c8..4478f3a43c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -937,6 +937,14 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( /** @} */ /** \defgroup pake Password-authenticated key exchange (PAKE) + * + * This is a proposed PAKE interface for the PSA Crypto API. It is not part of + * the official PSA Crypto API yet. + * + * \note The content of this section is not part of the stable API and ABI + * of Mbed Crypto and may change arbitrarily from version to version. + * Same holds for the corresponding macros #PSA_ALG_CATEGORY_PAKE and + * #PSA_ALG_JPAKE. * @{ */ From 559f05eefc002dfc8f89e532d04e727bf91ed256 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 15:44:30 +0100 Subject: [PATCH 0228/1065] PSA PAKE: remove psa_pake_set_password_stretch() The password stretching (using slow and/or memory hard hashes) in PAKEs usually serves two purposes: - Defending against server compromise impersonation attacks. J-PAKE is an augmented PAKE and as such, stores a password-equivalent and defending against this class of attacks is out of scope. - Preventing offline dictionary attacks. J-PAKE is proven to be zero knowledge and leaks no information beyond the fact if the passwords matched and offline dictionary attack is not possible. In summary: J-PAKE does not benefit from pasword stretching and is unlikely to be an input. This part of the API is not necessary at this point and can be added later. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 80 +++----------------------------------- 1 file changed, 6 insertions(+), 74 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 4478f3a43c..dcaf75568d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -854,14 +854,11 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * psa_pake_setup(operation, cipher_suite); * psa_pake_set_user(operation, ...); * psa_pake_set_peer(operation, ...); - * and either - * psa_pake_set_password_stretch(operation, ...); - * or * psa_pake_set_password_key(operation, ...); * - * Either way the password is read as a byte array and must be non-empty. This - * can be the password itself (in some pre-defined character encoding) or some - * value derived from the password as mandated by some higher level protocol. + * The password is read as a byte array and must be non-empty. This can be the + * password itself (in some pre-defined character encoding) or some value + * derived from the password as mandated by some higher level protocol. * * (The implementation converts this byte array to a number as described in * Section 2.3.8 of _SEC 1: Elliptic Curve Cryptography_ @@ -1348,19 +1345,15 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, /** Set the password for a password-authenticated key exchange from key ID. * * Call this function when the password, or a value derived from the password, - * is already present in the key store. To calculate the password-derived value - * from a password input, use the key derivation interface and - * psa_pake_set_password_stretch() instead. + * is already present in the key store. * * \param[in,out] operation The operation object to set the password for. It * must have been set up by psa_pake_setup() and * not yet in use (neither psa_pake_output() nor * psa_pake_input() has been called yet). It must * be on operation for which the password hasn't - * been set yet (neither - * psa_pake_set_password_stretch() nor - * psa_pake_set_password_key() has been called - * yet). + * been set yet (psa_pake_set_password_key() + * hasn't been called yet). * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a * memory-hard function). It must remain valid @@ -1389,67 +1382,6 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, mbedtls_svc_key_id_t password); -/** Set the password for a password-authenticated key exchange via a key - * stretching function. - * - * Some protocols use values derived from passwords via key stretching - * functions to mitigate dictionary attacks. Key stretching functions can be - * accessed through the key derivation interface and the result can be supplied - * to the PAKE operation in the form of a key derivation object. - * - * This function draws bytes from a key derivation algorithm and sets those - * bytes as a password for the password-authenticated key exchange. If you - * view the key derivation's output as a stream of bytes, this function - * destructively reads the requested number of bytes from the stream. - * The key derivation operation's capacity decreases by the number of bytes read. - * - * If this function returns anything other than #PSA_SUCCESS, both \p operation - * and \p key_derivation operations enter an error state and must be aborted by - * calling psa_pake_abort() and psa_key_derivation_abort() respectively. - * - * \param[in,out] operation The operation object to set the password for. - * It must have been set up by psa_pake_setup() - * and not yet in use (neither psa_pake_output() - * nor psa_pake_input() has been called yet). It - * must be on operation for which the password - * hasn't been set yet (neither - * psa_pake_set_password_stretch() nor - * psa_pake_set_password_key() has been called - * yet). - * \param[in,out] key_derivation An ongoing key derivation operation set up - * from the password and in a state suitable for - * calling psa_key_derivation_output_bytes(). - * \param input_length Number of bytes to input from the - * \p key_derivation operation. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The state of \p operation or \p key_derivation is not valid. - * \retval #PSA_ERROR_INSUFFICIENT_DATA - * The \p key_derivation operation's capacity was less than - * \p input_length bytes. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_NOT_PERMITTED - * One of the inputs to \p key_derivation was a key whose policy didn't - * allow #PSA_KEY_USAGE_DERIVE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with the algorithm or the cipher suite. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_pake_set_password_stretch( - psa_pake_operation_t *operation, - psa_key_derivation_operation_t *key_derivation, - size_t input_length - ); - /** Set the user ID for a password-authenticated key exchange. * * Call this function to set the user ID. For PAKE algorithms that associate a From 89ee05a80589e719bfde97c5d1b0cdcc55a3443c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 15:57:53 +0100 Subject: [PATCH 0229/1065] Rename psa_pake_set_password() Technically this function takes a low entropy secret as an input which might or might not be the password. Using the term "secret" in the function name is less misleading. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index dcaf75568d..43d37b912a 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -854,7 +854,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * psa_pake_setup(operation, cipher_suite); * psa_pake_set_user(operation, ...); * psa_pake_set_peer(operation, ...); - * psa_pake_set_password_key(operation, ...); + * psa_pake_set_secret_from_key(operation, ...); * * The password is read as a byte array and must be non-empty. This can be the * password itself (in some pre-defined character encoding) or some value @@ -1345,14 +1345,15 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, /** Set the password for a password-authenticated key exchange from key ID. * * Call this function when the password, or a value derived from the password, - * is already present in the key store. + * (for example a hash of the password or a key derived from the password) is + * already present in the key store. * * \param[in,out] operation The operation object to set the password for. It * must have been set up by psa_pake_setup() and * not yet in use (neither psa_pake_output() nor * psa_pake_input() has been called yet). It must * be on operation for which the password hasn't - * been set yet (psa_pake_set_password_key() + * been set yet (psa_pake_set_secret_from_key() * hasn't been called yet). * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a @@ -1379,8 +1380,8 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, - mbedtls_svc_key_id_t password); +psa_status_t psa_pake_set_secret_from_key(psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password); /** Set the user ID for a password-authenticated key exchange. * From 1f9e9e95c975b61297eee2c00f97daa21d93a55e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 16:10:25 +0100 Subject: [PATCH 0230/1065] PSA PAKE: fix old constant name in test Signed-off-by: Janos Follath --- tests/suites/test_suite_psa_crypto_metadata.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 0845b55d7b..22056b0a85 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -295,7 +295,7 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 ) PAKE: J-PAKE -pake_algorithm:PSA_ALG_PAKE_JPAKE +pake_algorithm:PSA_ALG_JPAKE Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED From 52f9efad22a3c1dbeea5abd33479188ae2978e85 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 27 May 2021 08:40:16 +0100 Subject: [PATCH 0231/1065] Revert "Rename psa_pake_set_password()" This reverts commit 03a5fd7780026b2ca0b4728352ded930f5a7cff9. We're already calling the output of a PAKE a "shared secret". The password is a shared secret (for PAKE where the verifier knows a password-equivalent secret), but calling it "shared secret" or even just "secret" would be confusing. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 43d37b912a..dcaf75568d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -854,7 +854,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * psa_pake_setup(operation, cipher_suite); * psa_pake_set_user(operation, ...); * psa_pake_set_peer(operation, ...); - * psa_pake_set_secret_from_key(operation, ...); + * psa_pake_set_password_key(operation, ...); * * The password is read as a byte array and must be non-empty. This can be the * password itself (in some pre-defined character encoding) or some value @@ -1345,15 +1345,14 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, /** Set the password for a password-authenticated key exchange from key ID. * * Call this function when the password, or a value derived from the password, - * (for example a hash of the password or a key derived from the password) is - * already present in the key store. + * is already present in the key store. * * \param[in,out] operation The operation object to set the password for. It * must have been set up by psa_pake_setup() and * not yet in use (neither psa_pake_output() nor * psa_pake_input() has been called yet). It must * be on operation for which the password hasn't - * been set yet (psa_pake_set_secret_from_key() + * been set yet (psa_pake_set_password_key() * hasn't been called yet). * \param password Identifier of the key holding the password or a * value derived from the password (eg. by a @@ -1380,8 +1379,8 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_pake_set_secret_from_key(psa_pake_operation_t *operation, - mbedtls_svc_key_id_t password); +psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password); /** Set the user ID for a password-authenticated key exchange. * From ec83eb605e0744e4975446d0e7e6c7b5c7329bb7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 27 May 2021 08:41:59 +0100 Subject: [PATCH 0232/1065] Fix copy+paste mistake Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index dcaf75568d..997fec0b8a 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1692,7 +1692,7 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * #PSA_ALG_IS_PAKE(\p alg) is true). * \param primitive A primitive of type ::psa_pake_primitive_t that is * compatible with algorithm \p alg. - * \param output_step A value of type ::psa_pake_step_t that is valid for the + * \param input_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. * \return A sufficient output buffer size for the specified * output, cipher suite and algorithm. If the cipher suite, From a46e28f7861203b983e904f5040ae512ec5dc36a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 13:07:03 +0100 Subject: [PATCH 0233/1065] PSA PAKE: use neutral pronouns Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 997fec0b8a..02e87ffa22 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -919,7 +919,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * * At this point there is a cryptographic guarantee that only the authenticated * party who used the same password is able to compute the key. But there is no - * guarantee that the peer is the party he claims to be and was able to do so. + * guarantee that the peer is the party it claims to be and was able to do so. * * That is, the authentication is only implicit (the peer is not authenticated * at this point, and no action should be taken that assume that they are - like @@ -1604,7 +1604,7 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * * At this point there is a cryptographic guarantee that only the authenticated * party who used the same password is able to compute the key. But there is no - * guarantee that the peer is the party he claims to be and was able to do so. + * guarantee that the peer is the party it claims to be and was able to do so. * * That is, the authentication is only implicit (the peer is not authenticated * at this point, and no action should be taken that assume that they are - like From 38d29db75fd2c06a899341895fbeec989c1d1fb6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 13:14:42 +0100 Subject: [PATCH 0234/1065] Fix copy+paste mistake Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 02e87ffa22..dd99839cc7 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1694,9 +1694,9 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * compatible with algorithm \p alg. * \param input_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. - * \return A sufficient output buffer size for the specified - * output, cipher suite and algorithm. If the cipher suite, - * the output type or PAKE algorithm is not recognized, or + * \return A sufficient input buffer size for the specified + * input, cipher suite and algorithm. If the cipher suite, + * the input type or PAKE algorithm is not recognized, or * the parameters are incompatible, return 0. */ #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0 @@ -1715,7 +1715,7 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * * This macro must expand to a compile-time constant integer. * - * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p cipher_suite, \p output). + * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p cipher_suite, \p input). */ #define PSA_PAKE_INPUT_MAX_SIZE 0 From b4db90fb27008932fe5735f7572885c22243e52d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 13:17:09 +0100 Subject: [PATCH 0235/1065] PSA PAKE: improve documentation Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index dd99839cc7..66c9f9c206 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1606,9 +1606,10 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * party who used the same password is able to compute the key. But there is no * guarantee that the peer is the party it claims to be and was able to do so. * - * That is, the authentication is only implicit (the peer is not authenticated - * at this point, and no action should be taken that assume that they are - like - * for example accessing restricted files). + * That is, the authentication is only implicit. Since the peer is not + * authenticated yet, no action should be taken yet that assumes that the peer + * is who it claims to be. For example, do not access restricted files on the + * peer's behalf until an explicit authentication has succeeded. * * This function can be called after the key exchange phase of the operation * has completed. It imports the shared secret output of the PAKE into the @@ -1683,8 +1684,9 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, /** A sufficient input buffer size for psa_pake_input(). * - * If the size of the input is larger than this, it is guaranteed - * that psa_pake_input() will fail with #PSA_ERROR_INVALID_ARGUMENT. + * The value returned by this macro is guaranteed to be large enough for any + * valid input to psa_pake_input() in an operation with the specified + * parameters. * * See also #PSA_PAKE_INPUT_MAX_SIZE * From 3293dae00eaf300bd6f180181c253551b7506d3e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 13:21:33 +0100 Subject: [PATCH 0236/1065] psa_pake_setup(): simplify documentation This level of detail can be confusing and could require even more detail to clear it up. Simplifying it instead in alignment wiht the documentation of existing setup functions. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 66c9f9c206..a7425deb28 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1317,10 +1317,7 @@ static psa_pake_operation_t psa_pake_operation_init(void); * - A successful call to psa_pake_get_implicit_key(). * * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_pake_operation_t and not yet in use (no - * other function has been called on it since the - * last initialization). + * been initialized but not set up yet. * \param cipher_suite The cipher suite to use. (A cipher suite fully * characterizes a PAKE algorithm and determines * the algorithm as well.) From b384ec19d188eb58056367d481d4091e8dba6390 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 14:48:51 +0100 Subject: [PATCH 0237/1065] PSA PAKE: fix J-PAKE documentation code rendering 4-space indent is only guaranteed to result in a code block if there's a blank line just before (details vary depending on the markdown implementation, and doxygen isn't exactly markdown anyway). In a bullet list, you need 8 spaces since the list itself is a nested construct which takes a 4-space indent (even though you don't have to indent continuation lines inside a bullet point by 4 spaces, 1 is enough). Using \code...\encode which is rendering as intended. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 108 +++++++++++++++++++++---------------- 1 file changed, 62 insertions(+), 46 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a7425deb28..717db2bc93 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -842,19 +842,25 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * - A secure cryptographic hash function. * * To select these parameters and set up the cipher suite, call - * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); - * psa_pake_cs_set_primitive(cipher_suite, - * PSA_PAKE_PRIMITIVE(type, family, bits)); - * psa_pake_cs_set_hash(cipher_suite, hash); + * + * \code + * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); + * psa_pake_cs_set_primitive(cipher_suite, + * PSA_PAKE_PRIMITIVE(type, family, bits)); + * psa_pake_cs_set_hash(cipher_suite, hash); + * \endcode * * For more information on how to set a specific curve or field, refer to the * documentation of the individual \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants. * * After initializing a J-PAKE operation, call - * psa_pake_setup(operation, cipher_suite); - * psa_pake_set_user(operation, ...); - * psa_pake_set_peer(operation, ...); - * psa_pake_set_password_key(operation, ...); + * + * \code + * psa_pake_setup(operation, cipher_suite); + * psa_pake_set_user(operation, ...); + * psa_pake_set_peer(operation, ...); + * psa_pake_set_password_key(operation, ...); + * \endcode * * The password is read as a byte array and must be non-empty. This can be the * password itself (in some pre-defined character encoding) or some value @@ -869,50 +875,60 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * * The key exchange flow for J-PAKE is as follows: * -# To get the first round data that needs to be sent to the peer, call - * // Get g1 - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get the ZKP public key for x1 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get the ZKP proof for x1 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * // Get g2 - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get the ZKP public key for x2 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get the ZKP proof for x2 - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \code + * // Get g1 + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get the ZKP public key for x1 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get the ZKP proof for x1 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * // Get g2 + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get the ZKP public key for x2 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get the ZKP proof for x2 + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \endcode * -# To provide the first round data received from the peer to the operation, * call - * // Set g3 - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set the ZKP public key for x3 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set the ZKP proof for x3 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); - * // Set g4 - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set the ZKP public key for x4 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set the ZKP proof for x4 - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \code + * // Set g3 + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set the ZKP public key for x3 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set the ZKP proof for x3 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * // Set g4 + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set the ZKP public key for x4 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set the ZKP proof for x4 + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \endcode * -# To get the second round data that needs to be sent to the peer, call - * // Get A - * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Get ZKP public key for x2*s - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Get ZKP proof for x2*s - * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \code + * // Get A + * psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Get ZKP public key for x2*s + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Get ZKP proof for x2*s + * psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \endcode * -# To provide the second round data received from the peer to the operation, * call - * // Set B - * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); - * // Set ZKP public key for x4*s - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); - * // Set ZKP proof for x4*s - * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \code + * // Set B + * psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...); + * // Set ZKP public key for x4*s + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...); + * // Set ZKP proof for x4*s + * psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...); + * \endcode * -# To access the shared secret call - * // Get Ka=Kb=K - * psa_pake_get_implicit_key() + * \code + * // Get Ka=Kb=K + * psa_pake_get_implicit_key() + * \endcode * * For more information consult the documentation of the individual * \c PSA_PAKE_STEP_XXX constants. From 55dd5dc3556be0eeccf943cc29fd0077be553003 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 3 Jun 2021 15:51:09 +0100 Subject: [PATCH 0238/1065] PSA PAKE: Clarify the documentation of NIZKP steps The expression "the masking is omitted" assumes familiarity with Montgomery curve private key format and even then can be confusing and ambiguous or confusing. Describe directly what format we mean and add some more background information and reference to the standard as well. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 717db2bc93..e4a21d44b7 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1108,6 +1108,9 @@ typedef uint32_t psa_pake_primitive_t; #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) /** A Schnorr NIZKP public key. + * + * This is the ephemeral public key in the Schnorr Non-Interactive + * Zero-Knowledge Proof (the value denoted by the letter 'V' in RFC 8235). * * The format for both input and output at this step is the same as for public * keys on the group determined by the primitive (::psa_pake_primitive_t) would @@ -1123,16 +1126,16 @@ typedef uint32_t psa_pake_primitive_t; /** A Schnorr NIZKP proof. * - * The format for both input and output at this step is the same as for private - * keys on the group determined by the primitive (::psa_pake_primitive_t) would - * be. + * This is the proof in the Schnorr Non-Interactive Zero-Knowledge Proof (the + * value denoted by the letter 'r' in RFC 8235). * - * Some public key algorithms mask the private keys and this might be reflected - * in the export format. Even if this is the case the masking is omitted at - * this step. + * Both input and output at this step is an integer less than the group + * selected in the cipher suite. The format depends on the group as well: * - * For more information on the format, consult the documentation of - * psa_export_key(). + * - For Montgomery curves, the encoding is little endian (see decoding of + * scalars in Section 5 of RFC 7748). + * - For everything else the encoding is big endian (see Section 2.3.8 of + * _SEC 1: Elliptic Curve Cryptography_ at https://www.secg.org/sec1-v2.pdf). * * For information regarding how the group is determined, consult the * documentation #PSA_PAKE_PRIMITIVE. From 33434a9f60f18894953eb64ffd699d5774cd1a37 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 May 2021 09:25:33 +0100 Subject: [PATCH 0239/1065] Fix parenthesis spacing in crypto_struct.h crypto_struct.h is implementation-specific so it was intended to have Mbed TLS whitespace style. Signed-off-by: Janos Follath --- include/psa/crypto_struct.h | 64 ++++++++++++++++++++----------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 47012fdd00..4060074454 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -92,7 +92,7 @@ struct psa_hash_operation_s psa_driver_hash_context_t ctx; }; -#define PSA_HASH_OPERATION_INIT {0, {0}} +#define PSA_HASH_OPERATION_INIT { 0, { 0 } } static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; @@ -117,7 +117,7 @@ struct psa_cipher_operation_s psa_driver_cipher_context_t ctx; }; -#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}} +#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) { const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; @@ -142,7 +142,7 @@ struct psa_mac_operation_s psa_driver_mac_context_t ctx; }; -#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}} +#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } static inline struct psa_mac_operation_s psa_mac_operation_init( void ) { const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; @@ -163,7 +163,7 @@ struct psa_aead_operation_s } ctx; }; -#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} +#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, { 0 } } static inline struct psa_aead_operation_s psa_aead_operation_init( void ) { const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; @@ -223,7 +223,7 @@ typedef struct psa_tls12_prf_key_derivation_s uint8_t Ai[PSA_HASH_MAX_SIZE]; - /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ + /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */ uint8_t output_block[PSA_HASH_MAX_SIZE]; } psa_tls12_prf_key_derivation_t; #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || @@ -249,8 +249,9 @@ struct psa_key_derivation_s }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } +static inline +struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; return( v ); @@ -264,7 +265,7 @@ struct psa_key_policy_s }; typedef struct psa_key_policy_s psa_key_policy_t; -#define PSA_KEY_POLICY_INIT {0, 0, 0} +#define PSA_KEY_POLICY_INIT { 0, 0, 0 } static inline struct psa_key_policy_s psa_key_policy_init( void ) { const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; @@ -276,7 +277,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +#define PSA_KEY_BITS_TOO_LARGE ( ( psa_key_bits_t ) -1 ) /* The maximum size of a key in bits. * Currently defined as the maximum that can be represented, rounded down * to a whole number of bytes. @@ -317,7 +318,10 @@ typedef struct psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \ + PSA_KEY_LIFETIME_VOLATILE, \ + MBEDTLS_SVC_KEY_ID_INIT, \ + PSA_KEY_POLICY_INIT, 0 } struct psa_key_attributes_s { @@ -330,9 +334,9 @@ struct psa_key_attributes_s }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 } #else -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #endif static inline struct psa_key_attributes_s psa_key_attributes_init( void ) @@ -358,7 +362,7 @@ static inline void psa_set_key_id( psa_key_attributes_t *attributes, } static inline mbedtls_svc_key_id_t psa_get_key_id( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.id ); } @@ -371,8 +375,8 @@ static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, } #endif -static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime) +static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime ) { attributes->core.lifetime = lifetime; if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) @@ -386,44 +390,44 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, } static inline psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.lifetime ); } -static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags) +static inline void psa_set_key_usage_flags( psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags ) { attributes->core.policy.usage = usage_flags; } static inline psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.policy.usage ); } -static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg) +static inline void psa_set_key_algorithm( psa_key_attributes_t *attributes, + psa_algorithm_t alg ) { attributes->core.policy.alg = alg; } static inline psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.policy.alg ); } /* This function is declared in crypto_extra.h, which comes after this * header file, but we need the function here, so repeat the declaration. */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, +psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, - size_t data_length); + size_t data_length ); -static inline void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type) +static inline void psa_set_key_type( psa_key_attributes_t *attributes, + psa_key_type_t type ) { if( attributes->domain_parameters == NULL ) { @@ -441,13 +445,13 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes, } static inline psa_key_type_t psa_get_key_type( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.type ); } -static inline void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits) +static inline void psa_set_key_bits( psa_key_attributes_t *attributes, + size_t bits ) { if( bits > PSA_MAX_KEY_BITS ) attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; @@ -456,7 +460,7 @@ static inline void psa_set_key_bits(psa_key_attributes_t *attributes, } static inline size_t psa_get_key_bits( - const psa_key_attributes_t *attributes) + const psa_key_attributes_t *attributes ) { return( attributes->core.bits ); } From 0dcda95ac04162c0b328ef95622d3886cfa3184a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 7 Jun 2021 14:52:13 +0100 Subject: [PATCH 0240/1065] Make check-names.sh happy Signed-off-by: Janos Follath --- include/psa/crypto_struct.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 4060074454..1be9949f4e 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -250,8 +250,8 @@ struct psa_key_derivation_s /* This only zeroes out the first byte in the union, the rest is unspecified. */ #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } -static inline -struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +static inline struct psa_key_derivation_s psa_key_derivation_operation_init( + void ) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; return( v ); From 46c02375b730b53f2bfbfd9c49396018a8511711 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 8 Jun 2021 15:22:51 +0100 Subject: [PATCH 0241/1065] PSA PAKE: improve documentation Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index e4a21d44b7..c5ae09959d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -839,9 +839,10 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * - The group can be either an elliptic curve or defined over a finite field. * - Schnorr NIZK proof as defined by RFC 8235 and using the same group as the * J-PAKE algorithm. - * - A secure cryptographic hash function. + * - A cryptographic hash function. * - * To select these parameters and set up the cipher suite, call + * To select these parameters and set up the cipher suite, call these functions + * in any order: * * \code * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE); @@ -1499,8 +1500,8 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, * yet). * \param side A value of type ::psa_pake_side_t signaling the * side of the algorithm that is being set up. For - * more information see the documentation of \c - * PSA_PAKE_SIDE_XXX constants. + * more information see the documentation of + * \c PSA_PAKE_SIDE_XXX constants. * * \retval #PSA_SUCCESS * Success. @@ -1652,8 +1653,8 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but beyond that - * validity is specific to the algorithm). + * The PAKE operation state is not valid (it must be active, but beyond + * that validity is specific to the algorithm). * \retval #PSA_ERROR_BAD_STATE * The state of \p output is not valid for * the #PSA_KEY_DERIVATION_INPUT_SECRET step. This can happen if the @@ -1685,7 +1686,7 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * * See also #PSA_PAKE_OUTPUT_MAX_SIZE * - * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * \param alg A PAKE algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param primitive A primitive of type ::psa_pake_primitive_t that is * compatible with algorithm \p alg. @@ -1706,7 +1707,7 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * * See also #PSA_PAKE_INPUT_MAX_SIZE * - * \param alg A PAKE algorithm (PSA_ALG_XXX value such that + * \param alg A PAKE algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). * \param primitive A primitive of type ::psa_pake_primitive_t that is * compatible with algorithm \p alg. From 1f0131844ce98a50aab4e4c3b4ea70268aa8e72a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 8 Jun 2021 15:30:48 +0100 Subject: [PATCH 0242/1065] Clarify PSA_PAKE_STEP_ZK_PROOF format Removing reference to RFC 7748 as it is more confusing than helpful. (It decodes the scalars after masking which is not part of the encoding we want to specify. Also, it has the explanation what it means by little endian in a preceding section that is not trivial to find.) We also explicitly specify constraint on leading zeroes. Signed-off-by: Janos Follath --- include/psa/crypto_extra.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index c5ae09959d..0567e8a73b 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1130,14 +1130,17 @@ typedef uint32_t psa_pake_primitive_t; * This is the proof in the Schnorr Non-Interactive Zero-Knowledge Proof (the * value denoted by the letter 'r' in RFC 8235). * - * Both input and output at this step is an integer less than the group - * selected in the cipher suite. The format depends on the group as well: + * Both for input and output, the value at this step is an integer less than + * the order of the group selected in the cipher suite. The format depends on + * the group as well: * - * - For Montgomery curves, the encoding is little endian (see decoding of - * scalars in Section 5 of RFC 7748). + * - For Montgomery curves, the encoding is little endian. * - For everything else the encoding is big endian (see Section 2.3.8 of * _SEC 1: Elliptic Curve Cryptography_ at https://www.secg.org/sec1-v2.pdf). * + * In both cases leading zeroes are allowed as long as the length in bytes does + * not exceed the byte length of the group order. + * * For information regarding how the group is determined, consult the * documentation #PSA_PAKE_PRIMITIVE. */ From 26371e47939d02d5f1a5ad9012f49aff0c7f5bc4 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 8 Jun 2021 16:45:41 +0200 Subject: [PATCH 0243/1065] Rename the _ret() functions Signed-off-by: TRodziewicz --- include/mbedtls/compat-2.x.h | 69 ++++++++++++++++++++++ include/mbedtls/ctr_drbg.h | 6 +- include/mbedtls/hmac_drbg.h | 4 +- include/mbedtls/md2.h | 18 +++--- include/mbedtls/md4.h | 18 +++--- include/mbedtls/md5.h | 18 +++--- include/mbedtls/ripemd160.h | 18 +++--- include/mbedtls/sha1.h | 18 +++--- include/mbedtls/sha256.h | 22 +++---- include/mbedtls/sha512.h | 22 +++---- library/ctr_drbg.c | 6 +- library/entropy.c | 32 +++++----- library/hmac_drbg.c | 12 ++-- library/md.c | 72 +++++++++++------------ library/md2.c | 16 ++--- library/md4.c | 20 +++---- library/md5.c | 16 ++--- library/pem.c | 18 +++--- library/psa_crypto_hash.c | 54 ++++++++--------- library/ripemd160.c | 20 +++---- library/rsa.c | 2 +- library/sha1.c | 22 +++---- library/sha256.c | 22 +++---- library/sha512.c | 22 +++---- library/ssl_tls.c | 24 ++++---- library/x509write_crt.c | 4 +- programs/hash/hello.c | 2 +- programs/pkey/dh_client.c | 4 +- programs/pkey/dh_server.c | 4 +- programs/pkey/ecdsa.c | 4 +- programs/test/benchmark.c | 12 ++-- tests/scripts/check-names.sh | 2 +- tests/scripts/list-macros.sh | 2 +- tests/suites/test_suite_ctr_drbg.function | 2 +- tests/suites/test_suite_mdx.function | 8 +-- tests/suites/test_suite_shax.function | 18 +++--- 36 files changed, 351 insertions(+), 282 deletions(-) create mode 100644 include/mbedtls/compat-2.x.h diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h new file mode 100644 index 0000000000..fe7aa16c38 --- /dev/null +++ b/include/mbedtls/compat-2.x.h @@ -0,0 +1,69 @@ +/** + * \file compat-2.x.h + * + * \brief Compatibility definitions + * + * \deprecated Use the new names directly instead + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) + +#if defined(MBEDTLS_DEPRECATED_WARNING) +#warning "Including compat-2.x.h is deprecated" +#endif + +#ifndef MBEDTLS_COMPAT2X_H +#define MBEDTLS_COMPAT2X_H + +/* + * Macros for renamed functions + */ +#define mbedtls_ctr_drbg_update_ret mbedtls_ctr_drbg_update +#define mbedtls_hmac_drbg_update_ret mbedtls_hmac_drbg_update +#define mbedtls_md2_starts_ret mbedtls_md2_starts +#define mbedtls_md2_update_ret mbedtls_md2_update +#define mbedtls_md2_finish_ret mbedtls_md2_finish +#define mbedtls_md2_ret mbedtls_md2 +#define mbedtls_md4_starts_ret mbedtls_md4_starts +#define mbedtls_md4_update_ret mbedtls_md4_update +#define mbedtls_md4_finish_ret mbedtls_md4_finish +#define mbedtls_md4_ret mbedtls_md4 +#define mbedtls_md5_starts_ret mbedtls_md5_starts +#define mbedtls_md5_update_ret mbedtls_md5_update +#define mbedtls_md5_finish_ret mbedtls_md5_finish +#define mbedtls_md5_ret mbedtls_md5 +#define mbedtls_ripemd160_starts_ret mbedtls_ripemd160_starts +#define mbedtls_ripemd160_update_ret mbedtls_ripemd160_update +#define mbedtls_ripemd160_finish_ret mbedtls_ripemd160_finish +#define mbedtls_ripemd160_ret mbedtls_ripemd160 +#define mbedtls_sha1_starts_ret mbedtls_sha1_starts +#define mbedtls_sha1_update_ret mbedtls_sha1_update +#define mbedtls_sha1_finish_ret mbedtls_sha1_finish +#define mbedtls_sha1_ret mbedtls_sha1 +#define mbedtls_sha256_starts_ret mbedtls_sha256_starts +#define mbedtls_sha256_update_ret mbedtls_sha256_update +#define mbedtls_sha256_finish_ret mbedtls_sha256_finish +#define mbedtls_sha256_ret mbedtls_sha256 +#define mbedtls_sha512_starts_ret mbedtls_sha512_starts +#define mbedtls_sha512_update_ret mbedtls_sha512_update +#define mbedtls_sha512_finish_ret mbedtls_sha512_finish +#define mbedtls_sha512_ret mbedtls_sha512 + +#endif /* MBEDTLS_COMPAT2X_H */ +#endif /* MBEDTLS_DEPRECATED_REMOVED */ diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 0f2c5510f7..d7a0c7eb1c 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -462,9 +462,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * \return An error from the underlying AES cipher on failure. */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ); +int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ); /** * \brief This function updates a CTR_DRBG instance with additional diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 1ab3422529..3f3d630c86 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -294,8 +294,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, * \return \c 0 on success, or an error from the underlying * hash calculation. */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); +int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t add_len ); /** * \brief This function reseeds the HMAC_DRBG context, that is diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h index 950afa241b..2ad31cfe59 100644 --- a/include/mbedtls/md2.h +++ b/include/mbedtls/md2.h @@ -114,7 +114,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, * stronger message digests instead. * */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); +int mbedtls_md2_starts( mbedtls_md2_context *ctx ); /** * \brief MD2 process buffer @@ -130,9 +130,9 @@ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md2_update( mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief MD2 final digest @@ -147,8 +147,8 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, - unsigned char output[16] ); +int mbedtls_md2_finish( mbedtls_md2_context *ctx, + unsigned char output[16] ); /** * \brief MD2 process data block (internal use only) @@ -176,9 +176,9 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md2( const unsigned char *input, + size_t ilen, + unsigned char output[16] ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h index f9e3987496..65869630f9 100644 --- a/include/mbedtls/md4.h +++ b/include/mbedtls/md4.h @@ -113,7 +113,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, * constitutes a security risk. We recommend considering * stronger message digests instead. */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); +int mbedtls_md4_starts( mbedtls_md4_context *ctx ); /** * \brief MD4 process buffer @@ -129,9 +129,9 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md4_update( mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief MD4 final digest @@ -146,8 +146,8 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, - unsigned char output[16] ); +int mbedtls_md4_finish( mbedtls_md4_context *ctx, + unsigned char output[16] ); /** * \brief MD4 process data block (internal use only) @@ -179,9 +179,9 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md4( const unsigned char *input, + size_t ilen, + unsigned char output[16] ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 71a41dc0e7..3691609800 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -113,7 +113,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, * stronger message digests instead. * */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); +int mbedtls_md5_starts( mbedtls_md5_context *ctx ); /** * \brief MD5 process buffer @@ -129,9 +129,9 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md5_update( mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief MD5 final digest @@ -146,8 +146,8 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, - unsigned char output[16] ); +int mbedtls_md5_finish( mbedtls_md5_context *ctx, + unsigned char output[16] ); /** * \brief MD5 process data block (internal use only) @@ -179,9 +179,9 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md5( const unsigned char *input, + size_t ilen, + unsigned char output[16] ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index 1c72d60fc6..963cc949dd 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -84,7 +84,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, * * \return 0 if successful */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); +int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ); /** * \brief RIPEMD-160 process buffer @@ -95,9 +95,9 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); * * \return 0 if successful */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief RIPEMD-160 final digest @@ -107,8 +107,8 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ); +int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, + unsigned char output[20] ); /** * \brief RIPEMD-160 process data block (internal use only) @@ -130,9 +130,9 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_ripemd160_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_ripemd160( const unsigned char *input, + size_t ilen, + unsigned char output[20] ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 56ff9487e3..1cb8741bf6 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -123,7 +123,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, * \return A negative error code on failure. * */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); +int mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); /** * \brief This function feeds an input buffer into an ongoing SHA-1 @@ -142,9 +142,9 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha1_update( mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief This function finishes the SHA-1 operation, and writes @@ -162,8 +162,8 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ); +int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, + unsigned char output[20] ); /** * \brief SHA-1 process data block (internal use only). @@ -206,9 +206,9 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, * \return A negative error code on failure. * */ -int mbedtls_sha1_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_sha1( const unsigned char *input, + size_t ilen, + unsigned char output[20] ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 22c2c7d7eb..97e642c904 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -49,7 +49,7 @@ extern "C" { * * The structure is used both for SHA-256 and for SHA-224 * checksum calculations. The choice between these two is - * made in the call to mbedtls_sha256_starts_ret(). + * made in the call to mbedtls_sha256_starts(). */ typedef struct mbedtls_sha256_context { @@ -101,7 +101,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); +int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); /** * \brief This function feeds an input buffer into an ongoing @@ -116,9 +116,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha256_update( mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief This function finishes the SHA-256 operation, and writes @@ -133,8 +133,8 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char *output ); +int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, + unsigned char *output ); /** * \brief This function processes a single data block within @@ -170,10 +170,10 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ -int mbedtls_sha256_ret( const unsigned char *input, - size_t ilen, - unsigned char *output, - int is224 ); +int mbedtls_sha256( const unsigned char *input, + size_t ilen, + unsigned char *output, + int is224 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 04222f4a4f..9fe37c1957 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -48,7 +48,7 @@ extern "C" { * * The structure is used both for SHA-384 and for SHA-512 * checksum calculations. The choice between these two is - * made in the call to mbedtls_sha512_starts_ret(). + * made in the call to mbedtls_sha512_starts(). */ typedef struct mbedtls_sha512_context { @@ -108,7 +108,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); +int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); /** * \brief This function feeds an input buffer into an ongoing @@ -123,9 +123,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha512_update( mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief This function finishes the SHA-512 operation, and writes @@ -140,8 +140,8 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char *output ); +int mbedtls_sha512_finish( mbedtls_sha512_context *ctx, + unsigned char *output ); /** * \brief This function processes a single data block within @@ -184,10 +184,10 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_ret( const unsigned char *input, - size_t ilen, - unsigned char *output, - int is384 ); +int mbedtls_sha512( const unsigned char *input, + size_t ilen, + unsigned char *output, + int is384 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 602ec699c4..b664fb0fc7 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -304,7 +304,7 @@ exit: } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) - * mbedtls_ctr_drbg_update_ret(ctx, additional, add_len) + * mbedtls_ctr_drbg_update(ctx, additional, add_len) * implements * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, * security_strength) -> initial_working_state @@ -315,7 +315,7 @@ exit: * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { @@ -657,7 +657,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, fclose( f ); f = NULL; - ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_ctr_drbg_update( ctx, buf, n ); exit: mbedtls_platform_zeroize( buf, sizeof( buf ) ); diff --git a/library/entropy.c b/library/entropy.c index cc686282a6..f12a2395ab 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -164,10 +164,10 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE ) { #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 ) + if( ( ret = mbedtls_sha512( data, len, tmp, 0 ) ) != 0 ) goto cleanup; #else - if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 ) + if( ( ret = mbedtls_sha256( data, len, tmp, 0 ) ) != 0 ) goto cleanup; #endif p = tmp; @@ -184,22 +184,22 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + ( ret = mbedtls_sha512_starts( &ctx->accumulator, 0 ) ) != 0 ) goto cleanup; else ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + if( ( ret = mbedtls_sha512_update( &ctx->accumulator, header, 2 ) ) != 0 ) goto cleanup; - ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len ); + ret = mbedtls_sha512_update( &ctx->accumulator, p, use_len ); #else if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + ( ret = mbedtls_sha256_starts( &ctx->accumulator, 0 ) ) != 0 ) goto cleanup; else ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + if( ( ret = mbedtls_sha256_update( &ctx->accumulator, header, 2 ) ) != 0 ) goto cleanup; - ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len ); + ret = mbedtls_sha256_update( &ctx->accumulator, p, use_len ); #endif cleanup: @@ -361,7 +361,7 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) * in a previous call to entropy_update(). If this is not guaranteed, the * code below will fail. */ - if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if( ( ret = mbedtls_sha512_finish( &ctx->accumulator, buf ) ) != 0 ) goto exit; /* @@ -369,20 +369,20 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) */ mbedtls_sha512_free( &ctx->accumulator ); mbedtls_sha512_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if( ( ret = mbedtls_sha512_starts( &ctx->accumulator, 0 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf, + if( ( ret = mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) goto exit; /* * Perform second SHA-512 on entropy */ - if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + if( ( ret = mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 ) ) != 0 ) goto exit; #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if( ( ret = mbedtls_sha256_finish( &ctx->accumulator, buf ) ) != 0 ) goto exit; /* @@ -390,16 +390,16 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) */ mbedtls_sha256_free( &ctx->accumulator ); mbedtls_sha256_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if( ( ret = mbedtls_sha256_starts( &ctx->accumulator, 0 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf, + if( ( ret = mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) goto exit; /* * Perform second SHA-256 on entropy */ - if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + if( ( ret = mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 ) ) != 0 ) goto exit; #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 7e1b4fb064..ab353bfd58 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -59,7 +59,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) /* * HMAC_DRBG update, using optional additional data (10.1.2.2) */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, +int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { @@ -130,7 +130,7 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, return( ret ); memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) + if( ( ret = mbedtls_hmac_drbg_update( ctx, data, data_len ) ) != 0 ) return( ret ); return( 0 ); @@ -205,7 +205,7 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, } /* 2. Update state */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 ) + if( ( ret = mbedtls_hmac_drbg_update( ctx, seed, seedlen ) ) != 0 ) goto exit; /* 3. Reset reseed_counter */ @@ -348,7 +348,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, /* 2. Use additional data if any */ if( additional != NULL && add_len != 0 ) { - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, + if( ( ret = mbedtls_hmac_drbg_update( ctx, additional, add_len ) ) != 0 ) goto exit; } @@ -372,7 +372,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, } /* 6. Update */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, + if( ( ret = mbedtls_hmac_drbg_update( ctx, additional, add_len ) ) != 0 ) goto exit; @@ -479,7 +479,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch fclose( f ); f = NULL; - ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_hmac_drbg_update( ctx, buf, n ); exit: mbedtls_platform_zeroize( buf, sizeof( buf ) ); diff --git a/library/md.c b/library/md.c index 28261ac8c4..53afbef535 100644 --- a/library/md.c +++ b/library/md.c @@ -503,39 +503,39 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_starts_ret( ctx->md_ctx ) ); + return( mbedtls_md2_starts( ctx->md_ctx ) ); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_starts_ret( ctx->md_ctx ) ); + return( mbedtls_md4_starts( ctx->md_ctx ) ); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_starts_ret( ctx->md_ctx ) ); + return( mbedtls_md5_starts( ctx->md_ctx ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) ); + return( mbedtls_ripemd160_starts( ctx->md_ctx ) ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_starts_ret( ctx->md_ctx ) ); + return( mbedtls_sha1_starts( ctx->md_ctx ) ); #endif #if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) ); + return( mbedtls_sha256_starts( ctx->md_ctx, 1 ) ); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); + return( mbedtls_sha256_starts( ctx->md_ctx, 0 ) ); #endif #if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); + return( mbedtls_sha512_starts( ctx->md_ctx, 1 ) ); #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); + return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) ); #endif default: return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -551,39 +551,39 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md2_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md4_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_ripemd160_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_sha1_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); + return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) ); #endif default: return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -599,39 +599,39 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_md2_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_md4_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_md5_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_ripemd160_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_sha1_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_sha256_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_sha256_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_sha512_finish( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); + return( mbedtls_sha512_finish( ctx->md_ctx, output ) ); #endif default: return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -648,39 +648,39 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_ret( input, ilen, output ) ); + return( mbedtls_md2( input, ilen, output ) ); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_ret( input, ilen, output ) ); + return( mbedtls_md4( input, ilen, output ) ); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_ret( input, ilen, output ) ); + return( mbedtls_md5( input, ilen, output ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_ret( input, ilen, output ) ); + return( mbedtls_ripemd160( input, ilen, output ) ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_ret( input, ilen, output ) ); + return( mbedtls_sha1( input, ilen, output ) ); #endif #if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); + return( mbedtls_sha256( input, ilen, output, 1 ) ); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); + return( mbedtls_sha256( input, ilen, output, 0 ) ); #endif #if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); + return( mbedtls_sha512( input, ilen, output, 1 ) ); #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); + return( mbedtls_sha512( input, ilen, output, 0 ) ); #endif default: return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); diff --git a/library/md2.c b/library/md2.c index a11bc0f803..e02c2f0230 100644 --- a/library/md2.c +++ b/library/md2.c @@ -96,7 +96,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, /* * MD2 context setup */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ) +int mbedtls_md2_starts( mbedtls_md2_context *ctx ) { memset( ctx->cksum, 0, 16 ); memset( ctx->state, 0, 46 ); @@ -151,7 +151,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ) /* * MD2 process buffer */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, +int mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen ) { @@ -185,7 +185,7 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, /* * MD2 final digest */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, +int mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -214,7 +214,7 @@ int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, /* * output = MD2( input buffer ) */ -int mbedtls_md2_ret( const unsigned char *input, +int mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) { @@ -223,13 +223,13 @@ int mbedtls_md2_ret( const unsigned char *input, mbedtls_md2_init( &ctx ); - if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_md2_starts( &ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_md2_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_md2_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -290,7 +290,7 @@ int mbedtls_md2_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " MD2 test #%d: ", i + 1 ); - ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum ); + ret = mbedtls_md2( md2_test_str[i], md2_test_strlen[i], md2sum ); if( ret != 0 ) goto fail; diff --git a/library/md4.c b/library/md4.c index c366c0de80..f5f3302534 100644 --- a/library/md4.c +++ b/library/md4.c @@ -89,7 +89,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, /* * MD4 context setup */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ) +int mbedtls_md4_starts( mbedtls_md4_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -236,7 +236,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, /* * MD4 process buffer */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, +int mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen ) { @@ -298,7 +298,7 @@ static const unsigned char md4_padding[64] = /* * MD4 final digest */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, +int mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -316,11 +316,11 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn ); + ret = mbedtls_md4_update( ctx, (unsigned char *)md4_padding, padn ); if( ret != 0 ) return( ret ); - if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 ) + if( ( ret = mbedtls_md4_update( ctx, msglen, 8 ) ) != 0 ) return( ret ); @@ -337,7 +337,7 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, /* * output = MD4( input buffer ) */ -int mbedtls_md4_ret( const unsigned char *input, +int mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) { @@ -346,13 +346,13 @@ int mbedtls_md4_ret( const unsigned char *input, mbedtls_md4_init( &ctx ); - if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_md4_starts( &ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_md4_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_md4_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -413,7 +413,7 @@ int mbedtls_md4_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " MD4 test #%d: ", i + 1 ); - ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum ); + ret = mbedtls_md4( md4_test_str[i], md4_test_strlen[i], md4sum ); if( ret != 0 ) goto fail; diff --git a/library/md5.c b/library/md5.c index 019b7f481e..d7f8cee468 100644 --- a/library/md5.c +++ b/library/md5.c @@ -88,7 +88,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, /* * MD5 context setup */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) +int mbedtls_md5_starts( mbedtls_md5_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -242,7 +242,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, /* * MD5 process buffer */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, +int mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) { @@ -293,7 +293,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, /* * MD5 final digest */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, +int mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -352,7 +352,7 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, /* * output = MD5( input buffer ) */ -int mbedtls_md5_ret( const unsigned char *input, +int mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) { @@ -361,13 +361,13 @@ int mbedtls_md5_ret( const unsigned char *input, mbedtls_md5_init( &ctx ); - if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_md5_starts( &ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_md5_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -427,7 +427,7 @@ int mbedtls_md5_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " MD5 test #%d: ", i + 1 ); - ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum ); + ret = mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum ); if( ret != 0 ) goto fail; diff --git a/library/pem.c b/library/pem.c index fcfde94799..1b40e5e558 100644 --- a/library/pem.c +++ b/library/pem.c @@ -87,13 +87,13 @@ static int pem_pbkdf1( unsigned char *key, size_t keylen, /* * key[ 0..15] = MD5(pwd || IV) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if( ( ret = mbedtls_md5_starts( &md5_ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &md5_ctx, pwd, pwdlen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &md5_ctx, iv, 8 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + if( ( ret = mbedtls_md5_finish( &md5_ctx, md5sum ) ) != 0 ) goto exit; if( keylen <= 16 ) @@ -107,15 +107,15 @@ static int pem_pbkdf1( unsigned char *key, size_t keylen, /* * key[16..23] = MD5(key[ 0..15] || pwd || IV]) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if( ( ret = mbedtls_md5_starts( &md5_ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &md5_ctx, md5sum, 16 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &md5_ctx, pwd, pwdlen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + if( ( ret = mbedtls_md5_update( &md5_ctx, iv, 8 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + if( ( ret = mbedtls_md5_finish( &md5_ctx, md5sum ) ) != 0 ) goto exit; use_len = 16; diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index d0f986ebc7..6471f82a82 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -203,55 +203,55 @@ static psa_status_t hash_setup( #if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_init( &operation->ctx.md2 ); - ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); + ret = mbedtls_md2_starts( &operation->ctx.md2 ); break; #endif #if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_init( &operation->ctx.md4 ); - ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); + ret = mbedtls_md4_starts( &operation->ctx.md4 ); break; #endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); - ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); + ret = mbedtls_md5_starts( &operation->ctx.md5 ); break; #endif #if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); - ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); + ret = mbedtls_ripemd160_starts( &operation->ctx.ripemd160 ); break; #endif #if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_init( &operation->ctx.sha1 ); - ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); + ret = mbedtls_sha1_starts( &operation->ctx.sha1 ); break; #endif #if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); + ret = mbedtls_sha256_starts( &operation->ctx.sha256, 1 ); break; #endif #if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); + ret = mbedtls_sha256_starts( &operation->ctx.sha256, 0 ); break; #endif #if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); + ret = mbedtls_sha512_starts( &operation->ctx.sha512, 1 ); break; #endif #if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); + ret = mbedtls_sha512_starts( &operation->ctx.sha512, 0 ); break; #endif default: @@ -349,55 +349,55 @@ static psa_status_t hash_update( { #if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_update_ret( &operation->ctx.md2, + ret = mbedtls_md2_update( &operation->ctx.md2, input, input_length ); break; #endif #if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_update_ret( &operation->ctx.md4, + ret = mbedtls_md4_update( &operation->ctx.md4, input, input_length ); break; #endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_update_ret( &operation->ctx.md5, + ret = mbedtls_md5_update( &operation->ctx.md5, input, input_length ); break; #endif #if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, + ret = mbedtls_ripemd160_update( &operation->ctx.ripemd160, input, input_length ); break; #endif #if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, + ret = mbedtls_sha1_update( &operation->ctx.sha1, input, input_length ); break; #endif #if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, + ret = mbedtls_sha256_update( &operation->ctx.sha256, input, input_length ); break; #endif #if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, + ret = mbedtls_sha256_update( &operation->ctx.sha256, input, input_length ); break; #endif #if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, + ret = mbedtls_sha512_update( &operation->ctx.sha512, input, input_length ); break; #endif #if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, + ret = mbedtls_sha512_update( &operation->ctx.sha512, input, input_length ); break; #endif @@ -439,47 +439,47 @@ static psa_status_t hash_finish( { #if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); + ret = mbedtls_md2_finish( &operation->ctx.md2, hash ); break; #endif #if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); + ret = mbedtls_md4_finish( &operation->ctx.md4, hash ); break; #endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); + ret = mbedtls_md5_finish( &operation->ctx.md5, hash ); break; #endif #if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); + ret = mbedtls_ripemd160_finish( &operation->ctx.ripemd160, hash ); break; #endif #if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); + ret = mbedtls_sha1_finish( &operation->ctx.sha1, hash ); break; #endif #if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash ); break; #endif #if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash ); break; #endif #if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash ); break; #endif #if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash ); break; #endif default: diff --git a/library/ripemd160.c b/library/ripemd160.c index 0e1df8fa13..d2ccbbec47 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -89,7 +89,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, /* * RIPEMD-160 context setup */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ) +int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -305,7 +305,7 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, /* * RIPEMD-160 process buffer */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, +int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, const unsigned char *input, size_t ilen ) { @@ -365,7 +365,7 @@ static const unsigned char ripemd160_padding[64] = /* * RIPEMD-160 final digest */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, +int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -383,11 +383,11 @@ int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn ); + ret = mbedtls_ripemd160_update( ctx, ripemd160_padding, padn ); if( ret != 0 ) return( ret ); - ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 ); + ret = mbedtls_ripemd160_update( ctx, msglen, 8 ); if( ret != 0 ) return( ret ); @@ -405,7 +405,7 @@ int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, /* * output = RIPEMD-160( input buffer ) */ -int mbedtls_ripemd160_ret( const unsigned char *input, +int mbedtls_ripemd160( const unsigned char *input, size_t ilen, unsigned char output[20] ) { @@ -414,13 +414,13 @@ int mbedtls_ripemd160_ret( const unsigned char *input, mbedtls_ripemd160_init( &ctx ); - if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_ripemd160_starts( &ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_ripemd160_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_ripemd160_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -487,7 +487,7 @@ int mbedtls_ripemd160_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 ); - ret = mbedtls_ripemd160_ret( ripemd160_test_str[i], + ret = mbedtls_ripemd160( ripemd160_test_str[i], ripemd160_test_strlen[i], output ); if( ret != 0 ) goto fail; diff --git a/library/rsa.c b/library/rsa.c index 36424bd193..b84e6a06da 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2654,7 +2654,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " PKCS#1 data sign : " ); - if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 ) + if( mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); diff --git a/library/sha1.c b/library/sha1.c index c6087acceb..545d093109 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -98,7 +98,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, /* * SHA-1 context setup */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) +int mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) { SHA1_VALIDATE_RET( ctx != NULL ); @@ -292,7 +292,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, /* * SHA-1 process buffer */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, +int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) { @@ -345,7 +345,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, /* * SHA-1 final digest */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, +int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -408,7 +408,7 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, /* * output = SHA-1( input buffer ) */ -int mbedtls_sha1_ret( const unsigned char *input, +int mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) { @@ -420,13 +420,13 @@ int mbedtls_sha1_ret( const unsigned char *input, mbedtls_sha1_init( &ctx ); - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_sha1_starts( &ctx ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_sha1_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_sha1_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -481,7 +481,7 @@ int mbedtls_sha1_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if( ( ret = mbedtls_sha1_starts( &ctx ) ) != 0 ) goto fail; if( i == 2 ) @@ -490,20 +490,20 @@ int mbedtls_sha1_self_test( int verbose ) for( j = 0; j < 1000; j++ ) { - ret = mbedtls_sha1_update_ret( &ctx, buf, buflen ); + ret = mbedtls_sha1_update( &ctx, buf, buflen ); if( ret != 0 ) goto fail; } } else { - ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i], + ret = mbedtls_sha1_update( &ctx, sha1_test_buf[i], sha1_test_buflen[i] ); if( ret != 0 ) goto fail; } - if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 ) + if( ( ret = mbedtls_sha1_finish( &ctx, sha1sum ) ) != 0 ) goto fail; if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) diff --git a/library/sha256.c b/library/sha256.c index 3cb2122d65..6ec6da296a 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -100,7 +100,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, /* * SHA-256 context setup */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) +int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) { SHA256_VALIDATE_RET( ctx != NULL ); @@ -285,7 +285,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, /* * SHA-256 process buffer */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, +int mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) { @@ -338,7 +338,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, /* * SHA-256 final digest */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, +int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -408,7 +408,7 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, /* * output = SHA-256( input buffer ) */ -int mbedtls_sha256_ret( const unsigned char *input, +int mbedtls_sha256( const unsigned char *input, size_t ilen, unsigned char *output, int is224 ) @@ -427,13 +427,13 @@ int mbedtls_sha256_ret( const unsigned char *input, mbedtls_sha256_init( &ctx ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 ) + if( ( ret = mbedtls_sha256_starts( &ctx, is224 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_sha256_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_sha256_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -522,7 +522,7 @@ int mbedtls_sha256_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 ) + if( ( ret = mbedtls_sha256_starts( &ctx, k ) ) != 0 ) goto fail; if( j == 2 ) @@ -531,7 +531,7 @@ int mbedtls_sha256_self_test( int verbose ) for( j = 0; j < 1000; j++ ) { - ret = mbedtls_sha256_update_ret( &ctx, buf, buflen ); + ret = mbedtls_sha256_update( &ctx, buf, buflen ); if( ret != 0 ) goto fail; } @@ -539,13 +539,13 @@ int mbedtls_sha256_self_test( int verbose ) } else { - ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j], + ret = mbedtls_sha256_update( &ctx, sha256_test_buf[j], sha256_test_buflen[j] ); if( ret != 0 ) goto fail; } - if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 ) + if( ( ret = mbedtls_sha256_finish( &ctx, sha256sum ) ) != 0 ) goto fail; diff --git a/library/sha512.c b/library/sha512.c index 315e516ccb..6511c6e36a 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -123,7 +123,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, /* * SHA-512 context setup */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) +int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) { SHA512_VALIDATE_RET( ctx != NULL ); #if defined(MBEDTLS_SHA384_C) @@ -327,7 +327,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, /* * SHA-512 process buffer */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, +int mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen ) { @@ -379,7 +379,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, /* * SHA-512 final digest */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, +int mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -451,7 +451,7 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, /* * output = SHA-512( input buffer ) */ -int mbedtls_sha512_ret( const unsigned char *input, +int mbedtls_sha512( const unsigned char *input, size_t ilen, unsigned char *output, int is384 ) @@ -469,13 +469,13 @@ int mbedtls_sha512_ret( const unsigned char *input, mbedtls_sha512_init( &ctx ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 ) + if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 ) + if( ( ret = mbedtls_sha512_update( &ctx, input, ilen ) ) != 0 ) goto exit; - if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 ) + if( ( ret = mbedtls_sha512_finish( &ctx, output ) ) != 0 ) goto exit; exit: @@ -591,7 +591,7 @@ int mbedtls_sha512_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 ) + if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 ) goto fail; if( j == 2 ) @@ -600,20 +600,20 @@ int mbedtls_sha512_self_test( int verbose ) for( j = 0; j < 1000; j++ ) { - ret = mbedtls_sha512_update_ret( &ctx, buf, buflen ); + ret = mbedtls_sha512_update( &ctx, buf, buflen ); if( ret != 0 ) goto fail; } } else { - ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j], + ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j], sha512_test_buflen[j] ); if( ret != 0 ) goto fail; } - if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 ) + if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 ) goto fail; if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7a878bc401..3e2ac922c2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1429,7 +1429,7 @@ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); - mbedtls_sha256_finish_ret( &sha256, hash ); + mbedtls_sha256_finish( &sha256, hash ); *hlen = 32; @@ -1478,7 +1478,7 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); - mbedtls_sha512_finish_ret( &sha512, hash ); + mbedtls_sha512_finish( &sha512, hash ); *hlen = 48; @@ -2490,7 +2490,7 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) psa_hash_abort( &ssl->handshake->fin_sha256_psa ); psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); #else - mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); + mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 ); #endif #endif #if defined(MBEDTLS_SHA384_C) @@ -2498,7 +2498,7 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) psa_hash_abort( &ssl->handshake->fin_sha384_psa ); psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); #else - mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 ); + mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 ); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -2512,14 +2512,14 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); #endif #endif #if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -2533,7 +2533,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); #endif } #endif @@ -2545,7 +2545,7 @@ static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); #endif } #endif @@ -2613,7 +2613,7 @@ static void ssl_calc_finished_tls_sha256( sha256.state, sizeof( sha256.state ) ); #endif - mbedtls_sha256_finish_ret( &sha256, padbuf ); + mbedtls_sha256_finish( &sha256, padbuf ); mbedtls_sha256_free( &sha256 ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -2688,7 +2688,7 @@ static void ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) sha512.state, sizeof( sha512.state ) ); #endif - mbedtls_sha512_finish_ret( &sha512, padbuf ); + mbedtls_sha512_finish( &sha512, padbuf ); mbedtls_sha512_free( &sha512 ); #endif @@ -2988,7 +2988,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); #else mbedtls_sha256_init( &handshake->fin_sha256 ); - mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); + mbedtls_sha256_starts( &handshake->fin_sha256, 0 ); #endif #endif #if defined(MBEDTLS_SHA384_C) @@ -2997,7 +2997,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); #else mbedtls_sha512_init( &handshake->fin_sha512 ); - mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 ); + mbedtls_sha512_starts( &handshake->fin_sha512, 1 ); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 8f4a4f5ea3..c90f8bc4b0 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -178,7 +178,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, + ret = mbedtls_sha1( buf + sizeof( buf ) - len, len, buf + sizeof( buf ) - 20 ); if( ret != 0 ) return( ret ); @@ -206,7 +206,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, + ret = mbedtls_sha1( buf + sizeof( buf ) - len, len, buf + sizeof( buf ) - 20 ); if( ret != 0 ) return( ret ); diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 70bea4206a..18beb6997f 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -55,7 +55,7 @@ int main( void ) mbedtls_printf( "\n MD5('%s') = ", str ); - if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 ) + if( ( ret = mbedtls_md5( (unsigned char *) str, 13, digest ) ) != 0 ) mbedtls_exit( MBEDTLS_EXIT_FAILURE ); for( i = 0; i < 16; i++ ) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index c6b3132005..3ff56240c5 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -214,9 +214,9 @@ int main( void ) goto exit; } - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) + if( ( ret = mbedtls_sha1( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_sha1 returned %d\n\n", ret ); goto exit; } diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 63df77ee01..47d9c26e00 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -220,9 +220,9 @@ int main( void ) /* * 5. Sign the parameters and send them */ - if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) + if( ( ret = mbedtls_sha1( buf, n, hash ) ) != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_sha1 returned %d\n\n", ret ); goto exit; } diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 1bbf8268c4..5a9c712d3d 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -166,9 +166,9 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Computing message hash..." ); fflush( stdout ); - if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 ) + if( ( ret = mbedtls_sha256( message, sizeof( message ), hash, 0 ) ) != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_sha256 returned %d\n", ret ); goto exit; } diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index e12345365f..80057b6d7c 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -405,32 +405,32 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_MD4_C) if( todo.md4 ) - TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) ); + TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_MD5_C) if( todo.md5 ) - TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) ); + TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) if( todo.ripemd160 ) - TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) ); + TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_SHA1_C) if( todo.sha1 ) - TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) ); + TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_SHA256_C) if( todo.sha256 ) - TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) ); + TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) if( todo.sha512 ) - TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) ); + TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(MBEDTLS_ARC4_C) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 9492896f63..2a06adc117 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -90,7 +90,7 @@ done printf "Likely typos: " sort -u actual-macros enum-consts > _caps -HEADERS=$( ls include/mbedtls/*.h include/psa/*.h ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-2\.x\.h' ) HEADERS="$HEADERS library/*.h" HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" LIBRARY="$( ls library/*.c )" diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index fd19c471bb..2e62359e4f 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -22,7 +22,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h | egrep -v 'compat-2\.x\.h' ) HEADERS="$HEADERS library/*.h" HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c3ffe3b47b..a46f21c1f2 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -288,7 +288,7 @@ void ctr_drbg_entropy_usage( int entropy_nonce_len ) /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT). * Make sure it's detected as an error and doesn't cause memory * corruption. */ - TEST_ASSERT( mbedtls_ctr_drbg_update_ret( + TEST_ASSERT( mbedtls_ctr_drbg_update( &ctx, entropy, sizeof( entropy ) ) != 0 ); /* Now enable PR, so the next few calls should all reseed */ diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function index aa35c583eb..1ee7229888 100644 --- a/tests/suites/test_suite_mdx.function +++ b/tests/suites/test_suite_mdx.function @@ -17,7 +17,7 @@ void md2_text( char * text_src_string, data_t * hash ) strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output ); + ret = mbedtls_md2( src_str, strlen( (char *) src_str ), output ); TEST_ASSERT( ret == 0 ) ; TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, @@ -37,7 +37,7 @@ void md4_text( char * text_src_string, data_t * hash ) strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output ); + ret = mbedtls_md4( src_str, strlen( (char *) src_str ), output ); TEST_ASSERT( ret == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, @@ -57,7 +57,7 @@ void md5_text( char * text_src_string, data_t * hash ) strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output ); + ret = mbedtls_md5( src_str, strlen( (char *) src_str ), output ); TEST_ASSERT( ret == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, @@ -77,7 +77,7 @@ void ripemd160_text( char * text_src_string, data_t * hash ) strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output ); + ret = mbedtls_ripemd160( src_str, strlen( (char *) src_str ), output ); TEST_ASSERT( ret == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index 35fecce6ce..95d45baa40 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -12,7 +12,7 @@ void mbedtls_sha1( data_t * src_str, data_t * hash ) memset(output, 0x00, 41); - TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 ); + TEST_ASSERT( mbedtls_sha1( src_str->x, src_str->len, output ) == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 20, hash->len ) == 0 ); } @@ -28,10 +28,10 @@ void sha256_invalid_param( ) int invalid_type = 42; TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( &ctx, invalid_type ) ); + mbedtls_sha256_starts( &ctx, invalid_type ) ); TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, + mbedtls_sha256( buf, buflen, buf, invalid_type ) ); exit: @@ -47,7 +47,7 @@ void sha224( data_t * src_str, data_t * hash ) memset(output, 0x00, 57); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 1 ) == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 ); } @@ -61,7 +61,7 @@ void mbedtls_sha256( data_t * src_str, data_t * hash ) memset(output, 0x00, 65); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 0 ) == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 ); } @@ -77,10 +77,10 @@ void sha512_invalid_param( ) int invalid_type = 42; TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( &ctx, invalid_type ) ); + mbedtls_sha512_starts( &ctx, invalid_type ) ); TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, + mbedtls_sha512( buf, buflen, buf, invalid_type ) ); exit: @@ -96,7 +96,7 @@ void sha384( data_t * src_str, data_t * hash ) memset(output, 0x00, 97); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 1 ) == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 ); } @@ -110,7 +110,7 @@ void mbedtls_sha512( data_t * src_str, data_t * hash ) memset(output, 0x00, 129); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 0 ) == 0 ); TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 ); } From f8abfa8b1b1abad18c49725abee214921dcb240f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 9 Jun 2021 10:17:04 +0200 Subject: [PATCH 0244/1065] Improve migration guide Signed-off-by: Ronald Cron --- docs/3.0-migration-guide.d/rsa-padding.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/3.0-migration-guide.d/rsa-padding.md b/docs/3.0-migration-guide.d/rsa-padding.md index a04d9ee2ae..f10ece6f8c 100644 --- a/docs/3.0-migration-guide.d/rsa-padding.md +++ b/docs/3.0-migration-guide.d/rsa-padding.md @@ -9,21 +9,21 @@ encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. -Code migration examples: +To choose the padding type when initializing a context, instead of ```C mbedtls_rsa_init(ctx, padding, hash_id); ``` -to +, use ```C mbedtls_rsa_init(ctx); mbedtls_rsa_set_padding(ctx, padding, hash_id); ``` -or + +To use PKCS#1 v1.5 padding, instead of ```C mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); ``` -to +, just use ```C mbedtls_rsa_init(ctx); ``` - From 1e66642d68cb69fd334beccdeeee617a771d11ef Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 9 Jun 2021 11:25:28 +0200 Subject: [PATCH 0245/1065] Addition of change log and migration guide files. Signed-off-by: TRodziewicz --- ChangeLog.d/issue4212.txt | 33 +++++++++++++++++++ .../rename_the__ret_functions.md | 13 ++++++++ 2 files changed, 46 insertions(+) create mode 100644 ChangeLog.d/issue4212.txt create mode 100644 docs/3.0-migration-guide.d/rename_the__ret_functions.md diff --git a/ChangeLog.d/issue4212.txt b/ChangeLog.d/issue4212.txt new file mode 100644 index 0000000000..d9a7cd5a7c --- /dev/null +++ b/ChangeLog.d/issue4212.txt @@ -0,0 +1,33 @@ +Changes + * Rename functions whose deprecated variants have been removed via #4029: + mbedtls_ctr_drbg_update_ret -> mbedtls_ctr_drbg_update + mbedtls_hmac_drbg_update_ret -> mbedtls_hmac_drbg_update + mbedtls_md2_starts_ret -> mbedtls_md2_starts + mbedtls_md2_update_ret -> mbedtls_md2_update + mbedtls_md2_finish_ret -> mbedtls_md2_finish + mbedtls_md2_ret -> mbedtls_md2 + mbedtls_md4_starts_ret -> mbedtls_md4_starts + mbedtls_md4_update_ret -> mbedtls_md4_update + mbedtls_md4_finish_ret -> mbedtls_md4_finish + mbedtls_md4_ret -> mbedtls_md4 + mbedtls_md5_starts_ret -> mbedtls_md5_starts + mbedtls_md5_update_ret -> mbedtls_md5_update + mbedtls_md5_finish_ret -> mbedtls_md5_finish + mbedtls_md5_ret -> mbedtls_md5 + mbedtls_ripemd160_starts_ret -> mbedtls_ripemd160_starts + mbedtls_ripemd160_update_ret -> mbedtls_ripemd160_update + mbedtls_ripemd160_finish_ret -> mbedtls_ripemd160_finish + mbedtls_ripemd160_ret -> mbedtls_ripemd160 + mbedtls_sha1_starts_ret -> mbedtls_sha1_starts + mbedtls_sha1_update_ret -> mbedtls_sha1_update + mbedtls_sha1_finish_ret -> mbedtls_sha1_finish + mbedtls_sha1_ret -> mbedtls_sha1 + mbedtls_sha256_starts_ret -> mbedtls_sha256_starts + mbedtls_sha256_update_ret -> mbedtls_sha256_update + mbedtls_sha256_finish_ret -> mbedtls_sha256_finish + mbedtls_sha256_ret -> mbedtls_sha256 + mbedtls_sha512_starts_ret -> mbedtls_sha512_starts + mbedtls_sha512_update_ret -> mbedtls_sha512_update + mbedtls_sha512_finish_ret -> mbedtls_sha512_finish + mbedtls_sha512_ret -> mbedtls_sha512. + Fixes #4212. diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md new file mode 100644 index 0000000000..513f167ff5 --- /dev/null +++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md @@ -0,0 +1,13 @@ +Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed in #4029 +-- + +This change affects users who were using the `mbedtls_*_ret()` criptography functions. + +Those functions were created based on now-deprecated functions according to a +requirement that a function needs to return a value. This change brings back the +original names of those functions. + +To migrate to the this change the user can keep the `*_ret` names in their code +and include the `compat_2.x.h` header file which holds macros with proper +renaming or to rename those function in their code according to the list from +mentioned header file. From 3ecb92e680ac38a1bbe67bcf732a4650fad9fbe8 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 11 May 2021 18:22:05 +0200 Subject: [PATCH 0246/1065] Remove _X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION Signed-off-by: TRodziewicz --- ChangeLog.d/issue4378.txt | 4 ++++ include/mbedtls/config.h | 12 ------------ library/x509_crt.c | 9 +-------- scripts/config.py | 1 - tests/suites/test_suite_x509parse.data | 4 ++-- 5 files changed, 7 insertions(+), 23 deletions(-) create mode 100644 ChangeLog.d/issue4378.txt diff --git a/ChangeLog.d/issue4378.txt b/ChangeLog.d/issue4378.txt new file mode 100644 index 0000000000..f10c23c588 --- /dev/null +++ b/ChangeLog.d/issue4378.txt @@ -0,0 +1,4 @@ +Removals + * Remove the MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h + option. The mbedtls_x509_crt_parse_der_with_ext_cb() is the way to go for + for migration path. Fixes #4378. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index d0e27805c6..ae32f21838 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1813,18 +1813,6 @@ */ #define MBEDTLS_VERSION_FEATURES -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - /** * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK * diff --git a/library/x509_crt.c b/library/x509_crt.c index 8387de618b..7d8847a301 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -818,8 +818,7 @@ static int x509_get_certificate_policies( unsigned char **p, { /* * Set the parsing return code but continue parsing, in case this - * extension is critical and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * is configured. + * extension is critical. */ parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } @@ -961,14 +960,12 @@ static int x509_get_crt_ext( unsigned char **p, /* No parser found, skip extension */ *p = end_ext_octet; -#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) if( is_critical ) { /* Data is marked as critical: fail */ return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } -#endif continue; } @@ -1027,11 +1024,9 @@ static int x509_get_crt_ext( unsigned char **p, start_ext_octet, end_ext_octet ) == 0 ) break; -#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) if( is_critical ) return( ret ); else -#endif /* * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we * cannot interpret or enforce the policy. However, it is up to @@ -1049,11 +1044,9 @@ static int x509_get_crt_ext( unsigned char **p, * supports, but there isn't an x509 parser for it, * skip the extension. */ -#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) if( is_critical ) return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); else -#endif *p = end_ext_octet; } } diff --git a/scripts/config.py b/scripts/config.py index 94fbdef42f..b85745a2ab 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -192,7 +192,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) - 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS 'MBEDTLS_X509_REMOVE_INFO', # removes a feature ]) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 59acc667a1..0ebfb94984 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -1783,7 +1783,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, unknown critical policy) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier invalid tag) @@ -2001,7 +2001,7 @@ depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDT x509parse_crt:"3081e430819f020104300d06092a864886f70d0101050500300f310d300b0603550403130454657374301e170d3133303731303135303233375a170d3233303730383135303233375a300f310d300b06035504031304546573743049301306072a8648ce3d020106082a8648ce3d03010103320004e962551a325b21b50cf6b990e33d4318fd16677130726357a196e3efe7107bcb6bdc6d9db2a4df7c964acfe81798433d300d06092a864886f70d01010505000331001a6c18cd1e457474b2d3912743f44b571341a7859a0122774a8e19a671680878936949f904c9255bdd6fffdb33a7e6d8":"cert. version \: 1\nserial number \: 04\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 15\:02\:37\nexpires on \: 2023-07-08 15\:02\:37\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\n":0 X509 CRT ASN1 (Unsupported critical extension) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011f0101ff0403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (Unsupported critical extension recognized by callback) From b8367380b1f6a84662743bbef81ec4ef09f467f8 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 11:03:42 +0200 Subject: [PATCH 0247/1065] Addition of the migration guide Signed-off-by: TRodziewicz --- ChangeLog.d/issue4378.txt | 2 +- ...TLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md diff --git a/ChangeLog.d/issue4378.txt b/ChangeLog.d/issue4378.txt index f10c23c588..9a7522b3ab 100644 --- a/ChangeLog.d/issue4378.txt +++ b/ChangeLog.d/issue4378.txt @@ -1,4 +1,4 @@ Removals * Remove the MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h option. The mbedtls_x509_crt_parse_der_with_ext_cb() is the way to go for - for migration path. Fixes #4378. + migration path. Fixes #4378. diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md new file mode 100644 index 0000000000..34ec4738ae --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md @@ -0,0 +1,13 @@ +Remove the X509 parser sensitivity control for an unknown critical extension from config.h +------------------------------------------------------------------------------------------ + +It affects users who use the `MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION` +option which if set, allowed the X509 parser to parse an X509 certificate +even when it encountered an unknown critical extension. + +The migration path from that option is to use the +`mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally +equivalent to `mbedtls_x509_crt_parse_der()`, and/or +`mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every +unsupported certificate extension and additionally the "certificate policies" +extension if it contains any unsupported certificate policies. From 0ea257650207918f84748c589c1e8238e701fbf2 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 9 Jun 2021 13:24:48 +0200 Subject: [PATCH 0248/1065] Correction to the migr. guide wording and removal of not needed option Signed-off-by: TRodziewicz --- ...LS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md index 34ec4738ae..738fa81fd1 100644 --- a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md +++ b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md @@ -1,9 +1,13 @@ -Remove the X509 parser sensitivity control for an unknown critical extension from config.h ------------------------------------------------------------------------------------------- +Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +-------------------------------------------------------------------------- -It affects users who use the `MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION` -option which if set, allowed the X509 parser to parse an X509 certificate -even when it encountered an unknown critical extension. +This change does not affect users of the default configuration; it only affect +users who enable this option. + +The X.509 standard says that implementations must reject critical extensions that +they don't recognize, and this is what Mbed TLS does by default. This option +allowed to continue parsing those certificates but didn't provide a convenient +way to handle those extensions. The migration path from that option is to use the `mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally From 197496af690ec603c31568fcf6430fc96b15835a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 8 Jun 2021 18:31:27 +0100 Subject: [PATCH 0249/1065] config: Allow Mbed to implement TIMING_C Mbed OS now provides POSIX-like time functions, although not alarm() nor signal(). It is possible to implement MBEDTLS_TIMING_ALT on Mbed OS, so we should not artificially prevent this in check-config. Remove the the check that prevents implementing MBEDTLS_TIMING_ALT on Mbed OS. Note that this limitation originally was added in the following commit, although there isn't much context around why the restriction was imposed: 63e7ebaaa184 ("Add material for generating yotta module"). In 2015, Mbed OS was quite a different thing: no RTOS, no threads, just an asynchronous event loop model. I'd suppose the asynchronous event loop model made it difficult before to implement MBEDTLS_TIMING_C on Mbed OS, but that is no longer the case. Fixes #4633 Signed-off-by: Jaeden Amero --- ChangeLog.d/mbed-can-do-timing.txt | 3 +++ include/mbedtls/check_config.h | 5 ++--- 2 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/mbed-can-do-timing.txt diff --git a/ChangeLog.d/mbed-can-do-timing.txt b/ChangeLog.d/mbed-can-do-timing.txt new file mode 100644 index 0000000000..d83da02432 --- /dev/null +++ b/ChangeLog.d/mbed-can-do-timing.txt @@ -0,0 +1,3 @@ +Bugfix + * Remove outdated check-config.h check that prevented implementing the + timing module on Mbed OS. Fixes #4633. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ef19f38340..90dee6c1af 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -55,9 +55,8 @@ #endif #endif /* _WIN32 */ -#if defined(TARGET_LIKE_MBED) && \ - ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) ) -#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS" +#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C) +#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS" #endif #if defined(MBEDTLS_DEPRECATED_WARNING) && \ From 2a5e5a2759f99ee084760fd4588b2a13e273b503 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 9 Jun 2021 16:54:20 +0200 Subject: [PATCH 0250/1065] Correction to the migration guide entry wording Signed-off-by: TRodziewicz --- ..._MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md | 30 +++++++++---------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md index 348fe32f71..2acb3bfbe6 100644 --- a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md +++ b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md @@ -1,20 +1,18 @@ Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `config.h` --- +------------------------------------------------------------------- -This change affects users who have chosen the compilation time options to disable -the library's verification of the `keyUsage` and `extendedKeyUsage` fields of an x509 -certificate. +This change affects users who have chosen the configuration options to disable the +library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 +certificates. -The change is to remove MBEDTLS_X509_CHECK_KEY_USAGE and -MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE from the configuration. +The `MBEDTLS_X509_CHECK_KEY_USAGE` and `MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE` +configuration options are removed and the X509 code now behaves as if they were +always enabled. It is consequently not possible anymore to disable at compile +time the verification of the `keyUsage` and `extendedKeyUsage` fields of X509 +certificates. -After the change the options are removed and the compilation is done in a way that -the verification of the key usage fields is allways enabled by default. - -This verification is an important step and disabling it can cause security issues. -If the verification is for some reason undesirable it can still be disabled at -a runtime with even more flexibility by using the callback parameter in -`mbedtls_x509_crt_verify()`. - -For example the user can disable the verification by using the callback which -clears the corresponding flags when they've been set. +The verification of the `keyUsage` and `extendedKeyUsage` fields is important, +disabling it can cause security issues and it is thus not recommended. If the +verification is for some reason undesirable, it can still be disabled by means +of the verification callback function passed to `mbedtls_x509_crt_verify()` (see +the documentation of this function for more information). From 1297ef3762880320864cb6d7b92981e1db710dde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 9 Mar 2021 11:22:20 +0100 Subject: [PATCH 0251/1065] Use constant-time look-up for modular exponentiation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index e74a1ade04..343658124e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2098,6 +2098,32 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mpi_montmul( A, &U, N, mm, T ); } +/** + * Select an MPI from a table without leaking the index. + * + * This is functionally equivalent to mbedtls_mpi_copy(R, T[idx]) except it + * reads the entire table in order to avoid leaking the value of idx to an + * attacker able to observe memory access patterns. + * + * \param[out] R Where to write the selected MPI. + * \param[in] T The table to read from. + * \param[in] T_size The number of elements in the table. + * \param[in] idx The index of the element to select; + * this must satisfy 0 <= idx < T_size. + * + * \return \c 0 on success, or a negative error code. + */ +static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + for( size_t i = 0; i < T_size; i++ ) + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], i == idx ) ); + +cleanup: + return( ret ); +} + /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ @@ -2110,7 +2136,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, size_t i, j, nblimbs; size_t bufsize, nbits; mbedtls_mpi_uint ei, mm, state; - mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], Apos; + mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], WW, Apos; int neg; MPI_VALIDATE_RET( X != NULL ); @@ -2134,6 +2160,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, mpi_montg_init( &mm, N ); mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &Apos ); + mbedtls_mpi_init( &WW ); memset( W, 0, sizeof( W ) ); i = mbedtls_mpi_bitlen( E ); @@ -2274,7 +2301,8 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * X = X * W[wbits] R^-1 mod N */ - mpi_montmul( X, &W[wbits], N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_select( &WW, W, 1 << wsize, wbits ) ); + mpi_montmul( X, &WW, N, mm, &T ); state--; nbits = 0; @@ -2312,6 +2340,7 @@ cleanup: mbedtls_mpi_free( &W[i] ); mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos ); + mbedtls_mpi_free( &WW ); if( _RR == NULL || _RR->p == NULL ) mbedtls_mpi_free( &RR ); From 92413ef5bcb5ca47bd132ae7bdb55c8cf7223d2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 3 Jun 2021 10:42:46 +0200 Subject: [PATCH 0252/1065] Avoid using == for sensitive comparisons MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit mbedtls_mpi_cf_bool_eq() is a verbatim copy of mbedtls_ssl_cf_bool_eq() Deduplication will be part of a future task. Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 343658124e..808de176ea 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2098,6 +2098,42 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mpi_montmul( A, &U, N, mm, T ); } +/* + * Constant-flow boolean "equal" comparison: + * return x == y + * + * This function can be used to write constant-time code by replacing branches + * with bit operations - it can be used in conjunction with + * mbedtls_ssl_cf_mask_from_bit(). + * + * This function is implemented without using comparison operators, as those + * might be translated to branches by some compilers on some platforms. + */ +static size_t mbedtls_mpi_cf_bool_eq( size_t x, size_t y ) +{ + /* diff = 0 if x == y, non-zero otherwise */ + const size_t diff = x ^ y; + + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + + /* diff_msb's most significant bit is equal to x != y */ + const size_t diff_msb = ( diff | -diff ); + +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif + + /* diff1 = (x != y) ? 1 : 0 */ + const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 ); + + return( 1 ^ diff1 ); +} + /** * Select an MPI from a table without leaking the index. * @@ -2118,7 +2154,10 @@ static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; for( size_t i = 0; i < T_size; i++ ) - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], i == idx ) ); + { + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], + mbedtls_mpi_cf_bool_eq( i, idx ) ) ); + } cleanup: return( ret ); From 5ada7a80c3c482f0362d0eaa235b7d2efc8487d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 31 May 2021 11:48:45 +0200 Subject: [PATCH 0253/1065] Use bit operations for mpi_safe_cond_assign() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - copied limbs - sign - cleared limbs Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 808de176ea..343ce48dfd 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -249,8 +249,23 @@ static void mpi_safe_cond_assign( size_t n, unsigned char assign ) { size_t i; + + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + + /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ + const mbedtls_mpi_uint mask = -assign; + +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif + for( i = 0; i < n; i++ ) - dest[i] = dest[i] * ( 1 - assign ) + src[i] * assign; + dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask ); } /* @@ -262,20 +277,36 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned { int ret = 0; size_t i; + unsigned int mask; + mbedtls_mpi_uint limb_mask; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + /* make sure assign is 0 or 1 in a time-constant manner */ assign = (assign | (unsigned char)-assign) >> 7; + /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ + mask = -assign; + limb_mask = -assign; + +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); - X->s = X->s * ( 1 - assign ) + Y->s * assign; + X->s = ( X->s & ~mask ) | ( Y->s & mask ); mpi_safe_cond_assign( Y->n, X->p, Y->p, assign ); for( i = Y->n; i < X->n; i++ ) - X->p[i] *= ( 1 - assign ); + X->p[i] &= ~limb_mask; cleanup: return( ret ); From 448f13584df898ddda8e97fc7afe3034cfaeae07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 3 Jun 2021 10:54:01 +0200 Subject: [PATCH 0254/1065] Use bit operations for mpi_safe_cond_swap() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Unrelated to RSA (only used in ECP), but while improving one mbedtls_safe_cond_xxx function, let's improve the other as well. Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 343ce48dfd..d934cb2c9e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -322,6 +322,8 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw { int ret, s; size_t i; + unsigned int sign_mask; + mbedtls_mpi_uint limb_mask; mbedtls_mpi_uint tmp; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); @@ -329,22 +331,36 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw if( X == Y ) return( 0 ); + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + /* make sure swap is 0 or 1 in a time-constant manner */ swap = (swap | (unsigned char)-swap) >> 7; + /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ + sign_mask = -swap; + limb_mask = -swap; + +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) ); s = X->s; - X->s = X->s * ( 1 - swap ) + Y->s * swap; - Y->s = Y->s * ( 1 - swap ) + s * swap; + X->s = ( X->s & ~sign_mask ) | ( Y->s & sign_mask ); + Y->s = ( Y->s & ~sign_mask ) | ( s & sign_mask ); for( i = 0; i < X->n; i++ ) { tmp = X->p[i]; - X->p[i] = X->p[i] * ( 1 - swap ) + Y->p[i] * swap; - Y->p[i] = Y->p[i] * ( 1 - swap ) + tmp * swap; + X->p[i] = ( X->p[i] & ~limb_mask ) | ( Y->p[i] & limb_mask ); + Y->p[i] = ( Y->p[i] & ~limb_mask ) | ( tmp & limb_mask ); } cleanup: From 3ae4ae445fb58ba7d2b71b0e5531dc170fbf4c33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 7 Jun 2021 09:51:00 +0200 Subject: [PATCH 0255/1065] Avoid UB caused by conversion to int MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 49 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 42 insertions(+), 7 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index d934cb2c9e..641049ba78 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -237,6 +237,45 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ) memcpy( Y, &T, sizeof( mbedtls_mpi ) ); } +/** + * Select between two sign values in constant-time. + * + * This is functionally equivalent to second ? a : b but uses only bit + * operations in order to avoid branches. + * + * \param[in] a The first sign; must be either +1 or -1. + * \param[in] b The second sign; must be either +1 or -1. + * \param[in] second Must be either 1 (return b) or 0 (return a). + * + * \return The selected sign value. + */ +static int mpi_safe_cond_select_sign( int a, int b, unsigned char second ) +{ + /* In order to avoid questions about what we can reasonnably assume about + * the representations of signed integers, move everything to unsigned + * by taking advantage of the fact that a and b are either +1 or -1. */ + unsigned ua = a + 1; + unsigned ub = b + 1; + + /* MSVC has a warning about unary minus on unsigned integer types, + * but this is well-defined and precisely what we want to do here. */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ + const unsigned mask = -second; +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif + + /* select ua or ub */ + unsigned ur = ( ua & ~mask ) | ( ub & mask ); + + /* ur is now 0 or 2, convert back to -1 or +1 */ + return( (int) ur - 1 ); +} + /* * Conditionally assign dest = src, without leaking information * about whether the assignment was made or not. @@ -277,7 +316,6 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned { int ret = 0; size_t i; - unsigned int mask; mbedtls_mpi_uint limb_mask; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); @@ -292,7 +330,6 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned /* make sure assign is 0 or 1 in a time-constant manner */ assign = (assign | (unsigned char)-assign) >> 7; /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ - mask = -assign; limb_mask = -assign; #if defined(_MSC_VER) @@ -301,7 +338,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); - X->s = ( X->s & ~mask ) | ( Y->s & mask ); + X->s = mpi_safe_cond_select_sign( X->s, Y->s, assign ); mpi_safe_cond_assign( Y->n, X->p, Y->p, assign ); @@ -322,7 +359,6 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw { int ret, s; size_t i; - unsigned int sign_mask; mbedtls_mpi_uint limb_mask; mbedtls_mpi_uint tmp; MPI_VALIDATE_RET( X != NULL ); @@ -341,7 +377,6 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw /* make sure swap is 0 or 1 in a time-constant manner */ swap = (swap | (unsigned char)-swap) >> 7; /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ - sign_mask = -swap; limb_mask = -swap; #if defined(_MSC_VER) @@ -352,8 +387,8 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) ); s = X->s; - X->s = ( X->s & ~sign_mask ) | ( Y->s & sign_mask ); - Y->s = ( Y->s & ~sign_mask ) | ( s & sign_mask ); + X->s = mpi_safe_cond_select_sign( X->s, Y->s, swap ); + Y->s = mpi_safe_cond_select_sign( Y->s, s, swap ); for( i = 0; i < X->n; i++ ) From 31ec1d7319ffb891bda09af34480006d08e16303 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 10 Jun 2021 09:36:41 +0200 Subject: [PATCH 0256/1065] Simplify sign selection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 641049ba78..b1f9063d39 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -257,17 +257,8 @@ static int mpi_safe_cond_select_sign( int a, int b, unsigned char second ) unsigned ua = a + 1; unsigned ub = b + 1; - /* MSVC has a warning about unary minus on unsigned integer types, - * but this is well-defined and precisely what we want to do here. */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ - const unsigned mask = -second; -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif + /* second was 0 or 1, mask is 0 or 2 as are ua and ub */ + const unsigned mask = second << 1; /* select ua or ub */ unsigned ur = ( ua & ~mask ) | ( ub & mask ); From e22176e7e07f3df029edc0a9d71f6493b839b963 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 10 Jun 2021 09:34:00 +0200 Subject: [PATCH 0257/1065] Silence MSVC type conversion warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index b1f9063d39..f4de16b918 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2229,7 +2229,7 @@ static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size for( size_t i = 0; i < T_size; i++ ) { MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], - mbedtls_mpi_cf_bool_eq( i, idx ) ) ); + (unsigned char) mbedtls_mpi_cf_bool_eq( i, idx ) ) ); } cleanup: @@ -2413,7 +2413,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * X = X * W[wbits] R^-1 mod N */ - MBEDTLS_MPI_CHK( mpi_select( &WW, W, 1 << wsize, wbits ) ); + MBEDTLS_MPI_CHK( mpi_select( &WW, W, (size_t) 1 << wsize, wbits ) ); mpi_montmul( X, &WW, N, mm, &T ); state--; From 8323244ca3749337154ee3e8a8acdfe591192658 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 31 May 2021 12:01:34 +0200 Subject: [PATCH 0258/1065] Add ChangeLog entry about RSA side channel. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/fix-rsa-leak.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/fix-rsa-leak.txt diff --git a/ChangeLog.d/fix-rsa-leak.txt b/ChangeLog.d/fix-rsa-leak.txt new file mode 100644 index 0000000000..b7d3e3e758 --- /dev/null +++ b/ChangeLog.d/fix-rsa-leak.txt @@ -0,0 +1,6 @@ +Security + * An adversary with access to precise enough information about memory + accesses (typically, an untrusted operating system attacking a secure + enclave) could recover an RSA private key after observing the victim + performing a single private-key operation. Found and reported by + Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. From d0581e119ba3643a9248762b8002b0eeb7b618eb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 10 Jun 2021 15:47:18 +0100 Subject: [PATCH 0259/1065] Disable OS X builds on Travis Signed-off-by: Dave Rodgman --- .travis.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 542f705694..48faa4846c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,12 +28,6 @@ jobs: script: - tests/scripts/all.sh -k test_full_cmake_gcc_asan - - name: macOS - os: osx - compiler: clang - script: - - tests/scripts/all.sh -k test_default_out_of_box - - name: Windows os: windows before_install: From 93038fab2c39579b2aaab2aceb8d155e77ecb250 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Jun 2021 22:38:22 +0200 Subject: [PATCH 0260/1065] Key derivation: add test cases where the secret is missing Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c0146879df..9968cd16f2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2827,6 +2827,10 @@ PSA key derivation: HKDF-SHA-256, direct empty secret, key output depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED +PSA key derivation: HKDF-SHA-256, missing secret, key output +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS @@ -2901,6 +2905,34 @@ PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS +PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, missing label +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, no inputs +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE From b1edaec18fa9536f193b2fbace66adaf357e3941 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Jun 2021 22:41:46 +0200 Subject: [PATCH 0261/1065] Fix missing state check for tls12_prf output Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive about missing inputs. Signed-off-by: Gilles Peskine --- ChangeLog.d/psa_key_derivation-bad_workflow.txt | 3 +++ library/psa_crypto.c | 11 +++++++++++ 2 files changed, 14 insertions(+) create mode 100644 ChangeLog.d/psa_key_derivation-bad_workflow.txt diff --git a/ChangeLog.d/psa_key_derivation-bad_workflow.txt b/ChangeLog.d/psa_key_derivation-bad_workflow.txt new file mode 100644 index 0000000000..7fd03e6c9e --- /dev/null +++ b/ChangeLog.d/psa_key_derivation-bad_workflow.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive + about missing inputs. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index db44e3f342..d8a5d82980 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3731,6 +3731,17 @@ static psa_status_t psa_key_derivation_tls12_prf_read( psa_status_t status; uint8_t offset, length; + switch( tls12_prf->state ) + { + case PSA_TLS12_PRF_STATE_LABEL_SET: + tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT; + break; + case PSA_TLS12_PRF_STATE_OUTPUT: + break; + default: + return( PSA_ERROR_BAD_STATE ); + } + while( output_length != 0 ) { /* Check if we have fully processed the current block. */ From 1fcd72e93ca5e16f00f48380a233790f739ac4cd Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 14 Jun 2021 11:16:06 +0200 Subject: [PATCH 0262/1065] change log and migr. guide fixes and _DEPRECATED_REMOVED removed Signed-off-by: TRodziewicz --- ChangeLog.d/issue4212.txt | 2 +- docs/3.0-migration-guide.d/rename_the__ret_functions.md | 8 +++++--- include/mbedtls/compat-2.x.h | 3 --- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/ChangeLog.d/issue4212.txt b/ChangeLog.d/issue4212.txt index d9a7cd5a7c..4943d71c57 100644 --- a/ChangeLog.d/issue4212.txt +++ b/ChangeLog.d/issue4212.txt @@ -1,4 +1,4 @@ -Changes +API changes * Rename functions whose deprecated variants have been removed via #4029: mbedtls_ctr_drbg_update_ret -> mbedtls_ctr_drbg_update mbedtls_hmac_drbg_update_ret -> mbedtls_hmac_drbg_update diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md index 513f167ff5..c6fe714299 100644 --- a/docs/3.0-migration-guide.d/rename_the__ret_functions.md +++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md @@ -1,7 +1,9 @@ -Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed in #4029 --- +Rename mbedtls_*_ret() cryptography functions whose deprecated variants +have been removed in #4029 +-------------------------- -This change affects users who were using the `mbedtls_*_ret()` criptography functions. +This change affects users who were using the `mbedtls_*_ret()` cryptography +functions. Those functions were created based on now-deprecated functions according to a requirement that a function needs to return a value. This change brings back the diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h index fe7aa16c38..fe07790455 100644 --- a/include/mbedtls/compat-2.x.h +++ b/include/mbedtls/compat-2.x.h @@ -22,8 +22,6 @@ * limitations under the License. */ -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) - #if defined(MBEDTLS_DEPRECATED_WARNING) #warning "Including compat-2.x.h is deprecated" #endif @@ -66,4 +64,3 @@ #define mbedtls_sha512_ret mbedtls_sha512 #endif /* MBEDTLS_COMPAT2X_H */ -#endif /* MBEDTLS_DEPRECATED_REMOVED */ From 8476f2f30a1b775d25349e082caf993b8213cbdb Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 2 Jun 2021 14:34:47 +0200 Subject: [PATCH 0263/1065] Turn _SSL_SRV_RESPECT_CLIENT_PREFERENCE config option to a runtime option Signed-off-by: TRodziewicz --- ChangeLog.d/issue4398.txt | 9 +++++++ include/mbedtls/config.h | 10 ------- include/mbedtls/ssl.h | 21 ++++++++++++++- library/ssl_srv.c | 56 +++++++++++++++++++++++++++------------ library/ssl_tls.c | 1 + 5 files changed, 69 insertions(+), 28 deletions(-) create mode 100644 ChangeLog.d/issue4398.txt diff --git a/ChangeLog.d/issue4398.txt b/ChangeLog.d/issue4398.txt new file mode 100644 index 0000000000..67acbf5a2d --- /dev/null +++ b/ChangeLog.d/issue4398.txt @@ -0,0 +1,9 @@ +API changes + * Remove the MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE option from config.h. + Replace it with SSL runtime option which can be enabled or disabled using + new added API function mbedtls_ssl_conf_respect_client_preference(). Add + a new field respect_cli_pref in the mbedtls_ssl_config structure and two + defines used as a parameter: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED + and MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED. Adapt the code used for + searching for a matching ciphersuite to use the new field instead of the + removed config.h option. Fixes #3498. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 3139b223d9..c1106a6e80 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1471,16 +1471,6 @@ */ #define MBEDTLS_SSL_RENEGOTIATION -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - /** * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c293b88e53..364239a840 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -200,6 +200,9 @@ #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1 +#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED 1 +#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED 0 + /* * Default range for DTLS retransmission timer value, in milliseconds. * RFC 6347 4.2.4.1 says from 1 second to 60 seconds. @@ -1185,6 +1188,9 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_SRV_C) unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in Certificate Request messages? */ + unsigned int respect_cli_pref : 1; /*!< pick the ciphersuite according to + the client's preferences rather + than ours */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS @@ -2494,7 +2500,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co * * Note: The server uses its own preferences * over the preference of the client unless - * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! + * conf->respect_cli_pref is enabled! * * \param conf SSL configuration * \param ciphersuites 0-terminated list of allowed ciphersuites @@ -3292,6 +3298,19 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Pick the ciphersuite according to the client's preferences + * rather than ours in the SSL Server module (MBEDTLS_SSL_SRV_C). + * (Default: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED) + * + * \param conf SSL configuration + * \param enable Enable or disable (MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED + * or MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED) + */ +void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable ); +#endif /* MBEDTLS_SSL_SRV_C */ + #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) /** * \brief Activate negotiation of truncated HMAC diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 4fe6b02f10..c7ec4fe2aa 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1872,27 +1872,43 @@ read_record_header: got_common_suite = 0; ciphersuites = ssl->conf->ciphersuite_list; ciphersuite_info = NULL; -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) + + if (ssl->conf->respect_cli_pref == MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED) + { for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) -#endif - { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) - continue; + for( i = 0; ciphersuites[i] != 0; i++ ) + { + if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || + p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + continue; - got_common_suite = 1; + got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], + &ciphersuite_info ) ) != 0 ) + return( ret ); - if( ciphersuite_info != NULL ) - goto have_ciphersuite; - } + if( ciphersuite_info != NULL ) + goto have_ciphersuite; + } + } else { + for( i = 0; ciphersuites[i] != 0; i++ ) + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) + { + if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || + p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + continue; + + got_common_suite = 1; + + if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], + &ciphersuite_info ) ) != 0 ) + return( ret ); + + if( ciphersuite_info != NULL ) + goto have_ciphersuite; + } + } if( got_common_suite ) { @@ -4416,4 +4432,10 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return( ret ); } + +void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable ) +{ + conf->respect_cli_pref = enable; +} + #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 3bdc1cfa4a..ab11391ba2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6189,6 +6189,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_SRV_C) conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED; + conf->respect_cli_pref = MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED; #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) From 8b223b650991182ff288140b5f8b3a1d4832981d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 2 Jun 2021 16:42:39 +0200 Subject: [PATCH 0264/1065] Addition of the migration guide entry file. Signed-off-by: TRodziewicz --- ...T_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md diff --git a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md new file mode 100644 index 0000000000..6b1db9e62d --- /dev/null +++ b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md @@ -0,0 +1,13 @@ +Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option +-- + +This change affects users who see the change of the SSL server vs. client +preferred set of ciphersuites in runtime useful. + +The `MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE` `config.h` option has been +removed and a new function with similar functionality has been introduced into the +SSL API. + +This new function `mbedtls_ssl_conf_respect_client_preference()` can be used to +change the preferred set of ciphersuites on the server to those used on the client. +The default state is to use the server set of suites. From 3946f79cabc20e2dfa7fa45ae60d1ca8895b4af7 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 14 Jun 2021 12:11:18 +0200 Subject: [PATCH 0265/1065] Correction according to code review (function and param. names change and docs rewording) Signed-off-by: TRodziewicz --- ChangeLog.d/issue4398.txt | 10 ++------ ...NT_PREFERENCE_config_opt_to_runtime_opt.md | 17 +++++++------ include/mbedtls/ssl.h | 25 +++++++++++-------- library/ssl_srv.c | 6 ++--- library/ssl_tls.c | 2 +- 5 files changed, 29 insertions(+), 31 deletions(-) diff --git a/ChangeLog.d/issue4398.txt b/ChangeLog.d/issue4398.txt index 67acbf5a2d..b7f241391e 100644 --- a/ChangeLog.d/issue4398.txt +++ b/ChangeLog.d/issue4398.txt @@ -1,9 +1,3 @@ API changes - * Remove the MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE option from config.h. - Replace it with SSL runtime option which can be enabled or disabled using - new added API function mbedtls_ssl_conf_respect_client_preference(). Add - a new field respect_cli_pref in the mbedtls_ssl_config structure and two - defines used as a parameter: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED - and MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED. Adapt the code used for - searching for a matching ciphersuite to use the new field instead of the - removed config.h option. Fixes #3498. + * Replace MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE by a runtime + configuration function mbedtls_ssl_conf_preference_order(). Fixes #4398. diff --git a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md index 6b1db9e62d..6a6554dfb0 100644 --- a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md +++ b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md @@ -1,13 +1,14 @@ Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option -- -This change affects users who see the change of the SSL server vs. client -preferred set of ciphersuites in runtime useful. +This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE +option in the `config.h` -The `MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE` `config.h` option has been -removed and a new function with similar functionality has been introduced into the -SSL API. +This option has been removed and a new function with similar functionality has +been introduced into the SSL API. -This new function `mbedtls_ssl_conf_respect_client_preference()` can be used to -change the preferred set of ciphersuites on the server to those used on the client. -The default state is to use the server set of suites. +This new function `mbedtls_ssl_conf_preference_order()` can be used to +change the preferred order of ciphersuites on the server to those used on the client, +e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)` +has the same effect as enabling the removed option. The default state is to use +the server order of suites. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 364239a840..f0ae778b50 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -200,8 +200,8 @@ #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1 -#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED 1 -#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED 0 +#define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT 1 +#define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER 0 /* * Default range for DTLS retransmission timer value, in milliseconds. @@ -2498,9 +2498,12 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co * The ciphersuites array is not copied, and must remain * valid for the lifetime of the ssl_config. * - * Note: The server uses its own preferences - * over the preference of the client unless - * conf->respect_cli_pref is enabled! + * Note: By default, the server chooses its preferred + * ciphersuite among those that the client supports. If + * mbedtls_ssl_conf_preference_order() is called to prefer + * the client's preferences, the server instead chooses + * the client's preferred ciphersuite among those that + * the server supports. * * \param conf SSL configuration * \param ciphersuites 0-terminated list of allowed ciphersuites @@ -3300,15 +3303,15 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c #if defined(MBEDTLS_SSL_SRV_C) /** - * \brief Pick the ciphersuite according to the client's preferences - * rather than ours in the SSL Server module (MBEDTLS_SSL_SRV_C). - * (Default: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED) + * \brief Pick the ciphersuites order according to the second parameter + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * (Default, if never called: MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER) * * \param conf SSL configuration - * \param enable Enable or disable (MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED - * or MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED) + * \param order Server or client (MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER + * or MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT) */ -void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable ); +void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order ); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c7ec4fe2aa..c70c21f85a 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1873,7 +1873,7 @@ read_record_header: ciphersuites = ssl->conf->ciphersuite_list; ciphersuite_info = NULL; - if (ssl->conf->respect_cli_pref == MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED) + if (ssl->conf->respect_cli_pref == MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT) { for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) @@ -4433,9 +4433,9 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) return( ret ); } -void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable ) +void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order ) { - conf->respect_cli_pref = enable; + conf->respect_cli_pref = order; } #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ab11391ba2..8ef98af20b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6189,7 +6189,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_SRV_C) conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED; - conf->respect_cli_pref = MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED; + conf->respect_cli_pref = MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER; #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) From a90e0907c51241556e07c83b581903302b617c13 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 14 Jun 2021 15:46:35 +0200 Subject: [PATCH 0266/1065] Remove scripts automating wrapping structs members with MBEDTLS_PRIVATE. Signed-off-by: Ronald Cron --- apply_MBEDTLS_PRIVATE.py | 106 ------------------------------- setup_and_run_MBEDTLS_PRIVATE.sh | 31 --------- 2 files changed, 137 deletions(-) delete mode 100644 apply_MBEDTLS_PRIVATE.py delete mode 100755 setup_and_run_MBEDTLS_PRIVATE.sh diff --git a/apply_MBEDTLS_PRIVATE.py b/apply_MBEDTLS_PRIVATE.py deleted file mode 100644 index d2bc7c06a2..0000000000 --- a/apply_MBEDTLS_PRIVATE.py +++ /dev/null @@ -1,106 +0,0 @@ -import re -import fileinput -import glob -import pprint -import os -import xml.etree.ElementTree as ET - - -# Create dictionary with following structre -# files_to_visit = { -# "filepath1" : { "variable_name1": (1, 2, 40, 61), # line numbers -# "variable_name2": (60, 64), -# }, -# "filepath2" : { "variable_name1": (1, 2, 40, 61), # line numbers -# "variable_name2": (60, 64), -# }, ... -# } -files_to_visit = {} - -# find xml models for structs parsed by doxygen -struct_files = glob.glob("apidoc/xml/structmbedtls*.xml") + glob.glob("apidoc/xml/structpsa*.xml") - -for struct_file in struct_files: - # get all variables from currently processed struct - struct_file_tree = ET.parse(struct_file) - all_struct_members_definitions = struct_file_tree.getroot().findall(".//memberdef[@kind='variable']") - - for struct_member_def in all_struct_members_definitions: - # get unique id by which this variable is referenced - member_id = struct_member_def.attrib["id"] - # find file path for this variable's definition - location = struct_member_def.find("location") - file_path = location.attrib["file"] - # get variable name - variable_name = struct_member_def.find("name").text - # if file path is not yet in dictionary, create empty sub-dictionary to initialize - if file_path not in files_to_visit: - files_to_visit[file_path] = {} - # if variable is not yet in this file's dictionary, create empty set to initialize - if variable_name not in files_to_visit[file_path]: - files_to_visit[file_path][variable_name] = set() - - # add variable's definition line number - files_to_visit[file_path][variable_name].add(int(location.attrib["line"])) - - # check where the variable was referenced - references = struct_member_def.findall("referencedby") - for reference in references: - refid = reference.attrib["refid"] - # assuming that compound name is related to header's xml file - header_file_xml = "apidoc/xml/" + reference.attrib["compoundref"] + ".xml" - header_file_tree = ET.parse(header_file_xml) - # check if this reference is created by static inline function - static_inline_function_definition = header_file_tree.getroot().find(f".//memberdef[@id='{refid}'][@kind='function'][@static='yes'][@inline='yes']") - if static_inline_function_definition: - static_inline_function_file_path = static_inline_function_definition.find("location").attrib["file"] - # if file path not yet in dictionary, create empty sub-dictionary to initialize. - # This could happen if reference is inside header file which was not yet processed in search for variable definitions - if static_inline_function_file_path not in files_to_visit: - files_to_visit[static_inline_function_file_path] = {} - # if variable is not yet in this file's dictionary, create empty set to initialize - if variable_name not in files_to_visit[static_inline_function_file_path]: - files_to_visit[static_inline_function_file_path][variable_name] = set() - # function block scope - function_lines_from = int(reference.attrib["startline"]) - function_lines_to = int(reference.attrib["endline"]) - # find codelines referencing currently processed variable. This is using the code listing inside header's xml model. - codelines_xml = header_file_tree.getroot().findall(f".//ref[@refid='{member_id}']/../..") - # filter by function's scope - codelines = [int(line.attrib["lineno"]) for line in codelines_xml if int(line.attrib["lineno"]) >= function_lines_from and int(line.attrib["lineno"]) <= function_lines_to] - # add lines referencing currently processed variable - files_to_visit[static_inline_function_file_path][variable_name].update(codelines) - -pp = pprint.PrettyPrinter(indent=4) -pp.pprint(files_to_visit) - -mbedtls_private_access_include = "#include \"mbedtls/private_access.h\"" - -for file_path, variables in files_to_visit.items(): - # check if this file has "mbedtls/private_access.h" include - file_has_private_access_include = False - with open(file_path, 'r') as file: - for line in file: - if mbedtls_private_access_include in line: - file_has_private_access_include = True - break - - # FileInput redirects stdout to to 'file', so every print in this block will be put inside 'file' - with fileinput.FileInput(file_path, inplace=True) as file: - output_line_number = 1 - # compile regex matching the header's include guard. - re_include_guard = re.compile(r"^#define.*{name}$".format(name=os.path.basename(file_path).replace('.','_').upper())) - for line in file: - insert_private_access_include = False - if re_include_guard.match(line): - insert_private_access_include = not file_has_private_access_include - # every line in file is checked against variables and lines in which they occur - for variable, var_lines in variables.items(): - for var_line in var_lines: - # wrap variable with MBEDTLS_PRIVATE(...) macro - if output_line_number == var_line: - line = re.sub(r"(^.*?\W+)((?!MBEDTLS_PRIVATE\(){var})(\W+.*$)".format(var=variable), r"\1MBEDTLS_PRIVATE(\2)\3", line) - output_line_number += 1 - print(line, end='') # fileinput redirects stdout to the target file - if insert_private_access_include: - print("#include \"mbedtls/private_access.h\"") diff --git a/setup_and_run_MBEDTLS_PRIVATE.sh b/setup_and_run_MBEDTLS_PRIVATE.sh deleted file mode 100755 index aaf0a1cf55..0000000000 --- a/setup_and_run_MBEDTLS_PRIVATE.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -make clean -sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile -scripts/config.py full -cd doxygen -doxygen mbedtls.doxyfile -cd .. -python3 apply_MBEDTLS_PRIVATE.py -git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile - -make clean -sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile -scripts/config.py set MBEDTLS_ECP_RESTARTABLE -scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -scripts/config.py unset MBEDTLS_HAVE_TIME -cd doxygen -doxygen mbedtls.doxyfile -cd .. -python3 apply_MBEDTLS_PRIVATE.py -git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile - -make clean -sed -i 's/GENERATE_XML = NO/GENERATE_XML = YES/g' doxygen/mbedtls.doxyfile -scripts/config.py realfull -cd doxygen -doxygen mbedtls.doxyfile -cd .. -python3 apply_MBEDTLS_PRIVATE.py -git checkout include/mbedtls/config.h doxygen/mbedtls.doxyfile - From c7319cda78e7d0fe75392ebe44b30c0175af4ffc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jun 2021 18:01:42 +0200 Subject: [PATCH 0267/1065] Use UNUSED wherever applicable in derive_input tests Exhaustivity check: ``` --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9968cd16f2..550c99ed40 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2779,19 +2779,19 @@ derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY PSA key derivation: HKDF-SHA-256, good case, omitted salt depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, info first depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, info after salt depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:0:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:0:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, key output depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 From af5bd67f6e9b9dd6adaf139328f4d976e6fb0e5d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jun 2021 18:05:37 +0200 Subject: [PATCH 0268/1065] Fix copypasta in test data Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 550c99ed40..adfc4a1c16 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2783,11 +2783,11 @@ derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION PSA key derivation: HKDF-SHA-256, good case, info first depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, info after salt depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 From b9ccb25f33e4521df3c7e874a17d876141f6429e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 23:09:13 +0200 Subject: [PATCH 0269/1065] Starter-class documentation of alternative implementations Signed-off-by: Gilles Peskine --- .../alternative-implementations.md | 66 +++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 docs/architecture/alternative-implementations.md diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md new file mode 100644 index 0000000000..7b8b65ef34 --- /dev/null +++ b/docs/architecture/alternative-implementations.md @@ -0,0 +1,66 @@ +Alternative implementations of Mbed TLS functionality +===================================================== + +This document describes how parts of the Mbed TLS functionality can be replaced at compile time to integrate the library on a platform. + +This document is an overview. It is not exhaustive. Please consult the documentation of individual modules and read the library header files for more details. + +## Platform integration + +Mbed TLS works out of the box on Unix/Linux/POSIX-like systems and on Windows. On embedded platforms, you may need to customize some aspects of how Mbed TLS interacts with the underlying platform. This section discusses the main areas that can be configured. + +The platform module (`include/mbedtls/platform.h`) controls how Mbed TLS accesses standard library features such as memory management (`calloc`, `free`), `printf`, `exit`. You can define custom functions instead of the ones from the C standard library through `MBEDTLS_PLATFORM_XXX` options in the configuration file. Many options have two mechanisms: either define `MBEDTLS_PLATFORM_XXX_MACRO` to the name of a function to call instead of the standard function `xxx`, or define `MBEDTLS_PLATFORM_XXX_ALT` and [register an alternative implementation during the platform setup](#alternative-implementations-of-platform-functions). + +The storage of the non-volatile seed for random generation, enabled with `MBEDTLS_ENTROPY_NV_SEED`, is also controlled via the platform module. + +For timing functions, you can [declare an alternative implementation of the timing module](#module-alternative-implementations). + +On multithreaded platforms, [declare an alternative implementation of the threading module](#module-alternative-implementations). + +To configure entropy sources (hardware random generators), see the `MBEDTLS_ENTROPY_XXX` options in the configuration file. + +For networking, the `net_sockets` module does not currently support alternative implementations. If this module does not work on your platform, disable `MBEDTLS_NET_C` and use custom functions for TLS. + +If your platform has a cryptographic accelerator, you can use it via a [PSA driver](#psa-cryptography-drivers) or an [declare an alternative implementation of the corresponding module(s)](#module-alternative-implementations) or [specific functions](#function-alternative-implementations). + +## PSA cryptography drivers + +On platforms where a hardware cryptographic engine is present, you can implement a driver for this engine in the PSA interface. Drivers are supported for cryptographic operations with transparent keys (keys available in cleartext), for cryptographic operations with opaque keys (keys that are only available inside the cryptographic engine), and for random generation. Calls to `psa_xxx` functions that perform cryptographic operations are directed to drivers instead of the built-in code as applicable. See the [PSA cryptography driver interface specification](docs/proposed/psa-driver-interface.md), the [Mbed TLS PSA driver developer guide](docs/proposed/psa-driver-developer-guide.md) and the [Mbed TLS PSA driver integration guide](docs/proposed/psa-driver-integration-guide.md) for more information. + +As of Mbed TLS 3.0, this interface is still experimental and subject to change, and not all operations support drivers yet. The configuration option `MBEDTLS_USE_PSA_CRYPTO` causes parts of the `mbedtls_xxx` API to use PSA crypto and therefore to support drivers, however it is not yet compatible with all drivers. + +## Module alternative implementations + +You can replace the code of some modules of Mbed TLS at compile time by a custom implementation. This is possible for low-level cryptography modules (symmetric algorithms, DHM, RSA, ECP, ECJPAKE) and for some platform-related modules (threading, timing). Such custom implementations are called “alternative implementations”, or “ALT implementations” for short. + +The general principle of an alternative implementation is: +* Enable `MBEDTLS_XXX_ALT` in the compile-time configuration where XXX is the module name. For example, `MBEDTLS_AES_ALT` for an implementation of the AES module. This is in addition to enabling `MBEDTLS_XXX_C`. +* Create a header file `xxx_alt.h` that defines the context type(s) used by the module. For example, `mbedtls_aes_context` for AES. +* Implement all the functions from the module, i.e. the functions declared in `include/mbedtls/xxx.h`. + +See https://tls.mbed.org/kb/development/hw_acc_guidelines for a more detailed guide. + +## Function alternative implementations + +In some cases, it is possible to replace a single function or a small set of functions instead of [providing an alternative implementation of the whole module](#module-alternative-implementations). + +### Alternative implementations of cryptographic functions + +Options to replace individual functions of cryptographic modules generally have a name obtained by upper-casing the function name and appending `_ALT`. If the function name contains `_internal`, `_ext` or `_ret`, this is removed in the `_ALT` symbol. When the corresponding option is enabled, the built-in implementation of the function will not be compiled, and you must provide an alternative implementation at link time. + +For example, enable `MBEDTLS_AES_ENCRYPT_ALT` at compile time and provide your own implementation of `mbedtls_aes_encrypt()` to provide an accelerated implementation of AES encryption that is compatible with the built-in key schedule. If you wish to implement key schedule differently, you can also enable `MBEDTLS_AES_SETKEY_ENC_ALT` and implement `mbedtls_aes_setkey_enc()`. + +Another example: enable `MBEDTLS_SHA256_PROCESS_ALT` and implement `mbedtls_internal_sha256_process()` to provide an accelerated implementation of SHA-256 and SHA-224. + +Note that since alternative implementations of individual functions cooperate with the built-in implementation of other functions, you must use the same layout for context objects as the built-in implementation. If you want to use different context types, you need to [provide an alternative implementation of the whole module](#module-alternative-implementations). + +### Alternative implementations of platform functions + +Several platform functions can be reconfigured dynamically by following the process described here. To reconfigure how Mbed TLS calls the standard library function `xxx()`: + +* Define the symbol `MBEDTLS_PLATFORM_XXX_ALT` at compile time. +* During the initialization of your application, set the global variable `mbedtls_xxx` to an alternative implementation of `xxx()`. + +Merely enabling `MBEDTLS_PLATFORM_XXX_ALT` does not change the behavior: by default, `mbedtls_xxx` points to the standard function `xxx`. + +Note that there are variations on the naming pattern. Consult the documentation of individual configuration options and of the platform module for details. From 6a2fb618960a6bb228d886b5faab81794c21013c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 May 2021 22:25:04 +0200 Subject: [PATCH 0270/1065] Rename library/ecp_alt.h to ecp_internal_alt.h library/ecp_alt.h (declaring individual functions of the ECP module that can be substituted, included when building the library with MBEDTLS_ECP_INTERNAL_ALT enabled) clashes with ecp_alt.h (not provided, declaring types of the ECP module when the whole implementation is substituted, included when building the library with MBEDTLS_ECP_ALT enabled). Depending on the search path during build, this can make MBEDTLS_ECP_ALT unusable. Rename library/ecp_alt.h to follow the naming convention of other alt headers: MBEDTLS_XXX_ALT corresponds to xxx_alt.h. Signed-off-by: Gilles Peskine --- ChangeLog | 2 +- docs/3.0-migration-guide.md | 2 +- library/ecp.c | 2 +- library/{ecp_alt.h => ecp_internal_alt.h} | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) rename library/{ecp_alt.h => ecp_internal_alt.h} (99%) diff --git a/ChangeLog b/ChangeLog index dc6e4515d2..ddaf3fd9f7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,7 +22,7 @@ API changes Various helpers and definitions available for use in alt implementations have been moved out of the include/ directory and into the library/ directory. The files concerned are ecp_internal.h and rsa_internal.h - which have also been renamed to ecp_alt.h and rsa_alt_helpers.h + which have also been renamed to ecp_internal_alt.h and rsa_alt_helpers.h respectively. * Move internal headers. Header files that were only meant for the library's internal use and diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 2d031c6a4a..a4a59b8895 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -59,7 +59,7 @@ were documented as internal, despite being in the public include directory. If you're providing alt implementations of ECP or RSA, you'll need to add our `library` directory to your include path when building your alt implementations, and note that `ecp_internal.h` and `rsa_internal.h` have been -renamed to `ecp_alt.h` and `rsa_alt_helpers.h` respectively. +renamed to `ecp_internal_alt.h` and `rsa_alt_helpers.h` respectively. If you're a library user and used to rely on having access to a structure or function that's now in a private header, please reach out on the mailing list diff --git a/library/ecp.c b/library/ecp.c index f450056c06..044bbe1d10 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -99,7 +99,7 @@ #define mbedtls_free free #endif -#include "ecp_alt.h" +#include "ecp_internal_alt.h" #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_HMAC_DRBG_C) diff --git a/library/ecp_alt.h b/library/ecp_internal_alt.h similarity index 99% rename from library/ecp_alt.h rename to library/ecp_internal_alt.h index 6b1b29f701..9b157eaa3b 100644 --- a/library/ecp_alt.h +++ b/library/ecp_internal_alt.h @@ -1,5 +1,5 @@ /** - * \file ecp_alt.h + * \file ecp_internal_alt.h * * \brief Function declarations for alternative implementation of elliptic curve * point arithmetic. @@ -293,5 +293,5 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp, #endif /* MBEDTLS_ECP_INTERNAL_ALT */ -#endif /* ecp_alt.h */ +#endif /* ecp_internal_alt.h */ From 9ef1ea7444c21ca24535bb1367dcbbc533e1a9ec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 28 May 2021 00:16:18 +0200 Subject: [PATCH 0271/1065] Move the definition of derived values out of the settings section Alternative implementations must no longer define these macros. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 05c33ff020..8cb4fb4a5c 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -249,9 +249,6 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */ #endif -#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) -#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) - #if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* * Maximum "window" size used for point multiplication. @@ -297,6 +294,9 @@ mbedtls_ecp_group; #include "ecp_alt.h" #endif /* MBEDTLS_ECP_ALT */ +#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) +#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) + #if defined(MBEDTLS_ECP_RESTARTABLE) /** From d0b16303bb150868138467dba5c232386fc31326 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 28 May 2021 00:17:26 +0200 Subject: [PATCH 0272/1065] Determine MBEDTLS_ECP_MAX_BITS automatically MBEDTLS_ECP_MAX_BITS doesn't make sense as a configuration option: it must not be smaller than the largest supported curve, and it's useless to set it to a larger value. So unconditionally set it to the size of the largest supported curve. Remove it from the build configuration. Alternative implementations must no longer need define this macro. Signed-off-by: Gilles Peskine --- configs/config-suite-b.h | 3 +-- configs/config-thread.h | 3 +-- include/mbedtls/config.h | 1 - include/mbedtls/ecp.h | 45 +++++++++++++++++++++++++++++++++------- 4 files changed, 40 insertions(+), 12 deletions(-) diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 28e6443124..b62bdfabd0 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -84,8 +84,7 @@ #define MBEDTLS_AES_ROM_TABLES /* Save RAM by adjusting to our exact needs */ -#define MBEDTLS_ECP_MAX_BITS 384 -#define MBEDTLS_MPI_MAX_SIZE 48 // 384 bits is 48 bytes +#define MBEDTLS_MPI_MAX_SIZE 48 // 384-bit EC curve = 48 bytes /* Save RAM at the expense of speed, see ecp.h */ #define MBEDTLS_ECP_WINDOW_SIZE 2 diff --git a/configs/config-thread.h b/configs/config-thread.h index bce9668fd0..c1937de80a 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -85,8 +85,7 @@ #define MBEDTLS_AES_ROM_TABLES /* Save RAM by adjusting to our exact needs */ -#define MBEDTLS_ECP_MAX_BITS 256 -#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes +#define MBEDTLS_MPI_MAX_SIZE 32 // 256-bit EC curve = 32 bytes /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 3139b223d9..57783f8be3 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3155,7 +3155,6 @@ //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ /* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 8cb4fb4a5c..dceca3ef92 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -242,13 +242,6 @@ mbedtls_ecp_group; * \{ */ -#if !defined(MBEDTLS_ECP_MAX_BITS) -/** - * The maximum size of the groups, that is, of \c N and \c P. - */ -#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */ -#endif - #if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* * Maximum "window" size used for point multiplication. @@ -294,6 +287,44 @@ mbedtls_ecp_group; #include "ecp_alt.h" #endif /* MBEDTLS_ECP_ALT */ +/** + * The maximum size of the groups, that is, of \c N and \c P. + */ +#if !defined(MBEDTLS_ECP_C) +/* Dummy definition to help code that has optional ECP support and + * defines an MBEDTLS_ECP_MAX_BYTES-sized array unconditionally. */ +#define MBEDTLS_ECP_MAX_BITS 1 +/* Note: the curves must be listed in DECREASING size! */ +#elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 521 +#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 512 +#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 448 +#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 384 +#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 384 +#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 256 +#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 256 +#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 256 +#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 255 +#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 225 // n is slightly above 2^224 +#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 224 +#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 192 +#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#define MBEDTLS_ECP_MAX_BITS 192 +#else +#error "Missing definition of MBEDTLS_ECP_MAX_BITS" +#endif + #define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) #define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) From 6e1387abed085805d21d414b665e29e3943d53ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:24:51 +0200 Subject: [PATCH 0273/1065] Update MBEDTLS_ECP_MAX_BITS when adding a curve Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index dceca3ef92..c098a0a5d5 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -93,6 +93,7 @@ extern "C" { * - Add it at the end of this enum, otherwise you'll break the ABI by * changing the numerical value for existing curves. * - Increment MBEDTLS_ECP_DP_MAX below if needed. + * - Update the calculation of MBEDTLS_ECP_MAX_BITS below. * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to * config.h. * - List the curve as a dependency of MBEDTLS_ECP_C and From 601d34396ca4ae0787882dbed0af733029299ae9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:27:01 +0200 Subject: [PATCH 0274/1065] Update TLS presets when adding a curve Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index c098a0a5d5..61d29a99a2 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -102,7 +102,8 @@ extern "C" { * MBEDTLS_ECP_yyy_ENABLED above. * - Add the necessary definitions to ecp_curves.c. * - Add the curve to the ecp_supported_curves array in ecp.c. - * - Add the curve to applicable profiles in x509_crt.c if applicable. + * - Add the curve to applicable profiles in x509_crt.c. + * - Add the curve to applicable presets in ssl_tls.c. */ typedef enum { From 814d0129ec60343e107e0477d3211f69cbe360d7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 21:44:25 +0200 Subject: [PATCH 0275/1065] Test calculated MBEDTLS_ECP_MAX_xxx constants in unit tests Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index a697e72ecc..f2b6376141 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -65,6 +65,8 @@ void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name ) TEST_ASSERT( by_id == by_name ); TEST_ASSERT( by_id->bit_size == size ); + TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BITS ); + TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BYTES * 8 ); } /* END_CASE */ @@ -473,6 +475,7 @@ void ecp_muladd( int id, TEST_EQUAL( 0, mbedtls_ecp_point_write_binary( &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED, &len, actual_result, sizeof( actual_result ) ) ); + TEST_ASSERT( len <= MBEDTLS_ECP_MAX_PT_LEN ); ASSERT_COMPARE( expected_result->x, expected_result->len, actual_result, len ); @@ -544,6 +547,7 @@ void ecp_write_binary( int id, char * x, char * y, char * z, int format, if( ret == 0 ) { + TEST_ASSERT( olen <= MBEDTLS_ECP_MAX_PT_LEN ); TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 ); } From a1b44dd80844aa7ded01ab0b78eecb05cf84a582 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 21:52:28 +0200 Subject: [PATCH 0276/1065] Changelog entry for MBEDTLS_ECP_MAX_BITS automatic determination Signed-off-by: Gilles Peskine --- ChangeLog.d/ecp_max_bits.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/ecp_max_bits.txt diff --git a/ChangeLog.d/ecp_max_bits.txt b/ChangeLog.d/ecp_max_bits.txt new file mode 100644 index 0000000000..b952469196 --- /dev/null +++ b/ChangeLog.d/ecp_max_bits.txt @@ -0,0 +1,3 @@ +Removals + * MBEDTLS_ECP_MAX_BITS is no longer a configuration option because it is + now determined automatically based on supported curves. From c5048db24ce555a55dd3d500ed622554e39687c5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 May 2021 22:51:48 +0200 Subject: [PATCH 0277/1065] Create xxx_alt.h headers for testing These headers define the context types that alternative implementations must provide. The context types are dummy types, suitable for building but not meant to be usable by an implementation. This is the output of the following script: ``` perl -0777 -ne ' m@^#if !defined\((MBEDTLS_\w+_ALT)\).*\n((?:.*\n)*?)#else.*\n#include "(.*_alt\.h)"\n#endif@m or next; $symbol = $1; $content = $2; $header = $3; $header_symbol = $header; $header_symbol =~ y/a-z./A-Z_/; m@/\*[ *\n]*Copyright .*?\*/@s or die; $copyright = $&; open OUT, ">tests/include/alt-dummy/$header" or die; $content =~ s@//.*@@mg; $content =~ s@/\*.*?\*/@@sg; $content =~ s@\{.*?\}@{\n int dummy;\n}@sg; $content =~ s@ +$@@mg; $content =~ s@\n{3,}@\n\n@g; $content =~ s@\A\n+@@; $content =~ s@\n*\Z@\n@; print OUT "/* $header with dummy types for $symbol */\n$copyright\n\n#ifndef $header_symbol\n#define $header_symbol\n\n$content\n\n#endif /* $header */\n" or die; close OUT or die; ' include/mbedtls/*.h ``` Signed-off-by: Gilles Peskine --- tests/include/alt-dummy/aes_alt.h | 37 ++++++++++++++++++++++ tests/include/alt-dummy/arc4_alt.h | 30 ++++++++++++++++++ tests/include/alt-dummy/aria_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/blowfish_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/camellia_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/ccm_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/chacha20_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/chachapoly_alt.h | 31 +++++++++++++++++++ tests/include/alt-dummy/cmac_alt.h | 28 +++++++++++++++++ tests/include/alt-dummy/des_alt.h | 36 ++++++++++++++++++++++ tests/include/alt-dummy/dhm_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/ecjpake_alt.h | 28 +++++++++++++++++ tests/include/alt-dummy/ecp_alt.h | 39 ++++++++++++++++++++++++ tests/include/alt-dummy/gcm_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/md2_alt.h | 30 ++++++++++++++++++ tests/include/alt-dummy/md4_alt.h | 30 ++++++++++++++++++ tests/include/alt-dummy/md5_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/nist_kw_alt.h | 27 ++++++++++++++++ tests/include/alt-dummy/platform_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/poly1305_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/ripemd160_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/rsa_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/sha1_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/sha256_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/sha512_alt.h | 29 ++++++++++++++++++ tests/include/alt-dummy/timing_alt.h | 33 ++++++++++++++++++++ tests/include/alt-dummy/xtea_alt.h | 29 ++++++++++++++++++ 27 files changed, 813 insertions(+) create mode 100644 tests/include/alt-dummy/aes_alt.h create mode 100644 tests/include/alt-dummy/arc4_alt.h create mode 100644 tests/include/alt-dummy/aria_alt.h create mode 100644 tests/include/alt-dummy/blowfish_alt.h create mode 100644 tests/include/alt-dummy/camellia_alt.h create mode 100644 tests/include/alt-dummy/ccm_alt.h create mode 100644 tests/include/alt-dummy/chacha20_alt.h create mode 100644 tests/include/alt-dummy/chachapoly_alt.h create mode 100644 tests/include/alt-dummy/cmac_alt.h create mode 100644 tests/include/alt-dummy/des_alt.h create mode 100644 tests/include/alt-dummy/dhm_alt.h create mode 100644 tests/include/alt-dummy/ecjpake_alt.h create mode 100644 tests/include/alt-dummy/ecp_alt.h create mode 100644 tests/include/alt-dummy/gcm_alt.h create mode 100644 tests/include/alt-dummy/md2_alt.h create mode 100644 tests/include/alt-dummy/md4_alt.h create mode 100644 tests/include/alt-dummy/md5_alt.h create mode 100644 tests/include/alt-dummy/nist_kw_alt.h create mode 100644 tests/include/alt-dummy/platform_alt.h create mode 100644 tests/include/alt-dummy/poly1305_alt.h create mode 100644 tests/include/alt-dummy/ripemd160_alt.h create mode 100644 tests/include/alt-dummy/rsa_alt.h create mode 100644 tests/include/alt-dummy/sha1_alt.h create mode 100644 tests/include/alt-dummy/sha256_alt.h create mode 100644 tests/include/alt-dummy/sha512_alt.h create mode 100644 tests/include/alt-dummy/timing_alt.h create mode 100644 tests/include/alt-dummy/xtea_alt.h diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h new file mode 100644 index 0000000000..f226188fd3 --- /dev/null +++ b/tests/include/alt-dummy/aes_alt.h @@ -0,0 +1,37 @@ +/* aes_alt.h with dummy types for MBEDTLS_AES_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AES_ALT_H +#define AES_ALT_H + +typedef struct mbedtls_aes_context +{ + int dummy; +} +mbedtls_aes_context; + +#if defined(MBEDTLS_CIPHER_MODE_XTS) + +typedef struct mbedtls_aes_xts_context +{ + int dummy; +} mbedtls_aes_xts_context; +#endif + + +#endif /* aes_alt.h */ diff --git a/tests/include/alt-dummy/arc4_alt.h b/tests/include/alt-dummy/arc4_alt.h new file mode 100644 index 0000000000..b8c2e86a00 --- /dev/null +++ b/tests/include/alt-dummy/arc4_alt.h @@ -0,0 +1,30 @@ +/* arc4_alt.h with dummy types for MBEDTLS_ARC4_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef ARC4_ALT_H +#define ARC4_ALT_H + +typedef struct mbedtls_arc4_context +{ + int dummy; +} +mbedtls_arc4_context; + + +#endif /* arc4_alt.h */ diff --git a/tests/include/alt-dummy/aria_alt.h b/tests/include/alt-dummy/aria_alt.h new file mode 100644 index 0000000000..5f2335b8f4 --- /dev/null +++ b/tests/include/alt-dummy/aria_alt.h @@ -0,0 +1,29 @@ +/* aria_alt.h with dummy types for MBEDTLS_ARIA_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ARIA_ALT_H +#define ARIA_ALT_H + +typedef struct mbedtls_aria_context +{ + int dummy; +} +mbedtls_aria_context; + + +#endif /* aria_alt.h */ diff --git a/tests/include/alt-dummy/blowfish_alt.h b/tests/include/alt-dummy/blowfish_alt.h new file mode 100644 index 0000000000..5a4f739d52 --- /dev/null +++ b/tests/include/alt-dummy/blowfish_alt.h @@ -0,0 +1,29 @@ +/* blowfish_alt.h with dummy types for MBEDTLS_BLOWFISH_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef BLOWFISH_ALT_H +#define BLOWFISH_ALT_H + +typedef struct mbedtls_blowfish_context +{ + int dummy; +} +mbedtls_blowfish_context; + + +#endif /* blowfish_alt.h */ diff --git a/tests/include/alt-dummy/camellia_alt.h b/tests/include/alt-dummy/camellia_alt.h new file mode 100644 index 0000000000..c23d1b4c0c --- /dev/null +++ b/tests/include/alt-dummy/camellia_alt.h @@ -0,0 +1,29 @@ +/* camellia_alt.h with dummy types for MBEDTLS_CAMELLIA_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CAMELLIA_ALT_H +#define CAMELLIA_ALT_H + +typedef struct mbedtls_camellia_context +{ + int dummy; +} +mbedtls_camellia_context; + + +#endif /* camellia_alt.h */ diff --git a/tests/include/alt-dummy/ccm_alt.h b/tests/include/alt-dummy/ccm_alt.h new file mode 100644 index 0000000000..dcb834ed6a --- /dev/null +++ b/tests/include/alt-dummy/ccm_alt.h @@ -0,0 +1,29 @@ +/* ccm_alt.h with dummy types for MBEDTLS_CCM_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CCM_ALT_H +#define CCM_ALT_H + +typedef struct mbedtls_ccm_context +{ + int dummy; +} +mbedtls_ccm_context; + + +#endif /* ccm_alt.h */ diff --git a/tests/include/alt-dummy/chacha20_alt.h b/tests/include/alt-dummy/chacha20_alt.h new file mode 100644 index 0000000000..7a5a25cab7 --- /dev/null +++ b/tests/include/alt-dummy/chacha20_alt.h @@ -0,0 +1,29 @@ +/* chacha20_alt.h with dummy types for MBEDTLS_CHACHA20_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CHACHA20_ALT_H +#define CHACHA20_ALT_H + +typedef struct mbedtls_chacha20_context +{ + int dummy; +} +mbedtls_chacha20_context; + + +#endif /* chacha20_alt.h */ diff --git a/tests/include/alt-dummy/chachapoly_alt.h b/tests/include/alt-dummy/chachapoly_alt.h new file mode 100644 index 0000000000..448517d7d8 --- /dev/null +++ b/tests/include/alt-dummy/chachapoly_alt.h @@ -0,0 +1,31 @@ +/* chachapoly_alt.h with dummy types for MBEDTLS_CHACHAPOLY_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CHACHAPOLY_ALT_H +#define CHACHAPOLY_ALT_H + +#include "mbedtls/chacha20.h" + +typedef struct mbedtls_chachapoly_context +{ + int dummy; +} +mbedtls_chachapoly_context; + + +#endif /* chachapoly_alt.h */ diff --git a/tests/include/alt-dummy/cmac_alt.h b/tests/include/alt-dummy/cmac_alt.h new file mode 100644 index 0000000000..4c9feee337 --- /dev/null +++ b/tests/include/alt-dummy/cmac_alt.h @@ -0,0 +1,28 @@ +/* cmac_alt.h with dummy types for MBEDTLS_CMAC_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CMAC_ALT_H +#define CMAC_ALT_H + +struct mbedtls_cmac_context_t +{ + int dummy; +}; + + +#endif /* cmac_alt.h */ diff --git a/tests/include/alt-dummy/des_alt.h b/tests/include/alt-dummy/des_alt.h new file mode 100644 index 0000000000..e5a0bd3aae --- /dev/null +++ b/tests/include/alt-dummy/des_alt.h @@ -0,0 +1,36 @@ +/* des_alt.h with dummy types for MBEDTLS_DES_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef DES_ALT_H +#define DES_ALT_H + +typedef struct mbedtls_des_context +{ + int dummy; +} +mbedtls_des_context; + +typedef struct mbedtls_des3_context +{ + int dummy; +} +mbedtls_des3_context; + + +#endif /* des_alt.h */ diff --git a/tests/include/alt-dummy/dhm_alt.h b/tests/include/alt-dummy/dhm_alt.h new file mode 100644 index 0000000000..6289a41db2 --- /dev/null +++ b/tests/include/alt-dummy/dhm_alt.h @@ -0,0 +1,29 @@ +/* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DHM_ALT_H +#define DHM_ALT_H + +typedef struct mbedtls_dhm_context +{ + int dummy; +} +mbedtls_dhm_context; + + +#endif /* dhm_alt.h */ diff --git a/tests/include/alt-dummy/ecjpake_alt.h b/tests/include/alt-dummy/ecjpake_alt.h new file mode 100644 index 0000000000..8de0fcf8e2 --- /dev/null +++ b/tests/include/alt-dummy/ecjpake_alt.h @@ -0,0 +1,28 @@ +/* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ECJPAKE_ALT_H +#define ECJPAKE_ALT_H + +typedef struct mbedtls_ecjpake_context +{ + int dummy; +} mbedtls_ecjpake_context; + + +#endif /* ecjpake_alt.h */ diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h new file mode 100644 index 0000000000..3628bb3da1 --- /dev/null +++ b/tests/include/alt-dummy/ecp_alt.h @@ -0,0 +1,39 @@ +/* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ECP_ALT_H +#define ECP_ALT_H + +typedef struct mbedtls_ecp_group +{ + int dummy; +} +mbedtls_ecp_group; + +#if !defined(MBEDTLS_ECP_WINDOW_SIZE) + +#define MBEDTLS_ECP_WINDOW_SIZE 6 +#endif + +#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) + +#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 +#endif + + +#endif /* ecp_alt.h */ diff --git a/tests/include/alt-dummy/gcm_alt.h b/tests/include/alt-dummy/gcm_alt.h new file mode 100644 index 0000000000..94986ff485 --- /dev/null +++ b/tests/include/alt-dummy/gcm_alt.h @@ -0,0 +1,29 @@ +/* gcm_alt.h with dummy types for MBEDTLS_GCM_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GCM_ALT_H +#define GCM_ALT_H + +typedef struct mbedtls_gcm_context +{ + int dummy; +} +mbedtls_gcm_context; + + +#endif /* gcm_alt.h */ diff --git a/tests/include/alt-dummy/md2_alt.h b/tests/include/alt-dummy/md2_alt.h new file mode 100644 index 0000000000..70c7f15190 --- /dev/null +++ b/tests/include/alt-dummy/md2_alt.h @@ -0,0 +1,30 @@ +/* md2_alt.h with dummy types for MBEDTLS_MD2_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef MD2_ALT_H +#define MD2_ALT_H + +typedef struct mbedtls_md2_context +{ + int dummy; +} +mbedtls_md2_context; + + +#endif /* md2_alt.h */ diff --git a/tests/include/alt-dummy/md4_alt.h b/tests/include/alt-dummy/md4_alt.h new file mode 100644 index 0000000000..db13f3d8db --- /dev/null +++ b/tests/include/alt-dummy/md4_alt.h @@ -0,0 +1,30 @@ +/* md4_alt.h with dummy types for MBEDTLS_MD4_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef MD4_ALT_H +#define MD4_ALT_H + +typedef struct mbedtls_md4_context +{ + int dummy; +} +mbedtls_md4_context; + + +#endif /* md4_alt.h */ diff --git a/tests/include/alt-dummy/md5_alt.h b/tests/include/alt-dummy/md5_alt.h new file mode 100644 index 0000000000..c1191479dc --- /dev/null +++ b/tests/include/alt-dummy/md5_alt.h @@ -0,0 +1,29 @@ +/* md5_alt.h with dummy types for MBEDTLS_MD5_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MD5_ALT_H +#define MD5_ALT_H + +typedef struct mbedtls_md5_context +{ + int dummy; +} +mbedtls_md5_context; + + +#endif /* md5_alt.h */ diff --git a/tests/include/alt-dummy/nist_kw_alt.h b/tests/include/alt-dummy/nist_kw_alt.h new file mode 100644 index 0000000000..8fec116be6 --- /dev/null +++ b/tests/include/alt-dummy/nist_kw_alt.h @@ -0,0 +1,27 @@ +/* nist_kw_alt.h with dummy types for MBEDTLS_NIST_KW_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NIST_KW_ALT_H +#define NIST_KW_ALT_H + +typedef struct { + int dummy; +} mbedtls_nist_kw_context; + + +#endif /* nist_kw_alt.h */ diff --git a/tests/include/alt-dummy/platform_alt.h b/tests/include/alt-dummy/platform_alt.h new file mode 100644 index 0000000000..2bf712de76 --- /dev/null +++ b/tests/include/alt-dummy/platform_alt.h @@ -0,0 +1,29 @@ +/* platform_alt.h with dummy types for MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PLATFORM_ALT_H +#define PLATFORM_ALT_H + +typedef struct mbedtls_platform_context +{ + int dummy; +} +mbedtls_platform_context; + + +#endif /* platform_alt.h */ diff --git a/tests/include/alt-dummy/poly1305_alt.h b/tests/include/alt-dummy/poly1305_alt.h new file mode 100644 index 0000000000..b8c12104a4 --- /dev/null +++ b/tests/include/alt-dummy/poly1305_alt.h @@ -0,0 +1,29 @@ +/* poly1305_alt.h with dummy types for MBEDTLS_POLY1305_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef POLY1305_ALT_H +#define POLY1305_ALT_H + +typedef struct mbedtls_poly1305_context +{ + int dummy; +} +mbedtls_poly1305_context; + + +#endif /* poly1305_alt.h */ diff --git a/tests/include/alt-dummy/ripemd160_alt.h b/tests/include/alt-dummy/ripemd160_alt.h new file mode 100644 index 0000000000..722aeeb5dc --- /dev/null +++ b/tests/include/alt-dummy/ripemd160_alt.h @@ -0,0 +1,29 @@ +/* ripemd160_alt.h with dummy types for MBEDTLS_RIPEMD160_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef RIPEMD160_ALT_H +#define RIPEMD160_ALT_H + +typedef struct mbedtls_ripemd160_context +{ + int dummy; +} +mbedtls_ripemd160_context; + + +#endif /* ripemd160_alt.h */ diff --git a/tests/include/alt-dummy/rsa_alt.h b/tests/include/alt-dummy/rsa_alt.h new file mode 100644 index 0000000000..ae80dbaa44 --- /dev/null +++ b/tests/include/alt-dummy/rsa_alt.h @@ -0,0 +1,29 @@ +/* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef RSA_ALT_H +#define RSA_ALT_H + +typedef struct mbedtls_rsa_context +{ + int dummy; +} +mbedtls_rsa_context; + + +#endif /* rsa_alt.h */ diff --git a/tests/include/alt-dummy/sha1_alt.h b/tests/include/alt-dummy/sha1_alt.h new file mode 100644 index 0000000000..df2990b5bc --- /dev/null +++ b/tests/include/alt-dummy/sha1_alt.h @@ -0,0 +1,29 @@ +/* sha1_alt.h with dummy types for MBEDTLS_SHA1_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SHA1_ALT_H +#define SHA1_ALT_H + +typedef struct mbedtls_sha1_context +{ + int dummy; +} +mbedtls_sha1_context; + + +#endif /* sha1_alt.h */ diff --git a/tests/include/alt-dummy/sha256_alt.h b/tests/include/alt-dummy/sha256_alt.h new file mode 100644 index 0000000000..7e501ed91a --- /dev/null +++ b/tests/include/alt-dummy/sha256_alt.h @@ -0,0 +1,29 @@ +/* sha256_alt.h with dummy types for MBEDTLS_SHA256_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SHA256_ALT_H +#define SHA256_ALT_H + +typedef struct mbedtls_sha256_context +{ + int dummy; +} +mbedtls_sha256_context; + + +#endif /* sha256_alt.h */ diff --git a/tests/include/alt-dummy/sha512_alt.h b/tests/include/alt-dummy/sha512_alt.h new file mode 100644 index 0000000000..45c9599235 --- /dev/null +++ b/tests/include/alt-dummy/sha512_alt.h @@ -0,0 +1,29 @@ +/* sha512_alt.h with dummy types for MBEDTLS_SHA512_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SHA512_ALT_H +#define SHA512_ALT_H + +typedef struct mbedtls_sha512_context +{ + int dummy; +} +mbedtls_sha512_context; + + +#endif /* sha512_alt.h */ diff --git a/tests/include/alt-dummy/timing_alt.h b/tests/include/alt-dummy/timing_alt.h new file mode 100644 index 0000000000..f2da154f12 --- /dev/null +++ b/tests/include/alt-dummy/timing_alt.h @@ -0,0 +1,33 @@ +/* timing_alt.h with dummy types for MBEDTLS_TIMING_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TIMING_ALT_H +#define TIMING_ALT_H + +struct mbedtls_timing_hr_time +{ + int dummy; +}; + +typedef struct mbedtls_timing_delay_context +{ + int dummy; +} mbedtls_timing_delay_context; + + +#endif /* timing_alt.h */ diff --git a/tests/include/alt-dummy/xtea_alt.h b/tests/include/alt-dummy/xtea_alt.h new file mode 100644 index 0000000000..cb21a3a548 --- /dev/null +++ b/tests/include/alt-dummy/xtea_alt.h @@ -0,0 +1,29 @@ +/* xtea_alt.h with dummy types for MBEDTLS_XTEA_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef XTEA_ALT_H +#define XTEA_ALT_H + +typedef struct mbedtls_xtea_context +{ + int dummy; +} +mbedtls_xtea_context; + + +#endif /* xtea_alt.h */ From a0ebaefef96535023da623a587b9c3286c3137b9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 May 2021 23:17:57 +0200 Subject: [PATCH 0278/1065] Create threading_alt.h header for testing Follow-up to "Create xxx_alt.h headers for testing". The inclusion of threading_alt.h in include/mbedtls/threading.h does not follow the same pattern as the others so it was missed by the script. Signed-off-by: Gilles Peskine --- tests/include/alt-dummy/threading_alt.h | 27 +++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 tests/include/alt-dummy/threading_alt.h diff --git a/tests/include/alt-dummy/threading_alt.h b/tests/include/alt-dummy/threading_alt.h new file mode 100644 index 0000000000..ff2fed5e2a --- /dev/null +++ b/tests/include/alt-dummy/threading_alt.h @@ -0,0 +1,27 @@ +/* threading_alt.h with dummy types for MBEDTLS_THREADING_ALT */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef THREADING_ALT_H +#define THREADING_ALT_H + +typedef struct mbedtls_threading_mutex_t +{ + int dummy; +} mbedtls_threading_mutex_t; + +#endif /* threading_alt.h */ From 8e90cf49ca3a305aff9af32d5f52534866f37887 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 22:12:57 +0200 Subject: [PATCH 0279/1065] config.py: new command line commands set-all and unset-all The new method `Config.change_matching` and the new command-line commands `set-all` and `unset-all` change a batch of existing boolean settings to the desired state (active or inactive). Signed-off-by: Gilles Peskine --- scripts/config.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index b85745a2ab..e27f322707 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -147,6 +147,15 @@ class Config: setting.active = adapter(setting.name, setting.active, setting.section) + def change_matching(self, regexs, enable): + """Change all symbols matching one of the regexs to the desired state.""" + if not regexs: + return + regex = re.compile('|'.join(regexs)) + for setting in self.settings.values(): + if regex.search(setting.name): + setting.active = enable + def is_full_section(section): """Is this section affected by "config.py full" and friends?""" return section.endswith('support') or section.endswith('modules') @@ -454,11 +463,21 @@ if __name__ == '__main__': parser_set.add_argument('symbol', metavar='SYMBOL') parser_set.add_argument('value', metavar='VALUE', nargs='?', default='') + parser_set_all = subparsers.add_parser('set-all', + help="""Uncomment all #define + whose name contains a match for + REGEX.""") + parser_set_all.add_argument('regexs', metavar='REGEX', nargs='*') parser_unset = subparsers.add_parser('unset', help="""Comment out the #define for SYMBOL. Do nothing if none is present.""") parser_unset.add_argument('symbol', metavar='SYMBOL') + parser_unset_all = subparsers.add_parser('unset-all', + help="""Comment out all #define + whose name contains a match for + REGEX.""") + parser_unset_all.add_argument('regexs', metavar='REGEX', nargs='*') def add_adapter(name, function, description): subparser = subparsers.add_parser(name, help=description) @@ -505,8 +524,12 @@ if __name__ == '__main__': .format(args.symbol, config.filename)) return 1 config.set(args.symbol, value=args.value) + elif args.command == 'set-all': + config.change_matching(args.regexs, True) elif args.command == 'unset': config.unset(args.symbol) + elif args.command == 'unset-all': + config.change_matching(args.regexs, False) else: config.adapt(args.adapter) config.write(args.write) From cc73cc55e806349c9ad824a53310eed15bc715a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:04:46 +0200 Subject: [PATCH 0280/1065] Test the build with whole-module alternative implementations Use headers defining dummy context types. The test does not pass yet. I plan to fix this in subsequent commits. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2df65a5b4e..53b4e250e8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1364,6 +1364,26 @@ component_build_default_make_gcc_and_cxx () { make TEST_CPP=1 } +component_build_module_alt () { + msg "build: MBEDTLS_XXX_ALT" # ~30s + scripts/config.py full + # Disable options that are incompatible with some ALT implementations. + # aesni.c and padlock.c reference mbedtls_aes_context fields directly. + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C + # The debug code accesses DHM context fields directly, so it is + # incompatible with MBEDTLS_DHM_ALT. + scripts/config.py unset MBEDTLS_DEBUG_C + # You can only have one threading implementation: alt or pthread, not both. + scripts/config.py unset MBEDTLS_THREADING_PTHREAD + # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable + # MBEDTLS_XXX_YYY_ALT which are for single functions. + scripts/config.py set-all 'MBEDTLS_([A-Z0-9]*|NIST_KW)_ALT' + # We can only compile, not link, since we don't have any implementations + # suitable for testing with the dummy alt headers. + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib +} + component_test_no_use_psa_crypto_full_cmake_asan() { # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan" From d41d59e9006c01fa8783ccfea168bf9e6e0820dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:19:45 +0200 Subject: [PATCH 0281/1065] Timing: support ALT implementations in self-test Don't assume that the context has a timer field if MBEDTLS_TIMING_ALT is defined. Signed-off-by: Gilles Peskine --- library/timing.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/library/timing.c b/library/timing.c index eb41461320..664fde0827 100644 --- a/library/timing.c +++ b/library/timing.c @@ -387,6 +387,21 @@ static void busy_msleep( unsigned long msec ) (void) j; } +static void print_timers( struct mbedtls_timing_hr_time *hires, + mbedtls_timing_delay_context *ctx ) +{ +#if defined(MBEDTLS_TIMING_ALT) + mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=?? status(ctx)=%d\n", + mbedtls_timing_get_timer( hires, 0 ), + mbedtls_timing_get_delay( ctx ) ); +#else + mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", + mbedtls_timing_get_timer( hires, 0 ), + mbedtls_timing_get_timer( &ctx->timer, 0 ), + mbedtls_timing_get_delay( ctx ) ); +#endif +} + #define FAIL do \ { \ if( verbose != 0 ) \ @@ -395,10 +410,7 @@ static void busy_msleep( unsigned long msec ) mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ cycles, ratio, millisecs, secs, hardfail, \ (unsigned long) a, (unsigned long) b ); \ - mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \ - mbedtls_timing_get_timer( &hires, 0 ), \ - mbedtls_timing_get_timer( &ctx.timer, 0 ), \ - mbedtls_timing_get_delay( &ctx ) ); \ + print_timers( &hires, &ctx ); \ } \ return( 1 ); \ } while( 0 ) From 85b1bc65a0f84aa6e453f316ce73e778b2cf8717 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:20:26 +0200 Subject: [PATCH 0282/1065] pk_debug: build with RSA_ALT implementations When MBEDTLS_RSA_ALT is defined, mbedtls_rsa_context does not necessarily have fields called N and E of type mbedtls_mpi. Don't emit pk_debug information with MBEDTLS_RSA_ALT. This is not ideal but at least the library compiles. Signed-off-by: Gilles Peskine --- library/pk_wrap.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index ec0ff45ccb..7c317c52d3 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -178,6 +178,11 @@ static void rsa_free_wrap( void *ctx ) static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) { +#if defined(MBEDTLS_RSA_ALT) + /* Not supported */ + (void) ctx; + (void) items; +#else items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.N"; items->value = &( ((mbedtls_rsa_context *) ctx)->N ); @@ -187,6 +192,7 @@ static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.E"; items->value = &( ((mbedtls_rsa_context *) ctx)->E ); +#endif } const mbedtls_pk_info_t mbedtls_rsa_info = { From 487bbf68053143cdcb27cc60a91caf7738d86b68 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 22:17:07 +0200 Subject: [PATCH 0283/1065] DHM: new functions to query the length of the modulus Add two functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() to query the length of the modulus in bytes or bits. Remove the len field: the cost of calling mbedtls_dhm_get_len() each time it's needed is negligible, and this improves the abstraction of the DHM module. Signed-off-by: Gilles Peskine --- ChangeLog.d/dhm-fields.txt | 7 +++++++ include/mbedtls/dhm.h | 21 ++++++++++++++++++++- library/dhm.c | 23 +++++++++++++---------- library/ssl_cli.c | 10 +++++----- library/ssl_srv.c | 2 +- programs/pkey/dh_client.c | 7 ++++--- programs/pkey/dh_server.c | 4 ++-- programs/test/benchmark.c | 7 ++++--- tests/suites/test_suite_dhm.function | 3 ++- 9 files changed, 58 insertions(+), 26 deletions(-) create mode 100644 ChangeLog.d/dhm-fields.txt diff --git a/ChangeLog.d/dhm-fields.txt b/ChangeLog.d/dhm-fields.txt new file mode 100644 index 0000000000..620e3dc9ac --- /dev/null +++ b/ChangeLog.d/dhm-fields.txt @@ -0,0 +1,7 @@ +Features + * The new functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() + query the size of the modulus in a Diffie-Hellman context. + +API changes + * Instead of accessing the len field of a DHM context, which is no longer + supported, use the new function mbedtls_dhm_get_len() . diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 6c8ca037c5..3f7206e3b5 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -96,7 +96,6 @@ extern "C" { */ typedef struct mbedtls_dhm_context { - size_t MBEDTLS_PRIVATE(len); /*!< The size of \p P in Bytes. */ mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus. */ mbedtls_mpi MBEDTLS_PRIVATE(G); /*!< The generator. */ mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< Our secret value. */ @@ -282,6 +281,26 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** + * \brief This function returns the size of the prime modulus in bits. + * + * \param ctx The DHM context to query. + * + * \return The size of the prime modulus in bits, + * i.e. the number n such that 2^(n-1) <= P < 2^n. + */ +size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx ); + +/** + * \brief This function returns the size of the prime modulus in bytes. + * + * \param ctx The DHM context to query. + * + * \return The size of the prime modulus in bytes, + * i.e. the number n such that 2^(8*(n-1)) <= P < 2^(8*n). + */ +size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ); + /** * \brief This function frees and clears the components * of a DHM context. diff --git a/library/dhm.c b/library/dhm.c index accd5a85cf..2543be1949 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -124,6 +124,16 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); } +size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx ) +{ + return( mbedtls_mpi_bitlen( &ctx->P ) ); +} + +size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ) +{ + return( mbedtls_mpi_size( &ctx->P ) ); +} + /* * Parse the ServerKeyExchange parameters */ @@ -144,8 +154,6 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) return( ret ); - ctx->len = mbedtls_mpi_size( &ctx->P ); - return( 0 ); } @@ -247,8 +255,6 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, *olen = p - output; - ctx->len = n1; - cleanup: if( ret != 0 && ret > -128 ) ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ); @@ -273,7 +279,6 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) ); } - ctx->len = mbedtls_mpi_size( &ctx->P ); return( 0 ); } @@ -287,7 +292,7 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( input != NULL ); - if( ilen < 1 || ilen > ctx->len ) + if( ilen < 1 || ilen > mbedtls_dhm_get_len( ctx ) ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) @@ -309,7 +314,7 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, DHM_VALIDATE_RET( output != NULL ); DHM_VALIDATE_RET( f_rng != NULL ); - if( olen < 1 || olen > ctx->len ) + if( olen < 1 || olen > mbedtls_dhm_get_len( ctx ) ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); @@ -408,7 +413,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, DHM_VALIDATE_RET( output != NULL ); DHM_VALIDATE_RET( olen != NULL ); - if( output_size < ctx->len ) + if( output_size < mbedtls_dhm_get_len( ctx ) ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) @@ -564,8 +569,6 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, ret = 0; - dhm->len = mbedtls_mpi_size( &dhm->P ); - exit: #if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_free( &pem ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 12ed0fbb27..1bacd64978 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2553,7 +2553,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, return( ret ); } - dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P ); + dhm_actual_bitlen = mbedtls_dhm_get_bitlen( &ssl->handshake->dhm_ctx ); if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", @@ -3588,14 +3588,14 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) /* * DHM key exchange -- send G^X mod P */ - content_len = ssl->handshake->dhm_ctx.len; + content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); ssl->out_msg[5] = (unsigned char)( content_len ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), &ssl->out_msg[header_len], content_len, ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) @@ -3848,7 +3848,7 @@ ecdh_calc_secret: /* * ClientDiffieHellmanPublic public (DHM send G^X mod P) */ - content_len = ssl->handshake->dhm_ctx.len; + content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) @@ -3862,7 +3862,7 @@ ecdh_calc_secret: ssl->out_msg[header_len++] = (unsigned char)( content_len ); ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), &ssl->out_msg[header_len], content_len, ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 4fe6b02f10..cf4b7c5e5e 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3049,7 +3049,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), ssl->out_msg + ssl->out_msglen, &len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 101b0bbb69..d68dc24778 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -192,7 +192,8 @@ int main( void ) goto exit; } - if( dhm.MBEDTLS_PRIVATE(len) < 64 || dhm.MBEDTLS_PRIVATE(len) > 512 ) + n = mbedtls_dhm_get_len( &dhm ); + if( n < 64 || n > 512 ) { mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); goto exit; @@ -232,8 +233,8 @@ int main( void ) mbedtls_printf( "\n . Sending own public value to server" ); fflush( stdout ); - n = dhm.MBEDTLS_PRIVATE(len); - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.MBEDTLS_PRIVATE(len), buf, n, + n = mbedtls_dhm_get_len( &dhm ); + if( ( ret = mbedtls_dhm_make_public( &dhm, (int) n, buf, n, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 745e68a944..9d51c14a8f 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -254,14 +254,14 @@ int main( void ) memset( buf, 0, sizeof( buf ) ); - n = dhm.MBEDTLS_PRIVATE(len); + n = mbedtls_dhm_get_len( &dhm ); if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) { mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); goto exit; } - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.MBEDTLS_PRIVATE(len) ) ) != 0 ) + if( ( ret = mbedtls_dhm_read_public( &dhm, buf, n ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); goto exit; diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index e580fb248e..148e6da472 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -827,6 +827,7 @@ int main( int argc, char *argv[] ) mbedtls_dhm_context dhm; size_t olen; + size_t n; for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ ) { mbedtls_dhm_init( &dhm ); @@ -839,14 +840,14 @@ int main( int argc, char *argv[] ) mbedtls_exit( 1 ); } - dhm.len = mbedtls_mpi_size( &dhm.P ); - mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL ); + n = mbedtls_mpi_size( &dhm.P ); + mbedtls_dhm_make_public( &dhm, (int) n, buf, n, myrand, NULL ); if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 ) mbedtls_exit( 1 ); mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); TIME_PUBLIC( title, "handshake", - ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, + ret |= mbedtls_dhm_make_public( &dhm, (int) n, buf, n, myrand, NULL ); ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) ); diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index c4d78def6f..7e01eb71fe 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -229,7 +229,8 @@ void dhm_file( char * filename, char * p, char * g, int len ) TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 ); - TEST_ASSERT( ctx.len == (size_t) len ); + TEST_EQUAL( mbedtls_dhm_get_len( &ctx ), (size_t) len ); + TEST_EQUAL( mbedtls_dhm_get_bitlen( &ctx ), mbedtls_mpi_bitlen( &P ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 ); From 71acc6e8d97dd6e4e3e3bbf5c99f1bcb2212ead7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 22:50:53 +0200 Subject: [PATCH 0284/1065] New function mbedtls_dhm_get_value to copy a field of a DHM context Reduce the need to break the DHM abstraction by accessing the context directly. Signed-off-by: Gilles Peskine --- ChangeLog.d/dhm-fields.txt | 2 ++ include/mbedtls/dhm.h | 27 ++++++++++++++++++++ library/dhm.c | 31 +++++++++++++++++++++++ library/ssl_tls.c | 6 +++-- tests/suites/test_suite_dhm.function | 37 ++++++++++++++++++++++++++-- 5 files changed, 99 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/dhm-fields.txt b/ChangeLog.d/dhm-fields.txt index 620e3dc9ac..4d5c751fba 100644 --- a/ChangeLog.d/dhm-fields.txt +++ b/ChangeLog.d/dhm-fields.txt @@ -1,6 +1,8 @@ Features * The new functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() query the size of the modulus in a Diffie-Hellman context. + * The new function mbedtls_dhm_get_value() copy a field out of a + Diffie-Hellman context. API changes * Instead of accessing the len field of a DHM context, which is no longer diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 3f7206e3b5..6c319f8047 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -85,6 +85,17 @@ #define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */ #define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */ +/** Which parameter to access in mbedtls_dhm_get_value(). */ +typedef enum +{ + MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */ + MBEDTLS_DHM_PARAM_G, /*!< The generator. */ + MBEDTLS_DHM_PARAM_X, /*!< Our secret value. */ + MBEDTLS_DHM_PARAM_GX, /*!< Our public key = \c G^X mod \c P. */ + MBEDTLS_DHM_PARAM_GY, /*!< The public key of the peer = \c G^Y mod \c P. */ + MBEDTLS_DHM_PARAM_K, /*!< The shared secret = \c G^(XY) mod \c P. */ +} mbedtls_dhm_parameter; + #ifdef __cplusplus extern "C" { #endif @@ -301,6 +312,22 @@ size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx ); */ size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ); +/** + * \brief This function copies a parameter of a DHM key. + * + * \param dest The MPI object to copy the value into. It must be + * initialized. + * \param ctx The DHM context to query. + * \param param The parameter to copy. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid. + * \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails. + */ +int mbedtls_dhm_get_value( mbedtls_mpi *dest, + const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param ); + /** * \brief This function frees and clears the components * of a DHM context. diff --git a/library/dhm.c b/library/dhm.c index 2543be1949..cb9299faba 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -134,6 +134,37 @@ size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ) return( mbedtls_mpi_size( &ctx->P ) ); } +int mbedtls_dhm_get_value( mbedtls_mpi *dest, + const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param ) +{ + const mbedtls_mpi *src = NULL; + switch( param ) + { + case MBEDTLS_DHM_PARAM_P: + src = &ctx->P; + break; + case MBEDTLS_DHM_PARAM_G: + src = &ctx->G; + break; + case MBEDTLS_DHM_PARAM_X: + src = &ctx->X; + break; + case MBEDTLS_DHM_PARAM_GX: + src = &ctx->GX; + break; + case MBEDTLS_DHM_PARAM_GY: + src = &ctx->GY; + break; + case MBEDTLS_DHM_PARAM_K: + src = &ctx->K; + break; + default: + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + } + return( mbedtls_mpi_copy( dest, src ) ); +} + /* * Parse the ServerKeyExchange parameters */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 3bdc1cfa4a..bef686403d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3871,8 +3871,10 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) + if( ( ret = mbedtls_dhm_get_value( &conf->dhm_P, dhm_ctx, + MBEDTLS_DHM_PARAM_P ) ) != 0 || + ( ret = mbedtls_dhm_get_value( &conf->dhm_G, dhm_ctx, + MBEDTLS_DHM_PARAM_G ) ) != 0 ) { mbedtls_mpi_free( &conf->dhm_P ); mbedtls_mpi_free( &conf->dhm_G ); diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 7e01eb71fe..d48c4e38e6 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -1,6 +1,23 @@ /* BEGIN_HEADER */ #include "mbedtls/dhm.h" +int check_get_value( const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param, + const mbedtls_mpi *expected ) +{ + mbedtls_mpi actual; + int ok = 0; + mbedtls_mpi_init( &actual ); + + TEST_ASSERT( mbedtls_dhm_get_value( &actual, ctx, param ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual, expected ) == 0 ); + ok = 1; + +exit: + mbedtls_mpi_free( &actual ); + return( ok ); +} + /* Sanity checks on a Diffie-Hellman parameter: check the length-value * syntax and check that the value is the expected one (taken from the * DHM context by the caller). */ @@ -102,6 +119,8 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 ); pub_cli_len = mbedtls_mpi_size( &ctx_srv.P ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_P, &ctx_srv.P ) ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_G, &ctx_srv.G ) ); /* * First key exchange @@ -118,6 +137,9 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, ske[ske_len++] = 0; ske[ske_len++] = 0; TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); + /* The domain parameters must be the same on both side. */ + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_P, &ctx_srv.P ) ); + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_G, &ctx_srv.G ) ); TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &mbedtls_test_rnd_pseudo_rand, @@ -134,6 +156,17 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, TEST_ASSERT( sec_srv_len != 0 ); TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + /* Internal value checks */ + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_X, &ctx_cli.X ) ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_X, &ctx_srv.X ) ); + /* Cross-checks */ + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_GX, &ctx_srv.GY ) ); + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_GY, &ctx_srv.GX ) ); + TEST_ASSERT( check_get_value( &ctx_cli, MBEDTLS_DHM_PARAM_K, &ctx_srv.K ) ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_GX, &ctx_cli.GY ) ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_GY, &ctx_cli.GX ) ); + TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_K, &ctx_cli.K ) ); + /* Re-do calc_secret on server a few times to test update of blinding values */ for( i = 0; i < 3; i++ ) { @@ -231,8 +264,8 @@ void dhm_file( char * filename, char * p, char * g, int len ) TEST_EQUAL( mbedtls_dhm_get_len( &ctx ), (size_t) len ); TEST_EQUAL( mbedtls_dhm_get_bitlen( &ctx ), mbedtls_mpi_bitlen( &P ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 ); + TEST_ASSERT( check_get_value( &ctx, MBEDTLS_DHM_PARAM_P, &P ) ); + TEST_ASSERT( check_get_value( &ctx, MBEDTLS_DHM_PARAM_G, &G ) ); exit: mbedtls_mpi_free( &P ); mbedtls_mpi_free( &G ); From cd07e22048e650562873b9ee76f3e690fb6d9516 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 23:17:34 +0200 Subject: [PATCH 0285/1065] New function mbedtls_ecjpake_set_point_format Use this instead of accessing the field directly. Signed-off-by: Gilles Peskine --- ChangeLog.d/ecjpake-point_format.txt | 4 ++++ include/mbedtls/ecjpake.h | 15 +++++++++++++++ library/ecjpake.c | 14 ++++++++++++++ library/ssl_cli.c | 3 ++- library/ssl_srv.c | 3 ++- 5 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/ecjpake-point_format.txt diff --git a/ChangeLog.d/ecjpake-point_format.txt b/ChangeLog.d/ecjpake-point_format.txt new file mode 100644 index 0000000000..6e05b23393 --- /dev/null +++ b/ChangeLog.d/ecjpake-point_format.txt @@ -0,0 +1,4 @@ +Features + * Use the new function mbedtls_ecjpake_set_point_format() to select the + point format for ECJPAKE instead of accessing the point_format field + directly, which is no longer supported. diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 0c8e8c9274..27a091d501 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -131,6 +131,21 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, const unsigned char *secret, size_t len ); +/** + * \brief Set the point format for future reads and writes. + * + * \param ctx The ECJPAKE context to configure. + * \param point_format The point format to use: + * #MBEDTLS_ECP_PF_UNCOMPRESSED (default) + * or #MBEDTLS_ECP_PF_COMPRESSED. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format + * is invalid. + */ +int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx, + int point_format ); + /** * \brief Check if an ECJPAKE context is ready for use. * diff --git a/library/ecjpake.c b/library/ecjpake.c index 464ff51cca..de43ddb703 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -128,6 +128,20 @@ cleanup: return( ret ); } +int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx, + int point_format ) +{ + switch( point_format ) + { + case MBEDTLS_ECP_PF_UNCOMPRESSED: + case MBEDTLS_ECP_PF_COMPRESSED: + ctx->point_format = point_format; + return( 0 ); + default: + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } +} + /* * Check if context is ready for use */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 1bacd64978..9a441385d2 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1663,7 +1663,8 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl->handshake->ecjpake_ctx.point_format = p[0]; + mbedtls_ecjpake_set_point_format( &ssl->handshake->ecjpake_ctx, + p[0] ); #endif MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); return( 0 ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index cf4b7c5e5e..d9ad607cd0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -407,7 +407,8 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl->handshake->ecjpake_ctx.point_format = p[0]; + mbedtls_ecjpake_set_point_format( &ssl->handshake->ecjpake_ctx, + p[0] ); #endif MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); return( 0 ); From bf69ea5b8f882af439ac3b288b7063ce6757e730 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 May 2021 23:53:07 +0200 Subject: [PATCH 0286/1065] Make some fields of mbedtls_ecp_group public The Mbed TLS code relies heavily on reading certain fields of mbedtls_ecp_group directly. Make these fields public. Require that MBEDTLS_ECP_ALT alternative implementations have them. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 32 ++++++++++++++++++++------------ programs/pkey/ecdsa.c | 2 +- programs/pkey/gen_key.c | 2 +- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 61d29a99a2..49e85d9419 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -206,25 +206,33 @@ mbedtls_ecp_point; * additions or subtractions. Therefore, it is only an approximative modular * reduction. It must return 0 on success and non-zero on failure. * - * \note Alternative implementations must keep the group IDs distinct. If - * two group structures have the same ID, then they must be - * identical. - * + * \note Alternative implementations of the ECP module must obey the + * following constraints. + * * Group IDs must be distinct: if two group structures have + * the same ID, then they must be identical. + * * The fields \c id, \c P, \c A, \c B, \c G, \c N, + * \c pbits and \c nbits must have the same type and semantics + * as in the built-in implementation. + * They must be available for reading, but direct modification + * of these fields does not need to be supported. + * They do not need to be at the same offset in the structure. */ typedef struct mbedtls_ecp_group { - mbedtls_ecp_group_id MBEDTLS_PRIVATE(id); /*!< An internal group identifier. */ - mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus of the base field. */ - mbedtls_mpi MBEDTLS_PRIVATE(A); /*!< For Short Weierstrass: \p A in the equation. For + mbedtls_ecp_group_id id; /*!< An internal group identifier. */ + mbedtls_mpi P; /*!< The prime modulus of the base field. */ + mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For Montgomery curves: (A + 2) / 4. */ - mbedtls_mpi MBEDTLS_PRIVATE(B); /*!< For Short Weierstrass: \p B in the equation. + mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation. For Montgomery curves: unused. */ - mbedtls_ecp_point MBEDTLS_PRIVATE(G); /*!< The generator of the subgroup used. */ - mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The order of \p G. */ - size_t MBEDTLS_PRIVATE(pbits); /*!< The number of bits in \p P.*/ - size_t MBEDTLS_PRIVATE(nbits); /*!< For Short Weierstrass: The number of bits in \p P. + mbedtls_ecp_point G; /*!< The generator of the subgroup used. */ + mbedtls_mpi N; /*!< The order of \p G. */ + size_t pbits; /*!< The number of bits in \p P.*/ + size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P. For Montgomery curves: the number of bits in the private keys. */ + /* End of public fields */ + unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */ int (*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction mod \p P (see above).*/ diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 3dacd75d31..3dd85bf90a 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -156,7 +156,7 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.MBEDTLS_PRIVATE(grp).MBEDTLS_PRIVATE(pbits) ); + mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.MBEDTLS_PRIVATE(grp).pbits ); dump_pubkey( " + Public key: ", &ctx_sign ); diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 9ad1190fc7..941553012e 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -395,7 +395,7 @@ int main( int argc, char *argv[] ) { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); mbedtls_printf( "curve: %s\n", - mbedtls_ecp_curve_info_from_grp_id( ecp->MBEDTLS_PRIVATE(grp).MBEDTLS_PRIVATE(id) )->MBEDTLS_PRIVATE(name) ); + mbedtls_ecp_curve_info_from_grp_id( ecp->MBEDTLS_PRIVATE(grp).id )->MBEDTLS_PRIVATE(name) ); mbedtls_mpi_write_file( "X_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL ); mbedtls_mpi_write_file( "Y_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL ); mbedtls_mpi_write_file( "D: ", &ecp->MBEDTLS_PRIVATE(d) , 16, NULL ); From ad7f53cdb35644304350b077a9ac11e5ec588036 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 21:20:30 +0200 Subject: [PATCH 0287/1065] Define public fields of mbedtls_ecp_group in alt test header And don't define configuration macros that only apply to the built-in implementation. Signed-off-by: Gilles Peskine --- tests/include/alt-dummy/ecp_alt.h | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h index 3628bb3da1..d263871c48 100644 --- a/tests/include/alt-dummy/ecp_alt.h +++ b/tests/include/alt-dummy/ecp_alt.h @@ -21,19 +21,15 @@ typedef struct mbedtls_ecp_group { - int dummy; + const mbedtls_ecp_group_id id; + const mbedtls_mpi P; + const mbedtls_mpi A; + const mbedtls_mpi B; + const mbedtls_ecp_point G; + const mbedtls_mpi N; + const size_t pbits; + const size_t nbits; } mbedtls_ecp_group; -#if !defined(MBEDTLS_ECP_WINDOW_SIZE) - -#define MBEDTLS_ECP_WINDOW_SIZE 6 -#endif - -#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) - -#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 -#endif - - #endif /* ecp_alt.h */ From 5c3f18d37cc46b102218f2857a7db694aee76f43 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 21:21:12 +0200 Subject: [PATCH 0288/1065] MBEDTLS_PK_PARSE_EC_EXTENDED is incompatible with MBEDTLS_ECP_ALT ... unless the alt implementation defines a group structure that's mostly compatible with the built-in one and supports partially filled group structures in the same way. It would be possible to rewrite the SpecifiedECDomain parsing code to avoid requiring support for partially filled group structures, but that's too complicated to do now. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 53b4e250e8..6f1f9c31ce 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1376,6 +1376,9 @@ component_build_module_alt () { scripts/config.py unset MBEDTLS_DEBUG_C # You can only have one threading implementation: alt or pthread, not both. scripts/config.py unset MBEDTLS_THREADING_PTHREAD + # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields + # directly and assumes the implementation works with partial groups. + scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. scripts/config.py set-all 'MBEDTLS_([A-Z0-9]*|NIST_KW)_ALT' From 1628a9c1405eb69f5abd6e1a91d25d76a9da68fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 22:09:58 +0200 Subject: [PATCH 0289/1065] MBEDTLS_DEBUG_C is compatible with every whole-module ALT except DHM It would be possible to make SSL debugging compatible with MBEDTLS_DHM_ALT, but too much low-priority work right now, so don't require it. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6f1f9c31ce..1423099571 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1371,9 +1371,6 @@ component_build_module_alt () { # aesni.c and padlock.c reference mbedtls_aes_context fields directly. scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C - # The debug code accesses DHM context fields directly, so it is - # incompatible with MBEDTLS_DHM_ALT. - scripts/config.py unset MBEDTLS_DEBUG_C # You can only have one threading implementation: alt or pthread, not both. scripts/config.py unset MBEDTLS_THREADING_PTHREAD # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields @@ -1382,6 +1379,18 @@ component_build_module_alt () { # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. scripts/config.py set-all 'MBEDTLS_([A-Z0-9]*|NIST_KW)_ALT' + scripts/config.py unset MBEDTLS_DHM_ALT #incompatible with MBEDTLS_DEBUG_C + # We can only compile, not link, since we don't have any implementations + # suitable for testing with the dummy alt headers. + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib +} + +component_build_dhm_alt () { + msg "build: MBEDTLS_DHM_ALT" # ~30s + scripts/config.py full + scripts/config.py set MBEDTLS_DHM_ALT + # debug.c currently references mbedtls_dhm_context fields directly. + scripts/config.py unset MBEDTLS_DEBUG_C # We can only compile, not link, since we don't have any implementations # suitable for testing with the dummy alt headers. make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib From f35c42bdb9c1f4aced727d52534552a8f9f5ce68 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 23:30:01 +0200 Subject: [PATCH 0290/1065] Document the remaining constraints on ALT context types Signed-off-by: Gilles Peskine --- ChangeLog.d/alt-context-relaxation.txt | 6 ++++++ docs/architecture/alternative-implementations.md | 11 +++++++++++ 2 files changed, 17 insertions(+) create mode 100644 ChangeLog.d/alt-context-relaxation.txt diff --git a/ChangeLog.d/alt-context-relaxation.txt b/ChangeLog.d/alt-context-relaxation.txt new file mode 100644 index 0000000000..10fd476192 --- /dev/null +++ b/ChangeLog.d/alt-context-relaxation.txt @@ -0,0 +1,6 @@ +Features + * Alternative implementations of the AES, DHM, ECJPAKE, ECP, RSA and timing + modules had undocumented constraints on their context types. These + constraints have been relaxed. + See docs/architecture/alternative-implementations.md for the remaining + constraints. diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md index 7b8b65ef34..4c4a2ad1b3 100644 --- a/docs/architecture/alternative-implementations.md +++ b/docs/architecture/alternative-implementations.md @@ -40,6 +40,17 @@ The general principle of an alternative implementation is: See https://tls.mbed.org/kb/development/hw_acc_guidelines for a more detailed guide. +### Constraints on context types + +Generally, alternative implementations can define their context types to any C type except incomplete and array types (although they would normally be `struct` types). This section lists some known limitations where the context type needs to be a structure with certain fields. + +Where a context type needs to have a certain field, the field must have the same type and semantics as in the built-in implementation, but does not need to be at the same position in the structure. Furthermore, unless otherwise indicated, only read access is necessary: the field can be `const`, and modifications to it do not need to be supported. For example, if an alternative implementation of asymmetric cryptography uses a different representation of large integers, it is sufficient to provide a read-only copy of the fields listed here of type `mbedtls_mpi`. + +* AES: if `MBEDTLS_AESNI_C` or `MBEDTLS_PADLOCK_C` is enabled, `mbedtls_aes_context` must have the fields `nr` and `rk`. +* DHM: if `MBEDTLS_DEBUG_C` is enabled, `mbedtls_dhm_context` must have the fields `P`, `Q`, `G`, `GX`, `GY` and `K`. +* ECP: `mbedtls_ecp_group` must have the fields `id`, `P`, `A`, `B`, `G`, `N`, `pbits` and `nbits`. + * If `MBEDTLS_PK_PARSE_EC_EXTENDED` is enabled, those fields must be writable, and `mbedtls_ecp_point_read_binary()` must support a group structure where only `P`, `pbits`, `A` and `B` are set. + ## Function alternative implementations In some cases, it is possible to replace a single function or a small set of functions instead of [providing an alternative implementation of the whole module](#module-alternative-implementations). From a71db94c66b1be240e4b8af58fd4466ddc3b827b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Jun 2021 21:30:51 +0200 Subject: [PATCH 0291/1065] Document that contexts must be movable Fix #4451. Signed-off-by: Gilles Peskine --- docs/architecture/alternative-implementations.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md index 4c4a2ad1b3..bd8450553b 100644 --- a/docs/architecture/alternative-implementations.md +++ b/docs/architecture/alternative-implementations.md @@ -51,6 +51,18 @@ Where a context type needs to have a certain field, the field must have the same * ECP: `mbedtls_ecp_group` must have the fields `id`, `P`, `A`, `B`, `G`, `N`, `pbits` and `nbits`. * If `MBEDTLS_PK_PARSE_EC_EXTENDED` is enabled, those fields must be writable, and `mbedtls_ecp_point_read_binary()` must support a group structure where only `P`, `pbits`, `A` and `B` are set. +It must be possible to move a context object in memory (except during the execution of a library function that takes this context as an argument). (This is necessary, for example, to support applications that populate a context on the stack of an inner function and then copy the context upwards through the call chain, or applications written in a language with automatic memory management that can move objects on the heap.) That is, call sequences like the following must work: +``` +mbedtls_xxx_context ctx1, ctx2; +mbedtls_xxx_init(&ctx1); +mbedtls_xxx_setup(&ctx1, …); +ctx2 = ctx1; +memset(&ctx1, 0, sizeof(ctx1)); +mbedtls_xxx_do_stuff(&ctx2, …); +mbedtls_xxx_free(&ctx2); +``` +In practice, this means that a pointer to a context or to a part of a context does not remain valid across function calls. Alternative implementations do not need to support copying of contexts: contexts can only be cloned through explicit `clone()` functions. + ## Function alternative implementations In some cases, it is possible to replace a single function or a small set of functions instead of [providing an alternative implementation of the whole module](#module-alternative-implementations). From bf26bef157773ed9ce7913629b6c0f6daaf94c5b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:15:31 +0200 Subject: [PATCH 0292/1065] Discuss the durability of PSA drivers vs ALT when introducing them Signed-off-by: Gilles Peskine --- docs/architecture/alternative-implementations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md index bd8450553b..eadb61b4ca 100644 --- a/docs/architecture/alternative-implementations.md +++ b/docs/architecture/alternative-implementations.md @@ -21,7 +21,7 @@ To configure entropy sources (hardware random generators), see the `MBEDTLS_ENTR For networking, the `net_sockets` module does not currently support alternative implementations. If this module does not work on your platform, disable `MBEDTLS_NET_C` and use custom functions for TLS. -If your platform has a cryptographic accelerator, you can use it via a [PSA driver](#psa-cryptography-drivers) or an [declare an alternative implementation of the corresponding module(s)](#module-alternative-implementations) or [specific functions](#function-alternative-implementations). +If your platform has a cryptographic accelerator, you can use it via a [PSA driver](#psa-cryptography-drivers) or declare an [alternative implementation of the corresponding module(s)](#module-alternative-implementations) or [of specific functions](#function-alternative-implementations). PSA drivers will ultimately replace the alternative implementation mechanism, but alternative implementation will remain supported in at least all Mbed TLS versions of the form 3.x. The interface of PSA drivers is currently still experimental and subject to change. ## PSA cryptography drivers From cadd3d860ee5fba1e380200d2866f75843fc3579 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:15:55 +0200 Subject: [PATCH 0293/1065] Give examples of PLATFORM_XXX_ALT Signed-off-by: Gilles Peskine --- docs/architecture/alternative-implementations.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md index eadb61b4ca..7fe6332b47 100644 --- a/docs/architecture/alternative-implementations.md +++ b/docs/architecture/alternative-implementations.md @@ -84,6 +84,8 @@ Several platform functions can be reconfigured dynamically by following the proc * Define the symbol `MBEDTLS_PLATFORM_XXX_ALT` at compile time. * During the initialization of your application, set the global variable `mbedtls_xxx` to an alternative implementation of `xxx()`. +For example, to provide a custom `printf` function at run time, enable `MBEDTLS_PLATFORM_PRINTF_ALT` at compile time and assign to `mbedtls_printf` during the initialization of your application. + Merely enabling `MBEDTLS_PLATFORM_XXX_ALT` does not change the behavior: by default, `mbedtls_xxx` points to the standard function `xxx`. -Note that there are variations on the naming pattern. Consult the documentation of individual configuration options and of the platform module for details. +Note that there are variations on the naming pattern. For example, some configurable functions are activated in pairs, such as `mbedtls_calloc` and `mbedtls_free` via `MBEDTLS_PLATFORM_MEMORY`. Consult the documentation of individual configuration options and of the platform module for details. From e5702489f503f1fc26debc846cb3f4c0ab0b5b66 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Jun 2021 21:59:08 +0200 Subject: [PATCH 0294/1065] mbedtls_dhm_get_value parameter order: context first, output last mbedtls_dhm_get_value can be seen as either a copy function or a getter function. Given the name and the semantics, it's more of a getter, even if it "gets" by doing a copy. Therefore, put the context first, and the selector next, leaving the output for last. Signed-off-by: Gilles Peskine --- include/mbedtls/dhm.h | 10 +++++----- library/dhm.c | 6 +++--- library/ssl_tls.c | 8 ++++---- tests/suites/test_suite_dhm.function | 2 +- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 6c319f8047..e8c8a82f50 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -315,18 +315,18 @@ size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ); /** * \brief This function copies a parameter of a DHM key. * - * \param dest The MPI object to copy the value into. It must be - * initialized. * \param ctx The DHM context to query. * \param param The parameter to copy. + * \param dest The MPI object to copy the value into. It must be + * initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid. * \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails. */ -int mbedtls_dhm_get_value( mbedtls_mpi *dest, - const mbedtls_dhm_context *ctx, - mbedtls_dhm_parameter param ); +int mbedtls_dhm_get_value( const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param, + mbedtls_mpi *dest ); /** * \brief This function frees and clears the components diff --git a/library/dhm.c b/library/dhm.c index cb9299faba..e88f3a2c73 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -134,9 +134,9 @@ size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ) return( mbedtls_mpi_size( &ctx->P ) ); } -int mbedtls_dhm_get_value( mbedtls_mpi *dest, - const mbedtls_dhm_context *ctx, - mbedtls_dhm_parameter param ) +int mbedtls_dhm_get_value( const mbedtls_dhm_context *ctx, + mbedtls_dhm_parameter param, + mbedtls_mpi *dest ) { const mbedtls_mpi *src = NULL; switch( param ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bef686403d..560597dec7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3871,10 +3871,10 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_dhm_get_value( &conf->dhm_P, dhm_ctx, - MBEDTLS_DHM_PARAM_P ) ) != 0 || - ( ret = mbedtls_dhm_get_value( &conf->dhm_G, dhm_ctx, - MBEDTLS_DHM_PARAM_G ) ) != 0 ) + if( ( ret = mbedtls_dhm_get_value( dhm_ctx, MBEDTLS_DHM_PARAM_P, + &conf->dhm_P ) ) != 0 || + ( ret = mbedtls_dhm_get_value( dhm_ctx, MBEDTLS_DHM_PARAM_G, + &conf->dhm_G ) ) != 0 ) { mbedtls_mpi_free( &conf->dhm_P ); mbedtls_mpi_free( &conf->dhm_G ); diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index d48c4e38e6..62e634a7f7 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -9,7 +9,7 @@ int check_get_value( const mbedtls_dhm_context *ctx, int ok = 0; mbedtls_mpi_init( &actual ); - TEST_ASSERT( mbedtls_dhm_get_value( &actual, ctx, param ) == 0 ); + TEST_ASSERT( mbedtls_dhm_get_value( ctx, param, &actual ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual, expected ) == 0 ); ok = 1; From 28a4a963fcd45c0ff699cce57310f71085594f70 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 15 Jun 2021 00:18:32 +0200 Subject: [PATCH 0295/1065] Corrections to the docs wording and changes to aux scripts Signed-off-by: TRodziewicz --- ChangeLog.d/issue4212.txt | 37 +++------------- .../rename_the__ret_functions.md | 42 +++++++++++++++++-- tests/scripts/list-enum-consts.pl | 3 +- tests/scripts/list-identifiers.sh | 4 +- 4 files changed, 47 insertions(+), 39 deletions(-) diff --git a/ChangeLog.d/issue4212.txt b/ChangeLog.d/issue4212.txt index 4943d71c57..9e72ca9d77 100644 --- a/ChangeLog.d/issue4212.txt +++ b/ChangeLog.d/issue4212.txt @@ -1,33 +1,6 @@ API changes - * Rename functions whose deprecated variants have been removed via #4029: - mbedtls_ctr_drbg_update_ret -> mbedtls_ctr_drbg_update - mbedtls_hmac_drbg_update_ret -> mbedtls_hmac_drbg_update - mbedtls_md2_starts_ret -> mbedtls_md2_starts - mbedtls_md2_update_ret -> mbedtls_md2_update - mbedtls_md2_finish_ret -> mbedtls_md2_finish - mbedtls_md2_ret -> mbedtls_md2 - mbedtls_md4_starts_ret -> mbedtls_md4_starts - mbedtls_md4_update_ret -> mbedtls_md4_update - mbedtls_md4_finish_ret -> mbedtls_md4_finish - mbedtls_md4_ret -> mbedtls_md4 - mbedtls_md5_starts_ret -> mbedtls_md5_starts - mbedtls_md5_update_ret -> mbedtls_md5_update - mbedtls_md5_finish_ret -> mbedtls_md5_finish - mbedtls_md5_ret -> mbedtls_md5 - mbedtls_ripemd160_starts_ret -> mbedtls_ripemd160_starts - mbedtls_ripemd160_update_ret -> mbedtls_ripemd160_update - mbedtls_ripemd160_finish_ret -> mbedtls_ripemd160_finish - mbedtls_ripemd160_ret -> mbedtls_ripemd160 - mbedtls_sha1_starts_ret -> mbedtls_sha1_starts - mbedtls_sha1_update_ret -> mbedtls_sha1_update - mbedtls_sha1_finish_ret -> mbedtls_sha1_finish - mbedtls_sha1_ret -> mbedtls_sha1 - mbedtls_sha256_starts_ret -> mbedtls_sha256_starts - mbedtls_sha256_update_ret -> mbedtls_sha256_update - mbedtls_sha256_finish_ret -> mbedtls_sha256_finish - mbedtls_sha256_ret -> mbedtls_sha256 - mbedtls_sha512_starts_ret -> mbedtls_sha512_starts - mbedtls_sha512_update_ret -> mbedtls_sha512_update - mbedtls_sha512_finish_ret -> mbedtls_sha512_finish - mbedtls_sha512_ret -> mbedtls_sha512. - Fixes #4212. + * In modules that implement cryptographic hash functions, many functions + mbedtls_xxx() now return int instead of void, and the corresponding + function mbedtls_xxx_ret() which was identical except for returning int + has been removed. This also concerns mbedtls_xxx_drbg_update(). See the + migration guide for more information. Fixes #4212. diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md index c6fe714299..44435f8722 100644 --- a/docs/3.0-migration-guide.d/rename_the__ret_functions.md +++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md @@ -1,15 +1,51 @@ Rename mbedtls_*_ret() cryptography functions whose deprecated variants -have been removed in #4029 --------------------------- +have been removed +----------------- This change affects users who were using the `mbedtls_*_ret()` cryptography functions. Those functions were created based on now-deprecated functions according to a requirement that a function needs to return a value. This change brings back the -original names of those functions. +original names of those functions. The renamed functions are: + +| name before this change | after the change | +|------------------------------|--------------------------| +| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update | +| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update | +| mbedtls_md2_starts_ret | mbedtls_md2_starts | +| mbedtls_md2_update_ret | mbedtls_md2_update | +| mbedtls_md2_finish_ret | mbedtls_md2_finish | +| mbedtls_md2_ret | mbedtls_md2 | +| mbedtls_md4_starts_ret | mbedtls_md4_starts | +| mbedtls_md4_update_ret | mbedtls_md4_update | +| mbedtls_md4_finish_ret | mbedtls_md4_finish | +| mbedtls_md4_ret | mbedtls_md4 | +| mbedtls_md5_starts_ret | mbedtls_md5_starts | +| mbedtls_md5_update_ret | mbedtls_md5_update | +| mbedtls_md5_finish_ret | mbedtls_md5_finish | +| mbedtls_md5_ret | mbedtls_md5 | +| mbedtls_ripemd160_starts_ret | mbedtls_ripemd160_starts | +| mbedtls_ripemd160_update_ret | mbedtls_ripemd160_update | +| mbedtls_ripemd160_finish_ret | mbedtls_ripemd160_finish | +| mbedtls_ripemd160_ret | mbedtls_ripemd160 | +| mbedtls_sha1_starts_ret | mbedtls_sha1_starts | +| mbedtls_sha1_update_ret | mbedtls_sha1_update | +| mbedtls_sha1_finish_ret | mbedtls_sha1_finish | +| mbedtls_sha1_ret | mbedtls_sha1 | +| mbedtls_sha256_starts_ret | mbedtls_sha256_starts | +| mbedtls_sha256_update_ret | mbedtls_sha256_update | +| mbedtls_sha256_finish_ret | mbedtls_sha256_finish | +| mbedtls_sha256_ret | mbedtls_sha256 | +| mbedtls_sha512_starts_ret | mbedtls_sha512_starts | +| mbedtls_sha512_update_ret | mbedtls_sha512_update | +| mbedtls_sha512_finish_ret | mbedtls_sha512_finish | +| mbedtls_sha512_ret | mbedtls_sha512 | To migrate to the this change the user can keep the `*_ret` names in their code and include the `compat_2.x.h` header file which holds macros with proper renaming or to rename those function in their code according to the list from mentioned header file. + + + diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl index 225612f8ef..6d93693075 100755 --- a/tests/scripts/list-enum-consts.pl +++ b/tests/scripts/list-enum-consts.pl @@ -23,8 +23,7 @@ use open qw(:std utf8); -d 'include/mbedtls' or die "$0: must be run from root\n"; -@ARGV = ; -push @ARGV, ; +@ARGV = grep { ! /compat-2\.x\.h/ } ; push @ARGV, "3rdparty/everest/include/everest/everest.h"; push @ARGV, "3rdparty/everest/include/everest/x25519.h"; push @ARGV, glob("library/*.h"); diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index b8a6d53520..9698fc86c0 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -47,9 +47,9 @@ done if [ $INTERNAL ] then - HEADERS=$( ls library/*.h ) + HEADERS=$( ls include/mbedtls/*_internal.h library/*.h | egrep -v 'compat-2\.x\.h' ) else - HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h ) + HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-2\.x\.h' ) HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" fi From d854083773d802d117aeaaa8e69aeee699e58dae Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 10 Jun 2021 15:16:50 +0200 Subject: [PATCH 0296/1065] Move part of timing module out of the library Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 4 +- include/mbedtls/timing.h | 35 +- library/entropy.c | 5 - library/entropy_poll.c | 18 - library/entropy_poll.h | 9 - library/timing.c | 368 ------------------ programs/test/benchmark.c | 247 ++++++++++++ programs/test/selftest.c | 4 - .../test_suite_psa_crypto_init.function | 6 - tests/suites/test_suite_timing.data | 9 - tests/suites/test_suite_timing.function | 26 -- 11 files changed, 251 insertions(+), 480 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 16f8f8b350..1626efb085 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -268,7 +268,7 @@ /** * \def MBEDTLS_TIMING_ALT * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * Uncomment to provide your own alternate implementation for * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() * * Only works if you have MBEDTLS_TIMING_C enabled. @@ -1015,7 +1015,7 @@ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES * * Do not add default entropy sources. These are the platform specific - * or mbedtls_timing_hardclock poll function. + * poll function. * * This is useful to have more control over the added entropy sources in an * application. diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 7669bb9b3e..9ea5c29669 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -63,21 +63,11 @@ typedef struct mbedtls_timing_delay_context extern volatile int mbedtls_timing_alarmed; -/** - * \brief Return the CPU cycle counter value - * - * \warning This is only a best effort! Do not rely on this! - * In particular, it is known to be unreliable on virtual - * machines. - * - * \note This value starts at an unspecified origin and - * may wrap around. - */ -unsigned long mbedtls_timing_hardclock( void ); - /** * \brief Return the elapsed time in milliseconds * + * \warning May change without notice + * * \param val points to a timer structure * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. * @@ -94,18 +84,6 @@ unsigned long mbedtls_timing_hardclock( void ); */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); -/** - * \brief Setup an alarm clock - * - * \param seconds delay before the "mbedtls_timing_alarmed" flag is set - * (must be >=0) - * - * \warning Only one alarm at a time is supported. In a threaded - * context, this means one for the whole process, not one per - * thread. - */ -void mbedtls_set_alarm( int seconds ); - /** * \brief Set a pair of delays to watch * (See \c mbedtls_timing_get_delay().) @@ -136,15 +114,6 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); */ int mbedtls_timing_get_delay( void *data ); -#if defined(MBEDTLS_SELF_TEST) -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if a test failed - */ -int mbedtls_timing_self_test( int verbose ); -#endif - #ifdef __cplusplus } #endif diff --git a/library/entropy.c b/library/entropy.c index cc686282a6..e652e99a5a 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -73,11 +73,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_SOURCE_STRONG ); #endif -#if defined(MBEDTLS_TIMING_C) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); -#endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, MBEDTLS_ENTROPY_MIN_HARDWARE, diff --git a/library/entropy_poll.c b/library/entropy_poll.c index e5d75c5b37..bccc03478e 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -211,24 +211,6 @@ int mbedtls_platform_entropy_poll( void *data, #endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ -#if defined(MBEDTLS_TIMING_C) -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - unsigned long timer = mbedtls_timing_hardclock(); - ((void) data); - *olen = 0; - - if( len < sizeof(unsigned long) ) - return( 0 ); - - memcpy( output, &timer, sizeof(unsigned long) ); - *olen = sizeof(unsigned long); - - return( 0 ); -} -#endif /* MBEDTLS_TIMING_C */ - #if defined(MBEDTLS_ENTROPY_NV_SEED) int mbedtls_nv_seed_poll( void *data, unsigned char *output, size_t len, size_t *olen ) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index 9120fe5a0e..bf268892d2 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -38,7 +38,6 @@ extern "C" { * Default thresholds for built-in sources, in bytes */ #define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */ -#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */ #if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE) #define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */ #endif @@ -51,14 +50,6 @@ int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, size_t *olen ); #endif -#if defined(MBEDTLS_TIMING_C) -/** - * \brief mbedtls_timing_hardclock-based entropy poll callback - */ -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); -#endif - #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) /** * \brief Entropy poll callback for a hardware source diff --git a/library/timing.c b/library/timing.c index 664fde0827..764ff7d5d7 100644 --- a/library/timing.c +++ b/library/timing.c @@ -67,172 +67,6 @@ struct _hr_time #endif /* _WIN32 && !EFIX64 && !EFI32 */ -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long tsc; - __asm rdtsc - __asm mov [tsc], eax - return( tsc ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ - -/* some versions of mingw-64 have 32-bit longs even on x84_64 */ -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__i386__) || ( \ - ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && __i386__ */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) ) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo | ( hi << 32 ) ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && ( __amd64__ || __x86_64__ ) */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) ) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long tbl, tbu0, tbu1; - - do - { - asm volatile( "mftbu %0" : "=r" (tbu0) ); - asm volatile( "mftb %0" : "=r" (tbl ) ); - asm volatile( "mftbu %0" : "=r" (tbu1) ); - } - while( tbu0 != tbu1 ); - - return( tbl ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && ( __powerpc__ || __ppc__ ) */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(__sparc64__) - -#if defined(__OpenBSD__) -#warning OpenBSD does not allow access to tick register using software version instead -#else -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long tick; - asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); - return( tick ); -} -#endif /* __OpenBSD__ */ -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && __sparc64__ */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long tick; - asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); - asm volatile( "mov %%g1, %0" : "=r" (tick) ); - return( tick ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && __sparc__ && !__sparc64__ */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(__alpha__) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long cc; - asm volatile( "rpcc %0" : "=r" (cc) ); - return( cc & 0xFFFFFFFF ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && __alpha__ */ - -#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(__ia64__) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - unsigned long itc; - asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); - return( itc ); -} -#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && - __GNUC__ && __ia64__ */ - -#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \ - !defined(EFIX64) && !defined(EFI32) - -#define HAVE_HARDCLOCK - -unsigned long mbedtls_timing_hardclock( void ) -{ - LARGE_INTEGER offset; - - QueryPerformanceCounter( &offset ); - - return( (unsigned long)( offset.QuadPart ) ); -} -#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ - -#if !defined(HAVE_HARDCLOCK) - -#define HAVE_HARDCLOCK - -static int hardclock_init = 0; -static struct timeval tv_init; - -unsigned long mbedtls_timing_hardclock( void ) -{ - struct timeval tv_cur; - - if( hardclock_init == 0 ) - { - gettimeofday( &tv_init, NULL ); - hardclock_init = 1; - } - - gettimeofday( &tv_cur, NULL ); - return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000 - + ( tv_cur.tv_usec - tv_init.tv_usec ) ); -} -#endif /* !HAVE_HARDCLOCK */ - volatile int mbedtls_timing_alarmed = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -258,33 +92,6 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int } } -/* It's OK to use a global because alarm() is supposed to be global anyway */ -static DWORD alarmMs; - -static void TimerProc( void *TimerContext ) -{ - (void) TimerContext; - Sleep( alarmMs ); - mbedtls_timing_alarmed = 1; - /* _endthread will be called implicitly on return - * That ensures execution of thread funcition's epilogue */ -} - -void mbedtls_set_alarm( int seconds ) -{ - if( seconds == 0 ) - { - /* No need to create a thread for this simple case. - * Also, this shorcut is more reliable at least on MinGW32 */ - mbedtls_timing_alarmed = 1; - return; - } - - mbedtls_timing_alarmed = 0; - alarmMs = seconds * 1000; - (void) _beginthread( TimerProc, 0, NULL ); -} - #else /* _WIN32 && !EFIX64 && !EFI32 */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) @@ -307,25 +114,6 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int } } -static void sighandler( int signum ) -{ - mbedtls_timing_alarmed = 1; - signal( signum, sighandler ); -} - -void mbedtls_set_alarm( int seconds ) -{ - mbedtls_timing_alarmed = 0; - signal( SIGALRM, sighandler ); - alarm( seconds ); - if( seconds == 0 ) - { - /* alarm(0) cancelled any previous pending alarm, but the - handler won't fire, so raise the flag straight away. */ - mbedtls_timing_alarmed = 1; - } -} - #endif /* _WIN32 && !EFIX64 && !EFI32 */ /* @@ -368,40 +156,6 @@ int mbedtls_timing_get_delay( void *data ) #if defined(MBEDTLS_SELF_TEST) -/* - * Busy-waits for the given number of milliseconds. - * Used for testing mbedtls_timing_hardclock. - */ -static void busy_msleep( unsigned long msec ) -{ - struct mbedtls_timing_hr_time hires; - unsigned long i = 0; /* for busy-waiting */ - volatile unsigned long j; /* to prevent optimisation */ - - (void) mbedtls_timing_get_timer( &hires, 1 ); - - while( mbedtls_timing_get_timer( &hires, 0 ) < msec ) - i++; - - j = i; - (void) j; -} - -static void print_timers( struct mbedtls_timing_hr_time *hires, - mbedtls_timing_delay_context *ctx ) -{ -#if defined(MBEDTLS_TIMING_ALT) - mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=?? status(ctx)=%d\n", - mbedtls_timing_get_timer( hires, 0 ), - mbedtls_timing_get_delay( ctx ) ); -#else - mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", - mbedtls_timing_get_timer( hires, 0 ), - mbedtls_timing_get_timer( &ctx->timer, 0 ), - mbedtls_timing_get_delay( ctx ) ); -#endif -} - #define FAIL do \ { \ if( verbose != 0 ) \ @@ -415,128 +169,6 @@ static void print_timers( struct mbedtls_timing_hr_time *hires, return( 1 ); \ } while( 0 ) -/* - * Checkup routine - * - * Warning: this is work in progress, some tests may not be reliable enough - * yet! False positives may happen. - */ -int mbedtls_timing_self_test( int verbose ) -{ - unsigned long cycles = 0, ratio = 0; - unsigned long millisecs = 0, secs = 0; - int hardfail = 0; - struct mbedtls_timing_hr_time hires; - uint32_t a = 0, b = 0; - mbedtls_timing_delay_context ctx; - - if( verbose != 0 ) - mbedtls_printf( " TIMING tests note: will take some time!\n" ); - - if( verbose != 0 ) - mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " ); - - { - secs = 1; - - (void) mbedtls_timing_get_timer( &hires, 1 ); - - mbedtls_set_alarm( (int) secs ); - while( !mbedtls_timing_alarmed ) - ; - - millisecs = mbedtls_timing_get_timer( &hires, 0 ); - - /* For some reason on Windows it looks like alarm has an extra delay - * (maybe related to creating a new thread). Allow some room here. */ - if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 ) - FAIL; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( " TIMING test #2 (set/get_delay ): " ); - - { - a = 800; - b = 400; - mbedtls_timing_set_delay( &ctx, a, a + b ); /* T = 0 */ - - busy_msleep( a - a / 4 ); /* T = a - a/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 0 ) - FAIL; - - busy_msleep( a / 4 + b / 4 ); /* T = a + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 1 ) - FAIL; - - busy_msleep( b ); /* T = a + b + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 2 ) - FAIL; - } - - mbedtls_timing_set_delay( &ctx, 0, 0 ); - busy_msleep( 200 ); - if( mbedtls_timing_get_delay( &ctx ) != -1 ) - FAIL; - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " ); - - /* - * Allow one failure for possible counter wrapping. - * On a 4Ghz 32-bit machine the cycle counter wraps about once per second; - * since the whole test is about 10ms, it shouldn't happen twice in a row. - */ - -hard_test: - if( hardfail > 1 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed (ignored)\n" ); - - goto hard_test_done; - } - - /* Get a reference ratio cycles/ms */ - millisecs = 1; - cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); - cycles = mbedtls_timing_hardclock() - cycles; - ratio = cycles / millisecs; - - /* Check that the ratio is mostly constant */ - for( millisecs = 2; millisecs <= 4; millisecs++ ) - { - cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); - cycles = mbedtls_timing_hardclock() - cycles; - - /* Allow variation up to 20% */ - if( cycles / millisecs < ratio - ratio / 5 || - cycles / millisecs > ratio + ratio / 5 ) - { - hardfail++; - goto hard_test; - } - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - -hard_test_done: - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - return( 0 ); -} - #endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_TIMING_C */ diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 148e6da472..2f9a67395d 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -77,10 +77,37 @@ int main( void ) #include "mbedtls/error.h" +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + +#include +#include + +struct _hr_time +{ + LARGE_INTEGER start; +}; + +#else + +#include +#include +#include +#include +#include + +struct _hr_time +{ + struct timeval start; +}; + +#endif /* _WIN32 && !EFIX64 && !EFI32 */ + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" #endif +static void mbedtls_set_alarm( int seconds ); + /* * For heap usage estimates, we need an estimate of the overhead per allocated * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, @@ -212,6 +239,226 @@ do { \ } \ } while( 0 ) +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long tsc; + __asm rdtsc + __asm mov [tsc], eax + return( tsc ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ + +/* some versions of mingw-64 have 32-bit longs even on x84_64 */ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && ( defined(__i386__) || ( \ + ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long lo, hi; + asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); + return( lo ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __i386__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) ) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long lo, hi; + asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); + return( lo | ( hi << 32 ) ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && ( __amd64__ || __x86_64__ ) */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) ) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long tbl, tbu0, tbu1; + + do + { + asm volatile( "mftbu %0" : "=r" (tbu0) ); + asm volatile( "mftb %0" : "=r" (tbl ) ); + asm volatile( "mftbu %0" : "=r" (tbu1) ); + } + while( tbu0 != tbu1 ); + + return( tbl ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && ( __powerpc__ || __ppc__ ) */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc64__) + +#if defined(__OpenBSD__) +#warning OpenBSD does not allow access to tick register using software version instead +#else +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long tick; + asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); + return( tick ); +} +#endif /* __OpenBSD__ */ +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __sparc64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long tick; + asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); + asm volatile( "mov %%g1, %0" : "=r" (tick) ); + return( tick ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __sparc__ && !__sparc64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__alpha__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long cc; + asm volatile( "rpcc %0" : "=r" (cc) ); + return( cc & 0xFFFFFFFF ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __alpha__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__ia64__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + unsigned long itc; + asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); + return( itc ); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __ia64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \ + !defined(EFIX64) && !defined(EFI32) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock( void ) +{ + LARGE_INTEGER offset; + + QueryPerformanceCounter( &offset ); + + return( (unsigned long)( offset.QuadPart ) ); +} +#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ + +#if !defined(HAVE_HARDCLOCK) + +#define HAVE_HARDCLOCK + +static int hardclock_init = 0; +static struct timeval tv_init; + +unsigned long mbedtls_timing_hardclock( void ) +{ + struct timeval tv_cur; + + if( hardclock_init == 0 ) + { + gettimeofday( &tv_init, NULL ); + hardclock_init = 1; + } + + gettimeofday( &tv_cur, NULL ); + return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000 + + ( tv_cur.tv_usec - tv_init.tv_usec ) ); +} +#endif /* !HAVE_HARDCLOCK */ + +volatile int mbedtls_timing_alarmed = 0; + +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + +/* It's OK to use a global because alarm() is supposed to be global anyway */ +static DWORD alarmMs; + +static void TimerProc( void *TimerContext ) +{ + (void) TimerContext; + Sleep( alarmMs ); + mbedtls_timing_alarmed = 1; + /* _endthread will be called implicitly on return + * That ensures execution of thread funcition's epilogue */ +} + +static void mbedtls_set_alarm( int seconds ) +{ + if( seconds == 0 ) + { + /* No need to create a thread for this simple case. + * Also, this shorcut is more reliable at least on MinGW32 */ + mbedtls_timing_alarmed = 1; + return; + } + + mbedtls_timing_alarmed = 0; + alarmMs = seconds * 1000; + (void) _beginthread( TimerProc, 0, NULL ); +} + +#else /* _WIN32 && !EFIX64 && !EFI32 */ + +static void sighandler( int signum ) +{ + mbedtls_timing_alarmed = 1; + signal( signum, sighandler ); +} + +static void mbedtls_set_alarm( int seconds ) +{ + mbedtls_timing_alarmed = 0; + signal( SIGALRM, sighandler ); + alarm( seconds ); + if( seconds == 0 ) + { + /* alarm(0) cancelled any previous pending alarm, but the + handler won't fire, so raise the flag straight away. */ + mbedtls_timing_alarmed = 1; + } +} + +#endif /* _WIN32 && !EFIX64 && !EFI32 */ + static int myrand( void *rng_state, unsigned char *output, size_t len ) { size_t use_len; diff --git a/programs/test/selftest.c b/programs/test/selftest.c index a3e306ce91..5e7eddf596 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -346,10 +346,6 @@ const selftest_t selftests[] = #if defined(MBEDTLS_PKCS5_C) {"pkcs5", mbedtls_pkcs5_self_test}, #endif -/* Slower test after the faster ones */ -#if defined(MBEDTLS_TIMING_C) - {"timing", mbedtls_timing_self_test}, -#endif /* Heap test comes last */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) {"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test}, diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index d612548d7b..9f72b47a4b 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -85,12 +85,6 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_SOURCE_STRONG ); #endif -#if defined(MBEDTLS_TIMING_C) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING ) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); -#endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE ) mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data index 2522da1eaf..de89239e76 100644 --- a/tests/suites/test_suite_timing.data +++ b/tests/suites/test_suite_timing.data @@ -1,15 +1,6 @@ -Timing: hardclock -timing_hardclock: - Timing: get timer timing_get_timer: -Timing: set alarm with no delay -timing_set_alarm:0: - -Timing: set alarm with 1s delay -timing_set_alarm:1: - Timing: delay 0ms timing_delay:0: diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function index 74dc823171..3483d85f35 100644 --- a/tests/suites/test_suite_timing.function +++ b/tests/suites/test_suite_timing.function @@ -16,15 +16,6 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ -void timing_hardclock( ) -{ - (void) mbedtls_timing_hardclock(); - /* This goto is added to avoid warnings from the generated code. */ - goto exit; -} -/* END_CASE */ - /* BEGIN_CASE */ void timing_get_timer( ) { @@ -36,23 +27,6 @@ void timing_get_timer( ) } /* END_CASE */ -/* BEGIN_CASE */ -void timing_set_alarm( int seconds ) -{ - if( seconds == 0 ) - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 1 ); - } - else - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 0 || - mbedtls_timing_alarmed == 1 ); - } -} -/* END_CASE */ - /* BEGIN_CASE */ void timing_delay( int fin_ms ) { From 90f304ff1a2c72bd9949ae665728b6c7bfbf338e Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 11 Jun 2021 11:56:47 +0200 Subject: [PATCH 0297/1065] Fixing test_clang_opt (asm not defined) Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 1 - library/timing.c | 4 ---- programs/test/benchmark.c | 4 ++++ 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 1626efb085..74b82221de 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -47,7 +47,6 @@ * * Used in: * library/aria.c - * library/timing.c * library/bn_mul.h * * Required by: diff --git a/library/timing.c b/library/timing.c index 764ff7d5d7..7964102e65 100644 --- a/library/timing.c +++ b/library/timing.c @@ -38,10 +38,6 @@ #error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h" #endif -#ifndef asm -#define asm __asm -#endif - #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2f9a67395d..b4b8c283d4 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -77,6 +77,10 @@ int main( void ) #include "mbedtls/error.h" +#ifndef asm +#define asm __asm +#endif + #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include From 9a9609ee067cce9d9c21124fb3cee9a79f62673a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 11 Jun 2021 13:35:10 +0200 Subject: [PATCH 0298/1065] Make static all the functions moved to bechmark.c Signed-off-by: TRodziewicz --- programs/test/benchmark.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index b4b8c283d4..cbda798666 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -248,7 +248,7 @@ do { \ #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long tsc; __asm rdtsc @@ -265,7 +265,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long lo, hi; asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); @@ -279,7 +279,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long lo, hi; asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); @@ -293,7 +293,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long tbl, tbu0, tbu1; @@ -318,7 +318,7 @@ unsigned long mbedtls_timing_hardclock( void ) #else #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long tick; asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); @@ -333,7 +333,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long tick; asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); @@ -348,7 +348,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long cc; asm volatile( "rpcc %0" : "=r" (cc) ); @@ -362,7 +362,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { unsigned long itc; asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); @@ -376,7 +376,7 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { LARGE_INTEGER offset; @@ -393,7 +393,7 @@ unsigned long mbedtls_timing_hardclock( void ) static int hardclock_init = 0; static struct timeval tv_init; -unsigned long mbedtls_timing_hardclock( void ) +static unsigned long mbedtls_timing_hardclock( void ) { struct timeval tv_cur; From 5bbbb5ed28dafd3dde7e7969909a42946b420cb0 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 11 Jun 2021 14:02:06 +0200 Subject: [PATCH 0299/1065] Remove the mbedtls_printf and FAIL macros Signed-off-by: TRodziewicz --- library/timing.c | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/library/timing.c b/library/timing.c index 7964102e65..d87d8b6cab 100644 --- a/library/timing.c +++ b/library/timing.c @@ -19,13 +19,6 @@ #include "common.h" -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif - #if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" @@ -149,22 +142,4 @@ int mbedtls_timing_get_delay( void *data ) } #endif /* !MBEDTLS_TIMING_ALT */ - -#if defined(MBEDTLS_SELF_TEST) - -#define FAIL do \ - { \ - if( verbose != 0 ) \ - { \ - mbedtls_printf( "failed at line %d\n", __LINE__ ); \ - mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ - cycles, ratio, millisecs, secs, hardfail, \ - (unsigned long) a, (unsigned long) b ); \ - print_timers( &hires, &ctx ); \ - } \ - return( 1 ); \ - } while( 0 ) - -#endif /* MBEDTLS_SELF_TEST */ - #endif /* MBEDTLS_TIMING_C */ From 9c90226df17f1ba39107bb4029a2baf84fc2462b Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 11 Jun 2021 14:30:01 +0200 Subject: [PATCH 0300/1065] Addition of the migration guide and change log files Signed-off-by: TRodziewicz --- ChangeLog.d/issue4083.txt | 5 +++++ .../move_part_of_timing_module_out_of_the_library.md | 12 ++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 ChangeLog.d/issue4083.txt create mode 100644 docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md diff --git a/ChangeLog.d/issue4083.txt b/ChangeLog.d/issue4083.txt new file mode 100644 index 0000000000..f3f7e31b01 --- /dev/null +++ b/ChangeLog.d/issue4083.txt @@ -0,0 +1,5 @@ +Changes + * Remove the following functions: mbedtls_timing_self_test() and + mbedtls_hardclock_poll(). Move the following functions to the benchmark.c + file and make them static: mbedtls_timing_hardclock() and + mbedtls_set_alarm(). Fixes #4083. diff --git a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md new file mode 100644 index 0000000000..f0b539c8f2 --- /dev/null +++ b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md @@ -0,0 +1,12 @@ +Move part of timing module out of the library +-- + +The change affects users who use any of the following functions: +`mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`, +`mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`. + +This change is the first step of a plan of removal of the `timing.c` from the +library. The plan is to move all the timing functions to the `platform.c` file. + +For users who still need removed functions the migration path is to re-implement +them as a platform support code. From db9c18d1beba1c6f579507e756380b210bd585b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 18:18:07 +0200 Subject: [PATCH 0301/1065] Import crypto_spe.h from TF-M https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/plain/secure_fw/partitions/crypto/crypto_spe.h?h=refs/heads/master Signed-off-by: Gilles Peskine --- tests/include/spe/crypto_spe.h | 132 +++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 tests/include/spe/crypto_spe.h diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h new file mode 100644 index 0000000000..f80fd86bdc --- /dev/null +++ b/tests/include/spe/crypto_spe.h @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2019-2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** + * \file crypto_spe.h + * + * \brief When Mbed Crypto is built with the MBEDTLS_PSA_CRYPTO_SPM option + * enabled, this header is included by all .c files in Mbed Crypto that + * use PSA Crypto function names. This avoids duplication of symbols + * between TF-M and Mbed Crypto. + * + * \note This file should be included before including any PSA Crypto headers + * from Mbed Crypto. + */ + +#ifndef CRYPTO_SPE_H +#define CRYPTO_SPE_H + +#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x + +#define psa_crypto_init \ + PSA_FUNCTION_NAME(psa_crypto_init) +#define psa_key_derivation_get_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) +#define psa_key_derivation_set_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) +#define psa_key_derivation_input_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) +#define psa_key_derivation_output_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) +#define psa_key_derivation_input_key \ + PSA_FUNCTION_NAME(psa_key_derivation_input_key) +#define psa_key_derivation_output_key \ + PSA_FUNCTION_NAME(psa_key_derivation_output_key) +#define psa_key_derivation_setup \ + PSA_FUNCTION_NAME(psa_key_derivation_setup) +#define psa_key_derivation_abort \ + PSA_FUNCTION_NAME(psa_key_derivation_abort) +#define psa_key_derivation_key_agreement \ + PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) +#define psa_raw_key_agreement \ + PSA_FUNCTION_NAME(psa_raw_key_agreement) +#define psa_generate_random \ + PSA_FUNCTION_NAME(psa_generate_random) +#define psa_aead_encrypt \ + PSA_FUNCTION_NAME(psa_aead_encrypt) +#define psa_aead_decrypt \ + PSA_FUNCTION_NAME(psa_aead_decrypt) +#define psa_open_key \ + PSA_FUNCTION_NAME(psa_open_key) +#define psa_close_key \ + PSA_FUNCTION_NAME(psa_close_key) +#define psa_import_key \ + PSA_FUNCTION_NAME(psa_import_key) +#define psa_destroy_key \ + PSA_FUNCTION_NAME(psa_destroy_key) +#define psa_get_key_attributes \ + PSA_FUNCTION_NAME(psa_get_key_attributes) +#define psa_reset_key_attributes \ + PSA_FUNCTION_NAME(psa_reset_key_attributes) +#define psa_export_key \ + PSA_FUNCTION_NAME(psa_export_key) +#define psa_export_public_key \ + PSA_FUNCTION_NAME(psa_export_public_key) +#define psa_purge_key \ + PSA_FUNCTION_NAME(psa_purge_key) +#define psa_copy_key \ + PSA_FUNCTION_NAME(psa_copy_key) +#define psa_cipher_operation_init \ + PSA_FUNCTION_NAME(psa_cipher_operation_init) +#define psa_cipher_generate_iv \ + PSA_FUNCTION_NAME(psa_cipher_generate_iv) +#define psa_cipher_set_iv \ + PSA_FUNCTION_NAME(psa_cipher_set_iv) +#define psa_cipher_encrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) +#define psa_cipher_decrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) +#define psa_cipher_update \ + PSA_FUNCTION_NAME(psa_cipher_update) +#define psa_cipher_finish \ + PSA_FUNCTION_NAME(psa_cipher_finish) +#define psa_cipher_abort \ + PSA_FUNCTION_NAME(psa_cipher_abort) +#define psa_hash_operation_init \ + PSA_FUNCTION_NAME(psa_hash_operation_init) +#define psa_hash_setup \ + PSA_FUNCTION_NAME(psa_hash_setup) +#define psa_hash_update \ + PSA_FUNCTION_NAME(psa_hash_update) +#define psa_hash_finish \ + PSA_FUNCTION_NAME(psa_hash_finish) +#define psa_hash_verify \ + PSA_FUNCTION_NAME(psa_hash_verify) +#define psa_hash_abort \ + PSA_FUNCTION_NAME(psa_hash_abort) +#define psa_hash_clone \ + PSA_FUNCTION_NAME(psa_hash_clone) +#define psa_hash_compute \ + PSA_FUNCTION_NAME(psa_hash_compute) +#define psa_hash_compare \ + PSA_FUNCTION_NAME(psa_hash_compare) +#define psa_mac_operation_init \ + PSA_FUNCTION_NAME(psa_mac_operation_init) +#define psa_mac_sign_setup \ + PSA_FUNCTION_NAME(psa_mac_sign_setup) +#define psa_mac_verify_setup \ + PSA_FUNCTION_NAME(psa_mac_verify_setup) +#define psa_mac_update \ + PSA_FUNCTION_NAME(psa_mac_update) +#define psa_mac_sign_finish \ + PSA_FUNCTION_NAME(psa_mac_sign_finish) +#define psa_mac_verify_finish \ + PSA_FUNCTION_NAME(psa_mac_verify_finish) +#define psa_mac_abort \ + PSA_FUNCTION_NAME(psa_mac_abort) +#define psa_sign_hash \ + PSA_FUNCTION_NAME(psa_sign_hash) +#define psa_verify_hash \ + PSA_FUNCTION_NAME(psa_verify_hash) +#define psa_asymmetric_encrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_encrypt) +#define psa_asymmetric_decrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_decrypt) +#define psa_generate_key \ + PSA_FUNCTION_NAME(psa_generate_key) + +#endif /* CRYPTO_SPE_H */ From 10e8cf5fef7e062927bfbec69ad85fbf491b4299 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 31 May 2021 17:58:57 +0200 Subject: [PATCH 0302/1065] Remove MD2, MD4, RC4, Blowfish and XTEA Signed-off-by: TRodziewicz --- configs/config-symmetric-only.h | 5 - doxygen/input/doc_encdec.h | 4 - doxygen/input/doc_hashing.h | 2 +- include/mbedtls/arc4.h | 142 ---- include/mbedtls/blowfish.h | 279 ------- include/mbedtls/cipher.h | 13 +- include/mbedtls/config.h | 85 +-- include/mbedtls/config_psa.h | 34 - include/mbedtls/error.h | 5 - include/mbedtls/md.h | 4 +- include/mbedtls/md2.h | 204 ------ include/mbedtls/md4.h | 207 ------ include/mbedtls/oid.h | 8 - include/mbedtls/pkcs12.h | 19 - include/mbedtls/psa_util.h | 8 - include/mbedtls/xtea.h | 135 ---- include/psa/crypto.h | 1 - include/psa/crypto_builtin_primitives.h | 12 +- include/psa/crypto_config.h | 3 - include/psa/crypto_sizes.h | 2 - include/psa/crypto_values.h | 11 - library/CMakeLists.txt | 5 - library/Makefile | 5 - library/arc4.c | 195 ----- library/blowfish.c | 690 ------------------ library/cipher_wrap.c | 244 ------- library/md.c | 114 --- library/md2.c | 321 -------- library/md4.c | 444 ----------- library/md_wrap.h | 6 - library/oid.c | 24 - library/pkcs12.c | 45 -- library/pkparse.c | 18 - library/psa_crypto.c | 20 - library/psa_crypto_cipher.c | 3 - library/psa_crypto_hash.c | 80 -- library/psa_crypto_mac.c | 4 - library/xtea.c | 271 ------- programs/ssl/ssl_context_info.c | 6 - programs/test/benchmark.c | 61 +- programs/test/cpp_dummy_build.cpp | 5 - programs/test/selftest.c | 16 - programs/x509/cert_req.c | 2 +- programs/x509/cert_write.c | 2 +- scripts/data_files/query_config.fmt | 5 - scripts/generate_errors.pl | 6 +- scripts/mbedtls_dev/crypto_knowledge.py | 1 - tests/CMakeLists.txt | 5 - tests/data_files/Makefile | 48 +- tests/data_files/cert_md2.crt | 20 - tests/data_files/cert_md2.csr | 16 - tests/data_files/cert_md4.crt | 20 - tests/data_files/cert_md4.csr | 16 - tests/data_files/crl_md2.pem | 11 - tests/data_files/crl_md4.pem | 11 - tests/data_files/server1.req.md4 | 16 - tests/include/test/psa_exercise_key.h | 9 +- tests/scripts/all.sh | 71 +- tests/scripts/basic-build-test.sh | 4 +- tests/scripts/depends-hashes.pl | 2 - tests/scripts/set_psa_test_dependencies.py | 5 - tests/suites/test_suite_arc4.data | 27 - tests/suites/test_suite_arc4.function | 37 - tests/suites/test_suite_blowfish.data | 311 -------- tests/suites/test_suite_blowfish.function | 216 ------ tests/suites/test_suite_ccm.data | 4 - tests/suites/test_suite_cipher.arc4.data | 107 --- tests/suites/test_suite_cipher.blowfish.data | 607 --------------- tests/suites/test_suite_cipher.padding.data | 16 - tests/suites/test_suite_hkdf.data | 42 +- tests/suites/test_suite_md.data | 208 ------ tests/suites/test_suite_mdx.data | 50 +- tests/suites/test_suite_mdx.function | 56 -- tests/suites/test_suite_nist_kw.data | 4 - tests/suites/test_suite_pkparse.data | 70 +- tests/suites/test_suite_psa_crypto.data | 25 - tests/suites/test_suite_psa_crypto_hash.data | 120 --- .../test_suite_psa_crypto_metadata.data | 20 - tests/suites/test_suite_rsa.data | 34 +- tests/suites/test_suite_rsa.function | 2 - tests/suites/test_suite_ssl.data | 640 ---------------- tests/suites/test_suite_x509parse.data | 220 +++--- tests/suites/test_suite_x509write.data | 4 - tests/suites/test_suite_xtea.data | 76 -- tests/suites/test_suite_xtea.function | 86 --- 85 files changed, 159 insertions(+), 6853 deletions(-) delete mode 100644 include/mbedtls/arc4.h delete mode 100644 include/mbedtls/blowfish.h delete mode 100644 include/mbedtls/md2.h delete mode 100644 include/mbedtls/md4.h delete mode 100644 include/mbedtls/xtea.h delete mode 100644 library/arc4.c delete mode 100644 library/blowfish.c delete mode 100644 library/md2.c delete mode 100644 library/md4.c delete mode 100644 library/xtea.c delete mode 100644 tests/data_files/cert_md2.crt delete mode 100644 tests/data_files/cert_md2.csr delete mode 100644 tests/data_files/cert_md4.crt delete mode 100644 tests/data_files/cert_md4.csr delete mode 100644 tests/data_files/crl_md2.pem delete mode 100644 tests/data_files/crl_md4.pem delete mode 100644 tests/data_files/server1.req.md4 delete mode 100644 tests/suites/test_suite_arc4.data delete mode 100644 tests/suites/test_suite_arc4.function delete mode 100644 tests/suites/test_suite_blowfish.data delete mode 100644 tests/suites/test_suite_blowfish.function delete mode 100644 tests/suites/test_suite_cipher.arc4.data delete mode 100644 tests/suites/test_suite_cipher.blowfish.data delete mode 100644 tests/suites/test_suite_xtea.data delete mode 100644 tests/suites/test_suite_xtea.function diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 29e77b52c9..5b10063277 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -47,11 +47,9 @@ /* Mbed Crypto modules */ #define MBEDTLS_AES_C -#define MBEDTLS_ARC4_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C #define MBEDTLS_BASE64_C -#define MBEDTLS_BLOWFISH_C #define MBEDTLS_CAMELLIA_C #define MBEDTLS_ARIA_C #define MBEDTLS_CCM_C @@ -68,8 +66,6 @@ #define MBEDTLS_HMAC_DRBG_C #define MBEDTLS_NIST_KW_C #define MBEDTLS_MD_C -#define MBEDTLS_MD2_C -#define MBEDTLS_MD4_C #define MBEDTLS_MD5_C #define MBEDTLS_OID_C #define MBEDTLS_PEM_PARSE_C @@ -94,7 +90,6 @@ //#define MBEDTLS_THREADING_C #define MBEDTLS_TIMING_C #define MBEDTLS_VERSION_C -#define MBEDTLS_XTEA_C #include "mbedtls/config_psa.h" diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h index 46fb04fe38..96734bdd80 100644 --- a/doxygen/input/doc_encdec.h +++ b/doxygen/input/doc_encdec.h @@ -45,15 +45,11 @@ * - Symmetric: * - AES (see \c mbedtls_aes_crypt_ecb(), \c mbedtls_aes_crypt_cbc(), \c mbedtls_aes_crypt_cfb128() and * \c mbedtls_aes_crypt_ctr()). - * - ARCFOUR (see \c mbedtls_arc4_crypt()). - * - Blowfish / BF (see \c mbedtls_blowfish_crypt_ecb(), \c mbedtls_blowfish_crypt_cbc(), - * \c mbedtls_blowfish_crypt_cfb64() and \c mbedtls_blowfish_crypt_ctr()) * - Camellia (see \c mbedtls_camellia_crypt_ecb(), \c mbedtls_camellia_crypt_cbc(), * \c mbedtls_camellia_crypt_cfb128() and \c mbedtls_camellia_crypt_ctr()). * - DES/3DES (see \c mbedtls_des_crypt_ecb(), \c mbedtls_des_crypt_cbc(), \c mbedtls_des3_crypt_ecb() * and \c mbedtls_des3_crypt_cbc()). * - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init()) - * - XTEA (see \c mbedtls_xtea_crypt_ecb()). * - Asymmetric: * - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public() * and \c mbedtls_dhm_calc_secret()). diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h index aaa0c7890d..42a3754e1a 100644 --- a/doxygen/input/doc_hashing.h +++ b/doxygen/input/doc_hashing.h @@ -34,7 +34,7 @@ * \c mbedtls_md_setup()) * * The following hashing-algorithms are provided: - * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest. + * - MD5 128-bit one-way hash functions by Ron Rivest. * - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by * NIST and NSA. * diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h deleted file mode 100644 index 6313651207..0000000000 --- a/include/mbedtls/arc4.h +++ /dev/null @@ -1,142 +0,0 @@ -/** - * \file arc4.h - * - * \brief The ARCFOUR stream cipher - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef MBEDTLS_ARC4_H -#define MBEDTLS_ARC4_H -#include "mbedtls/private_access.h" - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_ARC4_ALT) -// Regular implementation -// - -/** - * \brief ARC4 context structure - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - * - */ -typedef struct mbedtls_arc4_context -{ - int MBEDTLS_PRIVATE(x); /*!< permutation index */ - int MBEDTLS_PRIVATE(y); /*!< permutation index */ - unsigned char MBEDTLS_PRIVATE(m)[256]; /*!< permutation table */ -} -mbedtls_arc4_context; - -#else /* MBEDTLS_ARC4_ALT */ -#include "arc4_alt.h" -#endif /* MBEDTLS_ARC4_ALT */ - -/** - * \brief Initialize ARC4 context - * - * \param ctx ARC4 context to be initialized - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - * - */ -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); - -/** - * \brief Clear ARC4 context - * - * \param ctx ARC4 context to be cleared - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - * - */ -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); - -/** - * \brief ARC4 key schedule - * - * \param ctx ARC4 context to be setup - * \param key the secret key - * \param keylen length of the key, in bytes - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - * - */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ); - -/** - * \brief ARC4 cipher function - * - * \param ctx ARC4 context - * \param length length of the input data - * \param input buffer holding the input data - * \param output buffer for the output data - * - * \return 0 if successful - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - * - */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ); - -#if defined(MBEDTLS_SELF_TEST) - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - * - */ -int mbedtls_arc4_self_test( int verbose ); - -#endif /* MBEDTLS_SELF_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* arc4.h */ diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h deleted file mode 100644 index e54d4914dc..0000000000 --- a/include/mbedtls/blowfish.h +++ /dev/null @@ -1,279 +0,0 @@ -/** - * \file blowfish.h - * - * \brief Blowfish block cipher - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_BLOWFISH_H -#define MBEDTLS_BLOWFISH_H -#include "mbedtls/private_access.h" - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include - -#include "mbedtls/platform_util.h" - -#define MBEDTLS_BLOWFISH_ENCRYPT 1 -#define MBEDTLS_BLOWFISH_DECRYPT 0 -#define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448 -#define MBEDTLS_BLOWFISH_MIN_KEY_BITS 32 -#define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */ -#define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ - -#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */ - -#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_BLOWFISH_ALT) -// Regular implementation -// - -/** - * \brief Blowfish context structure - */ -typedef struct mbedtls_blowfish_context -{ - uint32_t MBEDTLS_PRIVATE(P)[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ - uint32_t MBEDTLS_PRIVATE(S)[4][256]; /*!< key dependent S-boxes */ -} -mbedtls_blowfish_context; - -#else /* MBEDTLS_BLOWFISH_ALT */ -#include "blowfish_alt.h" -#endif /* MBEDTLS_BLOWFISH_ALT */ - -/** - * \brief Initialize a Blowfish context. - * - * \param ctx The Blowfish context to be initialized. - * This must not be \c NULL. - */ -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); - -/** - * \brief Clear a Blowfish context. - * - * \param ctx The Blowfish context to be cleared. - * This may be \c NULL, in which case this function - * returns immediately. If it is not \c NULL, it must - * point to an initialized Blowfish context. - */ -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); - -/** - * \brief Perform a Blowfish key schedule operation. - * - * \param ctx The Blowfish context to perform the key schedule on. - * \param key The encryption key. This must be a readable buffer of - * length \p keybits Bits. - * \param keybits The length of \p key in Bits. This must be between - * \c 32 and \c 448 and a multiple of \c 8. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, - unsigned int keybits ); - -/** - * \brief Perform a Blowfish-ECB block encryption/decryption operation. - * - * \param ctx The Blowfish context to use. This must be initialized - * and bound to a key. - * \param mode The mode of operation. Possible values are - * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or - * #MBEDTLS_BLOWFISH_DECRYPT for decryption. - * \param input The input block. This must be a readable buffer - * of size \c 8 Bytes. - * \param output The output block. This must be a writable buffer - * of size \c 8 Bytes. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/** - * \brief Perform a Blowfish-CBC buffer encryption/decryption operation. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx The Blowfish context to use. This must be initialized - * and bound to a key. - * \param mode The mode of operation. Possible values are - * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or - * #MBEDTLS_BLOWFISH_DECRYPT for decryption. - * \param length The length of the input data in Bytes. This must be - * multiple of \c 8. - * \param iv The initialization vector. This must be a read/write buffer - * of length \c 8 Bytes. It is updated by this function. - * \param input The input data. This must be a readable buffer of length - * \p length Bytes. - * \param output The output data. This must be a writable buffer of length - * \p length Bytes. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -/** - * \brief Perform a Blowfish CFB buffer encryption/decryption operation. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx The Blowfish context to use. This must be initialized - * and bound to a key. - * \param mode The mode of operation. Possible values are - * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or - * #MBEDTLS_BLOWFISH_DECRYPT for decryption. - * \param length The length of the input data in Bytes. - * \param iv_off The offset in the initialiation vector. - * The value pointed to must be smaller than \c 8 Bytes. - * It is updated by this function to support the aforementioned - * streaming usage. - * \param iv The initialization vector. This must be a read/write buffer - * of size \c 8 Bytes. It is updated after use. - * \param input The input data. This must be a readable buffer of length - * \p length Bytes. - * \param output The output data. This must be a writable buffer of length - * \p length Bytes. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); -#endif /*MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -/** - * \brief Perform a Blowfish-CTR buffer encryption/decryption operation. - * - * \warning You must never reuse a nonce value with the same key. Doing so - * would void the encryption for the two messages encrypted with - * the same nonce and key. - * - * There are two common strategies for managing nonces with CTR: - * - * 1. You can handle everything as a single message processed over - * successive calls to this function. In that case, you want to - * set \p nonce_counter and \p nc_off to 0 for the first call, and - * then preserve the values of \p nonce_counter, \p nc_off and \p - * stream_block across calls to this function as they will be - * updated by this function. - * - * With this strategy, you must not encrypt more than 2**64 - * blocks of data with the same key. - * - * 2. You can encrypt separate messages by dividing the \p - * nonce_counter buffer in two areas: the first one used for a - * per-message nonce, handled by yourself, and the second one - * updated by this function internally. - * - * For example, you might reserve the first 4 bytes for the - * per-message nonce, and the last 4 bytes for internal use. In that - * case, before calling this function on a new message you need to - * set the first 4 bytes of \p nonce_counter to your chosen nonce - * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p - * stream_block to be ignored). That way, you can encrypt at most - * 2**32 messages of up to 2**32 blocks each with the same key. - * - * The per-message nonce (or information sufficient to reconstruct - * it) needs to be communicated with the ciphertext and must be unique. - * The recommended way to ensure uniqueness is to use a message - * counter. - * - * Note that for both stategies, sizes are measured in blocks and - * that a Blowfish block is 8 bytes. - * - * \warning Upon return, \p stream_block contains sensitive data. Its - * content must not be written to insecure storage and should be - * securely discarded as soon as it's no longer needed. - * - * \param ctx The Blowfish context to use. This must be initialized - * and bound to a key. - * \param length The length of the input data in Bytes. - * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer - * should be \c 0 at the start of a stream and must be - * smaller than \c 8. It is updated by this function. - * \param nonce_counter The 64-bit nonce and counter. This must point to a - * read/write buffer of length \c 8 Bytes. - * \param stream_block The saved stream-block for resuming. This must point to - * a read/write buffer of length \c 8 Bytes. - * \param input The input data. This must be a readable buffer of - * length \p length Bytes. - * \param output The output data. This must be a writable buffer of - * length \p length Bytes. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#ifdef __cplusplus -} -#endif - -#endif /* blowfish.h */ diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 25e1d8d678..63c53094f5 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -45,7 +45,7 @@ #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ defined(MBEDTLS_CHACHA20_C) #define MBEDTLS_CIPHER_MODE_STREAM #endif @@ -73,7 +73,7 @@ extern "C" { /** * \brief Supported cipher types. * - * \warning RC4 and DES are considered weak ciphers and their use + * \warning DES is considered weak cipher and its use * constitutes a security risk. Arm recommends considering stronger * ciphers instead. */ @@ -84,8 +84,6 @@ typedef enum { MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */ MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */ MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ - MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */ - MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */ MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */ MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */ } mbedtls_cipher_id_t; @@ -93,7 +91,7 @@ typedef enum { /** * \brief Supported {cipher type, cipher mode} pairs. * - * \warning RC4 and DES are considered weak ciphers and their use + * \warning DES is considered weak cipher and its use * constitutes a security risk. Arm recommends considering stronger * ciphers instead. */ @@ -136,11 +134,6 @@ typedef enum { MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */ MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */ MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */ - MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */ - MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */ - MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */ - MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */ - MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */ MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */ MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */ MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 16f8f8b350..b566bc789f 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -297,16 +297,14 @@ * Uncomment a macro to enable alternate implementation of the corresponding * module. * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their + * \warning MD5, DES and SHA-1 are considered weak and their * use constitutes a security risk. If possible, we recommend * avoiding dependencies on them, and considering stronger message * digests and ciphers instead. * */ //#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT //#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT //#define MBEDTLS_CAMELLIA_ALT //#define MBEDTLS_CCM_ALT //#define MBEDTLS_CHACHA20_ALT @@ -317,8 +315,6 @@ //#define MBEDTLS_ECJPAKE_ALT //#define MBEDTLS_GCM_ALT //#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT //#define MBEDTLS_MD5_ALT //#define MBEDTLS_POLY1305_ALT //#define MBEDTLS_RIPEMD160_ALT @@ -326,7 +322,6 @@ //#define MBEDTLS_SHA1_ALT //#define MBEDTLS_SHA256_ALT //#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT /* * When replacing the elliptic curve module, pleace consider, that it is @@ -340,8 +335,6 @@ //#define MBEDTLS_ECP_ALT /** - * \def MBEDTLS_MD2_PROCESS_ALT - * * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you * alternate core implementation of symmetric crypto or hash function. Keep in * mind that function prototypes should remain the same. @@ -362,7 +355,7 @@ * Uncomment a macro to enable alternate implementation of the corresponding * function. * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use + * \warning MD5, DES and SHA-1 are considered weak and their use * constitutes a security risk. If possible, we recommend avoiding * dependencies on them, and considering stronger message digests * and ciphers instead. @@ -376,8 +369,6 @@ * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT //#define MBEDTLS_MD5_PROCESS_ALT //#define MBEDTLS_RIPEMD160_PROCESS_ALT //#define MBEDTLS_SHA1_PROCESS_ALT @@ -1940,24 +1931,6 @@ */ #define MBEDTLS_AES_C -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - /** * \def MBEDTLS_ASN1_PARSE_C * @@ -2015,15 +1988,6 @@ */ #define MBEDTLS_BIGNUM_C -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - /** * \def MBEDTLS_CAMELLIA_C * @@ -2426,40 +2390,6 @@ */ #define MBEDTLS_MD_C -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - /** * \def MBEDTLS_MD5_C * @@ -2655,7 +2585,6 @@ * Caller: library/pkparse.c * * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C * * This module enables PKCS#12 functions. */ @@ -3100,16 +3029,6 @@ */ #define MBEDTLS_X509_CSR_WRITE_C -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - /* \} name SECTION: mbed TLS modules */ /** diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index f5db94ea0a..a0f2637fb0 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -103,16 +103,6 @@ extern "C" { #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ #endif /* PSA_WANT_ALG_HMAC */ -#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2) -#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1 -#define MBEDTLS_MD2_C -#endif - -#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4) -#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1 -#define MBEDTLS_MD4_C -#endif - #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 #define MBEDTLS_MD5_C @@ -277,13 +267,6 @@ extern "C" { #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ #endif /* PSA_WANT_KEY_TYPE_AES */ -#if defined(PSA_WANT_KEY_TYPE_ARC4) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1 -#define MBEDTLS_ARC4_C -#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */ -#endif /* PSA_WANT_KEY_TYPE_ARC4 */ - #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 @@ -591,16 +574,6 @@ extern "C" { #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 #endif /* MBEDTLS_MD_C */ -#if defined(MBEDTLS_MD2_C) -#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1 -#define PSA_WANT_ALG_MD2 1 -#endif - -#if defined(MBEDTLS_MD4_C) -#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1 -#define PSA_WANT_ALG_MD4 1 -#endif - #if defined(MBEDTLS_MD5_C) #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 #define PSA_WANT_ALG_MD5 1 @@ -661,13 +634,6 @@ extern "C" { #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 #endif -#if defined(MBEDTLS_ARC4_C) -#define PSA_WANT_KEY_TYPE_ARC4 1 -#define PSA_WANT_ALG_STREAM_CIPHER 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1 -#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 -#endif - #if defined(MBEDTLS_CAMELLIA_C) #define PSA_WANT_KEY_TYPE_CAMELLIA 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 199ea3df9b..2835fd55c3 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -61,11 +61,9 @@ * ERROR 2 0x006E 0x0001 * MPI 7 0x0002-0x0010 * GCM 3 0x0012-0x0014 0x0013-0x0013 - * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017 * THREADING 3 0x001A-0x001E * AES 5 0x0020-0x0022 0x0021-0x0025 * CAMELLIA 3 0x0024-0x0026 0x0027-0x0027 - * XTEA 2 0x0028-0x0028 0x0029-0x0029 * BASE64 2 0x002A-0x002C * OID 1 0x002E-0x002E 0x000B-0x000B * PADLOCK 1 0x0030-0x0030 @@ -79,9 +77,6 @@ * PBKDF2 1 0x007C-0x007C * HMAC_DRBG 4 0x0003-0x0009 * CCM 3 0x000D-0x0011 - * ARC4 1 0x0019-0x0019 - * MD2 1 0x002B-0x002B - * MD4 1 0x002D-0x002D * MD5 1 0x002F-0x002F * RIPEMD160 1 0x0031-0x0031 * SHA1 1 0x0035-0x0035 0x0073-0x0073 diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 21dc7c4aa5..7bf821340c 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -46,15 +46,13 @@ extern "C" { /** * \brief Supported message digests. * - * \warning MD2, MD4, MD5 and SHA-1 are considered weak message digests and + * \warning MD5 and SHA-1 are considered weak message digests and * their use constitutes a security risk. We recommend considering * stronger message digests instead. * */ typedef enum { MBEDTLS_MD_NONE=0, /**< None. */ - MBEDTLS_MD_MD2, /**< The MD2 message digest. */ - MBEDTLS_MD_MD4, /**< The MD4 message digest. */ MBEDTLS_MD_MD5, /**< The MD5 message digest. */ MBEDTLS_MD_SHA1, /**< The SHA-1 message digest. */ MBEDTLS_MD_SHA224, /**< The SHA-224 message digest. */ diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h deleted file mode 100644 index efb11ffc91..0000000000 --- a/include/mbedtls/md2.h +++ /dev/null @@ -1,204 +0,0 @@ -/** - * \file md2.h - * - * \brief MD2 message digest algorithm (hash function) - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. We recommend considering stronger message digests - * instead. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef MBEDTLS_MD2_H -#define MBEDTLS_MD2_H -#include "mbedtls/private_access.h" - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_MD2_ALT) -// Regular implementation -// - -/** - * \brief MD2 context structure - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -typedef struct mbedtls_md2_context -{ - unsigned char MBEDTLS_PRIVATE(cksum)[16]; /*!< checksum of the data block */ - unsigned char MBEDTLS_PRIVATE(state)[48]; /*!< intermediate digest state */ - unsigned char MBEDTLS_PRIVATE(buffer)[16]; /*!< data block being processed */ - size_t MBEDTLS_PRIVATE(left); /*!< amount of data in buffer */ -} -mbedtls_md2_context; - -#else /* MBEDTLS_MD2_ALT */ -#include "md2_alt.h" -#endif /* MBEDTLS_MD2_ALT */ - -/** - * \brief Initialize MD2 context - * - * \param ctx MD2 context to be initialized - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md2_init( mbedtls_md2_context *ctx ); - -/** - * \brief Clear MD2 context - * - * \param ctx MD2 context to be cleared - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md2_free( mbedtls_md2_context *ctx ); - -/** - * \brief Clone (the state of) an MD2 context - * - * \param dst The destination context - * \param src The context to be cloned - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ); - -/** - * \brief MD2 context setup - * - * \param ctx context to be initialized - * - * \return 0 if successful - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md2_starts( mbedtls_md2_context *ctx ); - -/** - * \brief MD2 process buffer - * - * \param ctx MD2 context - * \param input buffer holding the data - * \param ilen length of the input data - * - * \return 0 if successful - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); - -/** - * \brief MD2 final digest - * - * \param ctx MD2 context - * \param output MD2 checksum result - * - * \return 0 if successful - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ); - -/** - * \brief MD2 process data block (internal use only) - * - * \param ctx MD2 context - * - * \return 0 if successful - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); - -/** - * \brief Output = MD2( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD2 checksum result - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); - -#if defined(MBEDTLS_SELF_TEST) - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - * - * \warning MD2 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md2_self_test( int verbose ); - -#endif /* MBEDTLS_SELF_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_md2.h */ diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h deleted file mode 100644 index 14f3bc3ebc..0000000000 --- a/include/mbedtls/md4.h +++ /dev/null @@ -1,207 +0,0 @@ -/** - * \file md4.h - * - * \brief MD4 message digest algorithm (hash function) - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. We recommend considering stronger message digests - * instead. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef MBEDTLS_MD4_H -#define MBEDTLS_MD4_H -#include "mbedtls/private_access.h" - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_MD4_ALT) -// Regular implementation -// - -/** - * \brief MD4 context structure - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -typedef struct mbedtls_md4_context -{ - uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ - uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */ - unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ -} -mbedtls_md4_context; - -#else /* MBEDTLS_MD4_ALT */ -#include "md4_alt.h" -#endif /* MBEDTLS_MD4_ALT */ - -/** - * \brief Initialize MD4 context - * - * \param ctx MD4 context to be initialized - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md4_init( mbedtls_md4_context *ctx ); - -/** - * \brief Clear MD4 context - * - * \param ctx MD4 context to be cleared - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md4_free( mbedtls_md4_context *ctx ); - -/** - * \brief Clone (the state of) an MD4 context - * - * \param dst The destination context - * \param src The context to be cloned - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ); - -/** - * \brief MD4 context setup - * - * \param ctx context to be initialized - * - * \return 0 if successful - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - */ -int mbedtls_md4_starts( mbedtls_md4_context *ctx ); - -/** - * \brief MD4 process buffer - * - * \param ctx MD4 context - * \param input buffer holding the data - * \param ilen length of the input data - * - * \return 0 if successful - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); - -/** - * \brief MD4 final digest - * - * \param ctx MD4 context - * \param output MD4 checksum result - * - * \return 0 if successful - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ); - -/** - * \brief MD4 process data block (internal use only) - * - * \param ctx MD4 context - * \param data buffer holding one block of data - * - * \return 0 if successful - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ); - -/** - * \brief Output = MD4( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD4 checksum result - * - * \return 0 if successful - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); - -#if defined(MBEDTLS_SELF_TEST) - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - * - * \warning MD4 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_md4_self_test( int verbose ); - -#endif /* MBEDTLS_SELF_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_md4.h */ diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index c866ebe3b5..19210424d4 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -231,8 +231,6 @@ * PKCS#1 OIDs */ #define MBEDTLS_OID_PKCS1_RSA MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */ -#define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */ -#define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */ #define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */ #define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */ #define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */ @@ -251,8 +249,6 @@ /* * Digest algorithms */ -#define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ -#define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ @@ -303,8 +299,6 @@ /* * PKCS#5 PBES1 algorithms */ -#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */ -#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */ #define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */ #define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */ #define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */ @@ -320,8 +314,6 @@ */ #define MBEDTLS_OID_PKCS12_PBE MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */ -#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */ -#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */ diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 4b8ce7ed0d..06092d36eb 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -52,25 +52,6 @@ extern "C" { #if defined(MBEDTLS_ASN1_PARSE_C) -/** - * \brief PKCS12 Password Based function (encryption / decryption) - * for pbeWithSHAAnd128BitRC4 - * - * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT - * \param pwd the password used (may be NULL if no password is used) - * \param pwdlen length of the password (may be 0) - * \param input the input data - * \param len data length - * \param output the output buffer - * - * \return 0 if successful, or a MBEDTLS_ERR_XXX code - */ -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output ); - /** * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index d5feecb9b8..d7b9b172d3 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -121,14 +121,6 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg { switch( md_alg ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( PSA_ALG_MD2 ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( PSA_ALG_MD4 ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( PSA_ALG_MD5 ); diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h deleted file mode 100644 index 72c998edfd..0000000000 --- a/include/mbedtls/xtea.h +++ /dev/null @@ -1,135 +0,0 @@ -/** - * \file xtea.h - * - * \brief XTEA block cipher (32-bit) - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_XTEA_H -#define MBEDTLS_XTEA_H -#include "mbedtls/private_access.h" - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include - -#define MBEDTLS_XTEA_ENCRYPT 1 -#define MBEDTLS_XTEA_DECRYPT 0 - -#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_XTEA_ALT) -// Regular implementation -// - -/** - * \brief XTEA context structure - */ -typedef struct mbedtls_xtea_context -{ - uint32_t MBEDTLS_PRIVATE(k)[4]; /*!< key */ -} -mbedtls_xtea_context; - -#else /* MBEDTLS_XTEA_ALT */ -#include "xtea_alt.h" -#endif /* MBEDTLS_XTEA_ALT */ - -/** - * \brief Initialize XTEA context - * - * \param ctx XTEA context to be initialized - */ -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ); - -/** - * \brief Clear XTEA context - * - * \param ctx XTEA context to be cleared - */ -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); - -/** - * \brief XTEA key schedule - * - * \param ctx XTEA context to be initialized - * \param key the secret key - */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ); - -/** - * \brief XTEA cipher function - * - * \param ctx XTEA context - * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT - * \param input 8-byte input block - * \param output 8-byte output block - * - * \return 0 if successful - */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, - int mode, - const unsigned char input[8], - unsigned char output[8] ); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/** - * \brief XTEA CBC cipher function - * - * \param ctx XTEA context - * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT - * \param length the length of input, multiple of 8 - * \param iv initialization vector for CBC mode - * \param input input block - * \param output output block - * - * \return 0 if successful, - * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 - */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_SELF_TEST) - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int mbedtls_xtea_self_test( int verbose ); - -#endif /* MBEDTLS_SELF_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* xtea.h */ diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 534902f2df..3532fef4d7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3682,7 +3682,6 @@ psa_status_t psa_key_derivation_output_bytes( * The following key types defined in this specification follow this scheme: * * - #PSA_KEY_TYPE_AES; - * - #PSA_KEY_TYPE_ARC4; * - #PSA_KEY_TYPE_CAMELLIA; * - #PSA_KEY_TYPE_DERIVE; * - #PSA_KEY_TYPE_HMAC; diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 674c7d060d..20451c95e5 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -40,17 +40,13 @@ * Hash multi-part operation definitions. */ -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ @@ -66,12 +62,6 @@ typedef struct union { unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD2_C) - mbedtls_md2_context MBEDTLS_PRIVATE(md2); -#endif -#if defined(MBEDTLS_MD4_C) - mbedtls_md4_context MBEDTLS_PRIVATE(md4); -#endif #if defined(MBEDTLS_MD5_C) mbedtls_md5_context MBEDTLS_PRIVATE(md5); #endif diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index eb1649242a..32ef1c2f26 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -69,8 +69,6 @@ #define PSA_WANT_ALG_GCM 1 #define PSA_WANT_ALG_HKDF 1 #define PSA_WANT_ALG_HMAC 1 -#define PSA_WANT_ALG_MD2 1 -#define PSA_WANT_ALG_MD4 1 #define PSA_WANT_ALG_MD5 1 #define PSA_WANT_ALG_OFB 1 /* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. @@ -118,7 +116,6 @@ #define PSA_WANT_KEY_TYPE_DERIVE 1 #define PSA_WANT_KEY_TYPE_HMAC 1 #define PSA_WANT_KEY_TYPE_AES 1 -#define PSA_WANT_KEY_TYPE_ARC4 1 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 #define PSA_WANT_KEY_TYPE_CHACHA20 1 #define PSA_WANT_KEY_TYPE_DES 1 diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 79f96739ba..15cdb416a5 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -68,8 +68,6 @@ */ #define PSA_HASH_LENGTH(alg) \ ( \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 31a64647e3..391ae60f72 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -481,12 +481,6 @@ * Camellia block cipher. */ #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) -/** Key for the RC4 stream cipher. - * - * Note that RC4 is weak and deprecated and should only be used in - * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002) - /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. @@ -850,10 +844,6 @@ (alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) -/** MD2 */ -#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) -/** MD4 */ -#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002) /** MD5 */ #define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) /** PSA_ALG_RIPEMD160 */ @@ -1115,7 +1105,6 @@ * * The underlying stream cipher is determined by the key type. * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20. - * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4. */ #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index f31820a2f8..d6ecba59b9 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -13,13 +13,11 @@ endif() set(src_crypto aes.c aesni.c - arc4.c aria.c asn1parse.c asn1write.c base64.c bignum.c - blowfish.c camellia.c ccm.c chacha20.c @@ -42,8 +40,6 @@ set(src_crypto hkdf.c hmac_drbg.c md.c - md2.c - md4.c md5.c memory_buffer_alloc.c mps_reader.c @@ -84,7 +80,6 @@ set(src_crypto timing.c version.c version_features.c - xtea.c ) list(APPEND src_crypto ${thirdparty_src}) diff --git a/library/Makefile b/library/Makefile index 90a477d431..62fd99709c 100644 --- a/library/Makefile +++ b/library/Makefile @@ -72,13 +72,11 @@ endif OBJS_CRYPTO= \ aes.o \ aesni.o \ - arc4.o \ aria.o \ asn1parse.o \ asn1write.o \ base64.o \ bignum.o \ - blowfish.o \ camellia.o \ ccm.o \ chacha20.o \ @@ -101,8 +99,6 @@ OBJS_CRYPTO= \ hkdf.o \ hmac_drbg.o \ md.o \ - md2.o \ - md4.o \ md5.o \ memory_buffer_alloc.o \ mps_reader.o \ @@ -143,7 +139,6 @@ OBJS_CRYPTO= \ timing.o \ version.o \ version_features.o \ - xtea.o \ # This line is intentionally left blank include ../3rdparty/Makefile.inc diff --git a/library/arc4.c b/library/arc4.c deleted file mode 100644 index b34dc5e754..0000000000 --- a/library/arc4.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - * An implementation of the ARCFOUR algorithm - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The ARCFOUR algorithm was publicly disclosed on 94/09. - * - * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0 - */ - -#include "common.h" - -#if defined(MBEDTLS_ARC4_C) - -#include "mbedtls/arc4.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if !defined(MBEDTLS_ARC4_ALT) - -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); -} - -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) ); -} - -/* - * ARC4 key schedule - */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ) -{ - int i, j, a; - unsigned int k; - unsigned char *m; - - ctx->x = 0; - ctx->y = 0; - m = ctx->m; - - for( i = 0; i < 256; i++ ) - m[i] = (unsigned char) i; - - j = k = 0; - - for( i = 0; i < 256; i++, k++ ) - { - if( k >= keylen ) k = 0; - - a = m[i]; - j = ( j + a + key[k] ) & 0xFF; - m[i] = m[j]; - m[j] = (unsigned char) a; - } -} - -/* - * ARC4 cipher function - */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ) -{ - int x, y, a, b; - size_t i; - unsigned char *m; - - x = ctx->x; - y = ctx->y; - m = ctx->m; - - for( i = 0; i < length; i++ ) - { - x = ( x + 1 ) & 0xFF; a = m[x]; - y = ( y + a ) & 0xFF; b = m[y]; - - m[x] = (unsigned char) b; - m[y] = (unsigned char) a; - - output[i] = (unsigned char) - ( input[i] ^ m[(unsigned char)( a + b )] ); - } - - ctx->x = x; - ctx->y = y; - - return( 0 ); -} - -#endif /* !MBEDTLS_ARC4_ALT */ - -#if defined(MBEDTLS_SELF_TEST) -/* - * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994: - * - * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0 - */ -static const unsigned char arc4_test_key[3][8] = -{ - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}; - -static const unsigned char arc4_test_pt[3][8] = -{ - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}; - -static const unsigned char arc4_test_ct[3][8] = -{ - { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 }, - { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 }, - { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A } -}; - -/* - * Checkup routine - */ -int mbedtls_arc4_self_test( int verbose ) -{ - int i, ret = 0; - unsigned char ibuf[8]; - unsigned char obuf[8]; - mbedtls_arc4_context ctx; - - mbedtls_arc4_init( &ctx ); - - for( i = 0; i < 3; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ARC4 test #%d: ", i + 1 ); - - memcpy( ibuf, arc4_test_pt[i], 8 ); - - mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 ); - mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf ); - - if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - -exit: - mbedtls_arc4_free( &ctx ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_ARC4_C */ diff --git a/library/blowfish.c b/library/blowfish.c deleted file mode 100644 index 76da448976..0000000000 --- a/library/blowfish.c +++ /dev/null @@ -1,690 +0,0 @@ -/* - * Blowfish implementation - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The Blowfish block cipher was designed by Bruce Schneier in 1993. - * http://www.schneier.com/blowfish.html - * http://en.wikipedia.org/wiki/Blowfish_%28cipher%29 - * - */ - -#include "common.h" - -#if defined(MBEDTLS_BLOWFISH_C) - -#include "mbedtls/blowfish.h" -#include "mbedtls/platform_util.h" - -#include - -#if !defined(MBEDTLS_BLOWFISH_ALT) - -/* Parameter validation macros */ -#define BLOWFISH_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ) -#define BLOWFISH_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - -static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = { - 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, - 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, - 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, - 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, - 0x9216D5D9L, 0x8979FB1BL -}; - -/* declarations of data at the end of this file */ -static const uint32_t S[4][256]; - -static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x ) -{ - unsigned short a, b, c, d; - uint32_t y; - - d = (unsigned short)(x & 0xFF); - x >>= 8; - c = (unsigned short)(x & 0xFF); - x >>= 8; - b = (unsigned short)(x & 0xFF); - x >>= 8; - a = (unsigned short)(x & 0xFF); - y = ctx->S[0][a] + ctx->S[1][b]; - y = y ^ ctx->S[2][c]; - y = y + ctx->S[3][d]; - - return( y ); -} - -static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) -{ - uint32_t Xl, Xr, temp; - short i; - - Xl = *xl; - Xr = *xr; - - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i ) - { - Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; - - temp = Xl; - Xl = Xr; - Xr = temp; - } - - temp = Xl; - Xl = Xr; - Xr = temp; - - Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS]; - Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1]; - - *xl = Xl; - *xr = Xr; -} - -static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) -{ - uint32_t Xl, Xr, temp; - short i; - - Xl = *xl; - Xr = *xr; - - for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i ) - { - Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; - - temp = Xl; - Xl = Xr; - Xr = temp; - } - - temp = Xl; - Xl = Xr; - Xr = temp; - - Xr = Xr ^ ctx->P[1]; - Xl = Xl ^ ctx->P[0]; - - *xl = Xl; - *xr = Xr; -} - -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) -{ - BLOWFISH_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); -} - -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) ); -} - -/* - * Blowfish key schedule - */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, - const unsigned char *key, - unsigned int keybits ) -{ - unsigned int i, j, k; - uint32_t data, datal, datar; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( key != NULL ); - - if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || - keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || - keybits % 8 != 0 ) - { - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); - } - - keybits >>= 3; - - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j++ ) - ctx->S[i][j] = S[i][j]; - } - - j = 0; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i ) - { - data = 0x00000000; - for( k = 0; k < 4; ++k ) - { - data = ( data << 8 ) | key[j++]; - if( j >= keybits ) - j = 0; - } - ctx->P[i] = P[i] ^ data; - } - - datal = 0x00000000; - datar = 0x00000000; - - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); - ctx->P[i] = datal; - ctx->P[i + 1] = datar; - } - - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); - ctx->S[i][j] = datal; - ctx->S[i][j + 1] = datar; - } - } - return( 0 ); -} - -/* - * Blowfish-ECB block encryption/decryption - */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) -{ - uint32_t X0, X1; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( input != NULL ); - BLOWFISH_VALIDATE_RET( output != NULL ); - - GET_UINT32_BE( X0, input, 0 ); - GET_UINT32_BE( X1, input, 4 ); - - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - blowfish_dec( ctx, &X0, &X1 ); - } - else /* MBEDTLS_BLOWFISH_ENCRYPT */ - { - blowfish_enc( ctx, &X0, &X1 ); - } - - PUT_UINT32_BE( X0, output, 0 ); - PUT_UINT32_BE( X1, output, 4 ); - - return( 0 ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/* - * Blowfish-CBC buffer encryption/decryption - */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) -{ - int i; - unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); - - if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) - return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); - - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE ); - mbedtls_blowfish_crypt_ecb( ctx, mode, input, output ); - - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); - - memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE ); - - input += MBEDTLS_BLOWFISH_BLOCKSIZE; - output += MBEDTLS_BLOWFISH_BLOCKSIZE; - length -= MBEDTLS_BLOWFISH_BLOCKSIZE; - } - } - else - { - while( length > 0 ) - { - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); - - mbedtls_blowfish_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE ); - - input += MBEDTLS_BLOWFISH_BLOCKSIZE; - output += MBEDTLS_BLOWFISH_BLOCKSIZE; - length -= MBEDTLS_BLOWFISH_BLOCKSIZE; - } - } - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -/* - * Blowfish CFB buffer encryption/decryption - */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) -{ - int c; - size_t n; - - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( iv_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); - - n = *iv_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); - - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); - - c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); - iv[n] = (unsigned char) c; - - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; - } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); - - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); - - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; - } - } - - *iv_off = n; - - return( 0 ); -} -#endif /*MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -/* - * Blowfish CTR buffer encryption/decryption - */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) -{ - int c, i; - size_t n; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( nonce_counter != NULL ); - BLOWFISH_VALIDATE_RET( stream_block != NULL ); - BLOWFISH_VALIDATE_RET( nc_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); - - n = *nc_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); - - while( length-- ) - { - if( n == 0 ) { - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, - stream_block ); - - for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) - break; - } - c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); - - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; - } - - *nc_off = n; - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -static const uint32_t S[4][256] = { - { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L, - 0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L, - 0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L, - 0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL, - 0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL, - 0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L, - 0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL, - 0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL, - 0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L, - 0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L, - 0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL, - 0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL, - 0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL, - 0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L, - 0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L, - 0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L, - 0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L, - 0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L, - 0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL, - 0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L, - 0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L, - 0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L, - 0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L, - 0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL, - 0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L, - 0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL, - 0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL, - 0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L, - 0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL, - 0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L, - 0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL, - 0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L, - 0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L, - 0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL, - 0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L, - 0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L, - 0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL, - 0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L, - 0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL, - 0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L, - 0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L, - 0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL, - 0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L, - 0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L, - 0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L, - 0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L, - 0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L, - 0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL, - 0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL, - 0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L, - 0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L, - 0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L, - 0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L, - 0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL, - 0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L, - 0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL, - 0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL, - 0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L, - 0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L, - 0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L, - 0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L, - 0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L, - 0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L, - 0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL }, - { 0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L, - 0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L, - 0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L, - 0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL, - 0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L, - 0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L, - 0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL, - 0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L, - 0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L, - 0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L, - 0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL, - 0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL, - 0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L, - 0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L, - 0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L, - 0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L, - 0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL, - 0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL, - 0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL, - 0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L, - 0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL, - 0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L, - 0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L, - 0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL, - 0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL, - 0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L, - 0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL, - 0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L, - 0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL, - 0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL, - 0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L, - 0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L, - 0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L, - 0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L, - 0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L, - 0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L, - 0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L, - 0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL, - 0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L, - 0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL, - 0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L, - 0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L, - 0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L, - 0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L, - 0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L, - 0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L, - 0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L, - 0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L, - 0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L, - 0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L, - 0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L, - 0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L, - 0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L, - 0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L, - 0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L, - 0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L, - 0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL, - 0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL, - 0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L, - 0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL, - 0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L, - 0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L, - 0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L, - 0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L }, - { 0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L, - 0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L, - 0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL, - 0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L, - 0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L, - 0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L, - 0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL, - 0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL, - 0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL, - 0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L, - 0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L, - 0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL, - 0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L, - 0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL, - 0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L, - 0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL, - 0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L, - 0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL, - 0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L, - 0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL, - 0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L, - 0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L, - 0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL, - 0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L, - 0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L, - 0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L, - 0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L, - 0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL, - 0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L, - 0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL, - 0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L, - 0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL, - 0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L, - 0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL, - 0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL, - 0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL, - 0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L, - 0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L, - 0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL, - 0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL, - 0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL, - 0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL, - 0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL, - 0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L, - 0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L, - 0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L, - 0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L, - 0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL, - 0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL, - 0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L, - 0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L, - 0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L, - 0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L, - 0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L, - 0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L, - 0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L, - 0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L, - 0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L, - 0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L, - 0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL, - 0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L, - 0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL, - 0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L, - 0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L }, - { 0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL, - 0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL, - 0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL, - 0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L, - 0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L, - 0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L, - 0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L, - 0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L, - 0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L, - 0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L, - 0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L, - 0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L, - 0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L, - 0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L, - 0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L, - 0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL, - 0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL, - 0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L, - 0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL, - 0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL, - 0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL, - 0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L, - 0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL, - 0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL, - 0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L, - 0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L, - 0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L, - 0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L, - 0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL, - 0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL, - 0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L, - 0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L, - 0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L, - 0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL, - 0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L, - 0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L, - 0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L, - 0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL, - 0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L, - 0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L, - 0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L, - 0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL, - 0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL, - 0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L, - 0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L, - 0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L, - 0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L, - 0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL, - 0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L, - 0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL, - 0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL, - 0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L, - 0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L, - 0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL, - 0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L, - 0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL, - 0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L, - 0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL, - 0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L, - 0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L, - 0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL, - 0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L, - 0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL, - 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L } -}; - -#endif /* !MBEDTLS_BLOWFISH_ALT */ -#endif /* MBEDTLS_BLOWFISH_C */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7f23387250..5776d5e45d 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -36,10 +36,6 @@ #include "mbedtls/aes.h" #endif -#if defined(MBEDTLS_ARC4_C) -#include "mbedtls/arc4.h" -#endif - #if defined(MBEDTLS_CAMELLIA_C) #include "mbedtls/camellia.h" #endif @@ -52,10 +48,6 @@ #include "mbedtls/des.h" #endif -#if defined(MBEDTLS_BLOWFISH_C) -#include "mbedtls/blowfish.h" -#endif - #if defined(MBEDTLS_CHACHA20_C) #include "mbedtls/chacha20.h" #endif @@ -1674,225 +1666,6 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ -#if defined(MBEDTLS_BLOWFISH_C) - -static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input, - output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, const unsigned char *input, - unsigned char *output ) -{ - return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv, - input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length, - iv_off, iv, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen ); -} - -static void * blowfish_ctx_alloc( void ) -{ - mbedtls_blowfish_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_blowfish_init( ctx ); - - return( ctx ); -} - -static void blowfish_ctx_free( void *ctx ) -{ - mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t blowfish_info = { - MBEDTLS_CIPHER_ID_BLOWFISH, - blowfish_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - blowfish_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - blowfish_crypt_cfb64_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - blowfish_crypt_ctr_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - blowfish_setkey_wrap, - blowfish_setkey_wrap, - blowfish_ctx_alloc, - blowfish_ctx_free -}; - -static const mbedtls_cipher_info_t blowfish_ecb_info = { - MBEDTLS_CIPHER_BLOWFISH_ECB, - MBEDTLS_MODE_ECB, - 128, - "BLOWFISH-ECB", - 0, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t blowfish_cbc_info = { - MBEDTLS_CIPHER_BLOWFISH_CBC, - MBEDTLS_MODE_CBC, - 128, - "BLOWFISH-CBC", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static const mbedtls_cipher_info_t blowfish_cfb64_info = { - MBEDTLS_CIPHER_BLOWFISH_CFB64, - MBEDTLS_MODE_CFB, - 128, - "BLOWFISH-CFB64", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static const mbedtls_cipher_info_t blowfish_ctr_info = { - MBEDTLS_CIPHER_BLOWFISH_CTR, - MBEDTLS_MODE_CTR, - 128, - "BLOWFISH-CTR", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#endif /* MBEDTLS_BLOWFISH_C */ - -#if defined(MBEDTLS_ARC4_C) -static int arc4_crypt_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) -{ - return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) ); -} - -static int arc4_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - /* we get key_bitlen in bits, arc4 expects it in bytes */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 ); - return( 0 ); -} - -static void * arc4_ctx_alloc( void ) -{ - mbedtls_arc4_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_arc4_init( ctx ); - - return( ctx ); -} - -static void arc4_ctx_free( void *ctx ) -{ - mbedtls_arc4_free( (mbedtls_arc4_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t arc4_base_info = { - MBEDTLS_CIPHER_ID_ARC4, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - arc4_crypt_stream_wrap, -#endif - arc4_setkey_wrap, - arc4_setkey_wrap, - arc4_ctx_alloc, - arc4_ctx_free -}; - -static const mbedtls_cipher_info_t arc4_128_info = { - MBEDTLS_CIPHER_ARC4_128, - MBEDTLS_MODE_STREAM, - 128, - "ARC4-128", - 0, - 0, - 1, - &arc4_base_info -}; -#endif /* MBEDTLS_ARC4_C */ - #if defined(MBEDTLS_CHACHA20_C) static int chacha20_setkey_wrap( void *ctx, const unsigned char *key, @@ -2285,23 +2058,6 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = #endif #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_ARC4_C) - { MBEDTLS_CIPHER_ARC4_128, &arc4_128_info }, -#endif - -#if defined(MBEDTLS_BLOWFISH_C) - { MBEDTLS_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info }, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - { MBEDTLS_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - { MBEDTLS_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info }, -#endif -#endif /* MBEDTLS_BLOWFISH_C */ - #if defined(MBEDTLS_CAMELLIA_C) { MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info }, { MBEDTLS_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info }, diff --git a/library/md.c b/library/md.c index 53afbef535..a228789653 100644 --- a/library/md.c +++ b/library/md.c @@ -30,8 +30,6 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" #include "mbedtls/sha1.h" @@ -52,24 +50,6 @@ #include #endif -#if defined(MBEDTLS_MD2_C) -const mbedtls_md_info_t mbedtls_md2_info = { - "MD2", - MBEDTLS_MD_MD2, - 16, - 16, -}; -#endif - -#if defined(MBEDTLS_MD4_C) -const mbedtls_md_info_t mbedtls_md4_info = { - "MD4", - MBEDTLS_MD_MD4, - 16, - 64, -}; -#endif - #if defined(MBEDTLS_MD5_C) const mbedtls_md_info_t mbedtls_md5_info = { "MD5", @@ -165,14 +145,6 @@ static const int supported_digests[] = { MBEDTLS_MD_MD5, #endif -#if defined(MBEDTLS_MD4_C) - MBEDTLS_MD_MD4, -#endif - -#if defined(MBEDTLS_MD2_C) - MBEDTLS_MD_MD2, -#endif - MBEDTLS_MD_NONE }; @@ -187,14 +159,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return( NULL ); /* Get the appropriate digest information */ -#if defined(MBEDTLS_MD2_C) - if( !strcmp( "MD2", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 ); -#endif -#if defined(MBEDTLS_MD4_C) - if( !strcmp( "MD4", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 ); -#endif #if defined(MBEDTLS_MD5_C) if( !strcmp( "MD5", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ); @@ -230,14 +194,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { switch( md_type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( &mbedtls_md2_info ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( &mbedtls_md4_info ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( &mbedtls_md5_info ); @@ -285,16 +241,6 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) { switch( ctx->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - mbedtls_md2_free( ctx->md_ctx ); - break; -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - mbedtls_md4_free( ctx->md_ctx ); - break; -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: mbedtls_md5_free( ctx->md_ctx ); @@ -359,16 +305,6 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, switch( src->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - mbedtls_md2_clone( dst->md_ctx, src->md_ctx ); - break; -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - mbedtls_md4_clone( dst->md_ctx, src->md_ctx ); - break; -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: mbedtls_md5_clone( dst->md_ctx, src->md_ctx ); @@ -431,16 +367,6 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf switch( md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - ALLOC( md2 ); - break; -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - ALLOC( md4 ); - break; -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: ALLOC( md5 ); @@ -501,14 +427,6 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) switch( ctx->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( mbedtls_md2_starts( ctx->md_ctx ) ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( mbedtls_md4_starts( ctx->md_ctx ) ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( mbedtls_md5_starts( ctx->md_ctx ) ); @@ -549,14 +467,6 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si switch( ctx->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( mbedtls_md2_update( ctx->md_ctx, input, ilen ) ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( mbedtls_md4_update( ctx->md_ctx, input, ilen ) ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) ); @@ -597,14 +507,6 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) switch( ctx->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( mbedtls_md2_finish( ctx->md_ctx, output ) ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( mbedtls_md4_finish( ctx->md_ctx, output ) ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( mbedtls_md5_finish( ctx->md_ctx, output ) ); @@ -646,14 +548,6 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si switch( md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( mbedtls_md2( input, ilen, output ) ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( mbedtls_md4( input, ilen, output ) ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( mbedtls_md5( input, ilen, output ) ); @@ -858,14 +752,6 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) switch( ctx->md_info->type ) { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( mbedtls_internal_md2_process( ctx->md_ctx ) ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( mbedtls_internal_md4_process( ctx->md_ctx, data ) ); -#endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: return( mbedtls_internal_md5_process( ctx->md_ctx, data ) ); diff --git a/library/md2.c b/library/md2.c deleted file mode 100644 index e02c2f0230..0000000000 --- a/library/md2.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * RFC 1115/1319 compliant MD2 implementation - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The MD2 algorithm was designed by Ron Rivest in 1989. - * - * http://www.ietf.org/rfc/rfc1115.txt - * http://www.ietf.org/rfc/rfc1319.txt - */ - -#include "common.h" - -#if defined(MBEDTLS_MD2_C) - -#include "mbedtls/md2.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if !defined(MBEDTLS_MD2_ALT) - -static const unsigned char PI_SUBST[256] = -{ - 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36, - 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3, - 0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, - 0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16, - 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E, - 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E, - 0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, - 0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21, - 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E, - 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3, - 0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, - 0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6, - 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D, - 0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65, - 0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, - 0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F, - 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C, - 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E, - 0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, - 0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA, - 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88, - 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE, - 0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, - 0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A, - 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99, - 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 -}; - -void mbedtls_md2_init( mbedtls_md2_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_md2_context ) ); -} - -void mbedtls_md2_free( mbedtls_md2_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) ); -} - -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ) -{ - *dst = *src; -} - -/* - * MD2 context setup - */ -int mbedtls_md2_starts( mbedtls_md2_context *ctx ) -{ - memset( ctx->cksum, 0, 16 ); - memset( ctx->state, 0, 46 ); - memset( ctx->buffer, 0, 16 ); - ctx->left = 0; - - return( 0 ); -} - -#if !defined(MBEDTLS_MD2_PROCESS_ALT) -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ) -{ - int i, j; - unsigned char t = 0; - - for( i = 0; i < 16; i++ ) - { - ctx->state[i + 16] = ctx->buffer[i]; - ctx->state[i + 32] = - (unsigned char)( ctx->buffer[i] ^ ctx->state[i]); - } - - for( i = 0; i < 18; i++ ) - { - for( j = 0; j < 48; j++ ) - { - ctx->state[j] = (unsigned char) - ( ctx->state[j] ^ PI_SUBST[t] ); - t = ctx->state[j]; - } - - t = (unsigned char)( t + i ); - } - - t = ctx->cksum[15]; - - for( i = 0; i < 16; i++ ) - { - ctx->cksum[i] = (unsigned char) - ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] ); - t = ctx->cksum[i]; - } - - /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &t, sizeof( t ) ); - - return( 0 ); -} - -#endif /* !MBEDTLS_MD2_PROCESS_ALT */ - -/* - * MD2 process buffer - */ -int mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t fill; - - while( ilen > 0 ) - { - if( ilen > 16 - ctx->left ) - fill = 16 - ctx->left; - else - fill = ilen; - - memcpy( ctx->buffer + ctx->left, input, fill ); - - ctx->left += fill; - input += fill; - ilen -= fill; - - if( ctx->left == 16 ) - { - ctx->left = 0; - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); - } - } - - return( 0 ); -} - -/* - * MD2 final digest - */ -int mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i; - unsigned char x; - - x = (unsigned char)( 16 - ctx->left ); - - for( i = ctx->left; i < 16; i++ ) - ctx->buffer[i] = x; - - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); - - memcpy( ctx->buffer, ctx->cksum, 16 ); - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); - - memcpy( output, ctx->state, 16 ); - - return( 0 ); -} - -#endif /* !MBEDTLS_MD2_ALT */ - -/* - * output = MD2( input buffer ) - */ -int mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md2_context ctx; - - mbedtls_md2_init( &ctx ); - - if( ( ret = mbedtls_md2_starts( &ctx ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md2_update( &ctx, input, ilen ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md2_finish( &ctx, output ) ) != 0 ) - goto exit; - -exit: - mbedtls_md2_free( &ctx ); - - return( ret ); -} - -#if defined(MBEDTLS_SELF_TEST) - -/* - * RFC 1319 test vectors - */ -static const unsigned char md2_test_str[7][81] = -{ - { "" }, - { "a" }, - { "abc" }, - { "message digest" }, - { "abcdefghijklmnopqrstuvwxyz" }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" } -}; - -static const size_t md2_test_strlen[7] = -{ - 0, 1, 3, 14, 26, 62, 80 -}; - -static const unsigned char md2_test_sum[7][16] = -{ - { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D, - 0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 }, - { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72, - 0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 }, - { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B, - 0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB }, - { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B, - 0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 }, - { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB, - 0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B }, - { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39, - 0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD }, - { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D, - 0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 } -}; - -/* - * Checkup routine - */ -int mbedtls_md2_self_test( int verbose ) -{ - int i, ret = 0; - unsigned char md2sum[16]; - - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD2 test #%d: ", i + 1 ); - - ret = mbedtls_md2( md2_test_str[i], md2_test_strlen[i], md2sum ); - if( ret != 0 ) - goto fail; - - if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) - { - ret = 1; - goto fail; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - return( 0 ); - -fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_MD2_C */ diff --git a/library/md4.c b/library/md4.c deleted file mode 100644 index f5f3302534..0000000000 --- a/library/md4.c +++ /dev/null @@ -1,444 +0,0 @@ -/* - * RFC 1186/1320 compliant MD4 implementation - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The MD4 algorithm was designed by Ron Rivest in 1990. - * - * http://www.ietf.org/rfc/rfc1186.txt - * http://www.ietf.org/rfc/rfc1320.txt - */ - -#include "common.h" - -#if defined(MBEDTLS_MD4_C) - -#include "mbedtls/md4.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if !defined(MBEDTLS_MD4_ALT) - -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - -void mbedtls_md4_init( mbedtls_md4_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_md4_context ) ); -} - -void mbedtls_md4_free( mbedtls_md4_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) ); -} - -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ) -{ - *dst = *src; -} - -/* - * MD4 context setup - */ -int mbedtls_md4_starts( mbedtls_md4_context *ctx ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - ctx->state[0] = 0x67452301; - ctx->state[1] = 0xEFCDAB89; - ctx->state[2] = 0x98BADCFE; - ctx->state[3] = 0x10325476; - - return( 0 ); -} - -#if !defined(MBEDTLS_MD4_PROCESS_ALT) -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ) -{ - struct - { - uint32_t X[16], A, B, C, D; - } local; - - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); - -#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) - - local.A = ctx->state[0]; - local.B = ctx->state[1]; - local.C = ctx->state[2]; - local.D = ctx->state[3]; - -#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z))) -#define P(a,b,c,d,x,s) \ - do \ - { \ - (a) += F((b),(c),(d)) + (x); \ - (a) = S((a),(s)); \ - } while( 0 ) - - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 1], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 2], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 3], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 4], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 7], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 8], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 7 ); - P( local.C, local.D, local.A, local.B, local.X[10], 11 ); - P( local.B, local.C, local.D, local.A, local.X[11], 19 ); - P( local.A, local.B, local.C, local.D, local.X[12], 3 ); - P( local.D, local.A, local.B, local.C, local.X[13], 7 ); - P( local.C, local.D, local.A, local.B, local.X[14], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 19 ); - -#undef P -#undef F - -#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) -#define P(a,b,c,d,x,s) \ - do \ - { \ - (a) += F((b),(c),(d)) + (x) + 0x5A827999; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 4], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 8], 9 ); - P( local.B, local.C, local.D, local.A, local.X[12], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 9], 9 ); - P( local.B, local.C, local.D, local.A, local.X[13], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 6], 5 ); - P( local.C, local.D, local.A, local.B, local.X[10], 9 ); - P( local.B, local.C, local.D, local.A, local.X[14], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 7], 5 ); - P( local.C, local.D, local.A, local.B, local.X[11], 9 ); - P( local.B, local.C, local.D, local.A, local.X[15], 13 ); - -#undef P -#undef F - -#define F(x,y,z) ((x) ^ (y) ^ (z)) -#define P(a,b,c,d,x,s) \ - do \ - { \ - (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 8], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 4], 11 ); - P( local.B, local.C, local.D, local.A, local.X[12], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[10], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[14], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 5], 11 ); - P( local.B, local.C, local.D, local.A, local.X[13], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[11], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 7], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 15 ); - -#undef F -#undef P - - ctx->state[0] += local.A; - ctx->state[1] += local.B; - ctx->state[2] += local.C; - ctx->state[3] += local.D; - - /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); - - return( 0 ); -} - -#endif /* !MBEDTLS_MD4_PROCESS_ALT */ - -/* - * MD4 process buffer - */ -int mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t fill; - uint32_t left; - - if( ilen == 0 ) - return( 0 ); - - left = ctx->total[0] & 0x3F; - fill = 64 - left; - - ctx->total[0] += (uint32_t) ilen; - ctx->total[0] &= 0xFFFFFFFF; - - if( ctx->total[0] < (uint32_t) ilen ) - ctx->total[1]++; - - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, fill ); - - if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); - - input += fill; - ilen -= fill; - left = 0; - } - - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 ) - return( ret ); - - input += 64; - ilen -= 64; - } - - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, ilen ); - } - - return( 0 ); -} - -static const unsigned char md4_padding[64] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* - * MD4 final digest - */ -int mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - uint32_t last, padn; - uint32_t high, low; - unsigned char msglen[8]; - - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT32_LE( low, msglen, 0 ); - PUT_UINT32_LE( high, msglen, 4 ); - - last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - - ret = mbedtls_md4_update( ctx, (unsigned char *)md4_padding, padn ); - if( ret != 0 ) - return( ret ); - - if( ( ret = mbedtls_md4_update( ctx, msglen, 8 ) ) != 0 ) - return( ret ); - - - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); - - return( 0 ); -} - -#endif /* !MBEDTLS_MD4_ALT */ - -/* - * output = MD4( input buffer ) - */ -int mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md4_context ctx; - - mbedtls_md4_init( &ctx ); - - if( ( ret = mbedtls_md4_starts( &ctx ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md4_update( &ctx, input, ilen ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md4_finish( &ctx, output ) ) != 0 ) - goto exit; - -exit: - mbedtls_md4_free( &ctx ); - - return( ret ); -} - -#if defined(MBEDTLS_SELF_TEST) - -/* - * RFC 1320 test vectors - */ -static const unsigned char md4_test_str[7][81] = -{ - { "" }, - { "a" }, - { "abc" }, - { "message digest" }, - { "abcdefghijklmnopqrstuvwxyz" }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" } -}; - -static const size_t md4_test_strlen[7] = -{ - 0, 1, 3, 14, 26, 62, 80 -}; - -static const unsigned char md4_test_sum[7][16] = -{ - { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31, - 0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 }, - { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46, - 0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 }, - { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52, - 0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D }, - { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8, - 0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B }, - { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD, - 0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 }, - { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35, - 0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 }, - { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19, - 0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 } -}; - -/* - * Checkup routine - */ -int mbedtls_md4_self_test( int verbose ) -{ - int i, ret = 0; - unsigned char md4sum[16]; - - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD4 test #%d: ", i + 1 ); - - ret = mbedtls_md4( md4_test_str[i], md4_test_strlen[i], md4sum ); - if( ret != 0 ) - goto fail; - - if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) - { - ret = 1; - goto fail; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - return( 0 ); - -fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_MD4_C */ diff --git a/library/md_wrap.h b/library/md_wrap.h index 51655f9408..cfd418a9b5 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -57,12 +57,6 @@ struct mbedtls_md_info_t unsigned char block_size; }; -#if defined(MBEDTLS_MD2_C) -extern const mbedtls_md_info_t mbedtls_md2_info; -#endif -#if defined(MBEDTLS_MD4_C) -extern const mbedtls_md_info_t mbedtls_md4_info; -#endif #if defined(MBEDTLS_MD5_C) extern const mbedtls_md_info_t mbedtls_md5_info; #endif diff --git a/library/oid.c b/library/oid.c index c4a4df9a17..f70ceea566 100644 --- a/library/oid.c +++ b/library/oid.c @@ -340,18 +340,6 @@ typedef struct { static const oid_sig_alg_t oid_sig_alg[] = { #if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_MD2_C) - { - OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD2, "md2WithRSAEncryption", "RSA with MD2" ), - MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, - }, -#endif /* MBEDTLS_MD2_C */ -#if defined(MBEDTLS_MD4_C) - { - OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD4, "md4WithRSAEncryption", "RSA with MD4" ), - MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, - }, -#endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ), @@ -609,18 +597,6 @@ typedef struct { static const oid_md_alg_t oid_md_alg[] = { -#if defined(MBEDTLS_MD2_C) - { - OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD2, "id-md2", "MD2" ), - MBEDTLS_MD_MD2, - }, -#endif /* MBEDTLS_MD2_C */ -#if defined(MBEDTLS_MD4_C) - { - OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD4, "id-md4", "MD4" ), - MBEDTLS_MD_MD4, - }, -#endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ), diff --git a/library/pkcs12.c b/library/pkcs12.c index 9823d963c3..04b1a6dab3 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -35,10 +35,6 @@ #include -#if defined(MBEDTLS_ARC4_C) -#include "mbedtls/arc4.h" -#endif - #if defined(MBEDTLS_DES_C) #include "mbedtls/des.h" #endif @@ -125,47 +121,6 @@ static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_ty #undef PKCS12_MAX_PWDLEN -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t len, - unsigned char *output ) -{ -#if !defined(MBEDTLS_ARC4_C) - ((void) pbe_params); - ((void) mode); - ((void) pwd); - ((void) pwdlen); - ((void) data); - ((void) len); - ((void) output); - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); -#else - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char key[16]; - mbedtls_arc4_context ctx; - ((void) mode); - - mbedtls_arc4_init( &ctx ); - - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1, - pwd, pwdlen, - key, 16, NULL, 0 ) ) != 0 ) - { - return( ret ); - } - - mbedtls_arc4_setup( &ctx, key, 16 ); - if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 ) - goto exit; - -exit: - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_arc4_free( &ctx ); - - return( ret ); -#endif /* MBEDTLS_ARC4_C */ -} - int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, diff --git a/library/pkparse.c b/library/pkparse.c index 3222ca20fb..52b9ecc9c2 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1163,24 +1163,6 @@ static int pk_parse_key_pkcs8_encrypted_der( decrypted = 1; } - else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 ) - { - if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params, - MBEDTLS_PKCS12_PBE_DECRYPT, - pwd, pwdlen, - p, len, buf ) ) != 0 ) - { - return( ret ); - } - - // Best guess for password mismatch when using RC4. If first tag is - // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE - // - if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - - decrypted = 1; - } else #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7921eb2313..8416aa76ee 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -58,11 +58,9 @@ #endif #include "mbedtls/aes.h" -#include "mbedtls/arc4.h" #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "mbedtls/bignum.h" -#include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" @@ -75,8 +73,6 @@ #include "mbedtls/entropy.h" #include "mbedtls/error.h" #include "mbedtls/gcm.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/md.h" #include "md_wrap.h" @@ -89,7 +85,6 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/xtea.h" #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) @@ -150,12 +145,6 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: return( PSA_ERROR_BUFFER_TOO_SMALL ); -#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) - case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: -#endif - case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); - #if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: #endif @@ -302,9 +291,6 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_RSA_RNG_FAILED: return( PSA_ERROR_INSUFFICIENT_ENTROPY ); - case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH: - return( PSA_ERROR_INVALID_ARGUMENT ); - case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: case MBEDTLS_ERR_ECP_INVALID_KEY: return( PSA_ERROR_INVALID_ARGUMENT ); @@ -478,12 +464,6 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, return( PSA_ERROR_INVALID_ARGUMENT ); break; #endif -#if defined(PSA_WANT_KEY_TYPE_ARC4) - case PSA_KEY_TYPE_ARC4: - if( bits < 8 || bits > 2048 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; -#endif #if defined(PSA_WANT_KEY_TYPE_CHACHA20) case PSA_KEY_TYPE_CHACHA20: if( bits != 256 ) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 4992a6e8e9..a65e88492e 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -131,9 +131,6 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_KEY_TYPE_CAMELLIA: cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; break; - case PSA_KEY_TYPE_ARC4: - cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4; - break; case PSA_KEY_TYPE_CHACHA20: cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20; break; diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 6471f82a82..92dcbba96b 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -31,14 +31,6 @@ /* Use builtin defines specific to this compilation unit, since the test driver * relies on the software driver. */ -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) -#define BUILTIN_ALG_MD2 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) ) -#define BUILTIN_ALG_MD4 1 -#endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) #define BUILTIN_ALG_MD5 1 @@ -76,14 +68,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) { switch( alg ) { -#if defined(MBEDTLS_MD2_C) - case PSA_ALG_MD2: - return( &mbedtls_md2_info ); -#endif -#if defined(MBEDTLS_MD4_C) - case PSA_ALG_MD4: - return( &mbedtls_md4_info ); -#endif #if defined(MBEDTLS_MD5_C) case PSA_ALG_MD5: return( &mbedtls_md5_info ); @@ -134,16 +118,6 @@ static psa_status_t hash_abort( * in use. It's ok to call abort on such an object, and there's * nothing to do. */ break; -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_free( &operation->ctx.md2 ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_free( &operation->ctx.md4 ); - break; -#endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_free( &operation->ctx.md5 ); @@ -200,18 +174,6 @@ static psa_status_t hash_setup( switch( alg ) { -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_init( &operation->ctx.md2 ); - ret = mbedtls_md2_starts( &operation->ctx.md2 ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_init( &operation->ctx.md4 ); - ret = mbedtls_md4_starts( &operation->ctx.md4 ); - break; -#endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); @@ -274,18 +236,6 @@ static psa_status_t hash_clone( { case 0: return( PSA_ERROR_BAD_STATE ); -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_clone( &target_operation->ctx.md2, - &source_operation->ctx.md2 ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_clone( &target_operation->ctx.md4, - &source_operation->ctx.md4 ); - break; -#endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_clone( &target_operation->ctx.md5, @@ -347,18 +297,6 @@ static psa_status_t hash_update( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - ret = mbedtls_md2_update( &operation->ctx.md2, - input, input_length ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - ret = mbedtls_md4_update( &operation->ctx.md4, - input, input_length ); - break; -#endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_update( &operation->ctx.md5, @@ -437,16 +375,6 @@ static psa_status_t hash_finish( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - ret = mbedtls_md2_finish( &operation->ctx.md2, hash ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - ret = mbedtls_md4_finish( &operation->ctx.md4, hash ); - break; -#endif #if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_finish( &operation->ctx.md5, hash ); @@ -587,14 +515,6 @@ static int is_hash_accelerated( psa_algorithm_t alg ) { switch( alg ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) - case PSA_ALG_MD2: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) - case PSA_ALG_MD4: - return( 1 ); -#endif #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) case PSA_ALG_MD5: return( 1 ); diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 20c56a0214..adcc191e85 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -46,10 +46,6 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) { switch( alg ) { - case PSA_ALG_MD2: - return( 16 ); - case PSA_ALG_MD4: - return( 64 ); case PSA_ALG_MD5: return( 64 ); case PSA_ALG_RIPEMD160: diff --git a/library/xtea.c b/library/xtea.c deleted file mode 100644 index 4b8c9c0773..0000000000 --- a/library/xtea.c +++ /dev/null @@ -1,271 +0,0 @@ -/* - * An 32-bit implementation of the XTEA algorithm - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#if defined(MBEDTLS_XTEA_C) - -#include "mbedtls/xtea.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if !defined(MBEDTLS_XTEA_ALT) - -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); -} - -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) ); -} - -/* - * XTEA key schedule - */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ) -{ - int i; - - memset( ctx, 0, sizeof(mbedtls_xtea_context) ); - - for( i = 0; i < 4; i++ ) - { - GET_UINT32_BE( ctx->k[i], key, i << 2 ); - } -} - -/* - * XTEA encrypt function - */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode, - const unsigned char input[8], unsigned char output[8]) -{ - uint32_t *k, v0, v1, i; - - k = ctx->k; - - GET_UINT32_BE( v0, input, 0 ); - GET_UINT32_BE( v1, input, 4 ); - - if( mode == MBEDTLS_XTEA_ENCRYPT ) - { - uint32_t sum = 0, delta = 0x9E3779B9; - - for( i = 0; i < 32; i++ ) - { - v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); - sum += delta; - v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); - } - } - else /* MBEDTLS_XTEA_DECRYPT */ - { - uint32_t delta = 0x9E3779B9, sum = delta * 32; - - for( i = 0; i < 32; i++ ) - { - v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); - sum -= delta; - v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); - } - } - - PUT_UINT32_BE( v0, output, 0 ); - PUT_UINT32_BE( v1, output, 4 ); - - return( 0 ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/* - * XTEA-CBC buffer encryption/decryption - */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, - unsigned char iv[8], const unsigned char *input, - unsigned char *output) -{ - int i; - unsigned char temp[8]; - - if( length % 8 ) - return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH ); - - if( mode == MBEDTLS_XTEA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - mbedtls_xtea_crypt_ecb( ctx, mode, input, output ); - - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); - - memcpy( iv, temp, 8 ); - - input += 8; - output += 8; - length -= 8; - } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); - - mbedtls_xtea_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 8 ); - - input += 8; - output += 8; - length -= 8; - } - } - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* !MBEDTLS_XTEA_ALT */ - -#if defined(MBEDTLS_SELF_TEST) - -/* - * XTEA tests vectors (non-official) - */ - -static const unsigned char xtea_test_key[6][16] = -{ - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}; - -static const unsigned char xtea_test_pt[6][8] = -{ - { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, - { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, - { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f }, - { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, - { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, - { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 } -}; - -static const unsigned char xtea_test_ct[6][8] = -{ - { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 }, - { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 }, - { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, - { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 }, - { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d }, - { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 } -}; - -/* - * Checkup routine - */ -int mbedtls_xtea_self_test( int verbose ) -{ - int i, ret = 0; - unsigned char buf[8]; - mbedtls_xtea_context ctx; - - mbedtls_xtea_init( &ctx ); - for( i = 0; i < 6; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " XTEA test #%d: ", i + 1 ); - - memcpy( buf, xtea_test_pt[i], 8 ); - - mbedtls_xtea_setup( &ctx, xtea_test_key[i] ); - mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf ); - - if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - -exit: - mbedtls_xtea_free( &ctx ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_XTEA_C */ diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index b360991152..1c506b729e 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -700,12 +700,6 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, case MBEDTLS_MD_NONE: printf( "none\n" ); break; - case MBEDTLS_MD_MD2: - printf( "MD2\n" ); - break; - case MBEDTLS_MD_MD4: - printf( "MD4\n" ); - break; case MBEDTLS_MD_MD5: printf( "MD5\n" ); break; diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 1c5caa6fcc..3eceec0023 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -47,18 +47,15 @@ int main( void ) #include "mbedtls/timing.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/arc4.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" #include "mbedtls/aria.h" -#include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/chacha20.h" #include "mbedtls/gcm.h" @@ -98,8 +95,8 @@ int main( void ) #define TITLE_LEN 25 #define OPTIONS \ - "md4, md5, ripemd160, sha1, sha256, sha512,\n" \ - "arc4, des3, des, camellia, blowfish, chacha20,\n" \ + "md5, ripemd160, sha1, sha256, sha512,\n" \ + "des3, des, camellia, chacha20,\n" \ "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \ "aes_cmac, des3_cmac, poly1305\n" \ "ctr_drbg, hmac_drbg\n" \ @@ -289,11 +286,11 @@ static int set_ecp_curve( const char *string, mbedtls_ecp_curve_info *curve ) unsigned char buf[BUFSIZE]; typedef struct { - char md4, md5, ripemd160, sha1, sha256, sha512, - arc4, des3, des, + char md5, ripemd160, sha1, sha256, sha512, + des3, des, aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly, aes_cmac, des3_cmac, - aria, camellia, blowfish, chacha20, + aria, camellia, chacha20, poly1305, ctr_drbg, hmac_drbg, rsa, dhm, ecdsa, ecdh; @@ -331,9 +328,7 @@ int main( int argc, char *argv[] ) for( i = 1; i < argc; i++ ) { - if( strcmp( argv[i], "md4" ) == 0 ) - todo.md4 = 1; - else if( strcmp( argv[i], "md5" ) == 0 ) + if( strcmp( argv[i], "md5" ) == 0 ) todo.md5 = 1; else if( strcmp( argv[i], "ripemd160" ) == 0 ) todo.ripemd160 = 1; @@ -343,8 +338,6 @@ int main( int argc, char *argv[] ) todo.sha256 = 1; else if( strcmp( argv[i], "sha512" ) == 0 ) todo.sha512 = 1; - else if( strcmp( argv[i], "arc4" ) == 0 ) - todo.arc4 = 1; else if( strcmp( argv[i], "des3" ) == 0 ) todo.des3 = 1; else if( strcmp( argv[i], "des" ) == 0 ) @@ -367,8 +360,6 @@ int main( int argc, char *argv[] ) todo.aria = 1; else if( strcmp( argv[i], "camellia" ) == 0 ) todo.camellia = 1; - else if( strcmp( argv[i], "blowfish" ) == 0 ) - todo.blowfish = 1; else if( strcmp( argv[i], "chacha20" ) == 0 ) todo.chacha20 = 1; else if( strcmp( argv[i], "poly1305" ) == 0 ) @@ -405,11 +396,6 @@ int main( int argc, char *argv[] ) memset( buf, 0xAA, sizeof( buf ) ); memset( tmp, 0xBB, sizeof( tmp ) ); -#if defined(MBEDTLS_MD4_C) - if( todo.md4 ) - TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) ); -#endif - #if defined(MBEDTLS_MD5_C) if( todo.md5 ) TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) ); @@ -435,17 +421,6 @@ int main( int argc, char *argv[] ) TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) ); #endif -#if defined(MBEDTLS_ARC4_C) - if( todo.arc4 ) - { - mbedtls_arc4_context arc4; - mbedtls_arc4_init( &arc4 ); - mbedtls_arc4_setup( &arc4, tmp, 32 ); - TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) ); - mbedtls_arc4_free( &arc4 ); - } -#endif - #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) if( todo.des3 ) @@ -688,30 +663,6 @@ int main( int argc, char *argv[] ) } #endif -#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.blowfish ) - { - int keysize; - mbedtls_blowfish_context blowfish; - mbedtls_blowfish_init( &blowfish ); - - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); - - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_blowfish_setkey( &blowfish, tmp, keysize ); - - TIME_AND_TSC( title, - mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, - tmp, buf, buf ) ); - } - - mbedtls_blowfish_free( &blowfish ); - } -#endif - #if defined(MBEDTLS_CTR_DRBG_C) if( todo.ctr_drbg ) { diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index ea345a311d..61a7e896c5 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -25,13 +25,11 @@ #endif #include "mbedtls/aes.h" -#include "mbedtls/arc4.h" #include "mbedtls/aria.h" #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "mbedtls/base64.h" #include "mbedtls/bignum.h" -#include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" #include "mbedtls/chacha20.h" @@ -54,8 +52,6 @@ #include "mbedtls/hkdf.h" #include "mbedtls/hmac_drbg.h" #include "mbedtls/md.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" @@ -85,7 +81,6 @@ #include "mbedtls/x509_crl.h" #include "mbedtls/x509_crt.h" #include "mbedtls/x509_csr.h" -#include "mbedtls/xtea.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/selftest.c b/programs/test/selftest.c index a3e306ce91..8829d54ec4 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -32,14 +32,11 @@ #include "mbedtls/gcm.h" #include "mbedtls/ccm.h" #include "mbedtls/cmac.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/arc4.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" #include "mbedtls/camellia.h" @@ -51,7 +48,6 @@ #include "mbedtls/bignum.h" #include "mbedtls/rsa.h" #include "mbedtls/x509.h" -#include "mbedtls/xtea.h" #include "mbedtls/pkcs5.h" #include "mbedtls/ecp.h" #include "mbedtls/ecjpake.h" @@ -256,12 +252,6 @@ typedef struct const selftest_t selftests[] = { {"calloc", calloc_self_test}, -#if defined(MBEDTLS_MD2_C) - {"md2", mbedtls_md2_self_test}, -#endif -#if defined(MBEDTLS_MD4_C) - {"md4", mbedtls_md4_self_test}, -#endif #if defined(MBEDTLS_MD5_C) {"md5", mbedtls_md5_self_test}, #endif @@ -277,9 +267,6 @@ const selftest_t selftests[] = #if defined(MBEDTLS_SHA512_C) {"sha512", mbedtls_sha512_self_test}, #endif -#if defined(MBEDTLS_ARC4_C) - {"arc4", mbedtls_arc4_self_test}, -#endif #if defined(MBEDTLS_DES_C) {"des", mbedtls_des_self_test}, #endif @@ -316,9 +303,6 @@ const selftest_t selftests[] = #if defined(MBEDTLS_RSA_C) {"rsa", mbedtls_rsa_self_test}, #endif -#if defined(MBEDTLS_XTEA_C) - {"xtea", mbedtls_xtea_self_test}, -#endif #if defined(MBEDTLS_CAMELLIA_C) {"camellia", mbedtls_camellia_self_test}, #endif diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index e8241a320e..18d2e8cbcd 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -100,7 +100,7 @@ int main( void ) " Add NsCertType even if it is empty\n" \ " md=%%s default: SHA256\n" \ " possible values:\n" \ - " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \ + " MD5, RIPEMD160, SHA1,\n" \ " SHA224, SHA256, SHA384, SHA512\n" \ "\n" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index ff7cf98074..c22f5a4b22 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -119,7 +119,7 @@ int main( void ) " max_pathlen=%%d default: -1 (none)\n" \ " md=%%s default: SHA256\n" \ " Supported values (if enabled):\n" \ - " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \ + " MD5, RIPEMD160, SHA1,\n" \ " SHA224, SHA256, SHA384, SHA512\n" \ " version=%%d default: 3\n" \ " Possible values: 1, 2, 3\n"\ diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 6199c62830..c707e4ca3b 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -37,13 +37,11 @@ * default value when that configuration is not set in the config.h. */ #include "mbedtls/aes.h" -#include "mbedtls/arc4.h" #include "mbedtls/aria.h" #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "mbedtls/base64.h" #include "mbedtls/bignum.h" -#include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" #include "mbedtls/chacha20.h" @@ -64,8 +62,6 @@ #include "mbedtls/hkdf.h" #include "mbedtls/hmac_drbg.h" #include "mbedtls/md.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/memory_buffer_alloc.h" #include "mbedtls/net_sockets.h" @@ -95,7 +91,6 @@ #include "mbedtls/x509_crl.h" #include "mbedtls/x509_crt.h" #include "mbedtls/x509_csr.h" -#include "mbedtls/xtea.h" #include diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 606714f991..7822384ce3 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -44,11 +44,11 @@ if( @ARGV ) { my $error_format_file = $data_dir.'/error.fmt'; -my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH +my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5 + ENTROPY ERROR GCM HKDF HMAC_DRBG MD5 NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 - SHA1 SHA256 SHA512 THREADING XTEA ); + SHA1 SHA256 SHA512 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 RSA SSL X509 ); diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 94a97e7e96..4b4e2df515 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -82,7 +82,6 @@ class KeyType: } KEY_TYPE_SIZES = { 'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive - 'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible 'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive 'PSA_KEY_TYPE_CAMELLIA': (128, 192, 256), # exhaustive 'PSA_KEY_TYPE_CHACHA20': (256,), # exhaustive diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7898004c1c..fbd746e524 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -75,19 +75,15 @@ add_test_suite(aes aes.ecb) add_test_suite(aes aes.ofb) add_test_suite(aes aes.rest) add_test_suite(aes aes.xts) -add_test_suite(arc4) add_test_suite(aria) add_test_suite(asn1parse) add_test_suite(asn1write) add_test_suite(base64) -add_test_suite(blowfish) add_test_suite(camellia) add_test_suite(ccm) add_test_suite(chacha20) add_test_suite(chachapoly) add_test_suite(cipher cipher.aes) -add_test_suite(cipher cipher.arc4) -add_test_suite(cipher cipher.blowfish) add_test_suite(cipher cipher.camellia) add_test_suite(cipher cipher.ccm) add_test_suite(cipher cipher.chacha20) @@ -162,7 +158,6 @@ add_test_suite(timing) add_test_suite(version) add_test_suite(x509parse) add_test_suite(x509write) -add_test_suite(xtea) # Make scripts and data files needed for testing available in an # out-of-source build. diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index f3cba5acb8..16685d26d8 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -416,16 +416,6 @@ rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der -rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der -rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem -keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der - -keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128 - ### 2048-bit rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES @@ -443,16 +433,6 @@ rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der -rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der -rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem -keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der - -keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128 - ### 4096-bit rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES @@ -470,16 +450,6 @@ rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der -rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der -rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem - $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem -keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der - -keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128 - ### ### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1) ### @@ -1103,26 +1073,10 @@ server2-sha256.crt: server2.req.sha256 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ all_final += server2-sha256.crt -# MD2, MD4, MD5 test certificates +# MD5 test certificate cert_md_test_key = $(cli_crt_key_file_rsa) -cert_md2.csr: $(cert_md_test_key) - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2 -all_intermediate += cert_md2.csr - -cert_md2.crt: cert_md2.csr - $(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@ -all_final += cert_md2.crt - -cert_md4.csr: $(cert_md_test_key) - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4 -all_intermediate += cert_md4.csr - -cert_md4.crt: cert_md4.csr - $(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@ -all_final += cert_md4.crt - cert_md5.csr: $(cert_md_test_key) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5 all_intermediate += cert_md5.csr diff --git a/tests/data_files/cert_md2.crt b/tests/data_files/cert_md2.crt deleted file mode 100644 index 94b89afce3..0000000000 --- a/tests/data_files/cert_md2.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f -M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu -1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw -MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v -4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ -/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQIFAAOC -AQEAXLWqy34iaZ2YV+5eE1QMV/9m9nQI2X/yumRH1MT1R3oYde/YDV7+HSOM6qLs -qSgH1DSyXv1YnJww2OyTtAVhPalICLjVjUQCyeUCiFpAIO6Xz1VE6v4GMFLqhlV1 -Nox9dDtR5Go2zwPaH64Ze9GxuDZfW+VnPRNgYOrqqCBnuhnp2uPRfOewus2AAo50 -dx1XTooCEqElQlB9EIPWbvPdJZjRjruCUtDbz+oxG4J4Ml4KCYm+/MyXNPqxV9+H -5A9oQltuHMWasMWSfXeimQI5PPpdjndmJOhfT4RGmvTw/uNC/Xuy1kPxXQKoocz6 -93U8RQvyJxdIPtQuARNMRZ7G+Q== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_md2.csr b/tests/data_files/cert_md2.csr deleted file mode 100644 index a8c39bdb32..0000000000 --- a/tests/data_files/cert_md2.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1EMjCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV -+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N -stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR -iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75 -Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag -aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAgUA -A4IBAQBPUqodRcH2ZUa8A3fQX/nxrIwWiLmQ9BaOI6G7vzEWVE1sxmkrHP+pXgi9 -1eFceN9xUBKEd+LmUPmHpObZ4nwRSprFj3DeIXpn9aSBr+jGY8RaaC9cMkaSq5Mb -q65THEJ1xemIfZvbhjvNi/ycXXu/v1Gpj62dpIFGbm+o4AXQF2ocYGEM+X1u2eVn -mnuuvPAHTllGjB0daTSYoQtMy3luPUEj0Yct3iVR1pUeTrHchOs9p5ACDZcf6D3x -sm9atH2ZIaXo1c9SqHzdk/uLt/CwxQrn1WU1inwOkzjim2Yq9vWgpQypfGZdScXV -oHOmuGG901WMMemzZXjoLi+8ZpVL ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/cert_md4.crt b/tests/data_files/cert_md4.crt deleted file mode 100644 index 7d0f7cb1b4..0000000000 --- a/tests/data_files/cert_md4.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f -M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu -1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw -MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v -4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ -/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC -AQEArXIW7Dy1hBXMKY8/TAfACqkFZzbGDJdD5ohQknENk6FzUHVw9SVibhi5J+nh -/mhUhoczFg78T8ZopDcsPHKQTuy0LNcLWhZDD4S4CJCibmsf+8BWmPcSp1tsS9Zj -etO5qNuUarL74W+rRa3qQcCXcglYTubv/PcCV+LGVqZ4XDlO5EBFJJREAREzG+iK -Epm2y0mi1WTwjy7m7rxYHs5i5ybDHDDwU55H5wh50Vs4/vDx2kZab2K9gx6V2ggY -CCYmRWKQHdI4XZBkpYFbbREZxMY4Y5c2PUMlr8GUq6s6eu9/GvmnIx/+EySSfxgv -9GpN+gnyx03hjYNGO7iX8nPnXA== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_md4.csr b/tests/data_files/cert_md4.csr deleted file mode 100644 index d8a3dbf203..0000000000 --- a/tests/data_files/cert_md4.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1ENDCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV -+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N -stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR -iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75 -Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag -aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAwUA -A4IBAQAztRb+vAecvhelhszzCctzmhGs4TGmr9h4zddZoQ8dTdy1OCsnmU+yz3oh -oiQjy7UPLt8DS2ZKhGhvwPvtwFh5icMWQVnv2kE4Evz8xJT12VRw+U6L5rfKmf/L -mVNxsuk17MDyBcMlwuNk+CHrYVdrXhSWUH3UCQQUH1iqqBMKmNiPa1UGU0budZ9X -HZjn9uqyyOGy8l3hffqjDxsDjZyBDf5aqKIdnvukdrUiacPdUYVF0fwK8d1/1PA9 -dA4JjTvz+tTK6mL9Ic9Pv+64v1vwMU4Qu8IJHk5x3I0e7KuK2A/lK6az2Vb6FAh6 -MkGpWB68T8FRBoVrWLOh+a9yNwyp ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/crl_md2.pem b/tests/data_files/crl_md2.pem deleted file mode 100644 index e27379564a..0000000000 --- a/tests/data_files/crl_md2.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDcxOTE5NTYz -N1oXDTA5MDkxNzE5NTYzN1owKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5 -MDIwOTIxMTIzNlowDQYJKoZIhvcNAQECBQADggEBAF8F5y82zgtxcwQ4aFvrkanT -ygyd5+RW/Y//vpck44V+CYx1d1r+QkauaXel9qUKBPsg2dUwQ+jwV/m+Sp2MHaX5 -NfW7XUb7Ji4yhwgh9/9vFPqqnKBf9esLJuJoQ4mLhcGB5J1yCcavLrynvB4PJEnG -graTbbyizelXBmk3ApvNYxczJZxt7EzpVbrFaev7myGmOffdDkIMc2WDpDkyLTlU -kITjB7fMJhD/dgNskKZ4fgkKKKPCMJrJPO67Wzwqx/6vsrZcACB9X+143WZr4GVO -Fw2SaMnqfVLlUEndoOpbLCU4ugcc82kQQF3TsovXJYW7XqoWl2u/ENCwShl9rl4= ------END X509 CRL----- diff --git a/tests/data_files/crl_md4.pem b/tests/data_files/crl_md4.pem deleted file mode 100644 index 1f77dab78c..0000000000 --- a/tests/data_files/crl_md4.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEDBQADggEBAIJtYXy3uwIpmSGfi9muS8xv -36FT6g3s1V/xicdPa54juJgBI6sxHKzQtbSNIbqadEWwUtvQ8k1EMRo9UGObhRV8 -i+UWm5qi0GFV7nMi4E2p2Ji/sFKtgdxkzhCfn+p3MoGgx/nC7YtwpnNdF+kuCV1M -JTPqfm+taZkYADOafP/hRaPx3TI+HNE3ux4Cb7hNpWdfWzt48ZPMuhCMzItLd/UK -xxjJam9XAGUTKi7+eWtma9XzmYOIElQv2KFPVMcx5nvg039rrWK6tObGL67kCfTH -v+nIx7rAOW6UNU8aj1kfJHYjEKMBH1I9wjMSHUpkxBLQOKlPNRksiEVsIhmEVss= ------END X509 CRL----- diff --git a/tests/data_files/server1.req.md4 b/tests/data_files/server1.req.md4 deleted file mode 100644 index 15585499c8..0000000000 --- a/tests/data_files/server1.req.md4 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA -A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY -tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz -hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K -HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm -DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp -qGZf2UmuJdLeIMzSNX2rZ+SVDX9o ------END CERTIFICATE REQUEST----- diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 57eae58911..aa0aeb5afd 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -32,11 +32,7 @@ * * This is used in some smoke tests. */ -#if defined(PSA_WANT_ALG_MD2) -#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2 -#elif defined(PSA_WANT_ALG_MD4) -#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4 -#elif defined(PSA_WANT_ALG_MD5) +#if defined(PSA_WANT_ALG_MD5) #define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5 /* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 @@ -111,9 +107,6 @@ #if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG) #define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG #define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER -#elif defined(MBEDTLS_RC4_C) -#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4 -#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4 #else #undef KNOWN_SUPPORTED_CIPHER_ALG #undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1423099571..88f8b352c7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1099,7 +1099,7 @@ component_test_everest () { msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min # Exclude some symmetric ciphers that are redundant here to gain time. - if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4' + if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' } component_test_everest_curve25519_only () { @@ -1187,8 +1187,8 @@ component_test_full_cmake_clang () { msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' - msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' + msg "test: compat.sh DES, 3DES & NULL (full config)" # ~ 2 min + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES' msg "test: compat.sh ARIA + ChachaPoly" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' @@ -1418,8 +1418,8 @@ component_test_no_use_psa_crypto_full_cmake_asan() { msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded tests/compat.sh - msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' + msg "test: compat.sh DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES' msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' @@ -1466,8 +1466,6 @@ component_test_psa_crypto_config_basic() { loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA" - loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2" - loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160" @@ -1596,46 +1594,6 @@ component_build_psa_accel_alg_hkdf() { make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } -# This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test. -component_build_psa_accel_alg_md2() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD2 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD2 - other hashes" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD2 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" -} - -# This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test. -component_build_psa_accel_alg_md4() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD4 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD4 - other hashes" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD4 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" -} - # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. component_build_psa_accel_alg_md5() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes @@ -1644,8 +1602,6 @@ component_build_psa_accel_alg_md5() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 @@ -1664,8 +1620,6 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 @@ -1684,8 +1638,6 @@ component_build_psa_accel_alg_sha1() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 @@ -1704,8 +1656,6 @@ component_build_psa_accel_alg_sha224() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 @@ -1723,8 +1673,6 @@ component_build_psa_accel_alg_sha256() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 @@ -1743,8 +1691,6 @@ component_build_psa_accel_alg_sha384() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 @@ -1762,8 +1708,6 @@ component_build_psa_accel_alg_sha512() { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 @@ -2053,7 +1997,6 @@ component_test_ssl_alloc_buffer_and_mfl () { component_test_when_no_ciphersuites_have_mac () { msg "build: when no ciphersuites have MAC" scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER - scripts/config.py unset MBEDTLS_ARC4_C scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CMAC_C make @@ -2200,8 +2143,6 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA" - loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2" - loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160" @@ -2318,7 +2259,7 @@ component_test_m32_everest () { msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min # Exclude some symmetric ciphers that are redundant here to gain time. - if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4' + if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' } support_test_m32_everest () { support_test_m32_o0 "$@" diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 93b7e1dd52..8fcde6fdb1 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -118,10 +118,10 @@ echo '################ compat.sh ################' sh compat.sh -m 'tls1_2 dtls1_2' echo - echo '#### compat.sh: legacy (null, DES, RC4)' + echo '#### compat.sh: legacy (null, DES)' OPENSSL_CMD="$OPENSSL_LEGACY" \ GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ - sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' + sh compat.sh -e '^$' -f 'NULL\|DES' echo echo '#### compat.sh: next (ARIA, ChaCha)' diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index 07784816f4..c5f1521674 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -54,8 +54,6 @@ my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` ); # should be tested together. Certain options depend on eachother and # separating them would generate invalid configurations. my @hash_configs = ( - ['unset MBEDTLS_MD2_C'], - ['unset MBEDTLS_MD4_C'], ['unset MBEDTLS_MD5_C'], ['unset MBEDTLS_SHA512_C', 'unset MBEDTLS_SHA384_C '], ['unset MBEDTLS_SHA384_C'], diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index 8690f225b8..2705f064ae 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -61,9 +61,7 @@ CLASSIC_DEPENDENCIES = frozenset([ # Only modules that provide cryptographic mechanisms are listed here. # Platform, data formatting, X.509 or TLS modules are omitted. 'MBEDTLS_AES_C', - 'MBEDTLS_ARC4_C', 'MBEDTLS_BIGNUM_C', - #cipher#'MBEDTLS_BLOWFISH_C', 'MBEDTLS_CAMELLIA_C', 'MBEDTLS_ARIA_C', 'MBEDTLS_CCM_C', @@ -82,8 +80,6 @@ CLASSIC_DEPENDENCIES = frozenset([ 'MBEDTLS_HKDF_C', 'MBEDTLS_HMAC_DRBG_C', 'MBEDTLS_NIST_KW_C', - 'MBEDTLS_MD2_C', - 'MBEDTLS_MD4_C', 'MBEDTLS_MD5_C', 'MBEDTLS_PKCS5_C', 'MBEDTLS_PKCS12_C', @@ -93,7 +89,6 @@ CLASSIC_DEPENDENCIES = frozenset([ 'MBEDTLS_SHA1_C', 'MBEDTLS_SHA256_C', 'MBEDTLS_SHA512_C', - 'MBEDTLS_XTEA_C', ]) def is_classic_dependency(dep): diff --git a/tests/suites/test_suite_arc4.data b/tests/suites/test_suite_arc4.data deleted file mode 100644 index cf32c85dd1..0000000000 --- a/tests/suites/test_suite_arc4.data +++ /dev/null @@ -1,27 +0,0 @@ -Test vector ARC4 [Cryptlib] -mbedtls_arc4_crypt:"0000000000000000":"0123456789abcdef":"7494c2e7104b0879" - -Test vector ARC4 [COMMERCE] -mbedtls_arc4_crypt:"dcee4cf92c":"618a63d2fb":"f13829c9de" - -Test vector ARC4 [SSH ARCFOUR] -mbedtls_arc4_crypt:"527569736c696e6e756e206c61756c75206b6f727669737373616e692c2074e4686be470e46964656e2070e4e46c6ce42074e47973696b75752e204b6573e479f66e206f6e206f6e6e69206f6d616e616e692c206b61736b6973617675756e206c61616b736f7420766572686f75752e20456e206d6120696c6f697473652c20737572652068756f6b61612c206d75747461206d657473e46e2074756d6d757573206d756c6c652074756f6b61612e205075756e746f2070696c76656e2c206d692068756b6b75752c207369696e746f20766172616e207475756c6973656e2c206d69206e756b6b75752e2054756f6b7375742076616e616d6f6e206a61207661726a6f74207665656e2c206e69697374e420737964e46d656e69206c61756c756e207465656e2e202d2045696e6f204c65696e6f":"29041972fb42ba5fc7127712f13829c9":"358186999001e6b5daf05eceeb7eee21e0689c1f00eea81f7dd2caaee1d2763e68af0ead33d66c268bc946c484fbe94c5f5e0b86a59279e4f824e7a640bd223210b0a61160b7bce986ea65688003596b630a6b90f8e0caf6912a98eb872176e83c202caa64166d2cce57ff1bca57b213f0ed1aa72fb8ea52b0be01cd1e412867720b326eb389d011bd70d8af035fb0d8589dbce3c666f5ea8d4c7954c50c3f340b0467f81b425961c11843074df620f208404b394cf9d37ff54b5f1ad8f6ea7da3c561dfa7281f964463d2cc35a4d1b03490dec51b0711fbd6f55f79234d5b7c766622a66de92be996461d5e4dc878ef9bca030521e8351e4baed2fd04f9467368c4ad6ac186d08245b263a2666d1f6c5420f1599dfd9f438921c2f5a463938ce0982265eef70179bc553f339eb1a4c1af5f6a547f" - -Test Vector ARC4 [RFC6229 40-bit] -mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405":"b2396305f03dc027ccc3524a0a1118a86982944f18fc82d589c403a47a0d0919" - -Test Vector ARC4 [RFC6229 56-bit] -mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"01020304050607":"293f02d47f37c9b633f2af5285feb46be620f1390d19bd84e2e0fd752031afc1" - -Test Vector ARC4 [RFC6229 64-bit] -mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708":"97ab8a1bf0afb96132f2f67258da15a88263efdb45c4a18684ef87e6b19e5b09" - -Test Vector ARC4 [RFC6229 128-bit] -mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708090a0b0c0d0e0f10":"9ac7cc9a609d1ef7b2932899cde41b975248c4959014126a6e8a84f11d1a9e1c" - -TMP -mbedtls_arc4_crypt:"1400002433c96cfa5c53a65184fcba83d9793f42522f94e49bf25edcb7a23c9eaae5ca84f6ee6da8":"5e58b1ad80":"e9a3d07ea1a3eac9fd73dcb14c409f2d434a72b6aa077e0924bcffc236f55d2d372b289707571531" - -ARC4 Selftest -depends_on:MBEDTLS_SELF_TEST -arc4_selftest: diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function deleted file mode 100644 index c1e2386656..0000000000 --- a/tests/suites/test_suite_arc4.function +++ /dev/null @@ -1,37 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/arc4.h" -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ARC4_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ -void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst ) -{ - unsigned char dst_str[1000]; - mbedtls_arc4_context ctx; - - memset(dst_str, 0x00, 1000); - mbedtls_arc4_init( &ctx ); - - - mbedtls_arc4_setup(&ctx, key_str->x, key_str->len); - TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len, - src_str->x, dst_str ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x, - src_str->len, dst->len ) == 0 ); - -exit: - mbedtls_arc4_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void arc4_selftest( ) -{ - TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 ); -} -/* END_CASE */ diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data deleted file mode 100644 index 0ebb64234c..0000000000 --- a/tests/suites/test_suite_blowfish.data +++ /dev/null @@ -1,311 +0,0 @@ -BLOWFISH - Invalid parameters -blowfish_invalid_param: - -BLOWFISH-ECB Encrypt SSLeay reference #1 -blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0 - -BLOWFISH-ECB Encrypt SSLeay reference #2 -blowfish_encrypt_ecb:"ffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0 - -BLOWFISH-ECB Encrypt SSLeay reference #3 -blowfish_encrypt_ecb:"3000000000000000":"1000000000000001":"7d856f9a613063f2":0 - -BLOWFISH-ECB Encrypt SSLeay reference #4 -blowfish_encrypt_ecb:"1111111111111111":"1111111111111111":"2466dd878b963c9d":0 - -BLOWFISH-ECB Encrypt SSLeay reference #5 -blowfish_encrypt_ecb:"0123456789abcdef":"1111111111111111":"61f9c3802281b096":0 - -BLOWFISH-ECB Encrypt SSLeay reference #6 -blowfish_encrypt_ecb:"1111111111111111":"0123456789abcdef":"7d0cc630afda1ec7":0 - -BLOWFISH-ECB Encrypt SSLeay reference #7 -blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0 - -BLOWFISH-ECB Encrypt SSLeay reference #8 -blowfish_encrypt_ecb:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0 - -BLOWFISH-ECB Encrypt SSLeay reference #9 -blowfish_encrypt_ecb:"7ca110454a1a6e57":"01a1d6d039776742":"59c68245eb05282b":0 - -BLOWFISH-ECB Encrypt SSLeay reference #10 -blowfish_encrypt_ecb:"0131d9619dc1376e":"5cd54ca83def57da":"b1b8cc0b250f09a0":0 - -BLOWFISH-ECB Encrypt SSLeay reference #11 -blowfish_encrypt_ecb:"07a1133e4a0b2686":"0248d43806f67172":"1730e5778bea1da4":0 - -BLOWFISH-ECB Encrypt SSLeay reference #12 -blowfish_encrypt_ecb:"3849674c2602319e":"51454b582ddf440a":"a25e7856cf2651eb":0 - -BLOWFISH-ECB Encrypt SSLeay reference #13 -blowfish_encrypt_ecb:"04b915ba43feb5b6":"42fd443059577fa2":"353882b109ce8f1a":0 - -BLOWFISH-ECB Encrypt SSLeay reference #14 -blowfish_encrypt_ecb:"0113b970fd34f2ce":"059b5e0851cf143a":"48f4d0884c379918":0 - -BLOWFISH-ECB Encrypt SSLeay reference #15 -blowfish_encrypt_ecb:"0170f175468fb5e6":"0756d8e0774761d2":"432193b78951fc98":0 - -BLOWFISH-ECB Encrypt SSLeay reference #16 -blowfish_encrypt_ecb:"43297fad38e373fe":"762514b829bf486a":"13f04154d69d1ae5":0 - -BLOWFISH-ECB Encrypt SSLeay reference #17 -blowfish_encrypt_ecb:"07a7137045da2a16":"3bdd119049372802":"2eedda93ffd39c79":0 - -BLOWFISH-ECB Encrypt SSLeay reference #18 -blowfish_encrypt_ecb:"04689104c2fd3b2f":"26955f6835af609a":"d887e0393c2da6e3":0 - -BLOWFISH-ECB Encrypt SSLeay reference #19 -blowfish_encrypt_ecb:"37d06bb516cb7546":"164d5e404f275232":"5f99d04f5b163969":0 - -BLOWFISH-ECB Encrypt SSLeay reference #20 -blowfish_encrypt_ecb:"1f08260d1ac2465e":"6b056e18759f5cca":"4a057a3b24d3977b":0 - -BLOWFISH-ECB Encrypt SSLeay reference #21 -blowfish_encrypt_ecb:"584023641aba6176":"004bd6ef09176062":"452031c1e4fada8e":0 - -BLOWFISH-ECB Encrypt SSLeay reference #22 -blowfish_encrypt_ecb:"025816164629b007":"480d39006ee762f2":"7555ae39f59b87bd":0 - -BLOWFISH-ECB Encrypt SSLeay reference #23 -blowfish_encrypt_ecb:"49793ebc79b3258f":"437540c8698f3cfa":"53c55f9cb49fc019":0 - -BLOWFISH-ECB Encrypt SSLeay reference #24 -blowfish_encrypt_ecb:"4fb05e1515ab73a7":"072d43a077075292":"7a8e7bfa937e89a3":0 - -BLOWFISH-ECB Encrypt SSLeay reference #25 -blowfish_encrypt_ecb:"49e95d6d4ca229bf":"02fe55778117f12a":"cf9c5d7a4986adb5":0 - -BLOWFISH-ECB Encrypt SSLeay reference #26 -blowfish_encrypt_ecb:"018310dc409b26d6":"1d9d5c5018f728c2":"d1abb290658bc778":0 - -BLOWFISH-ECB Encrypt SSLeay reference #27 -blowfish_encrypt_ecb:"1c587f1c13924fef":"305532286d6f295a":"55cb3774d13ef201":0 - -BLOWFISH-ECB Encrypt SSLeay reference #28 -blowfish_encrypt_ecb:"0101010101010101":"0123456789abcdef":"fa34ec4847b268b2":0 - -BLOWFISH-ECB Encrypt SSLeay reference #29 -blowfish_encrypt_ecb:"1f1f1f1f0e0e0e0e":"0123456789abcdef":"a790795108ea3cae":0 - -BLOWFISH-ECB Encrypt SSLeay reference #30 -blowfish_encrypt_ecb:"e0fee0fef1fef1fe":"0123456789abcdef":"c39e072d9fac631d":0 - -BLOWFISH-ECB Encrypt SSLeay reference #31 -blowfish_encrypt_ecb:"0000000000000000":"ffffffffffffffff":"014933e0cdaff6e4":0 - -BLOWFISH-ECB Encrypt SSLeay reference #32 -blowfish_encrypt_ecb:"ffffffffffffffff":"0000000000000000":"f21e9a77b71c49bc":0 - -BLOWFISH-ECB Encrypt SSLeay reference #33 -blowfish_encrypt_ecb:"0123456789abcdef":"0000000000000000":"245946885754369a":0 - -BLOWFISH-ECB Encrypt SSLeay reference #34 -blowfish_encrypt_ecb:"fedcba9876543210":"ffffffffffffffff":"6b5c5a9c5d9e0a5a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #1 -blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0 - -BLOWFISH-ECB Decrypt SSLeay reference #2 -blowfish_decrypt_ecb:"ffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0 - -BLOWFISH-ECB Decrypt SSLeay reference #3 -blowfish_decrypt_ecb:"3000000000000000":"7d856f9a613063f2":"1000000000000001":0 - -BLOWFISH-ECB Decrypt SSLeay reference #4 -blowfish_decrypt_ecb:"1111111111111111":"2466dd878b963c9d":"1111111111111111":0 - -BLOWFISH-ECB Decrypt SSLeay reference #5 -blowfish_decrypt_ecb:"0123456789abcdef":"61f9c3802281b096":"1111111111111111":0 - -BLOWFISH-ECB Decrypt SSLeay reference #6 -blowfish_decrypt_ecb:"1111111111111111":"7d0cc630afda1ec7":"0123456789abcdef":0 - -BLOWFISH-ECB Decrypt SSLeay reference #7 -blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0 - -BLOWFISH-ECB Decrypt SSLeay reference #8 -blowfish_decrypt_ecb:"fedcba9876543210":"0aceab0fc6a0a28d":"0123456789abcdef":0 - -BLOWFISH-ECB Decrypt SSLeay reference #9 -blowfish_decrypt_ecb:"7ca110454a1a6e57":"59c68245eb05282b":"01a1d6d039776742":0 - -BLOWFISH-ECB Decrypt SSLeay reference #10 -blowfish_decrypt_ecb:"0131d9619dc1376e":"b1b8cc0b250f09a0":"5cd54ca83def57da":0 - -BLOWFISH-ECB Decrypt SSLeay reference #11 -blowfish_decrypt_ecb:"07a1133e4a0b2686":"1730e5778bea1da4":"0248d43806f67172":0 - -BLOWFISH-ECB Decrypt SSLeay reference #12 -blowfish_decrypt_ecb:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #13 -blowfish_decrypt_ecb:"04b915ba43feb5b6":"353882b109ce8f1a":"42fd443059577fa2":0 - -BLOWFISH-ECB Decrypt SSLeay reference #14 -blowfish_decrypt_ecb:"0113b970fd34f2ce":"48f4d0884c379918":"059b5e0851cf143a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #15 -blowfish_decrypt_ecb:"0170f175468fb5e6":"432193b78951fc98":"0756d8e0774761d2":0 - -BLOWFISH-ECB Decrypt SSLeay reference #16 -blowfish_decrypt_ecb:"43297fad38e373fe":"13f04154d69d1ae5":"762514b829bf486a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #17 -blowfish_decrypt_ecb:"07a7137045da2a16":"2eedda93ffd39c79":"3bdd119049372802":0 - -BLOWFISH-ECB Decrypt SSLeay reference #18 -blowfish_decrypt_ecb:"04689104c2fd3b2f":"d887e0393c2da6e3":"26955f6835af609a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #19 -blowfish_decrypt_ecb:"37d06bb516cb7546":"5f99d04f5b163969":"164d5e404f275232":0 - -BLOWFISH-ECB Decrypt SSLeay reference #20 -blowfish_decrypt_ecb:"1f08260d1ac2465e":"4a057a3b24d3977b":"6b056e18759f5cca":0 - -BLOWFISH-ECB Decrypt SSLeay reference #21 -blowfish_decrypt_ecb:"584023641aba6176":"452031c1e4fada8e":"004bd6ef09176062":0 - -BLOWFISH-ECB Decrypt SSLeay reference #22 -blowfish_decrypt_ecb:"025816164629b007":"7555ae39f59b87bd":"480d39006ee762f2":0 - -BLOWFISH-ECB Decrypt SSLeay reference #23 -blowfish_decrypt_ecb:"49793ebc79b3258f":"53c55f9cb49fc019":"437540c8698f3cfa":0 - -BLOWFISH-ECB Decrypt SSLeay reference #24 -blowfish_decrypt_ecb:"4fb05e1515ab73a7":"7a8e7bfa937e89a3":"072d43a077075292":0 - -BLOWFISH-ECB Decrypt SSLeay reference #25 -blowfish_decrypt_ecb:"49e95d6d4ca229bf":"cf9c5d7a4986adb5":"02fe55778117f12a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #26 -blowfish_decrypt_ecb:"018310dc409b26d6":"d1abb290658bc778":"1d9d5c5018f728c2":0 - -BLOWFISH-ECB Decrypt SSLeay reference #27 -blowfish_decrypt_ecb:"1c587f1c13924fef":"55cb3774d13ef201":"305532286d6f295a":0 - -BLOWFISH-ECB Decrypt SSLeay reference #28 -blowfish_decrypt_ecb:"0101010101010101":"fa34ec4847b268b2":"0123456789abcdef":0 - -BLOWFISH-ECB Decrypt SSLeay reference #29 -blowfish_decrypt_ecb:"1f1f1f1f0e0e0e0e":"a790795108ea3cae":"0123456789abcdef":0 - -BLOWFISH-ECB Decrypt SSLeay reference #30 -blowfish_decrypt_ecb:"e0fee0fef1fef1fe":"c39e072d9fac631d":"0123456789abcdef":0 - -BLOWFISH-ECB Decrypt SSLeay reference #31 -blowfish_decrypt_ecb:"0000000000000000":"014933e0cdaff6e4":"ffffffffffffffff":0 - -BLOWFISH-ECB Decrypt SSLeay reference #32 -blowfish_decrypt_ecb:"ffffffffffffffff":"f21e9a77b71c49bc":"0000000000000000":0 - -BLOWFISH-ECB Decrypt SSLeay reference #33 -blowfish_decrypt_ecb:"0123456789abcdef":"245946885754369a":"0000000000000000":0 - -BLOWFISH-ECB Decrypt SSLeay reference #34 -blowfish_decrypt_ecb:"fedcba9876543210":"6b5c5a9c5d9e0a5a":"ffffffffffffffff":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #1 -blowfish_encrypt_ecb:"f0":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA - -BLOWFISH-SETKEY Setkey SSLeay reference #2 -blowfish_encrypt_ecb:"f0e1":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA - -BLOWFISH-SETKEY Setkey SSLeay reference #3 -blowfish_encrypt_ecb:"f0e1d2":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA - -BLOWFISH-SETKEY Setkey SSLeay reference #4 -blowfish_encrypt_ecb:"f0e1d2c3":"fedcba9876543210":"be1e639408640f05":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #5 -blowfish_encrypt_ecb:"f0e1d2c3b4":"fedcba9876543210":"b39e44481bdb1e6e":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #6 -blowfish_encrypt_ecb:"f0e1d2c3b4a5":"fedcba9876543210":"9457aa83b1928c0d":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #7 -blowfish_encrypt_ecb:"f0e1d2c3b4a596":"fedcba9876543210":"8bb77032f960629d":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #8 -blowfish_encrypt_ecb:"f0e1d2c3b4a59687":"fedcba9876543210":"e87a244e2cc85e82":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #9 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778":"fedcba9876543210":"15750e7a4f4ec577":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #10 -blowfish_encrypt_ecb:"f0e1d2c3b4a596877869":"fedcba9876543210":"122ba70b3ab64ae0":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #11 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a":"fedcba9876543210":"3a833c9affc537f6":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #12 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b":"fedcba9876543210":"9409da87a90f6bf2":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #13 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c":"fedcba9876543210":"884f80625060b8b4":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #14 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d":"fedcba9876543210":"1f85031c19e11968":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #15 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e":"fedcba9876543210":"79d9373a714ca34f":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #16 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f":"fedcba9876543210":"93142887ee3be15c":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #17 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00":"fedcba9876543210":"03429e838ce2d14b":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #18 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011":"fedcba9876543210":"a4299e27469ff67b":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #19 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122":"fedcba9876543210":"afd5aed1c1bc96a8":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #20 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233":"fedcba9876543210":"10851c0e3858da9f":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #21 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344":"fedcba9876543210":"e6f51ed79b9db21f":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #22 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455":"fedcba9876543210":"64a6e14afd36b46f":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #23 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566":"fedcba9876543210":"80c7d7d45a5479ad":0 - -BLOWFISH-SETKEY Setkey SSLeay reference #24 -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344556677":"fedcba9876543210":"05044b62fa52d080":0 - -BLOWFISH-SETKEY Setkey 440 bits -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0f":"fedcba9876543210":"9a2ab8f1b00c73d2":0 - -BLOWFISH-SETKEY Setkey 448 bits -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fff":"fedcba9876543210":"2fb3ab7f0ee91b69":0 - -BLOWFISH-SETKEY Setkey 456 bits -blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fffff":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA - -BLOWFISH-CBC Encrypt [#1] -blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000000000":"6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc":0 - -BLOWFISH-CBC Decrypt [#1] -blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC":"37363534333231204e6f77206973207468652074696d6520666f722000000000":0 - -BLOWFISH-CBC Encrypt [#2] -blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F7220000000":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH - -BLOWFISH-CBC Decrypt [#2] -blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC00":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH - -BLOWFISH-CFB Encrypt -blowfish_encrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139caf26ecf6d2eb9e76e3da3de04d1517200519d57a6c3" - -BLOWFISH-CFB Decrypt -blowfish_decrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"E73214A2822139CAF26ECF6D2EB9E76E3DA3DE04D1517200519D57A6C3":"37363534333231204e6f77206973207468652074696d6520666f722000" - -BLOWFISH-CTR Encrypt -blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e" - -BLOWFISH-CTR Decrypt -blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e":"37363534333231204e6f77206973207468652074696d6520666f722000" diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function deleted file mode 100644 index 1fa59ee6e9..0000000000 --- a/tests/suites/test_suite_blowfish.function +++ /dev/null @@ -1,216 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/blowfish.h" -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BLOWFISH_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE depends_on:NOT_DEFINED */ -void blowfish_invalid_param( ) -{ - mbedtls_blowfish_context ctx; - unsigned char buf[16] = { 0 }; - size_t invalid_mode = 42; - size_t off; - ((void) off); - - TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - invalid_mode, - buf, buf ) ); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, - invalid_mode, - sizeof( buf ), - buf, buf, buf ) ); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - invalid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -exit: - return; -} -/* END_CASE */ - -/* BEGIN_CASE */ -void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); - } - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); - } - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); - } - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0) - { - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); - } - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - size_t iv_offset = 0; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) -{ - unsigned char output[100]; - mbedtls_blowfish_context ctx; - size_t iv_offset = 0; - - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) -{ - unsigned char stream_str[100]; - unsigned char output[100]; - mbedtls_blowfish_context ctx; - size_t iv_offset = 0; - - memset(stream_str, 0x00, 100); - memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); - - - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); - -exit: - mbedtls_blowfish_free( &ctx ); -} -/* END_CASE */ diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 459683bd29..cdb1898a01 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -13,10 +13,6 @@ CCM init #3 AES-224: bad key size depends_on:MBEDTLS_AES_C mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT -CCM init #4 BLOWFISH-128: bad block size -depends_on:MBEDTLS_BLOWFISH_C -mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:MBEDTLS_ERR_CCM_BAD_INPUT - CCM lengths #1 all OK ccm_lengths:5:10:5:8:0 diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data deleted file mode 100644 index 7a473739a1..0000000000 --- a/tests/suites/test_suite_cipher.arc4.data +++ /dev/null @@ -1,107 +0,0 @@ -ARC4 Decrypt empty buffer -depends_on:MBEDTLS_ARC4_C -dec_empty_buf:MBEDTLS_CIPHER_ARC4_128:0:0 - -ARC4 Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:0:-1 - -ARC4 Encrypt and decrypt 1 byte -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:1:-1 - -ARC4 Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:2:-1 - -ARC4 Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:7:-1 - -ARC4 Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:8:-1 - -ARC4 Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:9:-1 - -ARC4 Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:15:-1 - -ARC4 Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:16:-1 - -ARC4 Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:17:-1 - -ARC4 Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:31:-1 - -ARC4 Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:32:-1 - -ARC4 Encrypt and decrypt 32 bytes [#2] -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:33:-1 - -ARC4 Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:47:-1 - -ARC4 Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:48:-1 - -ARC4 Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_ARC4_C -enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:49:-1 - -ARC4 Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:0:-1:0:0:0:0 - -ARC4 Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:0:-1:1:0:1:0 - -ARC4 Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:1:-1:0:1:0:1 - -ARC4 Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:0:-1:16:0:16:0 - -ARC4 Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:16:-1:0:16:0:16 - -ARC4 Encrypt and decrypt 16 bytes in multiple parts 3 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:15:-1:1:15:1:15 - -ARC4 Encrypt and decrypt 16 bytes in multiple parts 4 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:1:-1:15:1:15:1 - -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#1] -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:7:-1:15:7:15:7 - -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#2] -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:6:-1:16:6:16:6 - -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#3] -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:17:6:-1:17:6:17:6 - -ARC4 Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_ARC4_C -enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:16:-1:16:16:16:16 diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data deleted file mode 100644 index a05a4e7b3e..0000000000 --- a/tests/suites/test_suite_cipher.blowfish.data +++ /dev/null @@ -1,607 +0,0 @@ -BLOWFISH CBC Decrypt empty buffer -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0 - -BLOWFISH Encrypt and decrypt 0 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1 - -BLOWFISH Encrypt and decrypt 1 byte [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:-1 - -BLOWFISH Encrypt and decrypt 2 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:-1 - -BLOWFISH Encrypt and decrypt 7 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1 - -BLOWFISH Encrypt and decrypt 8 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1 - -BLOWFISH Encrypt and decrypt 9 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:-1 - -BLOWFISH Encrypt and decrypt 15 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1 - -BLOWFISH Encrypt and decrypt 16 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1 - -BLOWFISH Encrypt and decrypt 17 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:-1 - -BLOWFISH Encrypt and decrypt 31 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:-1 - -BLOWFISH Encrypt and decrypt 47 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1 - -BLOWFISH Encrypt and decrypt 48 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1 - -BLOWFISH Encrypt and decrypt 49 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1 - -BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS - -BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN - -BLOWFISH Encrypt and decrypt 0 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 1 byte with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 2 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 7 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 8 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 9 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 15 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 16 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 17 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 31 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 47 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 48 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 49 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS - -BLOWFISH Encrypt and decrypt 0 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE - -BLOWFISH Encrypt and decrypt 8 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE - -BLOWFISH Encrypt and decrypt 16 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE - -BLOWFISH Encrypt and decrypt 32 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE - -BLOWFISH Encrypt and decrypt 48 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE - -BLOWFISH Try encrypting 1 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 2 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 7 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 9 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 15 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 17 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 31 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 33 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 47 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Try encrypting 49 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED - -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:0:-1:0:0:0:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:1:-1:0:0:0:0 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:7:-1:8:8:8:8 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:6:-1:16:0:8:8 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:17:6:-1:16:0:16:0 - -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:16:-1:16:16:8:24 - -BLOWFISH Encrypt and decrypt 0 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:0:-1 - -BLOWFISH Encrypt and decrypt 1 byte [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:1:-1 - -BLOWFISH Encrypt and decrypt 2 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:2:-1 - -BLOWFISH Encrypt and decrypt 7 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:7:-1 - -BLOWFISH Encrypt and decrypt 8 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:8:-1 - -BLOWFISH Encrypt and decrypt 9 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:9:-1 - -BLOWFISH Encrypt and decrypt 15 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:15:-1 - -BLOWFISH Encrypt and decrypt 16 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:16:-1 - -BLOWFISH Encrypt and decrypt 17 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:17:-1 - -BLOWFISH Encrypt and decrypt 31 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:31:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:32:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#4] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:33:-1 - -BLOWFISH Encrypt and decrypt 47 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:47:-1 - -BLOWFISH Encrypt and decrypt 48 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:48:-1 - -BLOWFISH Encrypt and decrypt 49 bytes [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:49:-1 - -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:0:-1:0:0:0:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:0:-1:1:0:1:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:1:-1:0:1:0:1 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:0:-1:16:0:16:0 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:16:-1:0:16:0:16 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:15:-1:1:15:1:15 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:1:-1:15:1:15:1 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#4] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:7:-1:15:7:15:7 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#5] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:6:-1:16:6:16:6 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#6] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:17:6:-1:17:6:17:6 - -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:16:-1:16:16:16:16 - -BLOWFISH Encrypt and decrypt 0 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:0:-1 - -BLOWFISH Encrypt and decrypt 1 byte [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:1:-1 - -BLOWFISH Encrypt and decrypt 2 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:2:-1 - -BLOWFISH Encrypt and decrypt 7 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:7:-1 - -BLOWFISH Encrypt and decrypt 8 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:8:-1 - -BLOWFISH Encrypt and decrypt 9 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:9:-1 - -BLOWFISH Encrypt and decrypt 15 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:15:-1 - -BLOWFISH Encrypt and decrypt 16 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:16:-1 - -BLOWFISH Encrypt and decrypt 17 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:17:-1 - -BLOWFISH Encrypt and decrypt 31 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:31:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#5] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:32:-1 - -BLOWFISH Encrypt and decrypt 32 bytes [#6] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:33:-1 - -BLOWFISH Encrypt and decrypt 47 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:47:-1 - -BLOWFISH Encrypt and decrypt 48 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:48:-1 - -BLOWFISH Encrypt and decrypt 49 bytes [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:49:-1 - -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:0:-1:0:0:0:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:0:-1:1:0:1:0 - -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:1:-1:0:1:0:1 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:0:-1:16:0:16:0 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:16:-1:0:16:0:16 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:15:-1:1:15:1:15 - -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:1:-1:15:1:15:1 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#7] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:7:-1:15:7:15:7 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#8] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:6:-1:16:6:16:6 - -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#9] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:17:6:-1:17:6:17:6 - -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#3] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:16:-1:16:16:16:16 - -BLOWFISH CBC Encrypt and decrypt 7 bytes, 192-bits key -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":192:7:-1 - -BLOWFISH CTR Encrypt and decrypt 7 bytes, 192-bits key -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":192:7:-1 - -BLOWFISH CFB64 Encrypt and decrypt 7 bytes, 192-bits key -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":192:7:-1 - -BLOWFISH ECB Encrypt test vector (SSLeay) #1 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"0000000000000000":"4ef997456198dd78":0 - -BLOWFISH ECB Encrypt test vector (SSLeay) #2 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0 - -BLOWFISH ECB Encrypt test vector (SSLeay) #3 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0 - -BLOWFISH ECB Encrypt test vector (SSLeay) #3, 64-bit key -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0 - -BLOWFISH ECB Encrypt test vector (SSLeay) #3, 192-bit key -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0 - -BLOWFISH ECB Decrypt test vector (SSLeay) #1 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"4ef997456198dd78":"0000000000000000":0 - -BLOWFISH ECB Decrypt test vector (SSLeay) #2 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"ffffffffffffffffffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0 - -BLOWFISH ECB Decrypt test vector (SSLeay) #3 -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0 - -BLOWFISH ECB Decrypt test vector (SSLeay) #3, 64-bit key -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0 - -BLOWFISH ECB Decrypt test vector (SSLeay) #3, 192-bit key -depends_on:MBEDTLS_BLOWFISH_C -test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0 diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data index dc4c9d70b5..0370fb3d28 100644 --- a/tests/suites/test_suite_cipher.padding.data +++ b/tests/suites/test_suite_cipher.padding.data @@ -29,18 +29,6 @@ Set padding with DES-CBC depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 set_padding:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_PKCS7:0 -Set padding with BLOWFISH-CBC -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_PKCS7:0 - -Set padding with BLOWFISH-CFB -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB -set_padding:MBEDTLS_CIPHER_BLOWFISH_CFB64:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA - -Set padding with BLOWFISH-CTR -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR -set_padding:MBEDTLS_CIPHER_BLOWFISH_CTR:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA - Set padding with NULL depends_on:MBEDTLS_CIPHER_NULL_CIPHER set_padding:MBEDTLS_CIPHER_NULL:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA @@ -57,10 +45,6 @@ Set non-existent padding with DES-CBC depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC set_padding:MBEDTLS_CIPHER_DES_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -Set non-existent padding with BLOWFISH-CBC -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC -set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE - Check PKCS padding #1 (correct) depends_on:MBEDTLS_CIPHER_PADDING_PKCS7 check_padding:MBEDTLS_PADDING_PKCS7:"DABBAD0004040404":0:4 diff --git a/tests/suites/test_suite_hkdf.data b/tests/suites/test_suite_hkdf.data index 15837365fe..92cea9cfbe 100644 --- a/tests/suites/test_suite_hkdf.data +++ b/tests/suites/test_suite_hkdf.data @@ -15,84 +15,84 @@ test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA HKDF RFC5869 Test Vector #1 depends_on:MBEDTLS_SHA256_C -test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 depends_on:MBEDTLS_SHA256_C -test_hkdf:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" +test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 depends_on:MBEDTLS_SHA256_C -test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" +test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 depends_on:MBEDTLS_SHA1_C -test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" +test_hkdf:2:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 depends_on:MBEDTLS_SHA1_C -test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" +test_hkdf:2:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 depends_on:MBEDTLS_SHA1_C -test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" +test_hkdf:2:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 depends_on:MBEDTLS_SHA1_C -test_hkdf:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" +test_hkdf:2:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" HKDF RFC5869 Test Vector #1 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5" +test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5" HKDF RFC5869 Test Vector #2 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244" +test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244" HKDF RFC5869 Test Vector #3 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04" +test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04" HKDF RFC5869 Test Vector #4 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243" +test_hkdf_extract:2:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243" HKDF RFC5869 Test Vector #5 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6" +test_hkdf_extract:2:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6" HKDF RFC5869 Test Vector #6 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01" +test_hkdf_extract:2:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01" HKDF RFC5869 Test Vector #7 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd" +test_hkdf_extract:2:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd" HKDF RFC5869 Test Vector #1 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:6:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:6:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" +test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:6:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" +test_hkdf_expand:4:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" +test_hkdf_expand:2:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" +test_hkdf_expand:2:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:4:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" +test_hkdf_expand:2:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:4:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" +test_hkdf_expand:2:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index dbe6aa82bc..a74106835a 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -5,14 +5,6 @@ mbedtls_md_process: MD NULL/uninitialised arguments md_null_args: -Information on MD2 -depends_on:MBEDTLS_MD2_C -md_info:MBEDTLS_MD_MD2:"MD2":16 - -Information on MD4 -depends_on:MBEDTLS_MD4_C -md_info:MBEDTLS_MD_MD4:"MD4":16 - Information on MD5 depends_on:MBEDTLS_MD5_C md_info:MBEDTLS_MD_MD5:"MD5":16 @@ -41,62 +33,6 @@ Information on SHA512 depends_on:MBEDTLS_SHA512_C md_info:MBEDTLS_MD_SHA512:"SHA512":64 -generic mbedtls_md2 Test vector RFC1319 #1 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"":"8350e5a3e24c153df2275c9f80692773" - -generic mbedtls_md2 Test vector RFC1319 #2 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -generic mbedtls_md2 Test vector RFC1319 #3 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb" - -generic mbedtls_md2 Test vector RFC1319 #4 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0" - -generic mbedtls_md2 Test vector RFC1319 #5 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" - -generic mbedtls_md2 Test vector RFC1319 #6 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" - -generic mbedtls_md2 Test vector RFC1319 #7 -depends_on:MBEDTLS_MD2_C -md_text:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" - -generic mbedtls_md4 Test vector RFC1320 #1 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -generic mbedtls_md4 Test vector RFC1320 #2 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24" - -generic mbedtls_md4 Test vector RFC1320 #3 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d" - -generic mbedtls_md4 Test vector RFC1320 #4 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b" - -generic mbedtls_md4 Test vector RFC1320 #5 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" - -generic mbedtls_md4 Test vector RFC1320 #6 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" - -generic mbedtls_md4 Test vector RFC1320 #7 -depends_on:MBEDTLS_MD4_C -md_text:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" - generic mbedtls_md5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" @@ -157,30 +93,6 @@ generic mbedtls_ripemd160 Test vector from paper #8 depends_on:MBEDTLS_RIPEMD160_C md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" -generic HMAC-MD2 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" - -generic HMAC-MD2 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" - -generic HMAC-MD2 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" - -generic HMAC-MD4 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" - -generic HMAC-MD4 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" - -generic HMAC-MD4 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" - generic HMAC-MD5 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD5_C mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" @@ -193,14 +105,6 @@ generic HMAC-MD5 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD5_C mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" -HMAC-MD2 Bouncy Castle test #1 -depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808" - -HMAC-MD4 Bouncy Castle test #1 -depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a" - HMAC-MD5 Bouncy Castle test #1 depends_on:MBEDTLS_MD5_C mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc" @@ -261,62 +165,6 @@ generic HMAC-RIPEMD160 Test vector RFC 2286 #7 depends_on:MBEDTLS_RIPEMD160_C mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" -generic multi step mbedtls_md2 Test vector RFC1319 #1 -depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C -md_text_multi:"MD2":"":"8350e5a3e24c153df2275c9f80692773" - -generic multi step mbedtls_md2 Test vector RFC1319 #2 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -generic multi step mbedtls_md2 Test vector RFC1319 #3 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb" - -generic multi step mbedtls_md2 Test vector RFC1319 #4 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0" - -generic multi step mbedtls_md2 Test vector RFC1319 #5 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" - -generic multi step mbedtls_md2 Test vector RFC1319 #6 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" - -generic multi step mbedtls_md2 Test vector RFC1319 #7 -depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" - -generic multi step mbedtls_md4 Test vector RFC1320 #1 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -generic multi step mbedtls_md4 Test vector RFC1320 #2 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24" - -generic multi step mbedtls_md4 Test vector RFC1320 #3 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d" - -generic multi step mbedtls_md4 Test vector RFC1320 #4 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b" - -generic multi step mbedtls_md4 Test vector RFC1320 #5 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" - -generic multi step mbedtls_md4 Test vector RFC1320 #6 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" - -generic multi step mbedtls_md4 Test vector RFC1320 #7 -depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" - generic multi step mbedtls_md5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" @@ -377,30 +225,6 @@ generic multi step mbedtls_ripemd160 Test vector from paper #8 depends_on:MBEDTLS_RIPEMD160_C md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" -generic multi step HMAC-MD2 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" - -generic multi step HMAC-MD2 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" - -generic multi step HMAC-MD2 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" - -generic multi step HMAC-MD4 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" - -generic multi step HMAC-MD4 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" - -generic multi step HMAC-MD4 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" - generic multi step HMAC-MD5 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD5_C md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" @@ -469,38 +293,6 @@ generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7 depends_on:MBEDTLS_RIPEMD160_C md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" -generic MD2 Hash file #1 -depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8" - -generic MD2 Hash file #2 -depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f" - -generic MD2 Hash file #3 -depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d" - -generic MD2 Hash file #4 -depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773" - -generic MD4 Hash file #1 -depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9" - -generic MD4 Hash file #2 -depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd" - -generic MD4 Hash file #3 -depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42" - -generic MD4 Hash file #4 -depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0" - generic MD5 Hash file #1 depends_on:MBEDTLS_MD5_C mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415" diff --git a/tests/suites/test_suite_mdx.data b/tests/suites/test_suite_mdx.data index 3d063a4770..ff3f73f4dd 100644 --- a/tests/suites/test_suite_mdx.data +++ b/tests/suites/test_suite_mdx.data @@ -1,46 +1,4 @@ -# Test MD2, MD4, MD5 and RIPEMD160 -mbedtls_md2 Test vector RFC1319 #1 -md2_text:"":"8350e5a3e24c153df2275c9f80692773" - -mbedtls_md2 Test vector RFC1319 #2 -md2_text:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -mbedtls_md2 Test vector RFC1319 #3 -md2_text:"abc":"da853b0d3f88d99b30283a69e6ded6bb" - -mbedtls_md2 Test vector RFC1319 #4 -md2_text:"message digest":"ab4f496bfb2a530b219ff33031fe06b0" - -mbedtls_md2 Test vector RFC1319 #5 -md2_text:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" - -mbedtls_md2 Test vector RFC1319 #6 -md2_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" - -mbedtls_md2 Test vector RFC1319 #7 -md2_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" - -mbedtls_md4 Test vector RFC1320 #1 -md4_text:"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -mbedtls_md4 Test vector RFC1320 #2 -md4_text:"a":"bde52cb31de33e46245e05fbdbd6fb24" - -mbedtls_md4 Test vector RFC1320 #3 -md4_text:"abc":"a448017aaf21d8525fc10ae87aa6729d" - -mbedtls_md4 Test vector RFC1320 #4 -md4_text:"message digest":"d9130a8164549fe818874806e1c7014b" - -mbedtls_md4 Test vector RFC1320 #5 -md4_text:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" - -mbedtls_md4 Test vector RFC1320 #6 -md4_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" - -mbedtls_md4 Test vector RFC1320 #7 -md4_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" - +# Test MD5 and RIPEMD160 mbedtls_md5 Test vector RFC1321 #1 md5_text:"":"d41d8cd98f00b204e9800998ecf8427e" @@ -86,12 +44,6 @@ ripemd160_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789": mbedtls_ripemd160 Test vector from paper #8 ripemd160_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" -MD2 Selftest -md2_selftest: - -MD4 Selftest -md4_selftest: - MD5 Selftest md5_selftest: diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function index 1ee7229888..73f91231cc 100644 --- a/tests/suites/test_suite_mdx.function +++ b/tests/suites/test_suite_mdx.function @@ -1,50 +1,8 @@ /* BEGIN_HEADER */ -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */ -void md2_text( char * text_src_string, data_t * hash ) -{ - int ret; - unsigned char src_str[100]; - unsigned char output[16]; - - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); - - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - - ret = mbedtls_md2( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ) ; - - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */ -void md4_text( char * text_src_string, data_t * hash ) -{ - int ret; - unsigned char src_str[100]; - unsigned char output[16]; - - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); - - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - - ret = mbedtls_md4( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_MD5_C */ void md5_text( char * text_src_string, data_t * hash ) { @@ -85,20 +43,6 @@ void ripemd160_text( char * text_src_string, data_t * hash ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */ -void md2_selftest( ) -{ - TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */ -void md4_selftest( ) -{ - TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */ void md5_selftest( ) { diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data index d0178b6121..2d7b672d08 100644 --- a/tests/suites/test_suite_nist_kw.data +++ b/tests/suites/test_suite_nist_kw.data @@ -20,10 +20,6 @@ NIST KW init #4 AES-224: bad key size depends_on:MBEDTLS_AES_C mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:224:1:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -NIST KW init #5 BLOWFISH-128: bad cipher -depends_on:MBEDTLS_BLOWFISH_C -mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA - NIST KW lengths #1 KW plaintext OK (2 to 2^54 - 1 semiblocks) nist_kw_plaintext_lengths:16:24:MBEDTLS_KW_MODE_KW:0 diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 1f73aace80..53746282b3 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -170,54 +170,6 @@ Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit) depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0 -Parse RSA Key #32 (PKCS#8 encrypted SHA1-RC4-128) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTest":0 - -Parse RSA Key #32.1 (PKCS#8 encrypted SHA1-RC4-128, wrong PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH - -Parse RSA Key #32.2 (PKCS#8 encrypted SHA1-RC4-128, no PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED - -Parse RSA Key #33 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTest":0 - -Parse RSA Key #33.1 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, wrong PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH - -Parse RSA Key #33.2 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, no PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED - -Parse RSA Key #34 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTest":0 - -Parse RSA Key #34.1 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, wrong PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH - -Parse RSA Key #34.2 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, no PW) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED - -Parse RSA Key #35 (PKCS#8 encrypted SHA1-RC4-128 DER) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der":"PolarSSLTest":0 - -Parse RSA Key #36 (PKCS#8 encrypted SHA1-RC4-128 DER, 2048-bit) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der":"PolarSSLTest":0 - -Parse RSA Key #37 (PKCS#8 encrypted SHA1-RC4-128 DER, 4096-bit) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der":"PolarSSLTest":0 - Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES) depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0 @@ -1032,39 +984,31 @@ Parse EC Key #5c (PKCS8 PEM, with parameters) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0 -Parse EC Key #6 (PKCS8 encrypted DER) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0 - -Parse EC Key #7 (PKCS8 encrypted PEM) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0 - -Parse EC Key #8 (SEC1 PEM, secp224r1) +Parse EC Key #6 (SEC1 PEM, secp224r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_224_prv.pem":"NULL":0 -Parse EC Key #9 (SEC1 PEM, secp256r1) +Parse EC Key #7 (SEC1 PEM, secp256r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_256_prv.pem":"NULL":0 -Parse EC Key #10 (SEC1 PEM, secp384r1) +Parse EC Key #8 (SEC1 PEM, secp384r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_384_prv.pem":"NULL":0 -Parse EC Key #11 (SEC1 PEM, secp521r1) +Parse EC Key #9 (SEC1 PEM, secp521r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0 -Parse EC Key #12 (SEC1 PEM, bp256r1) +Parse EC Key #10 (SEC1 PEM, bp256r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp256_prv.pem":"NULL":0 -Parse EC Key #13 (SEC1 PEM, bp384r1) +Parse EC Key #11 (SEC1 PEM, bp384r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp384_prv.pem":"NULL":0 -Parse EC Key #14 (SEC1 PEM, bp512r1) +Parse EC Key #12 (SEC1 PEM, bp512r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0 diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4d9c7b69bf..2b92a06c19 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1000,14 +1000,6 @@ PSA hash setup: good, SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS -PSA hash setup: good, MD2 -depends_on:PSA_WANT_ALG_MD2 -hash_setup:PSA_ALG_MD2:PSA_SUCCESS - -PSA hash setup: good, MD4 -depends_on:PSA_WANT_ALG_MD4 -hash_setup:PSA_ALG_MD4:PSA_SUCCESS - PSA hash setup: good, MD5 depends_on:PSA_WANT_ALG_MD5 hash_setup:PSA_ALG_MD5:PSA_SUCCESS @@ -1109,14 +1101,6 @@ PSA hash compute: good, SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" -PSA hash compute: good, MD2 -depends_on:PSA_WANT_ALG_MD2 -hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" - -PSA hash compute: good, MD4 -depends_on:PSA_WANT_ALG_MD4 -hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" - PSA hash compute: good, MD5 depends_on:PSA_WANT_ALG_MD5 hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" @@ -1146,10 +1130,6 @@ PSA MAC setup: bad algorithm (HMAC without specified hash) # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED -PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm) -depends_on:!PSA_WANT_ALG_MD2 -mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED - PSA MAC setup: bad algorithm (not a MAC algorithm) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT @@ -1410,11 +1390,6 @@ depends_on:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED -PSA cipher setup: incompatible key ARC4 for CTR -depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR -# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here -cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED - PSA cipher: bad order function calls cipher_bad_order: diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 67158d0ec1..9f5133988a 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -158,62 +158,6 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8 depends_on:PSA_WANT_ALG_SHA_512 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" -PSA hash finish: MD2 Test vector RFC1319 #1 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" - -PSA hash finish: MD2 Test vector RFC1319 #2 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -PSA hash finish: MD2 Test vector RFC1319 #3 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" - -PSA hash finish: MD2 Test vector RFC1319 #4 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" - -PSA hash finish: MD2 Test vector RFC1319 #5 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" - -PSA hash finish: MD2 Test vector RFC1319 #6 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" - -PSA hash finish: MD2 Test vector RFC1319 #7 -depends_on:PSA_WANT_ALG_MD2 -hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" - -PSA hash finish: MD4 Test vector RFC1320 #1 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -PSA hash finish: MD4 Test vector RFC1320 #2 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" - -PSA hash finish: MD4 Test vector RFC1320 #3 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" - -PSA hash finish: MD4 Test vector RFC1320 #4 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" - -PSA hash finish: MD4 Test vector RFC1320 #5 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" - -PSA hash finish: MD4 Test vector RFC1320 #6 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" - -PSA hash finish: MD4 Test vector RFC1320 #7 -depends_on:PSA_WANT_ALG_MD4 -hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" - PSA hash finish: MD5 Test vector RFC1321 #1 depends_on:PSA_WANT_ALG_MD5 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" @@ -294,14 +238,6 @@ PSA hash verify: SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" -PSA hash verify: MD2 -depends_on:PSA_WANT_ALG_MD2 -hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" - -PSA hash verify: MD4 -depends_on:PSA_WANT_ALG_MD4 -hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" - PSA hash verify: MD5 depends_on:PSA_WANT_ALG_MD5 hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" @@ -470,62 +406,6 @@ PSA hash multi part: SHA-512 Test Vector NIST CAVS #8 depends_on:PSA_WANT_ALG_SHA_512 hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" -PSA hash multi part: MD2 Test vector RFC1319 #1 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" - -PSA hash multi part: MD2 Test vector RFC1319 #2 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -PSA hash multi part: MD2 Test vector RFC1319 #3 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" - -PSA hash multi part: MD2 Test vector RFC1319 #4 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" - -PSA hash multi part: MD2 Test vector RFC1319 #5 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" - -PSA hash multi part: MD2 Test vector RFC1319 #6 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" - -PSA hash multi part: MD2 Test vector RFC1319 #7 -depends_on:PSA_WANT_ALG_MD2 -hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" - -PSA hash multi part: MD4 Test vector RFC1320 #1 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -PSA hash multi part: MD4 Test vector RFC1320 #2 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" - -PSA hash multi part: MD4 Test vector RFC1320 #3 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" - -PSA hash multi part: MD4 Test vector RFC1320 #4 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" - -PSA hash multi part: MD4 Test vector RFC1320 #5 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" - -PSA hash multi part: MD4 Test vector RFC1320 #6 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" - -PSA hash multi part: MD4 Test vector RFC1320 #7 -depends_on:PSA_WANT_ALG_MD4 -hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" - PSA hash multi part: MD5 Test vector RFC1321 #1 depends_on:PSA_WANT_ALG_MD5 hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 22056b0a85..9bf91b5864 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -1,11 +1,3 @@ -Hash: MD2 -depends_on:PSA_WANT_ALG_MD2 -hash_algorithm:PSA_ALG_MD2:16 - -Hash: MD4 -depends_on:PSA_WANT_ALG_MD4 -hash_algorithm:PSA_ALG_MD4:16 - Hash: MD5 depends_on:PSA_WANT_ALG_MD5 hash_algorithm:PSA_ALG_MD5:16 @@ -34,14 +26,6 @@ Hash: SHA-2 SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_algorithm:PSA_ALG_SHA_512:64 -MAC: HMAC-MD2 -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 -hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64 - -MAC: HMAC-MD4 -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 -hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64 - MAC: HMAC-MD5 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64 @@ -319,10 +303,6 @@ Block cipher key type: Camellia depends_on:PSA_WANT_KEY_TYPE_CAMELLIA block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16 -Stream cipher key type: ARC4 -depends_on:PSA_WANT_KEY_TYPE_ARC4 -stream_cipher_key_type:PSA_KEY_TYPE_ARC4 - Stream cipher key type: ChaCha20 depends_on:PSA_WANT_KEY_TYPE_CHACHA20 stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20 diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index cc5a047790..98dad0b060 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -220,55 +220,39 @@ RSA PKCS1 Sign #4 Verify depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 -RSA PKCS1 Sign #5 (MD2, 2048 bits RSA) -depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 - -RSA PKCS1 Sign #5 Verify -depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 - -RSA PKCS1 Sign #6 (MD4, 2048 bits RSA) -depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 - -RSA PKCS1 Sign #6 Verify -depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 - -RSA PKCS1 Sign #7 (MD5, 2048 bits RSA) +RSA PKCS1 Sign #5 (MD5, 2048 bits RSA) depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 -RSA PKCS1 Sign #7 Verify +RSA PKCS1 Sign #5 Verify depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 -RSA PKCS1 Sign #8 (RAW, 2048 bits RSA) +RSA PKCS1 Sign #6 (RAW, 2048 bits RSA) depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" -RSA PKCS1 Sign #8 Verify +RSA PKCS1 Sign #6 Verify depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0 -RSA PKCS1 Sign #8 Verify (Wrong raw hash) +RSA PKCS1 Sign #6 Verify (Wrong raw hash) depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED -RSA PKCS1 Sign #9 (Invalid Digest type) +RSA PKCS1 Sign #7 (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA -RSA PKCS1 Sign #9 Verify (Invalid Digest type) +RSA PKCS1 Sign #7 Verify (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA -RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA) +RSA PKCS1 Sign #8 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 -RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA) +RSA PKCS1 Verify #8 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 14b4afc3a3..eb96e30eb9 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1,8 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" #include "rsa_alt_helpers.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index a497076c14..b0a573dcf4 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3550,326 +3550,6 @@ Record crypt, CAMELLIA-256-CBC, 1.0, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 -Record crypt, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -7278,326 +6958,6 @@ Record crypt, little space, CAMELLIA-256-CBC, 1.0, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index dc81afbc61..7c6a9d39ae 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -22,14 +22,6 @@ X509 CRT information #3 (DER) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C x509_cert_info:"data_files/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" -X509 CRT information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 CRT information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C -x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - X509 CRT information MD5 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" @@ -202,14 +194,6 @@ X509 CRL information #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" -X509 CRL Information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" - -X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" - X509 CRL Information MD5 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" @@ -286,10 +270,6 @@ X509 CRL Unsupported non-critical extension (issuingDistributionPoint) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 -X509 CSR Information RSA with MD4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" - X509 CSR Information RSA with MD5 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" @@ -527,387 +507,371 @@ X509 CRT verification #10 (Not trusted Cert, Expired CRL) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 forbidden) -depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" - -X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 forbidden) -depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" - -X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 forbidden) +X509 CRT verification #11 (Valid Cert MD5 Digest, MD5 forbidden) depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" -X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 allowed) -depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL" - -X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 allowed) -depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL" - -X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 allowed) +X509 CRT verification #11 (Valid Cert MD5 Digest, MD5 allowed) depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL" -X509 CRT verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile) +X509 CRT verification #12 (Valid Cert SHA1 Digest explicitly allowed in profile) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #14 (Valid Cert SHA1 Digest forbidden in default profile) +X509 CRT verification #12 (Valid Cert SHA1 Digest forbidden in default profile) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" -X509 CRT verification #15 (Valid Cert SHA224 Digest) +X509 CRT verification #13 (Valid Cert SHA224 Digest) depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #16 (Valid Cert SHA256 Digest) +X509 CRT verification #14 (Valid Cert SHA256 Digest) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #17 (Valid Cert SHA384 Digest) +X509 CRT verification #15 (Valid Cert SHA384 Digest) depends_on:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #18 (Valid Cert SHA512 Digest) +X509 CRT verification #16 (Valid Cert SHA512 Digest) depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #19 (Valid Cert, denying callback) +X509 CRT verification #17 (Valid Cert, denying callback) depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none" -X509 CRT verification #19 (Not trusted Cert, allowing callback) +X509 CRT verification #18 (Not trusted Cert, allowing callback) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all" -X509 CRT verification #21 (domain matching wildcard certificate, case insensitive) +X509 CRT verification #19 (domain matching wildcard certificate, case insensitive) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.ExAmPlE.com":0:0:"compat":"NULL" -X509 CRT verification #22 (domain not matching wildcard certificate) +X509 CRT verification #20 (domain not matching wildcard certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #23 (domain not matching wildcard certificate) +X509 CRT verification #21 (domain not matching wildcard certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #24 (domain matching CN of multi certificate) +X509 CRT verification #22 (domain matching CN of multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #25 (domain matching multi certificate) +X509 CRT verification #23 (domain matching multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.net":0:0:"compat":"NULL" -X509 CRT verification #26 (domain not matching multi certificate) +X509 CRT verification #24 (domain not matching multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #27.1 (domain not matching multi certificate: suffix) +X509 CRT verification #25.1 (domain not matching multi certificate: suffix) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"xample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #27.2 (domain not matching multi certificate: head junk) +X509 CRT verification #25.2 (domain not matching multi certificate: head junk) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"bexample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #28 (domain not matching wildcard in multi certificate) +X509 CRT verification #26 (domain not matching wildcard in multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.org":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #29 (domain matching wildcard in multi certificate) +X509 CRT verification #27 (domain matching wildcard in multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.org":0:0:"compat":"NULL" -X509 CRT verification #30 (domain matching multi certificate without CN) +X509 CRT verification #28 (domain matching multi certificate without CN) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.shotokan-braunschweig.de":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #31 (domain not matching multi certificate without CN) +X509 CRT verification #29 (domain not matching multi certificate without CN) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH + MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #32 (Valid, EC cert, RSA CA) +X509 CRT verification #30 (Valid, EC cert, RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #33 (Valid, RSA cert, EC CA) +X509 CRT verification #31 (Valid, RSA cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #34 (Valid, EC cert, EC CA) +X509 CRT verification #32 (Valid, EC cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #35 (Revoked, EC CA) +X509 CRT verification #33 (Revoked, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #36 (Valid, EC CA, SHA1 Digest) +X509 CRT verification #34 (Valid, EC CA, SHA1 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #37 (Valid, EC CA, SHA224 Digest) +X509 CRT verification #35 (Valid, EC CA, SHA224 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA224_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) +X509 CRT verification #36 (Valid, EC CA, SHA384 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA384_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #39 (Valid, EC CA, SHA512 Digest) +X509 CRT verification #37 (Valid, EC CA, SHA512 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha512.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #40 (Valid, depth 0, RSA, CA) +X509 CRT verification #38 (Valid, depth 0, RSA, CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/test-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #41 (Valid, depth 0, EC, CA) +X509 CRT verification #39 (Valid, depth 0, EC, CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/test-ca2.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #42 (Depth 0, not CA, RSA) +X509 CRT verification #40 (Depth 0, not CA, RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #43 (Depth 0, not CA, EC) +X509 CRT verification #41 (Depth 0, not CA, EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/server5.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #44 (Corrupted signature, EC) +X509 CRT verification #42 (Corrupted signature, EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #45 (Corrupted signature, RSA) +X509 CRT verification #43 (Corrupted signature, RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #45b (Corrupted signature, intermediate CA) +X509 CRT verification #43b (Corrupted signature, intermediate CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #46 (Valid, depth 2, EC-RSA-EC) +X509 CRT verification #44 (Valid, depth 2, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #47 (Untrusted, depth 2, EC-RSA-EC) +X509 CRT verification #45 (Untrusted, depth 2, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #48 (Missing intermediate CA, EC-RSA-EC) +X509 CRT verification #46 (Missing intermediate CA, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server7.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #49 (Valid, depth 2, RSA-EC-RSA) +X509 CRT verification #47 (Valid, depth 2, RSA-EC-RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server8_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #50 (Valid, multiple CAs) +X509 CRT verification #48 (Valid, multiple CAs) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server2.crt":"data_files/test-ca_cat12.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #51 (Valid, multiple CAs, reverse order) +X509 CRT verification #49 (Valid, multiple CAs, reverse order) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server2.crt":"data_files/test-ca_cat21.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #52 (CA keyUsage valid) +X509 CRT verification #50 (CA keyUsage valid) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #53 (CA keyUsage missing cRLSign) +X509 CRT verification #51 (CA keyUsage missing cRLSign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #54 (CA keyUsage missing cRLSign, no CRL) +X509 CRT verification #52 (CA keyUsage missing cRLSign, no CRL) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #55 (CA keyUsage missing keyCertSign) +X509 CRT verification #53 (CA keyUsage missing keyCertSign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #56 (CA keyUsage plain wrong) +X509 CRT verification #54 (CA keyUsage plain wrong) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-1) +X509 CRT verification #55 (Valid, RSASSA-PSS, SHA-1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-224) +X509 CRT verification #56 (Valid, RSASSA-PSS, SHA-224) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-256) +X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-256) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #60 (Valid, RSASSA-PSS, SHA-384) +X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-384) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #61 (Valid, RSASSA-PSS, SHA-512) +X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-512) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #62 (Revoked, RSASSA-PSS, SHA-1) +X509 CRT verification #60 (Revoked, RSASSA-PSS, SHA-1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) +X509 CRT verification #61 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #64 (Valid, RSASSA-PSS, SHA-1, not top) +X509 CRT verification #62 (Valid, RSASSA-PSS, SHA-1, not top) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #65 (RSASSA-PSS, SHA1, bad cert signature) +X509 CRT verification #63 (RSASSA-PSS, SHA1, bad cert signature) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #66 (RSASSA-PSS, SHA1, no RSA CA) +X509 CRT verification #64 (RSASSA-PSS, SHA1, no RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #67 (Valid, RSASSA-PSS, all defaults) +X509 CRT verification #65 (Valid, RSASSA-PSS, all defaults) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #68 (RSASSA-PSS, wrong salt_len) +X509 CRT verification #66 (RSASSA-PSS, wrong salt_len) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash) +X509 CRT verification #67 (RSASSA-PSS, wrong mgf_hash) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #70 (v1 trusted CA) +X509 CRT verification #68 (v1 trusted CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server1-v1.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #71 (v1 trusted CA, other) +X509 CRT verification #69 (v1 trusted CA, other) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server2-v1.crt":"data_files/server1-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #72 (v1 chain) +X509 CRT verification #70 (v1 chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server2-v1-chain.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #73 (selfsigned trusted without CA bit) +X509 CRT verification #71 (selfsigned trusted without CA bit) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #74 (signed by selfsigned trusted without CA bit) +X509 CRT verification #72 (signed by selfsigned trusted without CA bit) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #75 (encoding mismatch) +X509 CRT verification #73 (encoding mismatch) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #76 (multiple CRLs, not revoked) +X509 CRT verification #74 (multiple CRLs, not revoked) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C x509_verify:"data_files/server5.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #77 (multiple CRLs, revoked) +X509 CRT verification #75 (multiple CRLs, revoked) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #78 (multiple CRLs, revoked by second) +X509 CRT verification #76 (multiple CRLs, revoked by second) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #79 (multiple CRLs, revoked by future) +X509 CRT verification #77 (multiple CRLs, revoked by future) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" -X509 CRT verification #80 (multiple CRLs, first future, revoked by second) +X509 CRT verification #78 (multiple CRLs, first future, revoked by second) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #81 (multiple CRLs, none relevant) +X509 CRT verification #79 (multiple CRLs, none relevant) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #82 (Not yet valid CA and valid CA) +X509 CRT verification #80 (Not yet valid CA and valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #83 (valid CA and Not yet valid CA) +X509 CRT verification #81 (valid CA and Not yet valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-future.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #84 (valid CA and Not yet valid CA) +X509 CRT verification #82 (valid CA and Not yet valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-past.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #85 (Not yet valid CA and valid CA) +X509 CRT verification #83 (Not yet valid CA and valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #86 (Not yet valid CA and invalid CA) +X509 CRT verification #84 (Not yet valid CA and invalid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" -X509 CRT verification #87 (Expired CA and invalid CA) +X509 CRT verification #85 (Expired CA and invalid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" -X509 CRT verification #88 (Spurious cert in the chain) +X509 CRT verification #86 (Spurious cert in the chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server7_spurious_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #89 (Spurious cert later in the chain) +X509 CRT verification #87 (Spurious cert later in the chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #90 (EE with same name as trusted root) +X509 CRT verification #88 (EE with same name as trusted root) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"":"NULL" -X509 CRT verification #91 (same CA with good then bad key) +X509 CRT verification #89 (same CA with good then bad key) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C x509_verify:"data_files/server1.crt":"data_files/test-ca-good-alt.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #91 (same CA with bad then good key) +X509 CRT verification #89 (same CA with bad then good key) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #92 (bad name, allowing callback) +X509 CRT verification #90 (bad name, allowing callback) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all" -X509 CRT verification #93 (Suite B invalid, EC cert, RSA CA) +X509 CRT verification #91 (Suite B invalid, EC cert, RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY|MBEDTLS_X509_BADCRL_BAD_MD|MBEDTLS_X509_BADCRL_BAD_PK:"suite_b":"NULL" -X509 CRT verification #94 (Suite B invalid, RSA cert, EC CA) +X509 CRT verification #92 (Suite B invalid, RSA cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_PK:"suite_b":"NULL" -X509 CRT verification #95 (Suite B Valid, EC cert, EC CA) +X509 CRT verification #93 (Suite B Valid, EC cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" -X509 CRT verification #96 (next profile Invalid Cert SHA224 Digest) +X509 CRT verification #94 (next profile Invalid Cert SHA224 Digest) depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" -X509 CRT verification #97 (next profile Valid Cert SHA256 Digest) +X509 CRT verification #95 (next profile Valid Cert SHA256 Digest) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_SHA1_C x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"next":"NULL" -X509 CRT verification #98 (Revoked Cert, revocation date in the future, _with_ MBEDTLS_HAVE_TIME_DATE) +X509 CRT verification #96 (Revoked Cert, revocation date in the future, _with_ MBEDTLS_HAVE_TIME_DATE) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" -X509 CRT verification #99 (Revoked Cert, revocation date in the future, _without_ MBEDTLS_HAVE_TIME_DATE) +X509 CRT verification #97 (Revoked Cert, revocation date in the future, _without_ MBEDTLS_HAVE_TIME_DATE) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 9e2ae013a8..efc2fc931e 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -18,10 +18,6 @@ Certificate Request check Server1 SHA512 depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 -Certificate Request check Server1 MD4 -depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0 - Certificate Request check Server1 MD5 depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 diff --git a/tests/suites/test_suite_xtea.data b/tests/suites/test_suite_xtea.data deleted file mode 100644 index d9d06d7130..0000000000 --- a/tests/suites/test_suite_xtea.data +++ /dev/null @@ -1,76 +0,0 @@ -XTEA Encrypt_ecb #1 -xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"497df3d072612cb5" - -XTEA Encrypt_ecb #2 -xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"e78f2d13744341d8" - -XTEA Encrypt_ecb #3 -xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"5a5b6e278948d77f":"4141414141414141" - -XTEA Encrypt_ecb #4 -xtea_encrypt_ecb:"00000000000000000000000000000000":"4142434445464748":"a0390589f8b8efa5" - -XTEA Encrypt_ecb #5 -xtea_encrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"ed23375a821a8c2d" - -XTEA Encrypt_ecb #6 -xtea_encrypt_ecb:"00000000000000000000000000000000":"70e1225d6e4e7655":"4141414141414141" - -XTEA Decrypt_ecb #1 -xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"497df3d072612cb5":"4142434445464748" - -XTEA Decrypt_ecb #2 -xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"e78f2d13744341d8":"4141414141414141" - -XTEA Decrypt_ecb #3 -xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"5a5b6e278948d77f" - -XTEA Decrypt_ecb #4 -xtea_decrypt_ecb:"00000000000000000000000000000000":"a0390589f8b8efa5":"4142434445464748" - -XTEA Decrypt_ecb #5 -xtea_decrypt_ecb:"00000000000000000000000000000000":"ed23375a821a8c2d":"4141414141414141" - -XTEA Decrypt_ecb #6 -xtea_decrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"70e1225d6e4e7655" - -XTEA Encrypt CBC #1 -xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"6b982bec15a7b558" - -XTEA Encrypt CBC #2 -xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"2c6aeb799561c8e973b0927f072e3801" - -XTEA Encrypt CBC #3 -xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"41414141414141415fee100fe2c030025d8a557f2677cb33" - -XTEA Encrypt CBC #4 -xtea_encrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"5b0c065a3803900d" - -XTEA Encrypt CBC #5 -xtea_encrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"bdae508aa320aa5caa7cd79dbc9c38aa" - -XTEA Encrypt CBC #6 -xtea_encrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"61f5082a2c996f632da3ea16ff8e06558b69f069d8637b31" - -XTEA Decrypt CBC #1 -xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"359def46515c71b2" - -XTEA Decrypt CBC #2 -xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"1b192d63cc0e90371b1a2f66c809963e" - -XTEA Decrypt CBC #3 -xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"2e76e5cc03543cdc40ca03358a5764c331a0631c2f0f3714" - -XTEA Decrypt CBC #4 -xtea_decrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"81476a15138174dc" - -XTEA Decrypt CBC #5 -xtea_decrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"31a361192b08311d31a0631c2f0f3714" - -XTEA Decrypt CBC #6 -xtea_decrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"c1e2dbbf67ee786e29e051bea18c6abc66f1de5c2daefc2a" - -XTEA Selftest -depends_on:MBEDTLS_SELF_TEST -xtea_selftest: - diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function deleted file mode 100644 index 1d5b29b8ab..0000000000 --- a/tests/suites/test_suite_xtea.function +++ /dev/null @@ -1,86 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/xtea.h" -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_XTEA_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ -void xtea_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst ) -{ - unsigned char output[100]; - mbedtls_xtea_context ctx; - - memset(output, 0x00, 100); - - - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) -{ - unsigned char output[100]; - mbedtls_xtea_context ctx; - - memset(output, 0x00, 100); - - - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) -{ - unsigned char output[100]; - mbedtls_xtea_context ctx; - - memset(output, 0x00, 100); - - - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) -{ - unsigned char output[100]; - mbedtls_xtea_context ctx; - - memset(output, 0x00, 100); - - - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void xtea_selftest( ) -{ - TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 ); -} -/* END_CASE */ From 7ff652ae53dadbf65fe173f457476895b5a078ff Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 1 Jun 2021 12:22:48 +0200 Subject: [PATCH 0303/1065] Addition of ChangeLog and migration guide entry files. Signed-off-by: TRodziewicz --- ChangeLog.d/issue4084.txt | 27 +++++++++++++++++++ .../remove_MD2_MD4_RC4_Blowfish_XTEA.md | 8 ++++++ 2 files changed, 35 insertions(+) create mode 100644 ChangeLog.d/issue4084.txt create mode 100644 docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md diff --git a/ChangeLog.d/issue4084.txt b/ChangeLog.d/issue4084.txt new file mode 100644 index 0000000000..c6a72f996e --- /dev/null +++ b/ChangeLog.d/issue4084.txt @@ -0,0 +1,27 @@ +Removals + * Remove MD2, MD4, RC4, Blowfish and XTEA cryptographic primitives and + ciphersuites. Remove the following library files: arc4.c/h, blowfish.c/h, + md2.c/h, md4.c/h, xtea.c/h and belonging csr/crt/pem files. Remove the + following defines: MBEDTLS_RC4_C, MBEDTLS_ARC4_C, MBEDTLS_ARC4_ALT, + PSA_WANT_KEY_TYPE_ARC4, PSA_WANT_ALG_STREAM_CIPHER, + MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4, MBEDTLS_CIPHER_ID_ARC4, + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_BLOWFISH_C, MBEDTLS_BLOWFISH_ALT, + MBEDTLS_CIPHER_ID_BLOWFISH, MBEDTLS_CIPHER_BLOWFISH_ECB, + MBEDTLS_CIPHER_BLOWFISH_CBC, MBEDTLS_CIPHER_BLOWFISH_CFB64, + MBEDTLS_CIPHER_BLOWFISH_CTR, MBEDTLS_MD2_C, MBEDTLS_MD2_ALT, + MBEDTLS_MD2_PROCESS_ALT, PSA_ALG_MD2, PSA_WANT_ALG_MD2, + MBEDTLS_PSA_ACCEL_ALG_MD2, MBEDTLS_OID_PKCS1_MD2, + MBEDTLS_OID_DIGEST_ALG_MD2, MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC, + MBEDTLS_MD_MD2, MBEDTLS_MD4_C, MBEDTLS_MD4_ALT, MBEDTLS_MD4_PROCESS_ALT, + PSA_ALG_MD4, PSA_WANT_ALG_MD4, MBEDTLS_PSA_ACCEL_ALG_MD4, + MBEDTLS_OID_PKCS1_MD4, MBEDTLS_OID_DIGEST_ALG_MD4, + MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC, MBEDTLS_MD_MD4, MBEDTLS_XTEA_C, + MBEDTLS_XTEA_ALT. Remove the following functions: + mbedtls_arc4_self_test(), mbedtls_md2_free(), mbedtls_md2_clone(), + mbedtls_md2_starts_ret(), mbedtls_md2_update_ret(), + mbedtls_md2_finish_ret(), mbedtls_md2_ret(), mbedtls_md2_self_test(), + mbedtls_internal_md2_process(), mbedtls_md4_free(), mbedtls_md4_clone(), + mbedtls_md4_starts_ret(), mbedtls_md4_update_ret(), + mbedtls_md4_finish_ret(), mbedtls_md4_ret(), mbedtls_md4_self_test(), + mbedtls_internal_md4_process(), mbedtls_xtea_self_test(). + Remove the related tests and test suites and error codes. Fixes #4084. diff --git a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md new file mode 100644 index 0000000000..d7e116cb43 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md @@ -0,0 +1,8 @@ +Remove MD2, MD4, RC4, Blowfish and XTEA ciphersuites +-- + +This change affects users of the MD2, MD4, RC4, Blowfish and XTEA ciphersuites. + +They are already niche or obsolete and most of them are weak or broken. For +those reasons possible users should consider switching to modern and safe +alternatives to be found in literature. From 8f91c721d3b6e826e433ff4f47168a60abfa5947 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 9 Jun 2021 14:25:51 +0200 Subject: [PATCH 0304/1065] Code review follow-up corrections Signed-off-by: TRodziewicz --- ChangeLog.d/issue4084.txt | 29 ++----------- .../remove_MD2_MD4_RC4_Blowfish_XTEA.md | 4 +- tests/suites/test_suite_hkdf.data | 42 +++++++++---------- 3 files changed, 26 insertions(+), 49 deletions(-) diff --git a/ChangeLog.d/issue4084.txt b/ChangeLog.d/issue4084.txt index c6a72f996e..75273c1bdc 100644 --- a/ChangeLog.d/issue4084.txt +++ b/ChangeLog.d/issue4084.txt @@ -1,27 +1,4 @@ Removals - * Remove MD2, MD4, RC4, Blowfish and XTEA cryptographic primitives and - ciphersuites. Remove the following library files: arc4.c/h, blowfish.c/h, - md2.c/h, md4.c/h, xtea.c/h and belonging csr/crt/pem files. Remove the - following defines: MBEDTLS_RC4_C, MBEDTLS_ARC4_C, MBEDTLS_ARC4_ALT, - PSA_WANT_KEY_TYPE_ARC4, PSA_WANT_ALG_STREAM_CIPHER, - MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4, MBEDTLS_CIPHER_ID_ARC4, - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_BLOWFISH_C, MBEDTLS_BLOWFISH_ALT, - MBEDTLS_CIPHER_ID_BLOWFISH, MBEDTLS_CIPHER_BLOWFISH_ECB, - MBEDTLS_CIPHER_BLOWFISH_CBC, MBEDTLS_CIPHER_BLOWFISH_CFB64, - MBEDTLS_CIPHER_BLOWFISH_CTR, MBEDTLS_MD2_C, MBEDTLS_MD2_ALT, - MBEDTLS_MD2_PROCESS_ALT, PSA_ALG_MD2, PSA_WANT_ALG_MD2, - MBEDTLS_PSA_ACCEL_ALG_MD2, MBEDTLS_OID_PKCS1_MD2, - MBEDTLS_OID_DIGEST_ALG_MD2, MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC, - MBEDTLS_MD_MD2, MBEDTLS_MD4_C, MBEDTLS_MD4_ALT, MBEDTLS_MD4_PROCESS_ALT, - PSA_ALG_MD4, PSA_WANT_ALG_MD4, MBEDTLS_PSA_ACCEL_ALG_MD4, - MBEDTLS_OID_PKCS1_MD4, MBEDTLS_OID_DIGEST_ALG_MD4, - MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC, MBEDTLS_MD_MD4, MBEDTLS_XTEA_C, - MBEDTLS_XTEA_ALT. Remove the following functions: - mbedtls_arc4_self_test(), mbedtls_md2_free(), mbedtls_md2_clone(), - mbedtls_md2_starts_ret(), mbedtls_md2_update_ret(), - mbedtls_md2_finish_ret(), mbedtls_md2_ret(), mbedtls_md2_self_test(), - mbedtls_internal_md2_process(), mbedtls_md4_free(), mbedtls_md4_clone(), - mbedtls_md4_starts_ret(), mbedtls_md4_update_ret(), - mbedtls_md4_finish_ret(), mbedtls_md4_ret(), mbedtls_md4_self_test(), - mbedtls_internal_md4_process(), mbedtls_xtea_self_test(). - Remove the related tests and test suites and error codes. Fixes #4084. + * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the + corresponding modules and all their APIs and related configuration + options. Fixes #4084. diff --git a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md index d7e116cb43..d199f2f13f 100644 --- a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md +++ b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md @@ -1,7 +1,7 @@ -Remove MD2, MD4, RC4, Blowfish and XTEA ciphersuites +Remove MD2, MD4, RC4, Blowfish and XTEA algorithms -- -This change affects users of the MD2, MD4, RC4, Blowfish and XTEA ciphersuites. +This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. They are already niche or obsolete and most of them are weak or broken. For those reasons possible users should consider switching to modern and safe diff --git a/tests/suites/test_suite_hkdf.data b/tests/suites/test_suite_hkdf.data index 92cea9cfbe..d2f7ab3284 100644 --- a/tests/suites/test_suite_hkdf.data +++ b/tests/suites/test_suite_hkdf.data @@ -15,84 +15,84 @@ test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA HKDF RFC5869 Test Vector #1 depends_on:MBEDTLS_SHA256_C -test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 depends_on:MBEDTLS_SHA256_C -test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" +test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 depends_on:MBEDTLS_SHA256_C -test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" +test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 depends_on:MBEDTLS_SHA1_C -test_hkdf:2:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" +test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 depends_on:MBEDTLS_SHA1_C -test_hkdf:2:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" +test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 depends_on:MBEDTLS_SHA1_C -test_hkdf:2:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" +test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 depends_on:MBEDTLS_SHA1_C -test_hkdf:2:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" +test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" HKDF RFC5869 Test Vector #1 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5" +test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5" HKDF RFC5869 Test Vector #2 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244" +test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244" HKDF RFC5869 Test Vector #3 Extract depends_on:MBEDTLS_SHA256_C -test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04" +test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04" HKDF RFC5869 Test Vector #4 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:2:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243" +test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243" HKDF RFC5869 Test Vector #5 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:2:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6" +test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6" HKDF RFC5869 Test Vector #6 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:2:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01" +test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01" HKDF RFC5869 Test Vector #7 Extract depends_on:MBEDTLS_SHA1_C -test_hkdf_extract:2:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd" +test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd" HKDF RFC5869 Test Vector #1 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" +test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 Expand depends_on:MBEDTLS_SHA256_C -test_hkdf_expand:4:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" +test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:2:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" +test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:2:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" +test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:2:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" +test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 Expand depends_on:MBEDTLS_SHA1_C -test_hkdf_expand:2:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" +test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" From 15a7b737082df748de0aff2d2a3efdd7c8dd1e0c Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 16 Jun 2021 11:22:53 +0200 Subject: [PATCH 0305/1065] Documentation rewording Signed-off-by: TRodziewicz --- ChangeLog.d/issue4083.txt | 7 +++---- ...art_of_timing_module_out_of_the_library.md | 7 ++----- include/mbedtls/config.h | 3 +-- include/mbedtls/timing.h | 20 +------------------ library/timing.c | 19 ++++++++++++++++++ 5 files changed, 26 insertions(+), 30 deletions(-) diff --git a/ChangeLog.d/issue4083.txt b/ChangeLog.d/issue4083.txt index f3f7e31b01..845733702f 100644 --- a/ChangeLog.d/issue4083.txt +++ b/ChangeLog.d/issue4083.txt @@ -1,5 +1,4 @@ -Changes - * Remove the following functions: mbedtls_timing_self_test() and - mbedtls_hardclock_poll(). Move the following functions to the benchmark.c - file and make them static: mbedtls_timing_hardclock() and +Removals + * Remove the following functions: mbedtls_timing_self_test(), + mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and mbedtls_set_alarm(). Fixes #4083. diff --git a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md index f0b539c8f2..fa61e274bd 100644 --- a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md +++ b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md @@ -5,8 +5,5 @@ The change affects users who use any of the following functions: `mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`, `mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`. -This change is the first step of a plan of removal of the `timing.c` from the -library. The plan is to move all the timing functions to the `platform.c` file. - -For users who still need removed functions the migration path is to re-implement -them as a platform support code. +If you were relying on these functions, you'll now need to change to using your +platform's corresponding functions directly. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 74b82221de..4a98c5ddad 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1013,8 +1013,7 @@ /** * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES * - * Do not add default entropy sources. These are the platform specific - * poll function. + * Do not add default entropy sources in mbedtls_entropy_init(). * * This is useful to have more control over the added entropy sources in an * application. diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 9ea5c29669..5289889f98 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -63,25 +63,7 @@ typedef struct mbedtls_timing_delay_context extern volatile int mbedtls_timing_alarmed; -/** - * \brief Return the elapsed time in milliseconds - * - * \warning May change without notice - * - * \param val points to a timer structure - * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. - * - * \return Elapsed time since the previous reset in ms. When - * restarting, this is always 0. - * - * \note To initialize a timer, call this function with reset=1. - * - * Determining the elapsed time and resetting the timer is not - * atomic on all platforms, so after the sequence - * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = - * get_timer(0) }` the value time1+time2 is only approximately - * the delay since the first reset. - */ +/* Internal use */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); /** diff --git a/library/timing.c b/library/timing.c index d87d8b6cab..e6dfc72d18 100644 --- a/library/timing.c +++ b/library/timing.c @@ -83,6 +83,25 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int #else /* _WIN32 && !EFIX64 && !EFI32 */ +/** + * \brief Return the elapsed time in milliseconds + * + * \warning May change without notice + * + * \param val points to a timer structure + * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. + * + * \return Elapsed time since the previous reset in ms. When + * restarting, this is always 0. + * + * \note To initialize a timer, call this function with reset=1. + * + * Determining the elapsed time and resetting the timer is not + * atomic on all platforms, so after the sequence + * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = + * get_timer(0) }` the value time1+time2 is only approximately + * the delay since the first reset. + */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) { struct _hr_time *t = (struct _hr_time *) val; From bd513bb53d80276431161e5a64a2ae61740c4e68 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 26 May 2021 14:25:39 +0200 Subject: [PATCH 0306/1065] Enable multiple calls to mbedtls_gcm_update_ad. Signed-off-by: Mateusz Starzyk --- docs/3.0-migration-guide.d/gcm-multipart.md | 1 - include/mbedtls/gcm.h | 5 --- library/gcm.c | 48 +++++++++++++++++---- 3 files changed, 40 insertions(+), 14 deletions(-) diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md index 98e9fad2e1..ebc6397fa0 100644 --- a/docs/3.0-migration-guide.d/gcm-multipart.md +++ b/docs/3.0-migration-guide.d/gcm-multipart.md @@ -6,7 +6,6 @@ This changes the interface for applications using the GCM module directly for mu Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. -* The current implementation has a limitation that `mbedtls_gcm_update_ad()` may only be called once. This limitation will be lifted shortly; watch https://github.com/ARMmbed/mbedtls/issues/4351 for updates. * `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: * As long as the input remains block-aligned, the output length is exactly the input length, as before. * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index c8e384ad89..f3c30350de 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -246,11 +246,6 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * you do not need to call this function. You may not * call this function after calling mbedtls_cipher_update(). * - * \note This function may only be called once per operation: - * you must pass the whole associated data in a single - * call. This limitation will be lifted in a future version - * of Mbed TLS. - * * \param ctx The GCM context. This must have been started with * mbedtls_gcm_starts() and must not have yet received * any input with mbedtls_gcm_update(). diff --git a/library/gcm.c b/library/gcm.c index 2bd907115e..23b6ebb2fe 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -337,7 +337,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, const unsigned char *add, size_t add_len ) { const unsigned char *p; - size_t use_len, i; + size_t use_len, i, offset; GCM_VALIDATE_RET( add_len == 0 || add != NULL ); @@ -345,15 +345,31 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, if( (uint64_t) add_len >> 61 != 0 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); - /* Calling update_ad multiple times is not yet supported */ - if( ctx->add_len != 0 ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); - - ctx->add_len = add_len; + offset = ctx->add_len % 16; p = add; - while( add_len > 0 ) + + if (offset) { - use_len = ( add_len < 16 ) ? add_len : 16; + use_len = 16 - offset; + if( use_len > add_len ) + use_len = add_len; + + for (i = 0; i < use_len; i++) + ctx->buf[i+offset] ^= p[i]; + + if( offset + use_len == 16 ) + gcm_mult( ctx, ctx->buf, ctx->buf ); + + ctx->add_len += use_len; + add_len -= use_len; + p += use_len; + } + + ctx->add_len += add_len; + + while( add_len >= 16 ) + { + use_len = 16; for( i = 0; i < use_len; i++ ) ctx->buf[i] ^= p[i]; @@ -364,6 +380,12 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, p += use_len; } + if ( add_len > 0 ) + { + for( i = 0; i < add_len; i++ ) + ctx->buf[i] ^= p[i]; + } + return( 0 ); } @@ -442,6 +464,11 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, return( MBEDTLS_ERR_GCM_BAD_INPUT ); } + if ( ( ctx->len == 0 ) && ( ctx->add_len % 16 ) ) + { + gcm_mult( ctx, ctx->buf, ctx->buf ); + } + offset = ctx->len % 16; if( offset != 0 ) { @@ -507,6 +534,11 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; + if ( ( ctx->len == 0 ) && ( ctx->add_len % 16 ) ) + { + gcm_mult( ctx, ctx->buf, ctx->buf ); + } + if( tag_len > 16 || tag_len < 4 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); From 658f4fd6d8dbfab6f13c943ae12af2695f8b8c1f Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 26 May 2021 14:26:48 +0200 Subject: [PATCH 0307/1065] Cover multiple calls to mbedtls_gcm_update_ad in gcm test suite. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.function | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index a6b0a4c119..c7942f81a7 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -16,15 +16,19 @@ static int check_multipart( mbedtls_gcm_context *ctx, int ok = 0; uint8_t *output = NULL; size_t n2 = input->len - n1; + size_t n1_add = n1 < add->len ? add->len - n1 : add->len; + size_t n2_add = add->len - n1_add; size_t olen; /* Sanity checks on the test data */ TEST_ASSERT( n1 <= input->len ); + TEST_ASSERT( n1_add <= add->len ); TEST_EQUAL( input->len, expected_output->len ); TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) ); - TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, n1_add ) ); + TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x + n1_add, n2_add ) ); /* Allocate a tight buffer for each update call. This way, if the function * tries to write beyond the advertised required buffer size, this will From d6f673d710ea9db7d972c2a582a4ea0bbc1ead2c Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 12:49:55 +0200 Subject: [PATCH 0308/1065] Remove outdated note about multiple calls to cipher update for associated data. Signed-off-by: Mateusz Starzyk --- include/mbedtls/cipher.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 25e1d8d678..4989da7b58 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -732,8 +732,6 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); /** * \brief This function adds additional data for AEAD ciphers. * Currently supported with GCM and ChaCha20+Poly1305. - * This must be called exactly once, after - * mbedtls_cipher_reset(). * * \param ctx The generic cipher context. This must be initialized. * \param ad The additional data to use. This must be a readable From c1ec0b89596cdad8b5302233101a9296b4a29790 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 14:23:24 +0200 Subject: [PATCH 0309/1065] Add changelog entry for chunked associated data in GCM. Signed-off-by: Mateusz Starzyk --- ChangeLog.d/gcm-update.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt index 0fffd094d0..858bd0a734 100644 --- a/ChangeLog.d/gcm-update.txt +++ b/ChangeLog.d/gcm-update.txt @@ -15,3 +15,5 @@ Features * The multi-part GCM interface (mbedtls_gcm_update() or mbedtls_cipher_update()) no longer requires the size of partial inputs to be a multiple of 16. + * The multi-part GCM interface now supports chunked associated data through + multiple calls to mbedtls_gcm_update_ad(). From 333f48f40750769e6e3292c1d72a737278a6fcc4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 14:42:27 +0200 Subject: [PATCH 0310/1065] Fix code style. Signed-off-by: Mateusz Starzyk --- library/gcm.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index 23b6ebb2fe..a20a767415 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -348,7 +348,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, offset = ctx->add_len % 16; p = add; - if (offset) + if( offset != 0 ) { use_len = 16 - offset; if( use_len > add_len ) @@ -380,7 +380,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, p += use_len; } - if ( add_len > 0 ) + if( add_len > 0 ) { for( i = 0; i < add_len; i++ ) ctx->buf[i] ^= p[i]; @@ -464,7 +464,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, return( MBEDTLS_ERR_GCM_BAD_INPUT ); } - if ( ( ctx->len == 0 ) && ( ctx->add_len % 16 ) ) + if( ctx->len == 0 && ctx->add_len % 16 != 0 ) { gcm_mult( ctx, ctx->buf, ctx->buf ); } @@ -534,7 +534,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; - if ( ( ctx->len == 0 ) && ( ctx->add_len % 16 ) ) + if( ctx->len == 0 && ctx->add_len % 16 != 0 ) { gcm_mult( ctx, ctx->buf, ctx->buf ); } From b45b57eec673c1e9cd1920ef80279dd09095c18b Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 15:44:18 +0200 Subject: [PATCH 0311/1065] Add comment on how mbedtls_gcm_context::buf data depends on values of add_len and len. Signed-off-by: Mateusz Starzyk --- library/gcm.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/library/gcm.c b/library/gcm.c index a20a767415..01e12e69ca 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -332,7 +332,16 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, return( 0 ); } - +/** + * mbedtls_gcm_context::buf contains different data type, depending + * on the values of mbedtls_gcm_context::::add_len and + * mbedtls_gcm_context::len: + * * When add_len % 16 == 0 and len == 0: initial state. + * * When add_len % 16 != 0 and len == 0: the first `add_len % 16` bytes + * of buf have a partial AD block xored in and not yet multiplied in. + * * When len != 0: the first `add_len % 16` bytes of buf have partial + * ciphertext xored in and not yet multiplied in. + */ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, const unsigned char *add, size_t add_len ) { From 3443bd25702232a393172995f8aff5567817162d Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 7 Jun 2021 16:03:27 +0200 Subject: [PATCH 0312/1065] Add comment on exiting early from mbedtls_gcm_update(). Signed-off-by: Mateusz Starzyk --- library/gcm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/gcm.c b/library/gcm.c index 01e12e69ca..be72f99412 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -454,7 +454,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, *output_length = input_length; /* Exit early if input_length==0 so that we don't do any pointer arithmetic - * on a potentially null pointer. */ + * on a potentially null pointer. + * Returning early also means that the last partial block of AD remains + * untouched for mbedtls_gcm_finish */ if( input_length == 0 ) return( 0 ); From 25a571e0768ddcfbd7f712996d1144a445c68043 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 15 Jun 2021 13:22:42 +0200 Subject: [PATCH 0313/1065] Code style fix Signed-off-by: Mateusz Starzyk --- library/gcm.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index be72f99412..a3a3e48102 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -363,7 +363,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, if( use_len > add_len ) use_len = add_len; - for (i = 0; i < use_len; i++) + for ( i = 0; i < use_len; i++ ) ctx->buf[i+offset] ^= p[i]; if( offset + use_len == 16 ) @@ -378,15 +378,13 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, while( add_len >= 16 ) { - use_len = 16; - - for( i = 0; i < use_len; i++ ) + for( i = 0; i < 16; i++ ) ctx->buf[i] ^= p[i]; gcm_mult( ctx, ctx->buf, ctx->buf ); - add_len -= use_len; - p += use_len; + add_len -= 16; + p += 16; } if( add_len > 0 ) From 3d0bbeef0c15830177e13039ee433a5aae0242ee Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 15 Jun 2021 14:26:53 +0200 Subject: [PATCH 0314/1065] Reword description of the authentation tag computation stages Signed-off-by: Mateusz Starzyk --- library/gcm.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index a3a3e48102..02265ce897 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -333,14 +333,21 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, } /** - * mbedtls_gcm_context::buf contains different data type, depending - * on the values of mbedtls_gcm_context::::add_len and - * mbedtls_gcm_context::len: - * * When add_len % 16 == 0 and len == 0: initial state. - * * When add_len % 16 != 0 and len == 0: the first `add_len % 16` bytes - * of buf have a partial AD block xored in and not yet multiplied in. - * * When len != 0: the first `add_len % 16` bytes of buf have partial - * ciphertext xored in and not yet multiplied in. + * mbedtls_gcm_context::buf contains the partial state of the computation of + * the authentication tag. + * mbedtls_gcm_context::::add_len and mbedtls_gcm_context::len indicate + * differenet stages of the computation: + * * len == 0 && add_len == 0: initial state + * * len == 0 && add_len % 16 != 0: the first `add_len % 16` bytes have + * a partial block of AD that has been + * xored in but not yet multiplied in. + * * len == 0 && add_len % 16 == 0: the authentication tag is correct if + * the data ends now. + * * len % 16 != 0: the first `len % 16` bytes have + * a partial block of ciphertext that has + * been xored in but not yet multiplied in. + * * len > 0 && len % 16 == 0: the authentication tag is correct if + * the data ends now. */ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, const unsigned char *add, size_t add_len ) From af4ecddd4febb8c241e23cea0129911892816cd0 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 15 Jun 2021 15:29:48 +0200 Subject: [PATCH 0315/1065] Pass associated data split as check_multipart argument. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.function | 35 ++++++++++++++++++---------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index c7942f81a7..fc01b40337 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -11,12 +11,12 @@ static int check_multipart( mbedtls_gcm_context *ctx, const data_t *input, const data_t *expected_output, const data_t *tag, - size_t n1 ) + size_t n1, + size_t n1_add) { int ok = 0; uint8_t *output = NULL; size_t n2 = input->len - n1; - size_t n1_add = n1 < add->len ? add->len - n1 : add->len; size_t n2_add = add->len - n1_add; size_t olen; @@ -105,6 +105,7 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; size_t n1; + size_t n1_add; mbedtls_gcm_init( &ctx ); @@ -123,11 +124,16 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { mbedtls_test_set_step( n1 ); - if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_str, add_str, src_str, - dst, tag, - n1 ) ) - goto exit; + + for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1_add ); + if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, add_str, src_str, + dst, tag, + n1, n1_add ) ) + goto exit; + } } } @@ -148,6 +154,7 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, int ret; size_t tag_len = tag_len_bits / 8; size_t n1; + size_t n1_add; mbedtls_gcm_init( &ctx ); @@ -171,11 +178,15 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { mbedtls_test_set_step( n1 ); - if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT, - iv_str, add_str, src_str, - pt_result, tag_str, - n1 ) ) - goto exit; + for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1_add ); + if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, add_str, src_str, + pt_result, tag_str, + n1, n1_add ) ) + goto exit; + } } } } From 4076d3e9f3b46318a9eb5be1175c7dce2a6e605c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 1 Mar 2021 15:34:18 +0100 Subject: [PATCH 0316/1065] Implement one-shot MAC functions Implement one-shot MAC APIs, psa_mac_compute and psa_mac_verify, introduced in PSA Crypto API 1.0. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 61 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7921eb2313..a6697f6f40 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2444,7 +2444,68 @@ cleanup: return( status == PSA_SUCCESS ? abort_status : status ); } +psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + status = psa_mac_sign_setup( &operation, key, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_mac_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_mac_sign_finish( &operation, mac, mac_size, mac_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if ( status == PSA_SUCCESS ) + status = psa_mac_abort( &operation ); + else + psa_mac_abort( &operation ); + + return ( status ); +} + +psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + size_t mac_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + + status = psa_mac_verify_setup( &operation, key, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_mac_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_mac_verify_finish( &operation, mac, mac_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if ( status == PSA_SUCCESS ) + status = psa_mac_abort( &operation ); + else + psa_mac_abort( &operation ); + + return ( status ); +} /****************************************************************/ /* Asymmetric cryptography */ From 5f43f978f013381343d8084a5ce1ae633cf8d7e4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 11:41:23 +0100 Subject: [PATCH 0317/1065] Removes tests from ssl-opt.sh Commit removes tests from ssl-opt.sh that were specific to MBEDTLS_SSL_TRUNCATED_HMAC extention. Signed-off-by: Thomas Daubney --- tests/ssl-opt.sh | 190 ----------------------------------------------- 1 file changed, 190 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d1221112ae..89eece6f66 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1464,102 +1464,6 @@ run_test "DTLS: multiple records in same datagram, neither client nor server" -S "next record in same datagram" \ -C "next record in same datagram" -# Tests for Truncated HMAC extension - -run_test "Truncated HMAC: client default, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client disabled, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server disabled" \ - "$P_SRV debug_level=4 trunc_hmac=0" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client disabled, server enabled" \ - "$P_SRV debug_level=4 trunc_hmac=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server enabled" \ - "$P_SRV debug_level=4 trunc_hmac=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -S "dumping 'expected mac' (20 bytes)" \ - -s "dumping 'expected mac' (10 bytes)" - -run_test "Truncated HMAC, DTLS: client default, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client disabled, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server disabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client disabled, server enabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -S "dumping 'expected mac' (20 bytes)" \ - -s "dumping 'expected mac' (10 bytes)" - # Tests for Context serialization requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION @@ -5660,22 +5564,6 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ 0 \ -s "Read from client: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - run_test "Small client packet TLS 1.2 AEAD" \ "$P_SRV" \ "$P_CLI request_size=1 force_version=tls1_2 \ @@ -5708,24 +5596,6 @@ run_test "Small client packet DTLS 1.2, without EtM" \ 0 \ -s "Read from client: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -s "Read from client: 1 bytes read" - # Tests for small server packets run_test "Small server packet TLS 1.2 BlockCipher" \ @@ -5749,22 +5619,6 @@ run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ 0 \ -c "Read from server: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - run_test "Small server packet TLS 1.2 AEAD" \ "$P_SRV response_size=1" \ "$P_CLI force_version=tls1_2 \ @@ -5797,24 +5651,6 @@ run_test "Small server packet DTLS 1.2, without EtM" \ 0 \ -c "Read from server: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -c "Read from server: 1 bytes read" - # Test for large client packets # How many fragments do we expect to write $1 bytes? @@ -5845,23 +5681,6 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - run_test "Large client packet TLS 1.2 AEAD" \ "$P_SRV" \ "$P_CLI request_size=16384 force_version=tls1_2 \ @@ -5900,15 +5719,6 @@ run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ 0 \ -c "Read from server: 16384 bytes read" -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV response_size=16384 trunc_hmac=1" \ "$P_CLI force_version=tls1_2 \ From ce9e716a2bdc411df9d4bbf74d384d7013b527a6 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 14:04:25 +0100 Subject: [PATCH 0318/1065] Modifies tests in context-info.sh Commit modifies tests involving MBEDTLS_SSL_TRUNCATED_HMAC in the context-info.sh script. Signed-off-by: Thomas Daubney --- tests/context-info.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/context-info.sh b/tests/context-info.sh index e02d330841..88dfcaa5ea 100755 --- a/tests/context-info.sh +++ b/tests/context-info.sh @@ -210,7 +210,6 @@ run_test "Default configuration, server" \ -u "MBEDTLS_HAVE_TIME$" \ -u "MBEDTLS_X509_CRT_PARSE_C$" \ -u "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \ - -u "MBEDTLS_SSL_TRUNCATED_HMAC$" \ -u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -u "MBEDTLS_SSL_SESSION_TICKETS$" \ -u "MBEDTLS_SSL_SESSION_TICKETS and client$" \ @@ -233,7 +232,6 @@ run_test "Default configuration, client" \ -u "MBEDTLS_HAVE_TIME$" \ -u "MBEDTLS_X509_CRT_PARSE_C$" \ -u "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \ - -u "MBEDTLS_SSL_TRUNCATED_HMAC$" \ -u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -u "MBEDTLS_SSL_SESSION_TICKETS$" \ -u "MBEDTLS_SSL_SESSION_TICKETS and client$" \ @@ -339,7 +337,6 @@ run_test "Minimal configuration, server" \ "srv_min_cfg.txt" \ -n "ERROR" \ -n "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \ - -n "MBEDTLS_SSL_TRUNCATED_HMAC$" \ -n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -n "MBEDTLS_SSL_SESSION_TICKETS$" \ -n "MBEDTLS_SSL_SESSION_TICKETS and client$" \ @@ -350,7 +347,6 @@ run_test "Minimal configuration, client" \ "cli_min_cfg.txt" \ -n "ERROR" \ -n "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \ - -n "MBEDTLS_SSL_TRUNCATED_HMAC$" \ -n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -n "MBEDTLS_SSL_SESSION_TICKETS$" \ -n "MBEDTLS_SSL_SESSION_TICKETS and client$" \ From c46bf3c79c2a23d2f67f1a2d01dd980416f3286f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 14:15:21 +0100 Subject: [PATCH 0319/1065] Modifies tests in test_suite_ssl.function Commit removes conditional compilation code blocks relating to MBEDTLS_SSL_TRUNCATED_HMAC config option. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_ssl.function | 7 ------- 1 file changed, 7 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index c555d74a20..e175db277c 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1504,9 +1504,6 @@ static int ssl_populate_session( mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) session->mfl_code = 1; #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - session->trunc_hmac = 1; -#endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) session->encrypt_then_mac = 1; #endif @@ -4078,10 +4075,6 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) TEST_ASSERT( original.mfl_code == restored.mfl_code ); #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac ); -#endif - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac ); #endif From 22989d027a00f5c3a21dc2387fb6b4a559f127c9 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 15:34:28 +0100 Subject: [PATCH 0320/1065] Removes MBEDTLS_SSL_TRUNCATED_HMAC code from ssl programs Commit removes code dependent on MBEDTLS_SSL_TRUNCATED_HMAC from SSL client and sever example programs. Signed-off-by: Thomas Daubney --- programs/ssl/ssl_client2.c | 13 ------------- programs/ssl/ssl_server2.c | 13 ------------- 2 files changed, 26 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 98a3048685..ce9bcc302e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -235,13 +235,6 @@ int main( void ) #define USAGE_SRTP "" #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#define USAGE_TRUNC_HMAC \ - " trunc_hmac=%%d default: library default\n" -#else -#define USAGE_TRUNC_HMAC "" -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) #define USAGE_MAX_FRAG_LEN \ " max_frag_len=%%d default: 16384 (tls default)\n" \ @@ -394,7 +387,6 @@ int main( void ) USAGE_TICKETS \ USAGE_EAP_TLS \ USAGE_MAX_FRAG_LEN \ - USAGE_TRUNC_HMAC \ USAGE_CONTEXT_CRT_CB \ USAGE_ALPN \ USAGE_EMS \ @@ -1721,11 +1713,6 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_SSL_DTLS_SRTP */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); -#endif - #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) if( opt.extended_ms != DFL_EXTENDED_MS ) mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index de4eb6d87e..f0ca72f2ca 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -334,13 +334,6 @@ int main( void ) #define USAGE_MAX_FRAG_LEN "" #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#define USAGE_TRUNC_HMAC \ - " trunc_hmac=%%d default: library default\n" -#else -#define USAGE_TRUNC_HMAC "" -#endif - #if defined(MBEDTLS_SSL_ALPN) #define USAGE_ALPN \ " alpn=%%s default: \"\" (disabled)\n" \ @@ -487,7 +480,6 @@ int main( void ) USAGE_NSS_KEYLOG_FILE \ USAGE_CACHE \ USAGE_MAX_FRAG_LEN \ - USAGE_TRUNC_HMAC \ USAGE_ALPN \ USAGE_EMS \ USAGE_ETM \ @@ -2506,11 +2498,6 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_SSL_DTLS_SRTP */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); -#endif - #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) if( opt.extended_ms != DFL_EXTENDED_MS ) mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); From 909d3bfa432c2c26834d9e9ba3e9373df0eddc65 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 15:37:45 +0100 Subject: [PATCH 0321/1065] Removes MBEDTLS_SSL_TRUNCATED_HMAC code from fuzz programs Commit removes conditional compilation code blocks dependent on MBEDTLS_SSL_TRUNCATED_HMAC config option. Signed-off-by: Thomas Daubney --- programs/fuzz/fuzz_client.c | 3 --- programs/fuzz/fuzz_server.c | 3 --- 2 files changed, 6 deletions(-) diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index cbd9483f8e..ab2d134948 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -102,9 +102,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { { mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); } -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); -#endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index 5480e3e876..e3bee2b65a 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -127,9 +127,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { &ticket_ctx ); } #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); -#endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif From 40d49b1e54c7447354e498af5dd22ab1e7880ad5 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 15:46:45 +0100 Subject: [PATCH 0322/1065] Removes truncated HMAC code from ssl_context_info program Commit removes conditional compilation block which depends on MBEDTLS_SSL_TRUNCATED_HMAC config option. Signed-off-by: Thomas Daubney --- programs/ssl/ssl_context_info.c | 1 - 1 file changed, 1 deletion(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index b360991152..a8a815235d 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -868,7 +868,6 @@ void print_deserialized_ssl_context( const uint8_t *ssl, size_t len ) print_if_bit( "MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag ); From 32fb900eee9b69abddbbe4a6115f0193858fffe6 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 14 Jun 2021 17:25:08 +0100 Subject: [PATCH 0323/1065] Removes truncated HMAC code from ssl_tls.c Removes conditional code compilation blocks and code paths relating to the MBEDTLS_SSL_TRUNCATED_HMAC config option. Signed-off-by: Thomas Daubney --- library/ssl_tls.c | 46 ---------------------------------------------- 1 file changed, 46 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5c1bc32078..eb5d9db1ce 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -672,9 +672,6 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int trunc_hmac, -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], @@ -845,18 +842,6 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, mac_key_len = mbedtls_md_get_size( md_info ); transform->maclen = mac_key_len; -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - /* - * If HMAC is to be truncated, we shall keep the leftmost bytes, - * (rfc 6066 page 13 or rfc 2104 section 4), - * so we only need to adjust the length here. - */ - if( trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - { - transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; - } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - /* IV length */ transform->ivlen = cipher_info->iv_size; @@ -1368,9 +1353,6 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session_negotiate->encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session_negotiate->trunc_hmac, -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl->handshake->tls_prf, ssl->handshake->randbytes, @@ -4138,13 +4120,6 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) -{ - conf->trunc_hmac = truncate; -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) { conf->allow_legacy_renegotiation = allow_legacy; @@ -4519,11 +4494,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co #define SSL_SERIALIZED_SESSION_CONFIG_MFL 0 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 1 -#else #define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0 -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #define SSL_SERIALIZED_SESSION_CONFIG_ETM 1 @@ -4766,13 +4737,6 @@ static int ssl_session_save( const mbedtls_ssl_session *session, *p++ = session->mfl_code; #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - used += 1; - - if( used <= buf_len ) - *p++ = (unsigned char)( ( session->trunc_hmac ) & 0xFF ); -#endif - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) used += 1; @@ -5008,13 +4972,6 @@ static int ssl_session_load( mbedtls_ssl_session *session, session->mfl_code = *p++; #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - session->trunc_hmac = *p++; -#endif - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( 1 > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -5831,9 +5788,6 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session->encrypt_then_mac, #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session->trunc_hmac, -#endif #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls12prf_from_cs( ssl->session->ciphersuite ), p, /* currently pointing to randbytes */ From e1c9a40bc41e8b868847879b111cce447419a882 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 15 Jun 2021 11:26:43 +0100 Subject: [PATCH 0324/1065] Removes truncated HMAC code from ssl_X.c Removes conditional code blocks relating to MBEDTLS_SSL_TRUNCATED_HMAC from ssl_cli.c and ssl_srv.c. Signed-off-by: Thomas Daubney --- library/ssl_cli.c | 78 ----------------------------------------------- library/ssl_srv.c | 64 +------------------------------------- 2 files changed, 1 insertion(+), 141 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9a441385d2..30e64c4843 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -559,36 +559,6 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) -{ - unsigned char *p = buf; - - *olen = 0; - - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding truncated_hmac extension" ) ); - - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -1304,16 +1274,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( ( ret = ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_truncated_hmac_ext", ret ); - return( ret ); - } - ext_len += olen; -#endif - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( ( ret = ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, end, &olen ) ) != 0 ) @@ -1479,31 +1439,6 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching truncated HMAC extension" ) ); - mbedtls_ssl_send_alert_message( - ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ((void) buf); - - ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -2346,19 +2281,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); - - if( ( ret = ssl_parse_truncated_hmac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 29569d176e..47151298d4 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -543,28 +543,6 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ((void) buf); - - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1703,16 +1681,6 @@ read_record_header: break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); - - ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) case MBEDTLS_TLS_EXT_CID: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); @@ -1721,7 +1689,7 @@ read_record_header: if( ret != 0 ) return( ret ); break; -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: @@ -1967,31 +1935,6 @@ have_ciphersuite: return( 0 ); } -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -2654,11 +2597,6 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; From d7171e9f59b5648b2ae9d0e96f84022fd7e5bc3b Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 15 Jun 2021 12:43:45 +0100 Subject: [PATCH 0325/1065] Removes truncated HMAC code from ssl.h Commit removes conditionally compiled code relating to MBEDTLS_SSL_TRUNCATED_HMAC from ssl.h. Signed-off-by: Thomas Daubney --- include/mbedtls/ssl.h | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b2f5c67a2d..a93a32588e 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -956,10 +956,6 @@ struct mbedtls_ssl_session unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int MBEDTLS_PRIVATE(trunc_hmac); /*!< flag for truncated hmac activation */ -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */ #endif @@ -1180,9 +1176,6 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_RENEGOTIATION) unsigned int MBEDTLS_PRIVATE(disable_renegotiation) : 1; /*!< disable renegotiation? */ #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - unsigned int MBEDTLS_PRIVATE(trunc_hmac) : 1; /*!< negotiate truncated hmac? */ -#endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) unsigned int MBEDTLS_PRIVATE(session_tickets) : 1; /*!< use session tickets? */ #endif @@ -3315,18 +3308,6 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order ); #endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -/** - * \brief Activate negotiation of truncated HMAC - * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) - * - * \param conf SSL configuration - * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or - * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) - */ -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) /** * \brief Enable / Disable session tickets (client only). From 4a7010d1aaae937dfa328ef253d70d04b3b260ff Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 15 Jun 2021 12:54:14 +0100 Subject: [PATCH 0326/1065] Removes MBEDTLS_SSL_TRUNCATED_HMAC config option Commit removes the MBEDTLS_SSL_TRUNCATED_HMAC config option from config.h and places a check that it is unset in check_config.h. Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 4 ++++ include/mbedtls/config.h | 9 --------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 90dee6c1af..b0d61a3fa7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -837,6 +837,10 @@ #error "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4335" #endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) //no-check-names +#error "MBEDTLS_SSL_TRUNCATED_HMAC was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4341" +#endif + /* * Avoid warning from -pedantic. This is a convenient place for this * workaround since this is included by every single file before the diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 16f8f8b350..2b4976de70 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1648,15 +1648,6 @@ */ #define MBEDTLS_SSL_SERVER_NAME_INDICATION -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - /** * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH * From 22ecf49e9a577cb3ad3a64dbc337b26917039a3d Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 15 Jun 2021 13:04:11 +0100 Subject: [PATCH 0327/1065] Adds ChangeLog entry Commit adds ChangeLog entry for removal of MBEDTLS_SSL_TRUNCATED_HMAC. Signed-off-by: Thomas Daubney --- ChangeLog.d/rm-truncated-hmac-ext.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/rm-truncated-hmac-ext.txt diff --git a/ChangeLog.d/rm-truncated-hmac-ext.txt b/ChangeLog.d/rm-truncated-hmac-ext.txt new file mode 100644 index 0000000000..e3391f885d --- /dev/null +++ b/ChangeLog.d/rm-truncated-hmac-ext.txt @@ -0,0 +1,3 @@ +Removals + * Remove MBEDTLS_SSL_TRUNCATED_HMAC config option since it is no longer + supported in 3.0. Addresses #4341. From ab4ecfcc2c01cbf178dd0d4b3cf21e1b7573761f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 17 Jun 2021 05:12:16 +0100 Subject: [PATCH 0328/1065] Improve wording of documentation of new session resumption API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6fa380d499..1e8976ed14 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2386,8 +2386,8 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, * to reject any attempt for resumption and fall back to * a full handshake. * - * \note The mechanism of session resumption is opaque to this - * call: For TLS 1.2, both session ID-based resumption and + * \note This function can handle a variety of mechanisms for session + * resumption: For TLS 1.2, both session ID-based resumption and * ticket-based resumption will be considered. For TLS 1.3, * once implemented, sessions equate to tickets, and loading * one or more sessions via this call will lead to their @@ -3718,8 +3718,8 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss * This must have been initialized with mbedtls_ssl_init_session() * but otherwise be unused. * - * \note The mechanism of session resumption is opaque to this - * call: For TLS 1.2, both session ID-based resumption and + * \note This function can handle a variety of mechanism for session + * resumption: For TLS 1.2, both session ID-based resumption and * ticket-based resumption will be considered. For TLS 1.3, * once implemented, sessions equate to tickets, and calling * this function multiple times will export the available From ad5390fc4f2f7274b0311f5398b9bd4cdd89d49b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0329/1065] Clarify that RNG parameters are mandatory in SSL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit No change here, these were already mandatory, it just wasn't explicit in the documentation. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ssl.h | 2 +- include/mbedtls/ssl_ticket.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b2f5c67a2d..8c442871b6 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1535,7 +1535,7 @@ void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, * \brief Set the random number generator callback * * \param conf SSL configuration - * \param f_rng RNG function + * \param f_rng RNG function (mandatory) * \param p_rng RNG parameter */ void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 871eec3791..1047dbb0d4 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -90,7 +90,7 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); * \brief Prepare context to be actually used * * \param ctx Context to be set up - * \param f_rng RNG callback function + * \param f_rng RNG callback function (mandatory) * \param p_rng RNG callback context * \param cipher AEAD cipher to use for ticket protection. * Recommended value: MBEDTLS_CIPHER_AES_256_GCM. From c305b72ed1d54955b81a5a8ad402cc5c05cdacdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0330/1065] Make RNG parameters mandatory in X.509 functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not adding a check in the code here, as this will be checked by the lower-level modules. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/x509_crt.h | 14 ++++---------- include/mbedtls/x509_csr.h | 14 ++++---------- 2 files changed, 8 insertions(+), 20 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index d383168d25..5c5509c794 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -1108,16 +1108,13 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); * \param ctx certificate to write away * \param buf buffer to write to * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) + * \param f_rng RNG function. This must not be \c NULL. * \param p_rng RNG parameter * * \return length of data written if successful, or a specific * error code * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. + * \note \p f_rng is used for the signature operation. */ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), @@ -1130,15 +1127,12 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, * \param ctx certificate to write away * \param buf buffer to write to * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) + * \param f_rng RNG function. This must not be \c NULL. * \param p_rng RNG parameter * * \return 0 if successful, or a specific error code * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. + * \note \p f_rng is used for the signature operation. */ int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 0a069df932..a0f1278e2a 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -264,16 +264,13 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); * \param ctx CSR to write away * \param buf buffer to write to * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) + * \param f_rng RNG function. This must not be \c NULL. * \param p_rng RNG parameter * * \return length of data written if successful, or a specific * error code * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. + * \note \p f_rng is used for the signature operation. */ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), @@ -287,15 +284,12 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s * \param ctx CSR to write away * \param buf buffer to write to * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) + * \param f_rng RNG function. This must not be \c NULL. * \param p_rng RNG parameter * * \return 0 if successful, or a specific error code * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. + * \note \p f_rng is used for the signature operation. */ int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), From 34d3756457c4787e9194b408968950c4e18e9041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0331/1065] Make RNG parameters mandatory in PK functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Again, no check here, will be checked by lower-level modules. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/pk.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 85bf7c906a..36af5d98d0 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -498,7 +498,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * given the key type. * \param sig_len On successful return, * the number of bytes written to \p sig. - * \param f_rng RNG function + * \param f_rng RNG function, must not be \c NULL. * \param p_rng RNG parameter * * \return 0 on success, or a specific error code. @@ -538,7 +538,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * given the key type. * \param sig_len On successful return, * the number of bytes written to \p sig. - * \param f_rng RNG function + * \param f_rng RNG function, must not be \c NULL. * \param p_rng RNG parameter * \param rs_ctx Restart context (NULL to disable restart) * @@ -563,7 +563,7 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, * \param output Decrypted output * \param olen Decrypted message length * \param osize Size of the output buffer - * \param f_rng RNG function + * \param f_rng RNG function, must not be \c NULL. * \param p_rng RNG parameter * * \note For RSA keys, the default padding type is PKCS#1 v1.5. @@ -584,9 +584,11 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, * \param output Encrypted output * \param olen Encrypted output length * \param osize Size of the output buffer - * \param f_rng RNG function + * \param f_rng RNG function, must not be \c NULL. * \param p_rng RNG parameter * + * \note \p f_rng is used for padding generation. + * * \note For RSA keys, the default padding type is PKCS#1 v1.5. * * \return 0 on success, or a specific error code. From f0359040604503f63f01fcb3ccdc3f147eae82bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0332/1065] Check for mandatory RNG parameters in RSA private MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (This commit is best reviewed using `git show -b` as indentation levels have changed.) The documentation already states that the RNG parameter is mandatory, since PRs #4488 and #4515. There are several families of functions to consider here: - private-key operations (sign, decrypt) all call mbedtls_rsa_private() where this commit adds a non-NULL check; - encrypt operations need an RNG for masking/padding and already had a non-NULL check since #4515 (conditional on \p mode before that) - verify operations no longer take an RNG parameter since #4515 So, after this commit, all RSA functions that accept an RNG will reach a non-NULL check before the RNG is used. Signed-off-by: Manuel Pégourié-Gonnard --- library/rsa.c | 121 +++++++++++++++++++++++--------------------------- 1 file changed, 56 insertions(+), 65 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index f7274eab1a..d4e63b65cd 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -929,8 +929,11 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, RSA_VALIDATE_RET( input != NULL ); RSA_VALIDATE_RET( output != NULL ); - if( rsa_check_context( ctx, 1 /* private key checks */, - f_rng != NULL /* blinding y/n */ ) != 0 ) + if( f_rng == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + if( rsa_check_context( ctx, 1 /* private key checks */, + 1 /* blinding on */ ) != 0 ) { return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } @@ -947,15 +950,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &R ); - if( f_rng != NULL ) - { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_init( &D_blind ); + mbedtls_mpi_init( &D_blind ); #else - mbedtls_mpi_init( &DP_blind ); - mbedtls_mpi_init( &DQ_blind ); + mbedtls_mpi_init( &DP_blind ); + mbedtls_mpi_init( &DQ_blind ); #endif - } #if !defined(MBEDTLS_RSA_NO_CRT) mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ ); @@ -975,57 +975,54 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) ); - if( f_rng != NULL ) - { - /* - * Blinding - * T = T * Vi mod N - */ - MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); + /* + * Blinding + * T = T * Vi mod N + */ + MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); - /* - * Exponent blinding - */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + /* + * Exponent blinding + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); #if defined(MBEDTLS_RSA_NO_CRT) - /* - * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D - */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) ); + /* + * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, + f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) ); - D = &D_blind; + D = &D_blind; #else - /* - * DP_blind = ( P - 1 ) * R + DP - */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind, - &ctx->DP ) ); + /* + * DP_blind = ( P - 1 ) * R + DP + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, + f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind, + &ctx->DP ) ); - DP = &DP_blind; + DP = &DP_blind; - /* - * DQ_blind = ( Q - 1 ) * R + DQ - */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind, - &ctx->DQ ) ); + /* + * DQ_blind = ( Q - 1 ) * R + DQ + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, + f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind, + &ctx->DQ ) ); - DQ = &DQ_blind; + DQ = &DQ_blind; #endif /* MBEDTLS_RSA_NO_CRT */ - } #if defined(MBEDTLS_RSA_NO_CRT) MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) ); @@ -1054,15 +1051,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) ); #endif /* MBEDTLS_RSA_NO_CRT */ - if( f_rng != NULL ) - { - /* - * Unblind - * T = T * Vf mod N - */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); - } + /* + * Unblind + * T = T * Vf mod N + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); /* Verify the result to prevent glitching attacks. */ MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E, @@ -1086,15 +1080,12 @@ cleanup: mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &R ); - if( f_rng != NULL ) - { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &D_blind ); + mbedtls_mpi_free( &D_blind ); #else - mbedtls_mpi_free( &DP_blind ); - mbedtls_mpi_free( &DQ_blind ); + mbedtls_mpi_free( &DP_blind ); + mbedtls_mpi_free( &DQ_blind ); #endif - } mbedtls_mpi_free( &T ); From 1a87722bb69540bbb621a42f54c5cb4302b01bd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0333/1065] Make RNG parameters mandatory in DHM functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/dhm.h | 8 ++++---- library/dhm.c | 21 ++++++++------------- tests/suites/test_suite_dhm.function | 10 ++++++++-- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index e8c8a82f50..850813e376 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -279,10 +279,10 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, * \param output_size The size of the destination buffer. This must be at * least the size of \c ctx->len (the size of \c P). * \param olen On exit, holds the actual number of Bytes written. - * \param f_rng The RNG function, for blinding purposes. This may - * b \c NULL if blinding isn't needed. - * \param p_rng The RNG context. This may be \c NULL if \p f_rng - * doesn't need a context argument. + * \param f_rng The RNG function. Must not be \c NULL. Used for + * blinding. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. diff --git a/library/dhm.c b/library/dhm.c index e88f3a2c73..29ce75598c 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -444,6 +444,9 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, DHM_VALIDATE_RET( output != NULL ); DHM_VALIDATE_RET( olen != NULL ); + if( f_rng == NULL ) + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if( output_size < mbedtls_dhm_get_len( ctx ) ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); @@ -453,25 +456,17 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, mbedtls_mpi_init( &GYb ); /* Blind peer's value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); - } - else - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) ); + MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); /* Do modular exponentiation */ MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X, &ctx->P, &ctx->RP ) ); /* Unblind secret value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); - } + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); /* Output the secret without any leading zero byte. This is mandatory * for TLS per RFC 5246 §8.1.2. */ diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 62e634a7f7..5286bc7b86 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -150,7 +150,10 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, &sec_srv_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), + &sec_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( sec_srv_len == sec_cli_len ); TEST_ASSERT( sec_srv_len != 0 ); @@ -206,7 +209,10 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, &sec_srv_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), + &sec_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( sec_srv_len == sec_cli_len ); TEST_ASSERT( sec_srv_len != 0 ); From 7861ecf8384e6d3eb75568b113cb5de2c56fb06d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0334/1065] Make RNG parameters mandatory in ECDH functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Again, no check in the code - will be checked by ECP Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ecdh.h | 8 ++------ tests/suites/test_suite_ecdh.function | 24 ++++++++++++++++++------ 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 2a0980b39c..587035aad5 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -222,10 +222,7 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp * This must be initialized. * \param d Our secret exponent (private key). * This must be initialized. - * \param f_rng The RNG function. This may be \c NULL if randomization - * of intermediate results during the ECP computations is - * not needed (discouraged). See the documentation of - * mbedtls_ecp_mul() for more. + * \param f_rng The RNG function to use. This must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't need a * context argument. @@ -428,8 +425,7 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, * \param buf The buffer to write the generated shared key to. This * must be a writable buffer of size \p blen Bytes. * \param blen The length of the destination buffer \p buf in Bytes. - * \param f_rng The RNG function, for blinding purposes. This may - * b \c NULL if blinding isn't needed. + * \param f_rng The RNG function to use. This must not be \c NULL. * \param p_rng The RNG context. This may be \c NULL if \p f_rng * doesn't need a context argument. * diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 6e8459dcb3..94030d89d3 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -85,7 +85,8 @@ void ecdh_primitive_random( int id ) &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, - NULL, NULL ) == 0 ); + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 ); @@ -106,11 +107,13 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, mbedtls_ecp_point qA, qB; mbedtls_mpi dA, dB, zA, zB, check; mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B; + mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB ); mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check ); + memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); @@ -169,9 +172,13 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 ); exit: @@ -215,7 +222,8 @@ void ecdh_exchange( int id ) &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000, - NULL, NULL ) == 0 ); + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ) == 0 ); TEST_ASSERT( len == res_len ); TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 ); @@ -235,12 +243,14 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, const unsigned char *vbuf; size_t len; mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B; + mbedtls_test_rnd_pseudo_info rnd_info; int cnt_restart; mbedtls_ecp_group grp; mbedtls_ecp_group_init( &grp ); mbedtls_ecdh_init( &srv ); mbedtls_ecdh_init( &cli ); + memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info_A.fallback_p_rng = NULL; @@ -315,7 +325,8 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, cnt_restart = 0; do { ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ), - NULL, NULL ); + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -332,7 +343,8 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, cnt_restart = 0; do { ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ), - NULL, NULL ); + &mbedtls_test_rnd_pseudo_rand, + &rnd_info ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); From aa3ed6f9872e3def71a557a940ab6f81364f274b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0335/1065] Make RNG parameters mandatory in ECP functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix trivial faulty calls in ECP test suite and ECP/ECJPAKE self-tests (by adding a dummy RNG). Several tests suites are not passing yet, as a couple of library function do call ecp_mul() with a NULL RNG. The complexity of the fixes range from "simple refactoring" to "requires API changes", so these will be addressed in separate commits. This makes the option MBEDTLS_ECP_NO_INTERNAL_RNG, as well as the whole "internal RNG" code, obsolete. This will be addressed in a future commit, after getting the test suites to pass again. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ecp.h | 23 +++++++-------------- library/ecjpake.c | 26 +++++++++++++++++++++-- library/ecp.c | 31 +++++++++++++++++++++++++--- tests/suites/test_suite_ecp.function | 23 ++++++++++++++------- 4 files changed, 76 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 49e85d9419..f203a7b25e 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -911,15 +911,8 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, * \note To prevent timing attacks, this function * executes the exact same sequence of base-field * operations for any valid \p m. It avoids any if-branch or - * array index depending on the value of \p m. - * - * \note If \p f_rng is not NULL, it is used to randomize - * intermediate results to prevent potential timing attacks - * targeting these results. We recommend always providing - * a non-NULL \p f_rng. The overhead is negligible. - * Note: unless #MBEDTLS_ECP_NO_INTERNAL_RNG is defined, when - * \p f_rng is NULL, an internal RNG (seeded from the value - * of \p m) will be used instead. + * array index depending on the value of \p m. If also uses + * \p f_rng to randomize some intermediate results. * * \param grp The ECP group to use. * This must be initialized and have group parameters @@ -928,9 +921,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, * This must be initialized. * \param m The integer by which to multiply. This must be initialized. * \param P The point to multiply. This must be initialized. - * \param f_rng The RNG function. This may be \c NULL if randomization - * of intermediate results isn't desired (discouraged). - * \param p_rng The RNG context to be passed to \p p_rng. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c + * NULL if \p f_rng doesn't need a context. * * \return \c 0 on success. * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private @@ -959,9 +952,9 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * This must be initialized. * \param m The integer by which to multiply. This must be initialized. * \param P The point to multiply. This must be initialized. - * \param f_rng The RNG function. This may be \c NULL if randomization - * of intermediate results isn't desired (discouraged). - * \param p_rng The RNG context to be passed to \p p_rng. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c + * NULL if \p f_rng doesn't need a context. * \param rs_ctx The restart context (NULL disables restart). * * \return \c 0 on success. diff --git a/library/ecjpake.c b/library/ecjpake.c index de43ddb703..d229311420 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -962,6 +962,28 @@ static const unsigned char ecjpake_test_pms[] = { 0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51 }; +/* + * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!! + * + * This is the linear congruential generator from numerical recipes, + * except we only use the low byte as the output. See + * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use + */ +static int self_test_rng( void *ctx, unsigned char *out, size_t len ) +{ + static uint32_t state = 42; + + (void) ctx; + + for( size_t i = 0; i < len; i++ ) + { + state = state * 1664525u + 1013904223u; + out[i] = (unsigned char) state; + } + + return( 0 ); +} + /* Load my private keys and generate the corresponding public keys */ static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, const unsigned char *xm1, size_t len1, @@ -972,9 +994,9 @@ static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1, - &ctx->grp.G, NULL, NULL ) ); + &ctx->grp.G, self_test_rng, NULL ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2, - &ctx->grp.G, NULL, NULL ) ); + &ctx->grp.G, self_test_rng, NULL ) ); cleanup: return( ret ); diff --git a/library/ecp.c b/library/ecp.c index 044bbe1d10..873b4c839e 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2684,6 +2684,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, ECP_VALIDATE_RET( m != NULL ); ECP_VALIDATE_RET( P != NULL ); + if( f_rng == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + #if defined(MBEDTLS_ECP_RESTARTABLE) /* reset ops count for this call if top-level */ if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) @@ -3315,6 +3318,28 @@ cleanup: #if defined(MBEDTLS_SELF_TEST) +/* + * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!! + * + * This is the linear congruential generator from numerical recipes, + * except we only use the low byte as the output. See + * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use + */ +static int self_test_rng( void *ctx, unsigned char *out, size_t len ) +{ + static uint32_t state = 42; + + (void) ctx; + + for( size_t i = 0; i < len; i++ ) + { + state = state * 1664525u + 1013904223u; + out[i] = (unsigned char) state; + } + + return( 0 ); +} + /* Adjust the exponent to be a valid private point for the specified curve. * This is sometimes necessary because we use a single set of exponents * for all curves but the validity of values depends on the curve. */ @@ -3370,7 +3395,7 @@ static int self_test_point( int verbose, MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) ); MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) ); for( i = 1; i < n_exponents; i++ ) { @@ -3383,7 +3408,7 @@ static int self_test_point( int verbose, MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) ); MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) ); if( add_count != add_c_prev || dbl_count != dbl_c_prev || @@ -3461,7 +3486,7 @@ int mbedtls_ecp_self_test( int verbose ) mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " ); /* Do a dummy multiplication first to trigger precomputation */ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, self_test_rng, NULL ) ); ret = self_test_point( verbose, &grp, &R, &m, &grp.G, sw_exponents, diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index f2b6376141..e820067a72 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -124,12 +124,14 @@ void ecp_test_vect_restart( int id, mbedtls_mpi dA, xA, yA, dB, xZ, yZ; int cnt_restarts; int ret; + mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_restart_init( &ctx ); mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P ); mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ ); + memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); @@ -147,7 +149,8 @@ void ecp_test_vect_restart( int id, cnt_restarts = 0; do { ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx ); + ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); TEST_ASSERT( ret == 0 ); @@ -162,7 +165,8 @@ void ecp_test_vect_restart( int id, cnt_restarts = 0; do { ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); + ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, + &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); TEST_ASSERT( ret == 0 ); @@ -176,7 +180,8 @@ void ecp_test_vect_restart( int id, * This test only makes sense when we actually restart */ if( min_restarts > 0 ) { - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); + ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, + &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } @@ -294,12 +299,14 @@ void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str, TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); @@ -351,11 +358,13 @@ void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex, TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); From 75525aec527bc9d3bba2cd3214c3c8fc2d9961af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0336/1065] Fix mbedtls_ecp_muladd() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It was indirectly calling ecp_mul() without an RNG. That's actually the rare case where this should be allowed, as ecp_muladd() is typically used on non-secret data (to verify signatures or ZKPs) and documented as not being constant-time. Refactor a bit in order to keep the ability to call ecp_mul() without a RNG, but not exposed publicly (except though muladd). Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 873b4c839e..bd560b5742 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2669,8 +2669,11 @@ cleanup: /* * Restartable multiplication R = m * P + * + * This internal function can be called without an RNG in case where we know + * the inputs are not sensitive. */ -int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, +static int ecp_mul_restartable_internal( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) @@ -2679,13 +2682,6 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - - if( f_rng == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); #if defined(MBEDTLS_ECP_RESTARTABLE) /* reset ops count for this call if top-level */ @@ -2738,6 +2734,25 @@ cleanup: return( ret ); } +/* + * Restartable multiplication R = m * P + */ +int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) +{ + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( R != NULL ); + ECP_VALIDATE_RET( m != NULL ); + ECP_VALIDATE_RET( P != NULL ); + + if( f_rng == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + return( ecp_mul_restartable_internal( grp, R, m, P, f_rng, p_rng, rs_ctx ) ); +} + /* * Multiplication R = m * P */ @@ -2831,8 +2846,8 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, } else { - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P, - NULL, NULL, rs_ctx ) ); + MBEDTLS_MPI_CHK( ecp_mul_restartable_internal( grp, R, m, P, + NULL, NULL, rs_ctx ) ); } cleanup: From f8c24bf507089b5e90721cb59be399d359459411 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0337/1065] Fix signature of check_pub_priv MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/ecp.h | 8 ++++++-- library/ecp.c | 6 ++++-- tests/suites/test_suite_ecp.function | 5 ++++- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index f203a7b25e..75ad8087d4 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1258,14 +1258,18 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, * part is ignored. * \param prv The keypair structure holding the full keypair. * This must be initialized. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c + * NULL if \p f_rng doesn't need a context. * * \return \c 0 on success, meaning that the keys are valid and match. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the keys are invalid or do not match. * \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX * error code on calculation failure. */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, - const mbedtls_ecp_keypair *prv ); +int mbedtls_ecp_check_pub_priv( + const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/ecp.c b/library/ecp.c index bd560b5742..1a78a8f32d 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3290,7 +3290,9 @@ cleanup: /* * Check a public-private key pair */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) +int mbedtls_ecp_check_pub_priv( + const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Q; @@ -3314,7 +3316,7 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ec mbedtls_ecp_group_copy( &grp, &prv->grp ); /* Also checks d is valid */ - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, f_rng, p_rng ) ); if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) || mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) || diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index e820067a72..d795fe2146 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -776,9 +776,11 @@ void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub, int ret ) { mbedtls_ecp_keypair pub, prv; + mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_keypair_init( &pub ); mbedtls_ecp_keypair_init( &prv ); + memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); if( id_pub != MBEDTLS_ECP_DP_NONE ) TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 ); @@ -789,7 +791,8 @@ void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub, TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret ); + TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv, + &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); exit: mbedtls_ecp_keypair_free( &pub ); From 39be1410fdad87998cc345a6b808410ded100dd8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0338/1065] Add RNG parameter to check_pair functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - mbedtls_ecp_check_pub_priv() because it calls ecp_mul() - mbedtls_pk_check_pair() because it calls the former Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/pk.h | 7 ++++++- library/pk.c | 10 ++++++++-- library/pk_wrap.c | 19 ++++++++++++++----- library/pk_wrap.h | 4 +++- programs/x509/cert_write.c | 3 ++- tests/suites/test_suite_pk.function | 11 ++++++++--- 6 files changed, 41 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 36af5d98d0..5c7b2f646b 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -603,6 +603,8 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, * * \param pub Context holding a public key. * \param prv Context holding a private (and public) key. + * \param f_rng RNG function, must not be \c NULL. + * \param p_rng RNG parameter * * \return \c 0 on success (keys were checked and match each other). * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not @@ -610,7 +612,10 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. * \return Another non-zero value if the keys do not match. */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); +int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Export debug information diff --git a/library/pk.c b/library/pk.c index 06021e26c0..275d34bb1b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -500,7 +500,10 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, /* * Check public-private key pair */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) +int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { PK_VALIDATE_RET( pub != NULL ); PK_VALIDATE_RET( prv != NULL ); @@ -511,6 +514,9 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } + if( f_rng == NULL ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if( prv->pk_info->check_pair_func == NULL ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); @@ -525,7 +531,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); } - return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) ); + return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx, f_rng, p_rng ) ); } /* diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 7c317c52d3..864e495b3c 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -154,8 +154,12 @@ static int rsa_encrypt_wrap( void *ctx, ilen, input, output ) ); } -static int rsa_check_pair_wrap( const void *pub, const void *prv ) +static int rsa_check_pair_wrap( const void *pub, const void *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { + (void) f_rng; + (void) p_rng; return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, (const mbedtls_rsa_context *) prv ) ); } @@ -388,10 +392,13 @@ cleanup: #endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C */ -static int eckey_check_pair( const void *pub, const void *prv ) +static int eckey_check_pair( const void *pub, const void *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, - (const mbedtls_ecp_keypair *) prv ) ); + (const mbedtls_ecp_keypair *) prv, + f_rng, p_rng ) ); } static void *eckey_alloc_wrap( void ) @@ -799,7 +806,9 @@ static int rsa_alt_decrypt_wrap( void *ctx, } #if defined(MBEDTLS_RSA_C) -static int rsa_alt_check_pair( const void *pub, const void *prv ) +static int rsa_alt_check_pair( const void *pub, const void *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; @@ -813,7 +822,7 @@ static int rsa_alt_check_pair( const void *pub, const void *prv ) if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, hash, sizeof( hash ), - sig, &sig_len, NULL, NULL ) ) != 0 ) + sig, &sig_len, f_rng, p_rng ) ) != 0 ) { return( ret ); } diff --git a/library/pk_wrap.h b/library/pk_wrap.h index f7f938a88d..b2db63739f 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -85,7 +85,9 @@ struct mbedtls_pk_info_t void *p_rng ); /** Check public-private key pair */ - int (*check_pair_func)( const void *pub, const void *prv ); + int (*check_pair_func)( const void *pub, const void *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** Allocate a new context */ void * (*ctx_alloc_func)( void ); diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index ff7cf98074..041f459cfc 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -606,7 +606,8 @@ int main( int argc, char *argv[] ) // if( strlen( opt.issuer_crt ) ) { - if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key ) != 0 ) + if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key, + mbedtls_ctr_drbg_random, &ctr_drbg ) != 0 ) { mbedtls_printf( " failed\n ! issuer_key does not match " "issuer certificate\n\n" ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 573c9d4306..b46cf05cfb 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -177,7 +177,8 @@ void pk_psa_utils( ) /* unsupported functions: check_pair, debug */ TEST_ASSERT( mbedtls_pk_setup( &pk2, mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 ) + TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2, + mbedtls_test_rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_TYPE_MISMATCH ); TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg ) == MBEDTLS_ERR_PK_TYPE_MISMATCH ); @@ -350,7 +351,9 @@ void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret ) TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 ); TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret ); + TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv, + mbedtls_test_rnd_std_rand, NULL ) + == ret ); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA ) @@ -358,7 +361,9 @@ void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret ) TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ), mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret ); + TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt, + mbedtls_test_rnd_std_rand, NULL ) + == ret ); } #endif From 84dea01f36240592c162cd3724dc89abb25b3080 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0339/1065] Add RNG params to private key parsing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is necessary for the case where the public part of an EC keypair needs to be computed from the private part - either because it was not included (it's an optional component) or because it was compressed (a format we can't parse). This changes the API of two public functions: mbedtls_pk_parse_key() and mbedtls_pk_parse_keyfile(). Tests and programs have been adapted. Some programs use a non-secure RNG (from the test library) just to get things to compile and run; in a future commit this should be improved in order to demonstrate best practice. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/pk.h | 12 +++-- library/pkparse.c | 52 ++++++++++++---------- library/psa_crypto_rsa.c | 3 +- programs/fuzz/fuzz_dtlsserver.c | 4 +- programs/fuzz/fuzz_privkey.c | 4 +- programs/fuzz/fuzz_server.c | 3 +- programs/pkey/key_app.c | 5 ++- programs/pkey/key_app_writer.c | 6 ++- programs/pkey/pk_decrypt.c | 3 +- programs/pkey/pk_sign.c | 3 +- programs/pkey/rsa_sign_pss.c | 3 +- programs/ssl/dtls_server.c | 40 +++++++++-------- programs/ssl/ssl_client2.c | 4 +- programs/ssl/ssl_fork_server.c | 3 +- programs/ssl/ssl_mail_client.c | 9 +++- programs/ssl/ssl_pthread_server.c | 37 +++++++-------- programs/ssl/ssl_server.c | 39 ++++++++-------- programs/ssl/ssl_server2.c | 14 +++--- programs/x509/cert_req.c | 3 +- programs/x509/cert_write.c | 4 +- tests/suites/test_suite_pk.function | 11 +++-- tests/suites/test_suite_pkparse.function | 9 ++-- tests/suites/test_suite_pkwrite.function | 3 +- tests/suites/test_suite_ssl.function | 12 +++-- tests/suites/test_suite_x509write.function | 10 +++-- 25 files changed, 175 insertions(+), 121 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 5c7b2f646b..dec5111122 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -667,6 +667,8 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); * The empty password is not supported. * \param pwdlen Size of the password in bytes. * Ignored if \p pwd is \c NULL. + * \param f_rng RNG function, must not be \c NULL. Used for blinding. + * \param p_rng RNG parameter * * \note On entry, ctx must be empty, either freshly initialised * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a @@ -677,8 +679,9 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); * \return 0 if successful, or a specific PK or PEM error code */ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ); + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** \ingroup pk_module */ /** @@ -718,6 +721,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, * Pass a null-terminated string if expecting an encrypted * key; a non-encrypted key will also be accepted. * The empty password is not supported. + * \param f_rng RNG function, must not be \c NULL. Used for blinding. + * \param p_rng RNG parameter * * \note On entry, ctx must be empty, either freshly initialised * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a @@ -728,7 +733,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, * \return 0 if successful, or a specific PK or PEM error code */ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *password ); + const char *path, const char *password, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** \ingroup pk_module */ /** diff --git a/library/pkparse.c b/library/pkparse.c index 3222ca20fb..5438ee4a0d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -123,7 +123,8 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) * Load and parse a private key */ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *pwd ) + const char *path, const char *pwd, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -136,10 +137,10 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, return( ret ); if( pwd == NULL ) - ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 ); + ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0, f_rng, p_rng ); else ret = mbedtls_pk_parse_key( ctx, buf, n, - (const unsigned char *) pwd, strlen( pwd ) ); + (const unsigned char *) pwd, strlen( pwd ), f_rng, p_rng ); mbedtls_platform_zeroize( buf, n ); mbedtls_free( buf ); @@ -859,8 +860,8 @@ cleanup: * Parse a SEC1 encoded private EC key */ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, - const unsigned char *key, - size_t keylen ) + const unsigned char *key, size_t keylen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; @@ -967,7 +968,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, if( ! pubkey_done && ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G, - NULL, NULL ) ) != 0 ) + f_rng, p_rng ) ) != 0 ) { mbedtls_ecp_keypair_free( eck ); return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); @@ -997,9 +998,9 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, * */ static int pk_parse_key_pkcs8_unencrypted_der( - mbedtls_pk_context *pk, - const unsigned char* key, - size_t keylen ) + mbedtls_pk_context *pk, + const unsigned char* key, size_t keylen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, version; size_t len; @@ -1071,7 +1072,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH ) { if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 ) + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len, f_rng, p_rng ) ) != 0 ) { mbedtls_pk_free( pk ); return( ret ); @@ -1094,9 +1095,10 @@ static int pk_parse_key_pkcs8_unencrypted_der( */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) static int pk_parse_key_pkcs8_encrypted_der( - mbedtls_pk_context *pk, - unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) + mbedtls_pk_context *pk, + unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, decrypted = 0; size_t len; @@ -1206,7 +1208,7 @@ static int pk_parse_key_pkcs8_encrypted_der( if( decrypted == 0 ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); + return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len, f_rng, p_rng ) ); } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ @@ -1215,7 +1217,8 @@ static int pk_parse_key_pkcs8_encrypted_der( */ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) + const unsigned char *pwd, size_t pwdlen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_info_t *pk_info; @@ -1278,7 +1281,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - pem.buf, pem.buflen ) ) != 0 ) + pem.buf, pem.buflen, + f_rng, p_rng ) ) != 0 ) { mbedtls_pk_free( pk ); } @@ -1305,7 +1309,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, if( ret == 0 ) { if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, - pem.buf, pem.buflen ) ) != 0 ) + pem.buf, pem.buflen, f_rng, p_rng ) ) != 0 ) { mbedtls_pk_free( pk ); } @@ -1327,9 +1331,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, key, NULL, 0, &len ); if( ret == 0 ) { - if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, - pem.buf, pem.buflen, - pwd, pwdlen ) ) != 0 ) + if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, pem.buf, pem.buflen, + pwd, pwdlen, f_rng, p_rng ) ) != 0 ) { mbedtls_pk_free( pk ); } @@ -1362,7 +1365,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, memcpy( key_copy, key, keylen ); ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen, - pwd, pwdlen ); + pwd, pwdlen, f_rng, p_rng ); mbedtls_platform_zeroize( key_copy, keylen ); mbedtls_free( key_copy ); @@ -1380,8 +1383,11 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ - if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 ) + if( ( ret = pk_parse_key_pkcs8_unencrypted_der( + pk, key, keylen, f_rng, p_rng ) ) == 0 ) + { return( 0 ); + } mbedtls_pk_free( pk ); mbedtls_pk_init( pk ); @@ -1403,7 +1409,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); if( mbedtls_pk_setup( pk, pk_info ) == 0 && pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - key, keylen ) == 0 ) + key, keylen, f_rng, p_rng ) == 0 ) { return( 0 ); } diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index f2e9a1c052..ef2adc1348 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -108,7 +108,8 @@ psa_status_t mbedtls_psa_rsa_load_representation( /* Parse the data. */ if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) status = mbedtls_to_psa_error( - mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) ); + mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0, + mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) ); else status = mbedtls_to_psa_error( mbedtls_pk_parse_public_key( &ctx, data, data_length ) ); diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index 34ff63ede4..a64eef9793 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -6,6 +6,7 @@ #include "common.h" #include "mbedtls/ssl.h" #include "test/certs.h" +#include "test/random.h" #if defined(MBEDTLS_SSL_PROTO_DTLS) #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -55,7 +56,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_test_cas_pem_len ) != 0) return 1; if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + mbedtls_test_srv_key_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ) != 0) return 1; #endif dummy_init(); diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index f76afd1c51..a06187562f 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -3,6 +3,7 @@ #include #include #include "mbedtls/pk.h" +#include "test/random.h" //4 Kb should be enough for every bug ;-) #define MAX_LEN 0x1000 @@ -19,7 +20,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 ); + ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ); if (ret == 0) { #if defined(MBEDTLS_RSA_C) if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index 5480e3e876..d4480c5c8c 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -66,7 +66,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_test_cas_pem_len ) != 0) return 1; if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + mbedtls_test_srv_key_len, NULL, 0, + mbedtls_ctr_drbg_random, &ctr_drbg ) != 0) return 1; #endif diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 7bd93c72b5..0e30be4b20 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -40,6 +40,8 @@ #include "mbedtls/rsa.h" #include "mbedtls/pk.h" +#include "test/random.h" + #include #endif @@ -181,7 +183,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Loading the private key ..." ); fflush( stdout ); - ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password, + mbedtls_test_rnd_std_rand, NULL ); if( ret != 0 ) { diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 4b65262d0d..c7f9741182 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -39,6 +39,8 @@ #include "mbedtls/pk.h" #include "mbedtls/error.h" +#include "test/random.h" + #include #include #endif @@ -292,8 +294,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Loading the private key ..." ); fflush( stdout ); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL ); - + ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL, + mbedtls_test_rnd_std_rand, NULL ); if( ret != 0 ) { mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index 810d6fb3eb..e01f5d558f 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -106,7 +106,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); fflush( stdout ); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "", + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret ); goto exit; diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 451e3de9b2..422fa257e2 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -101,7 +101,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); fflush( stdout ); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "", + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! Could not parse '%s'\n", argv[1] ); goto exit; diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 26056dd9b6..bbbe0a9bd2 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -102,7 +102,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); fflush( stdout ); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "", + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] ); mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret ); diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index de47aab251..857671ff4e 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -79,7 +79,9 @@ int main( void ) #include "mbedtls/error.h" #include "mbedtls/debug.h" #include "mbedtls/timing.h" + #include "test/certs.h" +#include "test/random.h" #if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" @@ -138,7 +140,23 @@ int main( void ) #endif /* - * 1. Load the certificates and private RSA key + * 1. Seed the RNG + */ + printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + printf( " ok\n" ); + + /* + * 2. Load the certificates and private RSA key */ printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); @@ -165,7 +183,7 @@ int main( void ) } ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); + mbedtls_test_srv_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); @@ -175,7 +193,7 @@ int main( void ) printf( " ok\n" ); /* - * 2. Setup the "listening" UDP socket + * 3. Setup the "listening" UDP socket */ printf( " . Bind on udp/*/4433 ..." ); fflush( stdout ); @@ -188,22 +206,6 @@ int main( void ) printf( " ok\n" ); - /* - * 3. Seed the RNG - */ - printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - printf( " ok\n" ); - /* * 4. Setup stuff */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 98a3048685..6501c4927d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1548,12 +1548,12 @@ int main( int argc, char *argv[] ) else #if defined(MBEDTLS_FS_IO) if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd ); + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd, rng_get, &rng ); else #endif ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 573210870e..74190103e2 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -166,7 +166,8 @@ int main( void ) } ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); + mbedtls_test_srv_key_len, NULL, 0, + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 09bbc3d695..f223977a85 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -556,12 +556,17 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_FS_IO) if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); + { + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "", + mbedtls_ctr_drbg_random, &ctr_drbg ); + } else #endif #if defined(MBEDTLS_PEM_PARSE_C) + { ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + mbedtls_test_cli_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg ); + } #else { mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined."); diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 93eab46209..a083e4b644 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -360,7 +360,23 @@ int main( void ) mbedtls_entropy_init( &entropy ); /* - * 1. Load the certificates and private RSA key + * 1a. Seed the random number generator + */ + mbedtls_printf( " . Seeding the random number generator..." ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", + ( unsigned int ) -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1b. Load the certificates and private RSA key */ mbedtls_printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); @@ -388,7 +404,8 @@ int main( void ) mbedtls_pk_init( &pkey ); ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); + mbedtls_test_srv_key_len, NULL, 0, + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); @@ -397,22 +414,6 @@ int main( void ) mbedtls_printf( " ok\n" ); - /* - * 1b. Seed the random number generator - */ - mbedtls_printf( " . Seeding the random number generator..." ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", - ( unsigned int ) -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - /* * 1c. Prepare SSL configuration */ diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 42196ffc02..aaccb58ecd 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -125,7 +125,23 @@ int main( void ) #endif /* - * 1. Load the certificates and private RSA key + * 1. Seed the RNG + */ + mbedtls_printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Load the certificates and private RSA key */ mbedtls_printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); @@ -152,7 +168,8 @@ int main( void ) } ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); + mbedtls_test_srv_key_len, NULL, 0, + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); @@ -162,7 +179,7 @@ int main( void ) mbedtls_printf( " ok\n" ); /* - * 2. Setup the listening TCP socket + * 3. Setup the listening TCP socket */ mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); fflush( stdout ); @@ -175,22 +192,6 @@ int main( void ) mbedtls_printf( " ok\n" ); - /* - * 3. Seed the RNG - */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - /* * 4. Setup stuff */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index de4eb6d87e..37f4348ed5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -20,6 +20,7 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS #include "ssl_test_lib.h" +#include "test/random.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) int main( void ) @@ -727,7 +728,8 @@ sni_entry *sni_parse( char *sni_string ) mbedtls_pk_init( new->key ); if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + mbedtls_pk_parse_keyfile( new->key, key_file, "", + mbedtls_test_rnd_std_rand, NULL ) != 0 ) goto error; if( strcmp( ca_file, "-" ) != 0 ) @@ -2257,7 +2259,7 @@ int main( int argc, char *argv[] ) { key_cert_init++; if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, - opt.key_pwd ) ) != 0 ) + opt.key_pwd, rng_get, &rng ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret ); goto exit; @@ -2283,7 +2285,7 @@ int main( int argc, char *argv[] ) { key_cert_init2++; if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, - opt.key_pwd2 ) ) != 0 ) + opt.key_pwd2, rng_get, &rng ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", (unsigned int) -ret ); @@ -2314,7 +2316,8 @@ int main( int argc, char *argv[] ) } if( ( ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key_rsa, - mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) + mbedtls_test_srv_key_rsa_len, NULL, 0, + rng_get, &rng ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", (unsigned int) -ret ); @@ -2333,7 +2336,8 @@ int main( int argc, char *argv[] ) } if( ( ret = mbedtls_pk_parse_key( &pkey2, (const unsigned char *) mbedtls_test_srv_key_ec, - mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) + mbedtls_test_srv_key_ec_len, NULL, 0, + rng_get, &rng ) ) != 0 ) { mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", (unsigned int) -ret ); diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index e8241a320e..09414583e6 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -346,7 +346,8 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Loading the private key ..." ); fflush( stdout ); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password, + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 041f459cfc..4b8fba9681 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -577,7 +577,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key, - opt.subject_pwd ); + opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_strerror( ret, buf, 1024 ); @@ -593,7 +593,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key, - opt.issuer_pwd ); + opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_strerror( ret, buf, 1024 ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index b46cf05cfb..5ccb072e74 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -279,7 +279,8 @@ void valid_parameters( ) MBEDTLS_ERR_PK_BAD_INPUT_DATA ); #if defined(MBEDTLS_PK_PARSE_C) - TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) == + TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1, + mbedtls_test_rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) == @@ -296,8 +297,8 @@ void valid_parameters_pkwrite( data_t *key_data ) /* For the write tests to be effective, we need a valid key pair. */ mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_parse_key( &pk, - key_data->x, key_data->len, - NULL, 0 ) == 0 ); + key_data->x, key_data->len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ) == 0 ); TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); @@ -349,7 +350,9 @@ void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret ) mbedtls_pk_init( &alt ); TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL, + mbedtls_test_rnd_std_rand, NULL ) + == 0 ); TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv, mbedtls_test_rnd_std_rand, NULL ) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 4650d33115..4c7f3d2cae 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -21,7 +21,8 @@ void pk_parse_keyfile_rsa( char * key_file, char * password, int result ) if( strcmp( pwd, "NULL" ) == 0 ) pwd = NULL; - res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd ); + res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( res == result ); @@ -96,7 +97,8 @@ void pk_parse_keyfile_ec( char * key_file, char * password, int result ) mbedtls_pk_init( &ctx ); - res = mbedtls_pk_parse_keyfile( &ctx, key_file, password ); + res = mbedtls_pk_parse_keyfile( &ctx, key_file, password, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( res == result ); @@ -120,7 +122,8 @@ void pk_parse_key( data_t * buf, int result ) mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result ); + TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ) == result ); exit: mbedtls_pk_free( &pk ); diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 2bad4ed137..d1e029abbe 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -63,7 +63,8 @@ void pk_write_key_check( char * key_file ) memset( check_buf, 0, sizeof( check_buf ) ); mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL, + mbedtls_test_rnd_std_rand, NULL ) == 0 ); ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf )); TEST_ASSERT( ret == 0 ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index c555d74a20..d4aad60f80 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -800,7 +800,8 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) ret = mbedtls_pk_parse_key( &( cert->pkey ), (const unsigned char*) mbedtls_test_srv_key_rsa_der, - mbedtls_test_srv_key_rsa_der_len, NULL, 0 ); + mbedtls_test_srv_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( ret == 0 ); } else @@ -812,7 +813,8 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) ret = mbedtls_pk_parse_key( &( cert->pkey ), (const unsigned char*) mbedtls_test_srv_key_ec_der, - mbedtls_test_srv_key_ec_der_len, NULL, 0 ); + mbedtls_test_srv_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( ret == 0 ); } } @@ -827,7 +829,8 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) ret = mbedtls_pk_parse_key( &( cert->pkey ), (const unsigned char *) mbedtls_test_cli_key_rsa_der, - mbedtls_test_cli_key_rsa_der_len, NULL, 0 ); + mbedtls_test_cli_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( ret == 0 ); } else @@ -839,7 +842,8 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) ret = mbedtls_pk_parse_key( &( cert->pkey ), (const unsigned char *) mbedtls_test_cli_key_ec_der, - mbedtls_test_cli_key_ec_der_len, NULL, 0 ); + mbedtls_test_cli_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( ret == 0 ); } } diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 44f846fd31..c9b7cf9c5d 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -94,7 +94,8 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL, + mbedtls_test_rnd_std_rand, NULL ) == 0 ); mbedtls_x509write_csr_init( &req ); mbedtls_x509write_csr_set_md_alg( &req, md_type ); @@ -163,7 +164,8 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL, + mbedtls_test_rnd_std_rand, NULL ) == 0 ); TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 ); mbedtls_x509write_csr_init( &req ); @@ -225,10 +227,10 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, mbedtls_x509write_crt_init( &crt ); TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, - subject_pwd ) == 0 ); + subject_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 ); TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, - issuer_pwd ) == 0 ); + issuer_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 ); #if defined(MBEDTLS_RSA_C) /* For RSA PK contexts, create a copy as an alternative RSA context. */ From d51aaad4c9172ca8fccad83b58e1f4030bc864c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0340/1065] Remove config option MBEDTLS_ECP_NO_INTERNAL_RNG MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It was used to remove the code used when mbedtls_ecp_mul() received a NULL RNG parameter. This code is no longer relevant (as the RNG may no longer be NULL) and will be unconditionally removed in the next commit. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/check_config.h | 8 ------- include/mbedtls/config.h | 22 ------------------- scripts/config.py | 1 - tests/scripts/all.sh | 39 ---------------------------------- 4 files changed, 70 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 90dee6c1af..85f7efde20 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -150,14 +150,6 @@ #error "MBEDTLS_ECP_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_C) && !( \ - defined(MBEDTLS_ECP_ALT) || \ - defined(MBEDTLS_CTR_DRBG_C) || \ - defined(MBEDTLS_HMAC_DRBG_C) || \ - defined(MBEDTLS_ECP_NO_INTERNAL_RNG)) -#error "MBEDTLS_ECP_C requires a DRBG module unless MBEDTLS_ECP_NO_INTERNAL_RNG is defined or an alternative implementation is used" -#endif - #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C) #error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 16f8f8b350..10370f37b5 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -651,28 +651,6 @@ */ #define MBEDTLS_ECP_NIST_OPTIM -/** - * \def MBEDTLS_ECP_NO_INTERNAL_RNG - * - * When this option is disabled, mbedtls_ecp_mul() will make use of an - * internal RNG when called with a NULL \c f_rng argument, in order to protect - * against some side-channel attacks. - * - * This protection introduces a dependency of the ECP module on one of the - * DRBG modules. For very constrained implementations that don't require this - * protection (for example, because you're only doing signature verification, - * so not manipulating any secret, or because local/physical side-channel - * attacks are outside your threat model), it might be desirable to get rid of - * that dependency. - * - * \warning Enabling this option makes some uses of ECP vulnerable to some - * side-channel attacks. Only enable it if you know that's not a problem for - * your use case. - * - * Uncomment this macro to disable some counter-measures in ECP. - */ -//#define MBEDTLS_ECP_NO_INTERNAL_RNG - /** * \def MBEDTLS_ECP_RESTARTABLE * diff --git a/scripts/config.py b/scripts/config.py index e27f322707..cbce1eb471 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -181,7 +181,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS 'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation - 'MBEDTLS_ECP_NO_INTERNAL_RNG', # removes a feature 'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_HAVE_SSE2', # hardware dependency diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1423099571..2f3573f573 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1000,7 +1000,6 @@ component_test_psa_external_rng_no_drbg_classic () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, # the SSL test programs don't have an RNG and can't work. Explicitly # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. @@ -1023,7 +1022,6 @@ component_test_psa_external_rng_no_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" @@ -1048,43 +1046,6 @@ component_test_psa_external_rng_use_psa_crypto () { if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque' } -component_test_ecp_no_internal_rng () { - msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules" - scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG - scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py unset MBEDTLS_HMAC_DRBG_C - scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG - scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto - - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: ECP_NO_INTERNAL_RNG, no DRBG module" - make test - - # no SSL tests as they all depend on having a DRBG -} - -component_test_ecp_restartable_no_internal_rng () { - msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG" - scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG - scripts/config.py set MBEDTLS_ECP_RESTARTABLE - scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py unset MBEDTLS_HMAC_DRBG_C - scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG - scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto - - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module" - make test - - # no SSL tests as they all depend on having a DRBG -} - component_test_everest () { msg "build: Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED From 7962bfaa798b09598516a81efe32a5eea2ac520b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0341/1065] Remove "internal RNG" code from ECP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is no longer needed, as the RNG param is now mandatory. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 224 -------------------------------------------------- 1 file changed, 224 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 1a78a8f32d..b7a3854757 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -101,16 +101,6 @@ #include "ecp_internal_alt.h" -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) -#if defined(MBEDTLS_HMAC_DRBG_C) -#include "mbedtls/hmac_drbg.h" -#elif defined(MBEDTLS_CTR_DRBG_C) -#include "mbedtls/ctr_drbg.h" -#else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." -#endif -#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ - #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline @@ -124,144 +114,6 @@ static unsigned long add_count, dbl_count, mul_count; #endif -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) -/* - * Currently ecp_mul() takes a RNG function as an argument, used for - * side-channel protection, but it can be NULL. The initial reasoning was - * that people will pass non-NULL RNG when they care about side-channels, but - * unfortunately we have some APIs that call ecp_mul() with a NULL RNG, with - * no opportunity for the user to do anything about it. - * - * The obvious strategies for addressing that include: - * - change those APIs so that they take RNG arguments; - * - require a global RNG to be available to all crypto modules. - * - * Unfortunately those would break compatibility. So what we do instead is - * have our own internal DRBG instance, seeded from the secret scalar. - * - * The following is a light-weight abstraction layer for doing that with - * HMAC_DRBG (first choice) or CTR_DRBG. - */ - -#if defined(MBEDTLS_HMAC_DRBG_C) - -/* DRBG context type */ -typedef mbedtls_hmac_drbg_context ecp_drbg_context; - -/* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) -{ - mbedtls_hmac_drbg_init( ctx ); -} - -/* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) -{ - mbedtls_hmac_drbg_free( ctx ); -} - -/* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) -{ - return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) ); -} - -/* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) -{ - int ret; - unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; - /* The list starts with strong hashes */ - const mbedtls_md_type_t md_type = mbedtls_md_list()[0]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type ); - - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); - - ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len ); - -cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); - - return( ret ); -} - -#elif defined(MBEDTLS_CTR_DRBG_C) - -/* DRBG context type */ -typedef mbedtls_ctr_drbg_context ecp_drbg_context; - -/* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) -{ - mbedtls_ctr_drbg_init( ctx ); -} - -/* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) -{ - mbedtls_ctr_drbg_free( ctx ); -} - -/* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) -{ - return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) ); -} - -/* - * Since CTR_DRBG doesn't have a seed_buf() function the way HMAC_DRBG does, - * we need to pass an entropy function when seeding. So we use a dummy - * function for that, and pass the actual entropy as customisation string. - * (During seeding of CTR_DRBG the entropy input and customisation string are - * concatenated before being used to update the secret state.) - */ -static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len) -{ - (void) ctx; - memset( out, 0, len ); - return( 0 ); -} - -/* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) -{ - int ret; - unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; - - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } - - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); - - ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL, - secret_bytes, secret_len ); - -cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); - - return( ret ); -} - -#else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." -#endif /* DRBG modules */ -#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ - #if defined(MBEDTLS_ECP_RESTARTABLE) /* * Maximum number of "basic operations" to be done in a row. @@ -309,10 +161,6 @@ struct mbedtls_ecp_restart_mul ecp_rsm_comb_core, /* ecp_mul_comb_core() */ ecp_rsm_final_norm, /* do the final normalization */ } state; -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_context drbg_ctx; - unsigned char drbg_seeded; -#endif }; /* @@ -325,10 +173,6 @@ static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) ctx->T = NULL; ctx->T_size = 0; ctx->state = ecp_rsm_init; -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_init( &ctx->drbg_ctx ); - ctx->drbg_seeded = 0; -#endif } /* @@ -350,10 +194,6 @@ static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx ) mbedtls_free( ctx->T ); } -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &ctx->drbg_ctx ); -#endif - ecp_restart_rsm_init( ctx ); } @@ -2068,9 +1908,7 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R i = d; MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) if( f_rng != 0 ) -#endif MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); } @@ -2204,9 +2042,7 @@ final_norm: * * Avoid the leak by randomizing coordinates before we normalize them. */ -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) if( f_rng != 0 ) -#endif MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) ); @@ -2286,42 +2122,9 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, size_t d; unsigned char T_size = 0, T_ok = 0; mbedtls_ecp_point *T = NULL; -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_context drbg_ctx; - - ecp_drbg_init( &drbg_ctx ); -#endif ECP_RS_ENTER( rsm ); -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { - /* Adjust pointers */ - f_rng = &ecp_drbg_random; -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - p_rng = &rs_ctx->rsm->drbg_ctx; - else -#endif - p_rng = &drbg_ctx; - - /* Initialize internal DRBG if necessary */ -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx == NULL || rs_ctx->rsm == NULL || - rs_ctx->rsm->drbg_seeded == 0 ) -#endif - { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) ); - } -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - rs_ctx->rsm->drbg_seeded = 1; -#endif - } -#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ - /* Is P the base point ? */ #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && @@ -2393,10 +2196,6 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, cleanup: -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); -#endif - /* does T belong to the group? */ if( T == grp->T ) T = NULL; @@ -2583,23 +2382,8 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, unsigned char b; mbedtls_ecp_point RP; mbedtls_mpi PX; -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_context drbg_ctx; - - ecp_drbg_init( &drbg_ctx ); -#endif mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) ); - f_rng = &ecp_drbg_random; - p_rng = &drbg_ctx; - } -#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ - /* Save PX and read from P before writing to R, in case P == R */ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); @@ -2613,9 +2397,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, MOD_ADD( RP.X ); /* Randomize coordinates of the starting point */ -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) if( f_rng != NULL ) -#endif MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); /* Loop invariant: R = result so far, RP = R + P */ @@ -2648,18 +2430,12 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Avoid the leak by randomizing coordinates before we normalize them. */ -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) if( f_rng != NULL ) -#endif MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); cleanup: -#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); -#endif - mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX ); return( ret ); From 02b5705aa37613d83c97aa2f84b8d66b10b60d3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0342/1065] Simplify internal code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We know that Montgomery multiplication will never be called without an RNG, so make that clear from the beginning of the function. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index b7a3854757..8f6e9886b8 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2384,6 +2384,9 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, mbedtls_mpi PX; mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); + if( f_rng == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + /* Save PX and read from P before writing to R, in case P == R */ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); @@ -2397,8 +2400,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, MOD_ADD( RP.X ); /* Randomize coordinates of the starting point */ - if( f_rng != NULL ) - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); /* Loop invariant: R = result so far, RP = R + P */ i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */ @@ -2430,9 +2432,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Avoid the leak by randomizing coordinates before we normalize them. */ - if( f_rng != NULL ) - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); - + MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); cleanup: From e6e51aab55fd002ddc89f5b1b2579f768c6eb606 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:29:26 +0200 Subject: [PATCH 0343/1065] Add ChangeLog and migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Merge part of the RSA entries into this one, as I think it's easier for users to have all similar changes in one place regardless of whether they were introduce in the same PR or not. Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/mandatory-rng-param.txt | 12 +++++++ ChangeLog.d/remove-rsa-mode-parameter.txt | 1 - .../mandatory-rng-param.md | 36 +++++++++++++++++++ .../remove-rsa-mode-parameter.md | 8 ----- 4 files changed, 48 insertions(+), 9 deletions(-) create mode 100644 ChangeLog.d/mandatory-rng-param.txt create mode 100644 docs/3.0-migration-guide.d/mandatory-rng-param.md diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt new file mode 100644 index 0000000000..4e04248fa4 --- /dev/null +++ b/ChangeLog.d/mandatory-rng-param.txt @@ -0,0 +1,12 @@ +API changes + * For all functions that take an RNG parameter, this parameter is now + mandatory (that is, NULL is not an acceptable value). Functions which + previously accepted NULL and now reject it are: the X.509 CRT and CSR + writing functions; the PK sign and decrypt function; the RSA encrypt, + decrypt, sign and private functions; the function in DHM and ECDH that + compute the share secret; the scalar multiplication functions in ECP. + * The following functions now require an RNG parameter: + mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(), + mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(). + * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as + it no longer had any effect. diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt index 854dda34b2..2590d3a949 100644 --- a/ChangeLog.d/remove-rsa-mode-parameter.txt +++ b/ChangeLog.d/remove-rsa-mode-parameter.txt @@ -6,4 +6,3 @@ API changes decryption functions now always use the private key and verification and encryption use the public key. Verification functions also no longer have RNG parameters. - * The RNG is now mandatory for all private-key RSA operations. diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md new file mode 100644 index 0000000000..3cbc356957 --- /dev/null +++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md @@ -0,0 +1,36 @@ +The RNG parameter is now mandatory for all functions that accept one +-------------------------------------------------------------------- + +This change affects all users who called a function accepting a `f_rng` +parameter with `NULL` as the value of this argument; this is no longer +supported. + +The changed functions are: the X.509 CRT and CSR writing functions; the PK +sign and decrypt function; the RSA encrypt, decrypt, sign and private +functions; the functions in DHM and ECDH that compute the share secret; the +scalar multiplication functions in ECP. + +You now need to pass a properly seeded, cryptographically secure RNG to all +functions that accept a `f_rng` parameter. It is of course still possible to +pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a +context. + +Some functions gained an RNG parameter +-------------------------------------- + +This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, +`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and +`mbedtls_pk_parse_keyfile()`. + +You now need to pass a properly seeded, cryptographically secure RNG when +calling these functions. It is used for blinding, a counter-measure against +side-channel attacks. + +The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed +------------------------------------------------------------------ + +This doesn't affect users of the default configuration; it only affects people +who were explicitly setting this option. + +This was a trade-off between code size and counter-measures; it is no longer +relevant as the counter-measure is now always on at no cost in code size. diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md index e400650dd0..d21d5ed85e 100644 --- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md +++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md @@ -19,11 +19,3 @@ RSA verification functions also no longer take random generator arguments (this was only needed when using a private key). This affects all applications using the RSA verify functions. -RNG is now mandatory in all RSA private key operations ------------------------------------------------------- - -The random generator is now mandatory for blinding in all RSA private-key -operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`, -`mbedtls_rsa_xxx_decrypt`) as well as for encryption -(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer -supported. From 36a8963b3b1c073eb9420d75ec45dc59fcfcd809 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Jun 2021 11:43:33 +0200 Subject: [PATCH 0344/1065] Fix cmake build of programs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/aes/CMakeLists.txt | 1 + programs/hash/CMakeLists.txt | 1 + programs/pkey/CMakeLists.txt | 2 ++ programs/random/CMakeLists.txt | 1 + programs/util/CMakeLists.txt | 1 + programs/x509/CMakeLists.txt | 1 + 6 files changed, 7 insertions(+) diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index 62a54c7683..85bcd5fcad 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -5,6 +5,7 @@ set(executables foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${mbedcrypto_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() install(TARGETS ${executables} diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt index b2f2a1f5c0..729474c032 100644 --- a/programs/hash/CMakeLists.txt +++ b/programs/hash/CMakeLists.txt @@ -6,6 +6,7 @@ set(executables foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${mbedcrypto_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() install(TARGETS ${executables} diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 9c6fe7d493..3ad56436e6 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -6,6 +6,7 @@ set(executables_mbedtls foreach(exe IN LISTS executables_mbedtls) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${mbedtls_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() set(executables_mbedcrypto @@ -32,6 +33,7 @@ set(executables_mbedcrypto foreach(exe IN LISTS executables_mbedcrypto) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${mbedcrypto_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto} diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt index f32dc31ee8..e5edf7b58c 100644 --- a/programs/random/CMakeLists.txt +++ b/programs/random/CMakeLists.txt @@ -6,6 +6,7 @@ set(executables foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${mbedcrypto_target}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() install(TARGETS ${executables} diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index 2a11212ecf..7fc58cbcf4 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -10,6 +10,7 @@ set(executables foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${libs}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() install(TARGETS ${executables} diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt index cf57ca431a..a04fa8bcf8 100644 --- a/programs/x509/CMakeLists.txt +++ b/programs/x509/CMakeLists.txt @@ -13,6 +13,7 @@ set(executables foreach(exe IN LISTS executables) add_executable(${exe} ${exe}.c $) target_link_libraries(${exe} ${libs}) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) endforeach() target_link_libraries(cert_app ${mbedtls_target}) From 7f93da1265c9798d81aed3d766bef6acbfe2f0fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 10:20:30 +0200 Subject: [PATCH 0345/1065] Use the dedicated dummy_random in fuzzing programs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also make sure to initialize the DRBG before using it in fuzz_server (dummy_random uses ctr_drbg internally). Signed-off-by: Manuel Pégourié-Gonnard --- programs/fuzz/fuzz_dtlsserver.c | 3 +-- programs/fuzz/fuzz_privkey.c | 4 ++-- programs/fuzz/fuzz_server.c | 16 ++++++++-------- 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index a64eef9793..9a6e894a88 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -6,7 +6,6 @@ #include "common.h" #include "mbedtls/ssl.h" #include "test/certs.h" -#include "test/random.h" #if defined(MBEDTLS_SSL_PROTO_DTLS) #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -57,7 +56,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 1; if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, mbedtls_test_srv_key_len, NULL, 0, - mbedtls_test_rnd_std_rand, NULL ) != 0) + dummy_random, NULL ) != 0) return 1; #endif dummy_init(); diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index a06187562f..b9a160e1e1 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -3,7 +3,7 @@ #include #include #include "mbedtls/pk.h" -#include "test/random.h" +#include "common.h" //4 Kb should be enough for every bug ;-) #define MAX_LEN 0x1000 @@ -21,7 +21,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_pk_init( &pk ); ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0, - mbedtls_test_rnd_std_rand, NULL ); + dummy_random, NULL ); if (ret == 0) { #if defined(MBEDTLS_RSA_C) if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index d4480c5c8c..c35b425234 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -56,6 +56,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { options = Data[Size - 1]; if (initialized == 0) { + mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_entropy_init( &entropy ); + + if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen( pers ) ) != 0 ) + return 1; + #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) mbedtls_x509_crt_init( &srvcert ); mbedtls_pk_init( &pkey ); @@ -67,7 +74,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 1; if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, mbedtls_test_srv_key_len, NULL, 0, - mbedtls_ctr_drbg_random, &ctr_drbg ) != 0) + dummy_random, &ctr_drbg ) != 0) return 1; #endif @@ -81,17 +88,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } mbedtls_ssl_init( &ssl ); mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); #if defined(MBEDTLS_SSL_SESSION_TICKETS) mbedtls_ssl_ticket_init( &ticket_ctx ); #endif - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) - goto exit; - - if( mbedtls_ssl_config_defaults( &conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, From 1503a9adab19434dbf9daf23bfeb19468ba14411 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 10:35:56 +0200 Subject: [PATCH 0346/1065] Use a proper DRBG in programs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/pkey/key_app.c | 36 +++++++++++++++++++++++++------- programs/pkey/key_app_writer.c | 38 ++++++++++++++++++++++++++++------ programs/ssl/dtls_server.c | 1 - programs/ssl/ssl_server2.c | 8 +++---- 4 files changed, 64 insertions(+), 19 deletions(-) diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 0e30be4b20..2145e072ad 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -35,12 +35,13 @@ #endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && \ - defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) + defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \ + defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/error.h" #include "mbedtls/rsa.h" #include "mbedtls/pk.h" - -#include "test/random.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" #include #endif @@ -65,11 +66,13 @@ "\n" #if !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit( 0 ); } #else @@ -94,12 +97,19 @@ int main( int argc, char *argv[] ) int i; char *p, *q; + const char *pers = "pkey/key_app"; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_pk_context pk; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; /* * Set to sane values */ + mbedtls_entropy_init( &entropy ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_pk_init( &pk ); memset( buf, 0, sizeof(buf) ); @@ -183,8 +193,16 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Loading the private key ..." ); fflush( stdout ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + goto cleanup; + } + ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password, - mbedtls_test_rnd_std_rand, NULL ); + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { @@ -302,6 +320,9 @@ cleanup: } #endif + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + mbedtls_pk_free( &pk ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); @@ -314,4 +335,5 @@ cleanup: mbedtls_exit( exit_code ); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index c7f9741182..89c67ed9e6 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -34,12 +34,15 @@ #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #endif /* MBEDTLS_PLATFORM_C */ -#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) +#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \ + defined(MBEDTLS_FS_IO) && \ + defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/error.h" #include "mbedtls/pk.h" #include "mbedtls/error.h" -#include "test/random.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" #include #include @@ -90,10 +93,14 @@ #if !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_PK_WRITE_C) || \ - !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) int main( void ) { - mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" ); + mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_FS_IO not defined.\n" ); mbedtls_exit( 0 ); } #else @@ -203,12 +210,19 @@ int main( int argc, char *argv[] ) int i; char *p, *q; + const char *pers = "pkey/key_app"; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_pk_context key; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; /* * Set to sane values */ + mbedtls_entropy_init( &entropy ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_pk_init( &key ); memset( buf, 0, sizeof( buf ) ); @@ -294,8 +308,16 @@ int main( int argc, char *argv[] ) mbedtls_printf( "\n . Loading the private key ..." ); fflush( stdout ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + goto exit; + } + ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL, - mbedtls_test_rnd_std_rand, NULL ); + mbedtls_ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); @@ -431,6 +453,9 @@ exit: mbedtls_pk_free( &key ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + #if defined(_WIN32) mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); @@ -438,4 +463,5 @@ exit: mbedtls_exit( exit_code ); } -#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */ +#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 857671ff4e..d2cc4509d0 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -81,7 +81,6 @@ int main( void ) #include "mbedtls/timing.h" #include "test/certs.h" -#include "test/random.h" #if defined(MBEDTLS_SSL_CACHE_C) #include "mbedtls/ssl_cache.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 37f4348ed5..68cc0275d5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -20,7 +20,6 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS #include "ssl_test_lib.h" -#include "test/random.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) int main( void ) @@ -689,7 +688,7 @@ void sni_free( sni_entry *head ) * * Modifies the input string! This is not production quality! */ -sni_entry *sni_parse( char *sni_string ) +sni_entry *sni_parse( char *sni_string, rng_context_t *p_rng ) { sni_entry *cur = NULL, *new = NULL; char *p = sni_string; @@ -728,8 +727,7 @@ sni_entry *sni_parse( char *sni_string ) mbedtls_pk_init( new->key ); if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "", - mbedtls_test_rnd_std_rand, NULL ) != 0 ) + mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, p_rng ) != 0 ) goto error; if( strcmp( ca_file, "-" ) != 0 ) @@ -2373,7 +2371,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Setting up SNI information..." ); fflush( stdout ); - if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) + if( ( sni_info = sni_parse( opt.sni, &rng ) ) == NULL ) { mbedtls_printf( " failed\n" ); goto exit; From 8707259318618bb6d1b972b470cb21b3b730a8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 11:02:38 +0200 Subject: [PATCH 0347/1065] Improve ChangeLog and migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/mandatory-rng-param.txt | 14 ++++++++------ docs/3.0-migration-guide.d/mandatory-rng-param.md | 12 ++++++++---- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt index 4e04248fa4..39ee335339 100644 --- a/ChangeLog.d/mandatory-rng-param.txt +++ b/ChangeLog.d/mandatory-rng-param.txt @@ -1,12 +1,14 @@ API changes - * For all functions that take an RNG parameter, this parameter is now - mandatory (that is, NULL is not an acceptable value). Functions which - previously accepted NULL and now reject it are: the X.509 CRT and CSR - writing functions; the PK sign and decrypt function; the RSA encrypt, - decrypt, sign and private functions; the function in DHM and ECDH that - compute the share secret; the scalar multiplication functions in ECP. + * For all functions that take a random number generator (RNG) as a + parameter, this parameter is now mandatory (that is, NULL is not an + acceptable value). Functions which previously accepted NULL and now + reject it are: the X.509 CRT and CSR writing functions; the PK and RSA + sign and decrypt function; mbedtls_rsa_private(); the functions + in DHM and ECDH that compute the shared secret; the scalar multiplication + functions in ECP. * The following functions now require an RNG parameter: mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(), mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(). +Removals * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as it no longer had any effect. diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md index 3cbc356957..f6aba08b11 100644 --- a/docs/3.0-migration-guide.d/mandatory-rng-param.md +++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md @@ -5,16 +5,20 @@ This change affects all users who called a function accepting a `f_rng` parameter with `NULL` as the value of this argument; this is no longer supported. -The changed functions are: the X.509 CRT and CSR writing functions; the PK -sign and decrypt function; the RSA encrypt, decrypt, sign and private -functions; the functions in DHM and ECDH that compute the share secret; the -scalar multiplication functions in ECP. +The changed functions are: the X.509 CRT and CSR writing functions; the PK and +RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM +and ECDH that compute the shared secret; the scalar multiplication functions in +ECP. You now need to pass a properly seeded, cryptographically secure RNG to all functions that accept a `f_rng` parameter. It is of course still possible to pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a context. +Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` +configuration options) may have their own internal and are free to ignore the +`f_rng` argument but must allow users to pass one anyway. + Some functions gained an RNG parameter -------------------------------------- From 6f19ce317bd68c4656b802529f7df0ef56546d27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 12:08:34 +0200 Subject: [PATCH 0348/1065] Fix async support in ssl_server2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_server2.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 68cc0275d5..51125bdb69 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -525,6 +525,8 @@ int main( void ) (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ } +/* This is global so it can be easily accessed by callback functions */ +rng_context_t rng; /* * global options @@ -688,7 +690,7 @@ void sni_free( sni_entry *head ) * * Modifies the input string! This is not production quality! */ -sni_entry *sni_parse( char *sni_string, rng_context_t *p_rng ) +sni_entry *sni_parse( char *sni_string ) { sni_entry *cur = NULL, *new = NULL; char *p = sni_string; @@ -727,7 +729,7 @@ sni_entry *sni_parse( char *sni_string, rng_context_t *p_rng ) mbedtls_pk_init( new->key ); if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, p_rng ) != 0 ) + mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, &rng ) != 0 ) goto error; if( strcmp( ca_file, "-" ) != 0 ) @@ -1045,7 +1047,8 @@ static int ssl_async_start( mbedtls_ssl_context *ssl, for( slot = 0; slot < config_data->slots_used; slot++ ) { if( mbedtls_pk_check_pair( &cert->pk, - config_data->slots[slot].pk ) == 0 ) + config_data->slots[slot].pk, + rng_get, &rng ) == 0 ) break; } if( slot == config_data->slots_used ) @@ -1271,7 +1274,6 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #endif - rng_context_t rng; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; #if defined(MBEDTLS_TIMING_C) @@ -2371,7 +2373,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Setting up SNI information..." ); fflush( stdout ); - if( ( sni_info = sni_parse( opt.sni, &rng ) ) == NULL ) + if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) { mbedtls_printf( " failed\n" ); goto exit; From 6ff9ef56a507a02cb338f8de70acca3f53de913b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 12:37:10 +0200 Subject: [PATCH 0349/1065] Fix cmake build of fuzz_privkey MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/fuzz/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt index 4f35d7663d..c7fcd356bc 100644 --- a/programs/fuzz/CMakeLists.txt +++ b/programs/fuzz/CMakeLists.txt @@ -8,7 +8,6 @@ if(FUZZINGENGINE_LIB) endif() set(executables_no_common_c - fuzz_privkey fuzz_pubkey fuzz_x509crl fuzz_x509crt @@ -16,6 +15,7 @@ set(executables_no_common_c ) set(executables_with_common_c + fuzz_privkey fuzz_client fuzz_dtlsclient fuzz_dtlsserver From 609ab6478be8bf6ebd62add5ebf93cef7113ab0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 14:29:11 +0200 Subject: [PATCH 0350/1065] Fix warning in some configurations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/pkparse.c b/library/pkparse.c index 5438ee4a0d..25fc1fecd6 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1010,6 +1010,11 @@ static int pk_parse_key_pkcs8_unencrypted_der( mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; const mbedtls_pk_info_t *pk_info; +#if !defined(MBEDTLS_ECP_C) + (void) f_rng; + (void) p_rng; +#endif + /* * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208) * From 50afb4378f1282eaf3d62a579016787add81e2ec Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 17 Jun 2021 09:23:41 +0100 Subject: [PATCH 0351/1065] Adds Migration guide Commit adds a migraiton guide entry that was missing. Signed-off-by: Thomas Daubney --- .../remove-truncated-HMAC-extension.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md diff --git a/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md b/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md new file mode 100644 index 0000000000..12f7c2385e --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md @@ -0,0 +1,10 @@ +Remove the truncated HMAC extension +----------------------------------- + +This affects all users who use the truncated HMAC extension for cryptographic +operations. + +The config option `MBEDTLS_SSL_TRUNCATED_HMAC` has been removed. Users concerned +about overhead are better served by using any of the CCM-8 ciphersuites rather +than a CBC ciphersuite with truncated HMAC, and so going forward this must be +the approach taken. From 5314e08e087a3fe57e2c7e8f9db577b5b1138a7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 17 Jun 2021 10:32:01 +0200 Subject: [PATCH 0352/1065] Make the fields of mbedtls_x509_crt_profile public MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These fields are supposed to be manipulated directly, that's how people create custom profiles. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/x509_crt.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index d383168d25..e6a9f7ad7c 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -159,10 +159,10 @@ mbedtls_x509_subject_alternative_name; */ typedef struct mbedtls_x509_crt_profile { - uint32_t MBEDTLS_PRIVATE(allowed_mds); /**< MDs for signatures */ - uint32_t MBEDTLS_PRIVATE(allowed_pks); /**< PK algs for signatures */ - uint32_t MBEDTLS_PRIVATE(allowed_curves); /**< Elliptic curves for ECDSA */ - uint32_t MBEDTLS_PRIVATE(rsa_min_bitlen); /**< Minimum size for RSA keys */ + uint32_t allowed_mds; /**< MDs for signatures */ + uint32_t allowed_pks; /**< PK algs for signatures */ + uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ + uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ } mbedtls_x509_crt_profile; From 55a7fb8322f10d9a2b53d59ac9eff72a83c88d8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 17 Jun 2021 10:39:39 +0200 Subject: [PATCH 0353/1065] Improve documentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/x509_crt.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index e6a9f7ad7c..3d64a4c937 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -156,6 +156,10 @@ mbedtls_x509_subject_alternative_name; * Security profile for certificate verification. * * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). + * + * The fields of this structure are part of the public API and can be + * manipulated directly by applications. Future versions of the library may + * add extra fields or reorder existing fields. */ typedef struct mbedtls_x509_crt_profile { From d1dcfd53aa56cc4c1285269b83b0d3b7b304d260 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 18:37:38 +0200 Subject: [PATCH 0354/1065] Do a test build with MBEDTLS_PSA_CRYPTO_SPM Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab8500b94c..40741d79e8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -817,6 +817,19 @@ component_test_psa_crypto_key_id_encodes_owner () { make test } +component_build_psa_crypto_spm () { + msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc" + scripts/config.py full + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM + # We can only compile, not link, since our test and sample programs + # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM + # is active. + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib +} + component_test_psa_crypto_client () { msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make" scripts/config.py unset MBEDTLS_PSA_CRYPTO_C From a3548673991528bbc1d65aae2306a8ac3e2b4355 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jun 2021 11:37:52 +0200 Subject: [PATCH 0355/1065] In the SPM test build, fail if a symbol wasn't renamed Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 40741d79e8..41a18b56d5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -817,6 +817,14 @@ component_test_psa_crypto_key_id_encodes_owner () { make test } +# check_renamed_symbols HEADER LIB +# Check that if HEADER contains '#define MACRO ...' then MACRO is not a symbol +# name is LIB. +check_renamed_symbols () { + ! nm "$2" | sed 's/.* //' | + grep -x -F "$(sed -n 's/^ *# *define *\([A-Z_a-z][0-9A-Z_a-z]*\)..*/\1/p' "$1")" +} + component_build_psa_crypto_spm () { msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc" scripts/config.py full @@ -828,6 +836,11 @@ component_build_psa_crypto_spm () { # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM # is active. make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib + + # Check that if a symbol is renamed by crypto_spe.h, the non-renamed + # version is not present. + echo "Checking for renamed symbols in the library" + if_build_succeeded check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a } component_test_psa_crypto_client () { From e96c5854d0f07350c243bac108171c669a273952 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 18:36:05 +0200 Subject: [PATCH 0356/1065] Move the inclusion of crypto_spe.h to psa/crypto_platform.h This makes it easier to ensure that crypto_spe.h is included everywhere it needs to be, and that it's included early enough to do its job (it must be included before any mention of psa_xxx() functions with external linkage, because it defines macros to rename these functions). Signed-off-by: Gilles Peskine --- ChangeLog.d/spm_build.txt | 4 +++ include/psa/crypto_platform.h | 12 ++++++++ library/psa_crypto.c | 1 - library/psa_crypto_client.c | 1 - library/psa_crypto_service_integration.h | 39 ------------------------ library/psa_crypto_slot_management.c | 1 - library/psa_crypto_storage.c | 1 - 7 files changed, 16 insertions(+), 43 deletions(-) create mode 100644 ChangeLog.d/spm_build.txt delete mode 100644 library/psa_crypto_service_integration.h diff --git a/ChangeLog.d/spm_build.txt b/ChangeLog.d/spm_build.txt new file mode 100644 index 0000000000..6016d84e08 --- /dev/null +++ b/ChangeLog.d/spm_build.txt @@ -0,0 +1,4 @@ +Bugfix + * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included + in all the right places. Include it from crypto_platform.h, which is + the natural place. Fixes #4649. diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 8acf22c7f3..66f4687930 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -81,6 +81,18 @@ static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif // MBEDTLS_PSA_CRYPTO_SPM + #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /** The type of the context passed to mbedtls_psa_external_get_random(). * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3fe2a883bc..d0e59213a3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -26,7 +26,6 @@ #include "check_crypto_config.h" #endif -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_cipher.h" diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index e84cf3015b..629feb7dfa 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -19,7 +19,6 @@ */ #include "common.h" -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h deleted file mode 100644 index 87889af49c..0000000000 --- a/library/psa_crypto_service_integration.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H -#define PSA_CRYPTO_SERVICE_INTEGRATION_H - -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that the file which included this file is being - * compiled for SPE. The files crypto_structs.h and crypto_types.h have - * different implementations for NSPE and SPE and are compiled according to this - * flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif // MBEDTLS_PSA_CRYPTO_SPM - -#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b1a3c1661..6723885315 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -22,7 +22,6 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 773d3aaafc..2ebfc26a8f 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,7 +29,6 @@ #include #include -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" #include "mbedtls/platform_util.h" From a48b16a449053ecddcdb84672c5a12fd87709c86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 17 Jun 2021 13:25:03 +0200 Subject: [PATCH 0357/1065] Homogenize coding patterns MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index f4de16b918..b7df3f047e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -319,7 +319,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned #endif /* make sure assign is 0 or 1 in a time-constant manner */ - assign = (assign | (unsigned char)-assign) >> 7; + assign = (assign | (unsigned char)-assign) >> (sizeof( assign ) * 8 - 1); /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ limb_mask = -assign; @@ -366,7 +366,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw #endif /* make sure swap is 0 or 1 in a time-constant manner */ - swap = (swap | (unsigned char)-swap) >> 7; + swap = (swap | (unsigned char)-swap) >> (sizeof( swap ) * 8 - 1); /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ limb_mask = -swap; @@ -2195,7 +2195,7 @@ static size_t mbedtls_mpi_cf_bool_eq( size_t x, size_t y ) #endif /* diff_msb's most significant bit is equal to x != y */ - const size_t diff_msb = ( diff | -diff ); + const size_t diff_msb = ( diff | (size_t) -diff ); #if defined(_MSC_VER) #pragma warning( pop ) From 57face2f0b3c18368c7ac21f03e45f3b5a92233d Mon Sep 17 00:00:00 2001 From: JoeSubbiani Date: Thu, 17 Jun 2021 15:00:01 +0100 Subject: [PATCH 0358/1065] Free context in at the end of aes_crypt_xts_size() in file tests/suite/test_suite_aes.function, aes_crypt_xts_size() did not free the context upon the function exit. The function now frees the context on exit. Fixes #4176 Signed-off-by: JoeSubbiani --- tests/suites/test_suite_aes.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index aa3df92fa5..dac6edc958 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -207,6 +207,8 @@ void aes_crypt_xts_size( int size, int retval ) memset( data_unit, 0x00, sizeof( data_unit ) ); TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); +exit: + mbedtls_aes_xts_free(&ctx); } /* END_CASE */ From ffb92da622122c8d1f6dd9cd626ed3b098ccf181 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 00:03:26 +0200 Subject: [PATCH 0359/1065] Upgrade the default X.509 profile to the former "next" profile Upgrade the default X.509 certificate verification profile mbedtls_x509_crt_profile_default to the former value of mbedtls_x509_crt_profile_next, which is hashes and curves with at least 255 bits (Curve25519 included), and RSA 2048 and above. Document more precisely what goes into the default profile. Keep the "next" profile unchanged for now. Signed-off-by: Gilles Peskine --- include/mbedtls/x509_crt.h | 12 +++++++++++- library/x509_crt.c | 25 +++++++------------------ 2 files changed, 18 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index d383168d25..9c7016d8e9 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -332,12 +332,22 @@ typedef void mbedtls_x509_crt_restart_ctx; /** * Default security profile. Should provide a good balance between security * and compatibility with current deployments. + * + * This profile permits: + * - SHA2 hashes with at least 256 bits: SHA-256, SHA-384, SHA-512. + * - Elliptic curves with 255 bits and above. + * - RSA with 2048 bits and above. + * + * New minor versions of Mbed TLS may extend this profile, for example if + * new curves are added to the library. New minor versions of Mbed TLS will + * not reduce this profile unless serious security concerns require it. */ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; /** * Expected next default profile. Recommended for new deployments. - * Currently targets a 128-bit security level, except for RSA-2048. + * Currently targets a 128-bit security level, except for allowing RSA-2048. + * This profile may change at any time. */ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; diff --git a/library/x509_crt.c b/library/x509_crt.c index d4e0ffd404..59692476bc 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -95,25 +95,9 @@ typedef struct { */ #define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) -/* - * Default profile - */ +/* Default profile. Do not remove items unless there are serious security + * concerns. */ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = -{ - /* Only SHA-2 hashes */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048, -}; - -/* - * Next-default profile - */ -const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = { /* Hashes from SHA-256 and above */ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | @@ -135,6 +119,11 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = 2048, }; +/* Next-generation profile. Currently identical to the default, but may + * be tightened at any time. */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = + mbedtls_x509_crt_profile_default; + /* * NSA Suite B Profile */ From ae270bf3860aad2c68430d6381be586a72c4f1ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 00:05:29 +0200 Subject: [PATCH 0360/1065] Upgrade the default TLS hash and curve selection, matching X.509 Upgrade the default list of hashes and curves allowed for TLS. The list is now aligned with X.509 certificate verification: hashes and curves with at least 255 bits (Curve25519 included), and RSA 2048 and above. Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE which would no longer do anything. Document more precisely what is allowed by default. Signed-off-by: Gilles Peskine --- include/mbedtls/config.h | 17 ------------- include/mbedtls/ssl.h | 14 +++++++++-- library/ecp.c | 4 ++-- library/ssl_tls.c | 52 ++++++++++++++++++++++++++++++++++------ library/x509_crt.c | 6 +++-- 5 files changed, 63 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 16f8f8b350..fc10f9d703 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3326,23 +3326,6 @@ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b2f5c67a2d..df3974aea8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2893,7 +2893,6 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, #if defined(MBEDTLS_ECP_C) /** * \brief Set the allowed curves in order of preference. - * (Default: all defined curves.) * * On server: this only affects selection of the ECDHE curve; * the curves used for ECDH and ECDSA are determined by the @@ -2914,6 +2913,12 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, * \note This list should be ordered by decreasing preference * (preferred curve first). * + * \note The default list is the same set of curves that + * #mbedtls_x509_crt_profile_default allows, plus + * ECDHE-only curves selected according to the same criteria. + * Larger (generally more secure but slower) curves are + * preferred over smaller curves. + * * \param conf SSL configuration * \param curves Ordered list of allowed curves, * terminated by MBEDTLS_ECP_DP_NONE. @@ -2925,7 +2930,6 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /** * \brief Set the allowed hashes for signatures during the handshake. - * (Default: all available hashes except MD5.) * * \note This only affects which hashes are offered and can be used * for signatures during the handshake. Hashes for message @@ -2937,6 +2941,12 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, * \note This list should be ordered by decreasing preference * (preferred hash first). * + * \note By default, all supported hashes whose length is at least + * 256 bits are allowed. This is the same set as the default + * for certificate verification + * (#mbedtls_x509_crt_profile_default). Larger hashes are + * preferred. + * * \param conf SSL configuration * \param hashes Ordered list of allowed signature hashes, * terminated by \c MBEDTLS_MD_NONE. diff --git a/library/ecp.c b/library/ecp.c index 044bbe1d10..6bb955cc0f 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -509,9 +509,9 @@ int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, * - readable name * * Curves are listed in order: largest curves first, and for a given size, - * fastest curves first. This provides the default order for the SSL module. + * fastest curves first. * - * Reminder: update profiles in x509_crt.c when adding a new curves! + * Reminder: update profiles in x509_crt.c and ssl_tls.c when adding a new curve! */ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5c1bc32078..be389f03b6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6098,6 +6098,11 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +/* The selection should be the same as mbedtls_x509_crt_profile_default in + * x509_crt.c. Here, the order matters: larger hashes first, for consistency + * with curves. + * See the documentation of mbedtls_ssl_conf_curves() for what we promise + * about this list. */ static int ssl_preset_default_hashes[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, @@ -6107,17 +6112,50 @@ static int ssl_preset_default_hashes[] = { #endif #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, -#endif -#if defined(MBEDTLS_SHA224_C) - MBEDTLS_MD_SHA224, -#endif -#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) - MBEDTLS_MD_SHA1, #endif MBEDTLS_MD_NONE }; #endif +#if defined(MBEDTLS_ECP_C) +/* The selection should be the same as mbedtls_x509_crt_profile_default in + * x509_crt.c, plus Montgomery curves for ECDHE. Here, the order matters: + * larger curves first, like ecp_supported_curves in ecp.c. + * See the documentation of mbedtls_ssl_conf_curves() for what we promise + * about this list. */ +static mbedtls_ecp_group_id ssl_preset_default_curves[] = { +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + MBEDTLS_ECP_DP_SECP521R1, +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + MBEDTLS_ECP_DP_BP512R1, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + MBEDTLS_ECP_DP_CURVE448, +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_ECP_DP_SECP384R1, +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + MBEDTLS_ECP_DP_BP384R1, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + // Positioned in the list as a fast 256-bit curve, not as a 255-bit curve + MBEDTLS_ECP_DP_CURVE25519, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + MBEDTLS_ECP_DP_SECP256R1, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + MBEDTLS_ECP_DP_SECP256K1, +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + MBEDTLS_ECP_DP_BP256R1, +#endif + MBEDTLS_ECP_DP_NONE +}; +#endif + static int ssl_preset_suiteb_ciphersuites[] = { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, @@ -6281,7 +6319,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #endif #if defined(MBEDTLS_ECP_C) - conf->curve_list = mbedtls_ecp_grp_id_list(); + conf->curve_list = ssl_preset_default_curves; #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) diff --git a/library/x509_crt.c b/library/x509_crt.c index 59692476bc..abd70e1e40 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -99,13 +99,15 @@ typedef struct { * concerns. */ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = { - /* Hashes from SHA-256 and above */ + /* Hashes from SHA-256 and above. Note that this selection + * should be aligned with ssl_preset_default_hashes in ssl_tls.c. */ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), 0xFFFFFFF, /* Any PK alg */ #if defined(MBEDTLS_ECP_C) - /* Curves at or above 128-bit security level */ + /* Curves at or above 128-bit security level. Note that this selection + * should be aligned with ssl_preset_default_curves in ssl_tls.c. */ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | From 3758fd6b79914d060124b5492da85a5693672bb5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 00:07:17 +0200 Subject: [PATCH 0361/1065] Changelog entry and migration guide for hash and curve profile upgrades Signed-off-by: Gilles Peskine --- ChangeLog.d/default-curves.txt | 8 ++++++++ docs/3.0-migration-guide.d/default-curves.md | 16 ++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 ChangeLog.d/default-curves.txt create mode 100644 docs/3.0-migration-guide.d/default-curves.md diff --git a/ChangeLog.d/default-curves.txt b/ChangeLog.d/default-curves.txt new file mode 100644 index 0000000000..1a805623dc --- /dev/null +++ b/ChangeLog.d/default-curves.txt @@ -0,0 +1,8 @@ +Default behavior changes + * Some default policies for X.509 certificate verification and TLS have + changed: curves and hashes weaker than 255 bits are no longer accepted + by default. + +Removals + * Remove the compile-time option + MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE. diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md new file mode 100644 index 0000000000..5db517ebd2 --- /dev/null +++ b/docs/3.0-migration-guide.d/default-curves.md @@ -0,0 +1,16 @@ +Weak curves are now disabled by default for X.509 and TLS +--------------------------------------------------------- + +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection have changed. X.509 and TLS now allow the same algorithms by default (except that the X.509 profile only lists curves that support signature verification). + +Hashes and curves weaker than 255 bits are no longer accepted by default. The following algorithms have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224, secp192r1, secp224r1, secp192k1, secp224k1 (weaker hashes were already not accepted). + +The compile-time option `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is no longer available. + +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves you want. For example, to allow SHA-224: +``` +mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; +my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); +``` + +If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. From 2c69fa245c42acf7e7ab226c36a804f86275a723 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 00:33:33 +0200 Subject: [PATCH 0362/1065] Initializer element was not constant Signed-off-by: Gilles Peskine --- library/x509_crt.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index abd70e1e40..650044583c 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -124,7 +124,26 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = /* Next-generation profile. Currently identical to the default, but may * be tightened at any time. */ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = - mbedtls_x509_crt_profile_default; +{ + /* Hashes from SHA-256 and above. */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ +#if defined(MBEDTLS_ECP_C) + /* Curves at or above 128-bit security level. */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), +#else + 0, +#endif + 2048, +}; /* * NSA Suite B Profile From 12b5b389817ae77ded92c3f799ef09432cc834de Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 10:00:42 +0200 Subject: [PATCH 0363/1065] Fix "PSA - ECDH with [non-default curve]" Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d1221112ae..5ccb467b15 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1008,7 +1008,7 @@ run_test_psa() { run_test_psa_force_curve() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSA - ECDH with $1" \ - "$P_SRV debug_level=4 force_version=tls1_2" \ + "$P_SRV debug_level=4 force_version=tls1_2 curves=$1" \ "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ 0 \ -c "Successfully setup PSA-based decryption cipher context" \ From 5752e599b32dc0322fa3352f6c86281c01dc9ee1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 13:27:03 +0200 Subject: [PATCH 0364/1065] Reduce the default ECP window size MBEDTLS_ECP_WINDOW_SIZE is a compromise between memory usage (growing based on the value) and performance (faster with larger values). There are disminishing returns as the value grows larger. Based on Manuel's benchmarks recorded in https://github.com/ARMmbed/mbedtls/issues/4127, 4 is a good compromise point, with larger values bringing little advantage. So reduce the default from 6 to 4. Document the default value as in optimized for performance mostly, but don't document the specific value, so we may change it later or make it platform-dependent. Signed-off-by: Gilles Peskine --- ChangeLog.d/ecp-window-size.txt | 3 +++ include/mbedtls/config.h | 2 +- include/mbedtls/ecp.h | 5 +++-- 3 files changed, 7 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/ecp-window-size.txt diff --git a/ChangeLog.d/ecp-window-size.txt b/ChangeLog.d/ecp-window-size.txt new file mode 100644 index 0000000000..909d4e8a42 --- /dev/null +++ b/ChangeLog.d/ecp-window-size.txt @@ -0,0 +1,3 @@ +Changes + * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage + during ECC operations at a negligible performance cost. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index fc10f9d703..0c7e4ec063 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3145,7 +3145,7 @@ //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ /* ECP options */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ /* Entropy options */ diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 49e85d9419..1c271c913d 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -255,7 +255,8 @@ mbedtls_ecp_group; #if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* * Maximum "window" size used for point multiplication. - * Default: 6. + * Default: a point where higher memory usage yields disminishing performance + * returns. * Minimum value: 2. Maximum value: 7. * * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) @@ -272,7 +273,7 @@ mbedtls_ecp_group; * 224 475 475 453 398 342 * 192 640 640 633 587 476 */ -#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */ +#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */ #endif /* MBEDTLS_ECP_WINDOW_SIZE */ #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) From 377c91e1b73e5a55f5e976f357bd9ac000b7aba0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 14:37:57 +0200 Subject: [PATCH 0365/1065] Remove meaningless clause We stated that curves were listed "in order of preference", but we never explained what the preference was, so this was not meaningful. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 1c271c913d..dd3988eec8 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -506,8 +506,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); /** * \brief This function retrieves the information defined in - * mbedtls_ecp_curve_info() for all supported curves in order - * of preference. + * mbedtls_ecp_curve_info() for all supported curves. * * \note This function returns information about all curves * supported by the library. Some curves may not be From b1940a76ad50248a536b16c3689719e6d2a5c5f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 15:18:12 +0200 Subject: [PATCH 0366/1065] In TLS, order curves by resource usage, not size TLS used to prefer larger curves, under the idea that a larger curve has a higher security strength and is therefore harder to attack. However, brute force attacks are not a practical concern, so this was not particularly meaningful. If a curve is considered secure enough to be allowed, then we might as well use it. So order curves by resource usage. The exact definition of what this means is purposefully left open. It may include criteria such as performance and memory usage. Risk of side channels could be a factor as well, although it didn't affect the current choice. The current list happens to exactly correspond to the numbers reported by one run of the benchmark program for "full handshake/s" on my machine. Signed-off-by: Gilles Peskine --- ChangeLog.d/default-curves.txt | 3 +- docs/3.0-migration-guide.d/default-curves.md | 7 ++++ include/mbedtls/ssl.h | 3 +- library/ssl_tls.c | 36 ++++++++++---------- 4 files changed, 28 insertions(+), 21 deletions(-) diff --git a/ChangeLog.d/default-curves.txt b/ChangeLog.d/default-curves.txt index 1a805623dc..bfb0fd0e03 100644 --- a/ChangeLog.d/default-curves.txt +++ b/ChangeLog.d/default-curves.txt @@ -1,7 +1,8 @@ Default behavior changes * Some default policies for X.509 certificate verification and TLS have changed: curves and hashes weaker than 255 bits are no longer accepted - by default. + by default. The default order in TLS now favors faster curves over larger + curves. Removals * Remove the compile-time option diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md index 5db517ebd2..5879d77a91 100644 --- a/docs/3.0-migration-guide.d/default-curves.md +++ b/docs/3.0-migration-guide.d/default-curves.md @@ -14,3 +14,10 @@ my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); ``` If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. + +TLS now favors faster curves over larger curves +----------------------------------------------- + +The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred. + +If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index df3974aea8..d885d213ee 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2916,8 +2916,7 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, * \note The default list is the same set of curves that * #mbedtls_x509_crt_profile_default allows, plus * ECDHE-only curves selected according to the same criteria. - * Larger (generally more secure but slower) curves are - * preferred over smaller curves. + * The order favors curves with the lowest resource usage. * * \param conf SSL configuration * \param curves Ordered list of allowed curves, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index be389f03b6..07569b240e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6120,27 +6120,12 @@ static int ssl_preset_default_hashes[] = { #if defined(MBEDTLS_ECP_C) /* The selection should be the same as mbedtls_x509_crt_profile_default in * x509_crt.c, plus Montgomery curves for ECDHE. Here, the order matters: - * larger curves first, like ecp_supported_curves in ecp.c. + * curves with a lower resource usage come first. * See the documentation of mbedtls_ssl_conf_curves() for what we promise - * about this list. */ + * about this list. + */ static mbedtls_ecp_group_id ssl_preset_default_curves[] = { -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - MBEDTLS_ECP_DP_SECP521R1, -#endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - MBEDTLS_ECP_DP_BP512R1, -#endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - MBEDTLS_ECP_DP_CURVE448, -#endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - MBEDTLS_ECP_DP_SECP384R1, -#endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - MBEDTLS_ECP_DP_BP384R1, -#endif #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - // Positioned in the list as a fast 256-bit curve, not as a 255-bit curve MBEDTLS_ECP_DP_CURVE25519, #endif #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) @@ -6149,8 +6134,23 @@ static mbedtls_ecp_group_id ssl_preset_default_curves[] = { #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) MBEDTLS_ECP_DP_SECP256K1, #endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_ECP_DP_SECP384R1, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + MBEDTLS_ECP_DP_CURVE448, +#endif +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + MBEDTLS_ECP_DP_SECP521R1, +#endif #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) MBEDTLS_ECP_DP_BP256R1, +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + MBEDTLS_ECP_DP_BP384R1, +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + MBEDTLS_ECP_DP_BP512R1, #endif MBEDTLS_ECP_DP_NONE }; From a28f0f50823fca84afecf1fd4069c1ead6414088 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 15:29:38 +0200 Subject: [PATCH 0367/1065] Leave the preference order for hashes unspecified We don't seem to have strong feelings about this, so allow ourselves to change the order later. Signed-off-by: Gilles Peskine --- include/mbedtls/ssl.h | 5 +++-- library/ssl_tls.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index d885d213ee..b38bd72e00 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2943,8 +2943,9 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, * \note By default, all supported hashes whose length is at least * 256 bits are allowed. This is the same set as the default * for certificate verification - * (#mbedtls_x509_crt_profile_default). Larger hashes are - * preferred. + * (#mbedtls_x509_crt_profile_default). + * The preference order is currently unspecified and may + * change in future versions. * * \param conf SSL configuration * \param hashes Ordered list of allowed signature hashes, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 07569b240e..3bbdcb086b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6099,8 +6099,8 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* The selection should be the same as mbedtls_x509_crt_profile_default in - * x509_crt.c. Here, the order matters: larger hashes first, for consistency - * with curves. + * x509_crt.c. Here, the order matters. Currently we favor stronger hashes, + * for no fundamental reason. * See the documentation of mbedtls_ssl_conf_curves() for what we promise * about this list. */ static int ssl_preset_default_hashes[] = { From c5b9510114b3c78f27f1ff68c93b05b0b20a637b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 20:14:59 +0200 Subject: [PATCH 0368/1065] Clarify test case descriptions Reorder test cases and make their descriptions more explicit. No change in test data. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_debug.data | 36 +++++++++++++++--------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 0935c12448..f1d29ef7d7 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -37,6 +37,24 @@ mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" +Debug print mbedtls_mpi: 0 (non-empty representation) +mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" + +Debug print mbedtls_mpi #2: 3 bits +mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" + +Debug print mbedtls_mpi: 49 bits +mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" + +Debug print mbedtls_mpi: 759 bits +mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" + +Debug print mbedtls_mpi: 764 bits #1 +mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" + +Debug print mbedtls_mpi: 764 bits #2 +mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" + Debug print certificate #1 (RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" @@ -44,21 +62,3 @@ mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile( Debug print certificate #2 (EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" - -Debug print mbedtls_mpi #1 -mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" - -Debug print mbedtls_mpi #2 -mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" - -Debug print mbedtls_mpi #3 -mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" - -Debug print mbedtls_mpi #4 -mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" - -Debug print mbedtls_mpi #5 -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" - -Debug print mbedtls_mpi #6 -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" From 3beb72eeaf492adedfb718b640ad6e7f32ef898f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 20:16:53 +0200 Subject: [PATCH 0369/1065] Add mbedtls_debug_print_mpi test case for 0 There was already a test case for 0 but with a non-empty representation (X->n == 1). Add a test case with X->n == 0 (freshly initialized mpi). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_debug.data | 3 +++ tests/suites/test_suite_debug.function | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index f1d29ef7d7..4a1a1be481 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -37,6 +37,9 @@ mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" +Debug print mbedtls_mpi: 0 (empty representation) +mbedtls_debug_print_mpi:16:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" + Debug print mbedtls_mpi: 0 (non-empty representation) mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index ad50e53fd1..fda6939871 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -179,7 +179,9 @@ void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 ); + /* If value is empty, keep val->n == 0. */ + if( value[0] != 0 ) + TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); From b26696bafb03eead55dd2b0f0835c335aca571f8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 20:17:46 +0200 Subject: [PATCH 0370/1065] Simplify mbedtls_debug_print_mpi and fix the case of empty bignums Rewrite mbedtls_debug_print_mpi to be simpler and smaller. Leverage mbedtls_mpi_bitlen() instead of manually looking for the leading zeros. Fix #4608: the old code made an invalid memory dereference when X->n==0 (freshly initialized bignum with the value 0). Signed-off-by: Gilles Peskine --- ChangeLog.d/mbedtls_debug_print_mpi.txt | 5 ++ library/debug.c | 70 ++++++++++--------------- 2 files changed, 34 insertions(+), 41 deletions(-) create mode 100644 ChangeLog.d/mbedtls_debug_print_mpi.txt diff --git a/ChangeLog.d/mbedtls_debug_print_mpi.txt b/ChangeLog.d/mbedtls_debug_print_mpi.txt new file mode 100644 index 0000000000..d1b4f5b415 --- /dev/null +++ b/ChangeLog.d/mbedtls_debug_print_mpi.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This + could notably be triggered by setting the TLS debug level to 3 or above + and using a Montgomery curve for the key exchange. Reported by lhuang04 + in #4578. Fixes #4608. diff --git a/library/debug.c b/library/debug.c index 4be2cba195..e520258519 100644 --- a/library/debug.c +++ b/library/debug.c @@ -220,8 +220,8 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_mpi *X ) { char str[DEBUG_BUF_SIZE]; - int j, k, zeros = 1; - size_t i, n, idx = 0; + size_t bitlen; + size_t idx = 0; if( NULL == ssl || NULL == ssl->conf || @@ -232,55 +232,43 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, return; } - for( n = X->n - 1; n > 0; n-- ) - if( X->p[n] != 0 ) - break; - - for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- ) - if( ( ( X->p[n] >> j ) & 1 ) != 0 ) - break; - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n", - text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) ); + bitlen = mbedtls_mpi_bitlen( X ); + mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n", + text, (unsigned) bitlen ); debug_send_line( ssl, level, file, line, str ); - idx = 0; - for( i = n + 1, j = 0; i > 0; i-- ) + if( bitlen == 0 ) { - if( zeros && X->p[i - 1] == 0 ) - continue; - - for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- ) + str[0] = ' '; str[1] = '0'; str[2] = '0'; + idx = 3; + } + else + { + int n; + for( n = ( bitlen - 1 ) / 8; n >= 0; n-- ) { - if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 ) - continue; - else - zeros = 0; - - if( j % 16 == 0 ) + size_t limb_offset = n / sizeof( mbedtls_mpi_uint ); + size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint ); + unsigned char octet = + ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff; + mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet ); + idx += 3; + /* Wrap lines after 16 octets that each take 3 columns */ + if( idx >= 3 * 16 ) { - if( j > 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); - idx = 0; - } + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + debug_send_line( ssl, level, file, line, str ); + idx = 0; } - - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int) - ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); - - j++; } - } - if( zeros == 1 ) - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" ); - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); + if( idx != 0 ) + { + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + debug_send_line( ssl, level, file, line, str ); + } } #endif /* MBEDTLS_BIGNUM_C */ From 799eee65fd9d58e86fd9d8996f80b00003c73517 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jun 2021 22:14:15 +0200 Subject: [PATCH 0371/1065] Update the expected default curve in ssl-opt.sh Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5ccb467b15..81cb774e7a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1233,7 +1233,7 @@ trap cleanup INT TERM HUP # Checks that: # - things work with all ciphersuites active (used with config-full in all.sh) -# - the expected (highest security) parameters are selected +# - the expected parameters are selected # ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) run_test "Default" \ "$P_SRV debug_level=3" \ @@ -1242,7 +1242,7 @@ run_test "Default" \ -s "Protocol is TLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ -s "client hello v3, signature_algorithm ext: 6" \ - -s "ECDHE curve: secp521r1" \ + -s "ECDHE curve: x25519" \ -S "error" \ -C "error" From 3b3aa36962fb9278adb52ab0cd9def18d58d01e7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Jun 2021 11:12:04 +0200 Subject: [PATCH 0372/1065] Indicate that the truncation from size_t to int is deliberate MPI sizes do fit in int. Let MSVC know this conversion is deliberate. Signed-off-by: Gilles Peskine --- library/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/debug.c b/library/debug.c index e520258519..618d124e52 100644 --- a/library/debug.c +++ b/library/debug.c @@ -246,7 +246,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, else { int n; - for( n = ( bitlen - 1 ) / 8; n >= 0; n-- ) + for( n = (int) ( bitlen - 1 ) / 8; n >= 0; n-- ) { size_t limb_offset = n / sizeof( mbedtls_mpi_uint ); size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint ); From 4a02cef40270b16c4e7aa482dd751ea7c90c5457 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Jun 2021 11:12:40 +0200 Subject: [PATCH 0373/1065] Test restartable ECC with a curve that supports it The default curve is now Curve25519, which doesn't support restartable ECC. So run the restartable ECC tests with a curve that does support it. Use secp256r1 which is required for these tests anyway for the server's certificate. Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 81cb774e7a..d3f6d324b8 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5933,9 +5933,12 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \ # Tests for restartable ECC +# Force the use of a curve that supports restartable ECC (secp256r1). + requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, default" \ - "$P_SRV auth_mode=required" \ + "$P_SRV curves=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1" \ @@ -5946,8 +5949,9 @@ run_test "EC restart: TLS, default" \ -C "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=0" \ - "$P_SRV auth_mode=required" \ + "$P_SRV curves=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=0" \ @@ -5958,8 +5962,9 @@ run_test "EC restart: TLS, max_ops=0" \ -C "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=65535" \ - "$P_SRV auth_mode=required" \ + "$P_SRV curves=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=65535" \ @@ -5970,8 +5975,9 @@ run_test "EC restart: TLS, max_ops=65535" \ -C "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000" \ - "$P_SRV auth_mode=required" \ + "$P_SRV curves=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=1000" \ @@ -5982,8 +5988,9 @@ run_test "EC restart: TLS, max_ops=1000" \ -c "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000, badsign" \ - "$P_SRV auth_mode=required \ + "$P_SRV curves=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -5999,8 +6006,9 @@ run_test "EC restart: TLS, max_ops=1000, badsign" \ -c "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ - "$P_SRV auth_mode=required \ + "$P_SRV curves=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -6016,8 +6024,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ -C "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ - "$P_SRV auth_mode=required \ + "$P_SRV curves=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -6033,8 +6042,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ -C "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: DTLS, max_ops=1000" \ - "$P_SRV auth_mode=required dtls=1" \ + "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ dtls=1 debug_level=1 ec_max_ops=1000" \ @@ -6045,8 +6055,9 @@ run_test "EC restart: DTLS, max_ops=1000" \ -c "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000 no client auth" \ - "$P_SRV" \ + "$P_SRV curves=secp256r1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ debug_level=1 ec_max_ops=1000" \ 0 \ @@ -6056,8 +6067,9 @@ run_test "EC restart: TLS, max_ops=1000 no client auth" \ -C "mbedtls_pk_sign.*4b00" requires_config_enabled MBEDTLS_ECP_RESTARTABLE +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \ - "$P_SRV psk=abc123" \ + "$P_SRV curves=secp256r1 psk=abc123" \ "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ psk=abc123 debug_level=1 ec_max_ops=1000" \ 0 \ From 55cb9af910a0da7af067b152aa37eb149c6f7ac1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 20:56:20 +0200 Subject: [PATCH 0374/1065] Add missing parentheses Signed-off-by: Gilles Peskine --- library/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/debug.c b/library/debug.c index 618d124e52..fa60d13f30 100644 --- a/library/debug.c +++ b/library/debug.c @@ -246,7 +246,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, else { int n; - for( n = (int) ( bitlen - 1 ) / 8; n >= 0; n-- ) + for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- ) { size_t limb_offset = n / sizeof( mbedtls_mpi_uint ); size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint ); From 6b1f64a1506672a02b2780ea28fe7b503a675ce6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 21:05:37 +0200 Subject: [PATCH 0375/1065] Wording clarifications Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/default-curves.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md index 5879d77a91..825609e431 100644 --- a/docs/3.0-migration-guide.d/default-curves.md +++ b/docs/3.0-migration-guide.d/default-curves.md @@ -1,13 +1,13 @@ -Weak curves are now disabled by default for X.509 and TLS ---------------------------------------------------------- +Strengthen default algorithm selection for X.509 and TLS +-------------------------------------------------------- -The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection have changed. X.509 and TLS now allow the same algorithms by default (except that the X.509 profile only lists curves that support signature verification). +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. -Hashes and curves weaker than 255 bits are no longer accepted by default. The following algorithms have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224, secp192r1, secp224r1, secp192k1, secp224k1 (weaker hashes were already not accepted). +Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. The compile-time option `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is no longer available. -If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves you want. For example, to allow SHA-224: +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: ``` mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); @@ -18,6 +18,6 @@ If you still need to allow hashes and curves in TLS that have been removed from TLS now favors faster curves over larger curves ----------------------------------------------- -The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred. +The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. From ec78bc47b53b290c0c833744671433cdd42be241 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 21:11:27 +0200 Subject: [PATCH 0376/1065] Meld DEFAULT_ALLOW_SHA1_IN_CERTIFICATES removal migration guide Meld the migration guide for the removal of MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES into the migration guide for the strengthening of TLS and X.509 defaults, which is more general. The information in the SHA-1 section was largely already present in the strengthening section. It is now less straightforward to figure out how to enable SHA-1 in certificates, but that's a good thing, since no one should still be doing this in 2021. Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/default-curves.md | 2 +- docs/3.0-migration-guide.md | 25 -------------------- 2 files changed, 1 insertion(+), 26 deletions(-) diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md index 825609e431..551e28721c 100644 --- a/docs/3.0-migration-guide.d/default-curves.md +++ b/docs/3.0-migration-guide.d/default-curves.md @@ -5,7 +5,7 @@ The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. -The compile-time option `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is no longer available. +The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: ``` diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a4a59b8895..2ae74c910d 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -65,31 +65,6 @@ If you're a library user and used to rely on having access to a structure or function that's now in a private header, please reach out on the mailing list and explain your need; we'll consider adding a new API in a future version. -Remove the option to allow SHA-1 by default in certificates ------------------------------------------------------------ - -This does not affect users who use the default `config.h`, as this option was -already off by default. - -If you used to enable `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` in your -`config.h`, first please take a moment to consider whether you really still -want to accept certificates signed with SHA-1 as those are considered insecure -and no CA has issued them for a while. If you really need to allow SHA-1 in -certificates, please set up a custom profile as follows: - -``` -const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | - MBEDTLS_X509_ID_FLAG( /* other hash */ ) /* | etc */, - 0xFFFFFFF, /* Or specific PK algs */ - 0xFFFFFFF, /* Or specific curves */ - 2048 /* Or another RSA min bitlen */ -}; -``` -Then pass it to `mbedtls_x509_crt_verify_with_profile()` if you're verifying -a certificate chain directly, or to `mbedtls_ssl_conf_cert_profile()` if the -verification happens during a TLS handshake. - Remove the certs module from the library ---------------------------------------- From a03fb29666317a397fa76db9f0d826162b3225cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jun 2021 23:17:05 +0200 Subject: [PATCH 0377/1065] Document backward compatibility promises for the default TLS profile Signed-off-by: Gilles Peskine --- include/mbedtls/ssl.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b38bd72e00..4000369199 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2918,6 +2918,14 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, * ECDHE-only curves selected according to the same criteria. * The order favors curves with the lowest resource usage. * + * \note New minor versions of Mbed TLS may extend this list, + * for example if new curves are added to the library. + * New minor versions of Mbed TLS will not remove items + * from this list unless serious security concerns require it. + * New minor versions of Mbed TLS may change the order in + * keeping with the general principle of favoring the lowest + * resource usage. + * * \param conf SSL configuration * \param curves Ordered list of allowed curves, * terminated by MBEDTLS_ECP_DP_NONE. @@ -2947,6 +2955,11 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, * The preference order is currently unspecified and may * change in future versions. * + * \note New minor versions of Mbed TLS may extend this list, + * for example if new curves are added to the library. + * New minor versions of Mbed TLS will not remove items + * from this list unless serious security concerns require it. + * * \param conf SSL configuration * \param hashes Ordered list of allowed signature hashes, * terminated by \c MBEDTLS_MD_NONE. From 39957503c56a1f1e8a7d76c64ec6ef25e30d561a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jun 2021 23:17:52 +0200 Subject: [PATCH 0378/1065] Remove secp256k1 from the default X.509 and TLS profiles MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For TLS, secp256k1 is deprecated by RFC 8422 §5.1.1. For X.509, secp256k1 is not deprecated, but it isn't used in practice, especially in the context of TLS where there isn't much point in having an X.509 certificate which most peers do not support. So remove it from the default profile. We can add it back later if there is demand. Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/default-curves.md | 2 ++ include/mbedtls/x509_crt.h | 4 ++-- library/ssl_tls.c | 3 --- library/x509_crt.c | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md index 551e28721c..928130d247 100644 --- a/docs/3.0-migration-guide.d/default-curves.md +++ b/docs/3.0-migration-guide.d/default-curves.md @@ -7,6 +7,8 @@ Hashes and curves weaker than 255 bits (security strength less than 128 bits) ar The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. +The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. + If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: ``` mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 9c7016d8e9..f991251ca6 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -335,11 +335,11 @@ typedef void mbedtls_x509_crt_restart_ctx; * * This profile permits: * - SHA2 hashes with at least 256 bits: SHA-256, SHA-384, SHA-512. - * - Elliptic curves with 255 bits and above. + * - Elliptic curves with 255 bits and above except secp256k1. * - RSA with 2048 bits and above. * * New minor versions of Mbed TLS may extend this profile, for example if - * new curves are added to the library. New minor versions of Mbed TLS will + * new algorithms are added to the library. New minor versions of Mbed TLS will * not reduce this profile unless serious security concerns require it. */ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 3bbdcb086b..2688af173e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6131,9 +6131,6 @@ static mbedtls_ecp_group_id ssl_preset_default_curves[] = { #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) MBEDTLS_ECP_DP_SECP256R1, #endif -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - MBEDTLS_ECP_DP_SECP256K1, -#endif #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) MBEDTLS_ECP_DP_SECP384R1, #endif diff --git a/library/x509_crt.c b/library/x509_crt.c index 650044583c..f12ac6b7e0 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -114,7 +114,7 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), + 0, #else 0, #endif From a42bf29b2c125f10a01fad34f2e287ed44c39aa8 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 18 Jun 2021 09:13:53 +0100 Subject: [PATCH 0379/1065] Modifies ChangeLog entry Corrects wording in ChangeLog entry as requested in review. Signed-off-by: Thomas Daubney --- ChangeLog.d/rm-truncated-hmac-ext.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/rm-truncated-hmac-ext.txt b/ChangeLog.d/rm-truncated-hmac-ext.txt index e3391f885d..c82415ba7e 100644 --- a/ChangeLog.d/rm-truncated-hmac-ext.txt +++ b/ChangeLog.d/rm-truncated-hmac-ext.txt @@ -1,3 +1,4 @@ Removals - * Remove MBEDTLS_SSL_TRUNCATED_HMAC config option since it is no longer - supported in 3.0. Addresses #4341. + * Remove MBEDTLS_SSL_TRUNCATED_HMAC config option. Users are better served by + using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC. + Addresses #4341. From 379227cc596d8dbb293c8056e7c6ed9abe9724be Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 18 Jun 2021 10:46:12 +0100 Subject: [PATCH 0380/1065] Modifies ChangeLog and Migration Guide Entries in ChangeLog and Migration guide files have been merged to cover both the removal of MBEDTLS_SSL_TRUNCATED_HMAC and MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT. Signed-off-by: Thomas Daubney --- ChangeLog | 12 ------------ ChangeLog.d/rm-truncated-hmac-ext.txt | 5 +++-- .../remove-truncated-HMAC-extension.md | 10 ---------- docs/3.0-migration-guide.md | 16 ++++++---------- 4 files changed, 9 insertions(+), 34 deletions(-) delete mode 100644 docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md diff --git a/ChangeLog b/ChangeLog index ddaf3fd9f7..b525492fb9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -32,8 +32,6 @@ API changes * Drop support for parsing SSLv2 ClientHello (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). - * Drop support for compatibility with our own previous buggy - implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). * Drop support for RC4 TLS ciphersuites. * Drop support for single-DES ciphersuites. @@ -1688,16 +1686,6 @@ Changes = mbed TLS 2.8.0 branch released 2018-03-16 -Default behavior changes - * The truncated HMAC extension now conforms to RFC 6066. This means - that when both sides of a TLS connection negotiate the truncated - HMAC extension, Mbed TLS can now interoperate with other - compliant implementations, but this breaks interoperability with - prior versions of Mbed TLS. To restore the old behavior, enable - the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in - config.h. Found by Andreas Walz (ivESK, Offenburg University of - Applied Sciences). - Security * Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the diff --git a/ChangeLog.d/rm-truncated-hmac-ext.txt b/ChangeLog.d/rm-truncated-hmac-ext.txt index c82415ba7e..3739256957 100644 --- a/ChangeLog.d/rm-truncated-hmac-ext.txt +++ b/ChangeLog.d/rm-truncated-hmac-ext.txt @@ -1,4 +1,5 @@ Removals - * Remove MBEDTLS_SSL_TRUNCATED_HMAC config option. Users are better served by + * Remove MBEDTLS_SSL_TRUNCATED_HMAC and also remove + MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC. - Addresses #4341. + See issue #4341 for more details. diff --git a/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md b/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md deleted file mode 100644 index 12f7c2385e..0000000000 --- a/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md +++ /dev/null @@ -1,10 +0,0 @@ -Remove the truncated HMAC extension ------------------------------------ - -This affects all users who use the truncated HMAC extension for cryptographic -operations. - -The config option `MBEDTLS_SSL_TRUNCATED_HMAC` has been removed. Users concerned -about overhead are better served by using any of the CCM-8 ciphersuites rather -than a CBC ciphersuite with truncated HMAC, and so going forward this must be -the approach taken. diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a4a59b8895..a30e786771 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -137,17 +137,13 @@ and relied on that version in order to communicate with peers that are not up to date. If one of your peers is in that case, please try contacting them and encouraging them to upgrade their software. -Remove support for compatibility with old Mbed TLS's truncated HMAC -------------------------------------------------------------------- +Remove support for truncated HMAC +--------------------------------- -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and -used the Truncated HMAC extension to communicate with peers using old version -of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the -Truncated HMAC extension, or convincing your peer to upgrade their version of -Mbed TLS. +This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC` +`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and used the truncated HMAC extension. +Please consider using a CCM-8 ciphersuite instead of the Truncated HMAC +extension, or convincing your peer to upgrade their version of Mbed TLS. Remove support for TLS record-level compression ----------------------------------------------- From d596e99d61608df51ac4323148482a373ef0b25d Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 18 Jun 2021 11:50:56 +0100 Subject: [PATCH 0381/1065] Modifies ChangeLog Corrects erroneous removal from ChangeLog. Signed-off-by: Thomas Daubney --- ChangeLog | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index b525492fb9..565ce1c788 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1686,6 +1686,16 @@ Changes = mbed TLS 2.8.0 branch released 2018-03-16 +Default behavior changes + * The truncated HMAC extension now conforms to RFC 6066. This means + that when both sides of a TLS connection negotiate the truncated + HMAC extension, Mbed TLS can now interoperate with other + compliant implementations, but this breaks interoperability with + prior versions of Mbed TLS. To restore the old behavior, enable + the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in + config.h. Found by Andreas Walz (ivESK, Offenburg University of + Applied Sciences). + Security * Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the From 75628d51b3c4bc834f92a276eec35fcb65121b39 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 18 Jun 2021 12:56:27 +0200 Subject: [PATCH 0382/1065] Code review fixes Reverting some deleted tests and changing the deprecated algo Deleting deprecated headers from /alt-dummy dir Corrections to the comments Removal of deleted functions from compat-2.x.h Corrections to tests/data_files/Makefile Signed-off-by: TRodziewicz --- doxygen/input/doc_hashing.h | 2 +- include/mbedtls/compat-2.x.h | 8 -- include/mbedtls/config.h | 2 + library/ssl_ciphersuites.c | 2 +- tests/data_files/Makefile | 10 +- tests/include/alt-dummy/arc4_alt.h | 30 ---- tests/include/alt-dummy/blowfish_alt.h | 29 ---- tests/include/alt-dummy/md2_alt.h | 30 ---- tests/include/alt-dummy/md4_alt.h | 30 ---- tests/include/alt-dummy/xtea_alt.h | 29 ---- tests/suites/test_suite_ccm.data | 4 + tests/suites/test_suite_pkparse.data | 14 +- tests/suites/test_suite_psa_crypto.data | 9 ++ tests/suites/test_suite_rsa.data | 18 +-- tests/suites/test_suite_x509parse.data | 184 ++++++++++++------------ 15 files changed, 131 insertions(+), 270 deletions(-) delete mode 100644 tests/include/alt-dummy/arc4_alt.h delete mode 100644 tests/include/alt-dummy/blowfish_alt.h delete mode 100644 tests/include/alt-dummy/md2_alt.h delete mode 100644 tests/include/alt-dummy/md4_alt.h delete mode 100644 tests/include/alt-dummy/xtea_alt.h diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h index 42a3754e1a..931e6e928c 100644 --- a/doxygen/input/doc_hashing.h +++ b/doxygen/input/doc_hashing.h @@ -34,7 +34,7 @@ * \c mbedtls_md_setup()) * * The following hashing-algorithms are provided: - * - MD5 128-bit one-way hash functions by Ron Rivest. + * - MD5 128-bit one-way hash function by Ron Rivest. * - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by * NIST and NSA. * diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h index fe07790455..cdf81dcbb8 100644 --- a/include/mbedtls/compat-2.x.h +++ b/include/mbedtls/compat-2.x.h @@ -34,14 +34,6 @@ */ #define mbedtls_ctr_drbg_update_ret mbedtls_ctr_drbg_update #define mbedtls_hmac_drbg_update_ret mbedtls_hmac_drbg_update -#define mbedtls_md2_starts_ret mbedtls_md2_starts -#define mbedtls_md2_update_ret mbedtls_md2_update -#define mbedtls_md2_finish_ret mbedtls_md2_finish -#define mbedtls_md2_ret mbedtls_md2 -#define mbedtls_md4_starts_ret mbedtls_md4_starts -#define mbedtls_md4_update_ret mbedtls_md4_update -#define mbedtls_md4_finish_ret mbedtls_md4_finish -#define mbedtls_md4_ret mbedtls_md4 #define mbedtls_md5_starts_ret mbedtls_md5_starts #define mbedtls_md5_update_ret mbedtls_md5_update #define mbedtls_md5_finish_ret mbedtls_md5_finish diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index b566bc789f..e8e2b1b7b1 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -335,6 +335,8 @@ //#define MBEDTLS_ECP_ALT /** + * \def MBEDTLS_SHA256_PROCESS_ALT + * * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you * alternate core implementation of symmetric crypto or hash function. Keep in * mind that function prototypes should remain the same. diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 1bda9c0666..be0acb78f3 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -38,7 +38,7 @@ /* * Ordered from most preferred to least preferred in terms of security. * - * Current rule (except RC4 and 3DES, weak and null which come last): + * Current rule (except weak and null which come last): * 1. By key exchange: * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK * 2. By key length and cipher: diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 16685d26d8..e86706c8a9 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -416,6 +416,8 @@ rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der +keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des + ### 2048-bit rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES @@ -433,6 +435,8 @@ rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der +keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des + ### 4096-bit rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES @@ -450,6 +454,8 @@ rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der +keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des + ### ### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1) ### @@ -863,10 +869,6 @@ server1.req.sha1: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 all_final += server1.req.sha1 -server1.req.md4: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4 -all_final += server1.req.md4 - server1.req.md5: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5 all_final += server1.req.md5 diff --git a/tests/include/alt-dummy/arc4_alt.h b/tests/include/alt-dummy/arc4_alt.h deleted file mode 100644 index b8c2e86a00..0000000000 --- a/tests/include/alt-dummy/arc4_alt.h +++ /dev/null @@ -1,30 +0,0 @@ -/* arc4_alt.h with dummy types for MBEDTLS_ARC4_ALT */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef ARC4_ALT_H -#define ARC4_ALT_H - -typedef struct mbedtls_arc4_context -{ - int dummy; -} -mbedtls_arc4_context; - - -#endif /* arc4_alt.h */ diff --git a/tests/include/alt-dummy/blowfish_alt.h b/tests/include/alt-dummy/blowfish_alt.h deleted file mode 100644 index 5a4f739d52..0000000000 --- a/tests/include/alt-dummy/blowfish_alt.h +++ /dev/null @@ -1,29 +0,0 @@ -/* blowfish_alt.h with dummy types for MBEDTLS_BLOWFISH_ALT */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef BLOWFISH_ALT_H -#define BLOWFISH_ALT_H - -typedef struct mbedtls_blowfish_context -{ - int dummy; -} -mbedtls_blowfish_context; - - -#endif /* blowfish_alt.h */ diff --git a/tests/include/alt-dummy/md2_alt.h b/tests/include/alt-dummy/md2_alt.h deleted file mode 100644 index 70c7f15190..0000000000 --- a/tests/include/alt-dummy/md2_alt.h +++ /dev/null @@ -1,30 +0,0 @@ -/* md2_alt.h with dummy types for MBEDTLS_MD2_ALT */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef MD2_ALT_H -#define MD2_ALT_H - -typedef struct mbedtls_md2_context -{ - int dummy; -} -mbedtls_md2_context; - - -#endif /* md2_alt.h */ diff --git a/tests/include/alt-dummy/md4_alt.h b/tests/include/alt-dummy/md4_alt.h deleted file mode 100644 index db13f3d8db..0000000000 --- a/tests/include/alt-dummy/md4_alt.h +++ /dev/null @@ -1,30 +0,0 @@ -/* md4_alt.h with dummy types for MBEDTLS_MD4_ALT */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef MD4_ALT_H -#define MD4_ALT_H - -typedef struct mbedtls_md4_context -{ - int dummy; -} -mbedtls_md4_context; - - -#endif /* md4_alt.h */ diff --git a/tests/include/alt-dummy/xtea_alt.h b/tests/include/alt-dummy/xtea_alt.h deleted file mode 100644 index cb21a3a548..0000000000 --- a/tests/include/alt-dummy/xtea_alt.h +++ /dev/null @@ -1,29 +0,0 @@ -/* xtea_alt.h with dummy types for MBEDTLS_XTEA_ALT */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef XTEA_ALT_H -#define XTEA_ALT_H - -typedef struct mbedtls_xtea_context -{ - int dummy; -} -mbedtls_xtea_context; - - -#endif /* xtea_alt.h */ diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index cdb1898a01..a1b876e60c 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -13,6 +13,10 @@ CCM init #3 AES-224: bad key size depends_on:MBEDTLS_AES_C mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT +CCM init #4 BLOWFISH-128: bad block size +depends_on:MBEDTLS_DES_C +mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_DES:128:MBEDTLS_ERR_CCM_BAD_INPUT + CCM lengths #1 all OK ccm_lengths:5:10:5:8:0 diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 53746282b3..1172b308a2 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -984,31 +984,31 @@ Parse EC Key #5c (PKCS8 PEM, with parameters) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0 -Parse EC Key #6 (SEC1 PEM, secp224r1) +Parse EC Key #8 (SEC1 PEM, secp224r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_224_prv.pem":"NULL":0 -Parse EC Key #7 (SEC1 PEM, secp256r1) +Parse EC Key #9 (SEC1 PEM, secp256r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_256_prv.pem":"NULL":0 -Parse EC Key #8 (SEC1 PEM, secp384r1) +Parse EC Key #10 (SEC1 PEM, secp384r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_384_prv.pem":"NULL":0 -Parse EC Key #9 (SEC1 PEM, secp521r1) +Parse EC Key #11 (SEC1 PEM, secp521r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0 -Parse EC Key #10 (SEC1 PEM, bp256r1) +Parse EC Key #12 (SEC1 PEM, bp256r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp256_prv.pem":"NULL":0 -Parse EC Key #11 (SEC1 PEM, bp384r1) +Parse EC Key #13 (SEC1 PEM, bp384r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp384_prv.pem":"NULL":0 -Parse EC Key #12 (SEC1 PEM, bp512r1) +Parse EC Key #14 (SEC1 PEM, bp512r1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0 diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2b92a06c19..56ba2412c6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1130,6 +1130,10 @@ PSA MAC setup: bad algorithm (HMAC without specified hash) # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED +PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm) +depends_on:!PSA_WANT_ALG_MD5 +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + PSA MAC setup: bad algorithm (not a MAC algorithm) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT @@ -1390,6 +1394,11 @@ depends_on:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED +PSA cipher setup: incompatible key ChaCha20 for CTR +depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + PSA cipher: bad order function calls cipher_bad_order: diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 98dad0b060..e81f208ef1 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -220,39 +220,39 @@ RSA PKCS1 Sign #4 Verify depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 -RSA PKCS1 Sign #5 (MD5, 2048 bits RSA) +RSA PKCS1 Sign #7 (MD5, 2048 bits RSA) depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 -RSA PKCS1 Sign #5 Verify +RSA PKCS1 Sign #7 Verify depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 -RSA PKCS1 Sign #6 (RAW, 2048 bits RSA) +RSA PKCS1 Sign #8 (RAW, 2048 bits RSA) depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" -RSA PKCS1 Sign #6 Verify +RSA PKCS1 Sign #8 Verify depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0 -RSA PKCS1 Sign #6 Verify (Wrong raw hash) +RSA PKCS1 Sign #8 Verify (Wrong raw hash) depends_on:MBEDTLS_PKCS1_V15 rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED -RSA PKCS1 Sign #7 (Invalid Digest type) +RSA PKCS1 Sign #9 (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA -RSA PKCS1 Sign #7 Verify (Invalid Digest type) +RSA PKCS1 Sign #9 Verify (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA -RSA PKCS1 Sign #8 (RIPEMD160, 2048 bits RSA) +RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 -RSA PKCS1 Verify #8 (RIPEMD160, 2048 bits RSA) +RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 7c6a9d39ae..e21b450b95 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -507,371 +507,371 @@ X509 CRT verification #10 (Not trusted Cert, Expired CRL) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #11 (Valid Cert MD5 Digest, MD5 forbidden) +X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 forbidden) depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" -X509 CRT verification #11 (Valid Cert MD5 Digest, MD5 allowed) +X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 allowed) depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL" -X509 CRT verification #12 (Valid Cert SHA1 Digest explicitly allowed in profile) +X509 CRT verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #12 (Valid Cert SHA1 Digest forbidden in default profile) +X509 CRT verification #14 (Valid Cert SHA1 Digest forbidden in default profile) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" -X509 CRT verification #13 (Valid Cert SHA224 Digest) +X509 CRT verification #15 (Valid Cert SHA224 Digest) depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #14 (Valid Cert SHA256 Digest) +X509 CRT verification #16 (Valid Cert SHA256 Digest) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #15 (Valid Cert SHA384 Digest) +X509 CRT verification #17 (Valid Cert SHA384 Digest) depends_on:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #16 (Valid Cert SHA512 Digest) +X509 CRT verification #18 (Valid Cert SHA512 Digest) depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #17 (Valid Cert, denying callback) +X509 CRT verification #19 (Valid Cert, denying callback) depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none" -X509 CRT verification #18 (Not trusted Cert, allowing callback) +X509 CRT verification #19 (Not trusted Cert, allowing callback) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all" -X509 CRT verification #19 (domain matching wildcard certificate, case insensitive) +X509 CRT verification #21 (domain matching wildcard certificate, case insensitive) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.ExAmPlE.com":0:0:"compat":"NULL" -X509 CRT verification #20 (domain not matching wildcard certificate) +X509 CRT verification #22 (domain not matching wildcard certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #21 (domain not matching wildcard certificate) +X509 CRT verification #23 (domain not matching wildcard certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #22 (domain matching CN of multi certificate) +X509 CRT verification #24 (domain matching CN of multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #23 (domain matching multi certificate) +X509 CRT verification #25 (domain matching multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.net":0:0:"compat":"NULL" -X509 CRT verification #24 (domain not matching multi certificate) +X509 CRT verification #26 (domain not matching multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #25.1 (domain not matching multi certificate: suffix) +X509 CRT verification #27.1 (domain not matching multi certificate: suffix) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"xample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #25.2 (domain not matching multi certificate: head junk) +X509 CRT verification #27.2 (domain not matching multi certificate: head junk) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"bexample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #26 (domain not matching wildcard in multi certificate) +X509 CRT verification #28 (domain not matching wildcard in multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.org":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" -X509 CRT verification #27 (domain matching wildcard in multi certificate) +X509 CRT verification #29 (domain matching wildcard in multi certificate) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.org":0:0:"compat":"NULL" -X509 CRT verification #28 (domain matching multi certificate without CN) +X509 CRT verification #30 (domain matching multi certificate without CN) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.shotokan-braunschweig.de":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #29 (domain not matching multi certificate without CN) +X509 CRT verification #31 (domain not matching multi certificate without CN) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH + MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #30 (Valid, EC cert, RSA CA) +X509 CRT verification #32 (Valid, EC cert, RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #31 (Valid, RSA cert, EC CA) +X509 CRT verification #33 (Valid, RSA cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #32 (Valid, EC cert, EC CA) +X509 CRT verification #34 (Valid, EC cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #33 (Revoked, EC CA) +X509 CRT verification #35 (Revoked, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #34 (Valid, EC CA, SHA1 Digest) +X509 CRT verification #36 (Valid, EC CA, SHA1 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #35 (Valid, EC CA, SHA224 Digest) +X509 CRT verification #37 (Valid, EC CA, SHA224 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA224_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #36 (Valid, EC CA, SHA384 Digest) +X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA384_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #37 (Valid, EC CA, SHA512 Digest) +X509 CRT verification #39 (Valid, EC CA, SHA512 Digest) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha512.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #38 (Valid, depth 0, RSA, CA) +X509 CRT verification #40 (Valid, depth 0, RSA, CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/test-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #39 (Valid, depth 0, EC, CA) +X509 CRT verification #41 (Valid, depth 0, EC, CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/test-ca2.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #40 (Depth 0, not CA, RSA) +X509 CRT verification #42 (Depth 0, not CA, RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2.crt":"data_files/server2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #41 (Depth 0, not CA, EC) +X509 CRT verification #43 (Depth 0, not CA, EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/server5.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #42 (Corrupted signature, EC) +X509 CRT verification #44 (Corrupted signature, EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #43 (Corrupted signature, RSA) +X509 CRT verification #45 (Corrupted signature, RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server2-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #43b (Corrupted signature, intermediate CA) +X509 CRT verification #45b (Corrupted signature, intermediate CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #44 (Valid, depth 2, EC-RSA-EC) +X509 CRT verification #46 (Valid, depth 2, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #45 (Untrusted, depth 2, EC-RSA-EC) +X509 CRT verification #47 (Untrusted, depth 2, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #46 (Missing intermediate CA, EC-RSA-EC) +X509 CRT verification #48 (Missing intermediate CA, EC-RSA-EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server7.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #47 (Valid, depth 2, RSA-EC-RSA) +X509 CRT verification #49 (Valid, depth 2, RSA-EC-RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server8_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #48 (Valid, multiple CAs) +X509 CRT verification #50 (Valid, multiple CAs) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server2.crt":"data_files/test-ca_cat12.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #49 (Valid, multiple CAs, reverse order) +X509 CRT verification #51 (Valid, multiple CAs, reverse order) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server2.crt":"data_files/test-ca_cat21.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #50 (CA keyUsage valid) +X509 CRT verification #52 (CA keyUsage valid) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #51 (CA keyUsage missing cRLSign) +X509 CRT verification #53 (CA keyUsage missing cRLSign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #52 (CA keyUsage missing cRLSign, no CRL) +X509 CRT verification #54 (CA keyUsage missing cRLSign, no CRL) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #53 (CA keyUsage missing keyCertSign) +X509 CRT verification #55 (CA keyUsage missing keyCertSign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #54 (CA keyUsage plain wrong) +X509 CRT verification #56 (CA keyUsage plain wrong) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #55 (Valid, RSASSA-PSS, SHA-1) +X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #56 (Valid, RSASSA-PSS, SHA-224) +X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-224) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-256) +X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-256) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-384) +X509 CRT verification #60 (Valid, RSASSA-PSS, SHA-384) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-512) +X509 CRT verification #61 (Valid, RSASSA-PSS, SHA-512) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #60 (Revoked, RSASSA-PSS, SHA-1) +X509 CRT verification #62 (Revoked, RSASSA-PSS, SHA-1) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #61 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) +X509 CRT verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #62 (Valid, RSASSA-PSS, SHA-1, not top) +X509 CRT verification #64 (Valid, RSASSA-PSS, SHA-1, not top) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #63 (RSASSA-PSS, SHA1, bad cert signature) +X509 CRT verification #65 (RSASSA-PSS, SHA1, bad cert signature) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #64 (RSASSA-PSS, SHA1, no RSA CA) +X509 CRT verification #66 (RSASSA-PSS, SHA1, no RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #65 (Valid, RSASSA-PSS, all defaults) +X509 CRT verification #67 (Valid, RSASSA-PSS, all defaults) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #66 (RSASSA-PSS, wrong salt_len) +X509 CRT verification #68 (RSASSA-PSS, wrong salt_len) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #67 (RSASSA-PSS, wrong mgf_hash) +X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #68 (v1 trusted CA) +X509 CRT verification #70 (v1 trusted CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server1-v1.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #69 (v1 trusted CA, other) +X509 CRT verification #71 (v1 trusted CA, other) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server2-v1.crt":"data_files/server1-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #70 (v1 chain) +X509 CRT verification #72 (v1 chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server2-v1-chain.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #71 (selfsigned trusted without CA bit) +X509 CRT verification #73 (selfsigned trusted without CA bit) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #72 (signed by selfsigned trusted without CA bit) +X509 CRT verification #74 (signed by selfsigned trusted without CA bit) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" -X509 CRT verification #73 (encoding mismatch) +X509 CRT verification #75 (encoding mismatch) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #74 (multiple CRLs, not revoked) +X509 CRT verification #76 (multiple CRLs, not revoked) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C x509_verify:"data_files/server5.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #75 (multiple CRLs, revoked) +X509 CRT verification #77 (multiple CRLs, revoked) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #76 (multiple CRLs, revoked by second) +X509 CRT verification #78 (multiple CRLs, revoked by second) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #77 (multiple CRLs, revoked by future) +X509 CRT verification #79 (multiple CRLs, revoked by future) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" -X509 CRT verification #78 (multiple CRLs, first future, revoked by second) +X509 CRT verification #80 (multiple CRLs, first future, revoked by second) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" -X509 CRT verification #79 (multiple CRLs, none relevant) +X509 CRT verification #81 (multiple CRLs, none relevant) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #80 (Not yet valid CA and valid CA) +X509 CRT verification #82 (Not yet valid CA and valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #81 (valid CA and Not yet valid CA) +X509 CRT verification #83 (valid CA and Not yet valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-future.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #82 (valid CA and Not yet valid CA) +X509 CRT verification #84 (valid CA and Not yet valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-past.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #83 (Not yet valid CA and valid CA) +X509 CRT verification #85 (Not yet valid CA and valid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #84 (Not yet valid CA and invalid CA) +X509 CRT verification #86 (Not yet valid CA and invalid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" -X509 CRT verification #85 (Expired CA and invalid CA) +X509 CRT verification #87 (Expired CA and invalid CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" -X509 CRT verification #86 (Spurious cert in the chain) +X509 CRT verification #88 (Spurious cert in the chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server7_spurious_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #87 (Spurious cert later in the chain) +X509 CRT verification #89 (Spurious cert later in the chain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #88 (EE with same name as trusted root) +X509 CRT verification #90 (EE with same name as trusted root) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"":"NULL" -X509 CRT verification #89 (same CA with good then bad key) +X509 CRT verification #91 (same CA with good then bad key) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C x509_verify:"data_files/server1.crt":"data_files/test-ca-good-alt.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #89 (same CA with bad then good key) +X509 CRT verification #91 (same CA with bad then good key) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" -X509 CRT verification #90 (bad name, allowing callback) +X509 CRT verification #92 (bad name, allowing callback) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all" -X509 CRT verification #91 (Suite B invalid, EC cert, RSA CA) +X509 CRT verification #93 (Suite B invalid, EC cert, RSA CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY|MBEDTLS_X509_BADCRL_BAD_MD|MBEDTLS_X509_BADCRL_BAD_PK:"suite_b":"NULL" -X509 CRT verification #92 (Suite B invalid, RSA cert, EC CA) +X509 CRT verification #94 (Suite B invalid, RSA cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_PK:"suite_b":"NULL" -X509 CRT verification #93 (Suite B Valid, EC cert, EC CA) +X509 CRT verification #95 (Suite B Valid, EC cert, EC CA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" -X509 CRT verification #94 (next profile Invalid Cert SHA224 Digest) +X509 CRT verification #96 (next profile Invalid Cert SHA224 Digest) depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" -X509 CRT verification #95 (next profile Valid Cert SHA256 Digest) +X509 CRT verification #97 (next profile Valid Cert SHA256 Digest) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_SHA1_C x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"next":"NULL" -X509 CRT verification #96 (Revoked Cert, revocation date in the future, _with_ MBEDTLS_HAVE_TIME_DATE) +X509 CRT verification #98 (Revoked Cert, revocation date in the future, _with_ MBEDTLS_HAVE_TIME_DATE) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" -X509 CRT verification #97 (Revoked Cert, revocation date in the future, _without_ MBEDTLS_HAVE_TIME_DATE) +X509 CRT verification #99 (Revoked Cert, revocation date in the future, _without_ MBEDTLS_HAVE_TIME_DATE) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" From 26e8608fcb2af9e73025c17c0727ef22c0719580 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 18 Jun 2021 12:01:11 +0100 Subject: [PATCH 0383/1065] Changelog entry for Free Context in test_suite_aes fix Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4176.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/issue4176.txt diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt new file mode 100644 index 0000000000..35cc8470ef --- /dev/null +++ b/ChangeLog.d/issue4176.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix an issue where resource is never freed when running one particular test suite with an alternative AES implementation +Fixes #4176 \ No newline at end of file From 9d4c2c4e42c1a05618899c3df1d506182f6d37a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 18 Jun 2021 09:48:27 +0200 Subject: [PATCH 0384/1065] Clarify how to create custom profiles MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/x509_crt.h | 22 ++++++++++++++++++++++ library/x509_crt.c | 11 +++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 3d64a4c937..f81218ae51 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -160,6 +160,22 @@ mbedtls_x509_subject_alternative_name; * The fields of this structure are part of the public API and can be * manipulated directly by applications. Future versions of the library may * add extra fields or reorder existing fields. + * + * You can create custom profiles by starting from a copy of + * an existing profile, such as mbedtls_x509_crt_profile_default or + * mbedtls_x509_ctr_profile_none and then tune it to your needs. + * + * For example to allow SHA-224 in addition to the default: + * + * mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; + * my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); + * + * Or to allow only RSA-3072+ with SHA-256: + * + * mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_none; + * my_profile.allowed_mds = MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ); + * my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ); + * my_profile.rsa_min_bitlen = 3072; */ typedef struct mbedtls_x509_crt_profile { @@ -350,6 +366,12 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; */ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; +/** + * Empty profile that allows nothing. Useful as a basis for constructing + * custom profiles. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none; + /** * \brief Parse a single DER formatted certificate and add it * to the end of the provided chained list. diff --git a/library/x509_crt.c b/library/x509_crt.c index d4e0ffd404..fdddbd3b09 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -156,6 +156,17 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = 0, }; +/* + * Empty / all-forbidden profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none = +{ + 0, + 0, + 0, + (uint32_t) -1, +}; + /* * Check md_alg against profile * Return 0 if md_alg is acceptable for this profile, -1 otherwise From 5c5b820352295a2726a5562af3261eb493efdc52 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 18 Jun 2021 12:21:25 +0100 Subject: [PATCH 0385/1065] Fix typo in doc'n of session resumption API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 1e8976ed14..68fee03a77 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3718,7 +3718,7 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss * This must have been initialized with mbedtls_ssl_init_session() * but otherwise be unused. * - * \note This function can handle a variety of mechanism for session + * \note This function can handle a variety of mechanisms for session * resumption: For TLS 1.2, both session ID-based resumption and * ticket-based resumption will be considered. For TLS 1.3, * once implemented, sessions equate to tickets, and calling From 963bb810f4116f5ab8ad90cbc1cfb66677a69b52 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 18 Jun 2021 13:22:57 +0200 Subject: [PATCH 0386/1065] Removing global variable and moving variant function comment block Signed-off-by: TRodziewicz --- include/mbedtls/timing.h | 2 -- library/timing.c | 40 +++++++++++++++++++--------------------- 2 files changed, 19 insertions(+), 23 deletions(-) diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 5289889f98..6ffc812d8b 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -61,8 +61,6 @@ typedef struct mbedtls_timing_delay_context #include "timing_alt.h" #endif /* MBEDTLS_TIMING_ALT */ -extern volatile int mbedtls_timing_alarmed; - /* Internal use */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); diff --git a/library/timing.c b/library/timing.c index e6dfc72d18..a85ce67b83 100644 --- a/library/timing.c +++ b/library/timing.c @@ -56,8 +56,25 @@ struct _hr_time #endif /* _WIN32 && !EFIX64 && !EFI32 */ -volatile int mbedtls_timing_alarmed = 0; - +/** + * \brief Return the elapsed time in milliseconds + * + * \warning May change without notice + * + * \param val points to a timer structure + * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. + * + * \return Elapsed time since the previous reset in ms. When + * restarting, this is always 0. + * + * \note To initialize a timer, call this function with reset=1. + * + * Determining the elapsed time and resetting the timer is not + * atomic on all platforms, so after the sequence + * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = + * get_timer(0) }` the value time1+time2 is only approximately + * the delay since the first reset. + */ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) @@ -83,25 +100,6 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int #else /* _WIN32 && !EFIX64 && !EFI32 */ -/** - * \brief Return the elapsed time in milliseconds - * - * \warning May change without notice - * - * \param val points to a timer structure - * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. - * - * \return Elapsed time since the previous reset in ms. When - * restarting, this is always 0. - * - * \note To initialize a timer, call this function with reset=1. - * - * Determining the elapsed time and resetting the timer is not - * atomic on all platforms, so after the sequence - * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = - * get_timer(0) }` the value time1+time2 is only approximately - * the delay since the first reset. - */ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) { struct _hr_time *t = (struct _hr_time *) val; From 87db8a2676e07b2b31a9cdd21b23e594503a28c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 18 Jun 2021 13:30:14 +0200 Subject: [PATCH 0387/1065] Clean up old files before generating them MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1423099571..7974f9b9fb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -651,6 +651,9 @@ pre_check_tools () { } pre_generate_files() { + # since make doesn't have proper dependencies, remove any possibly outdate + # file that might be around before generating fresh ones + make neat make generated_files } From ac84469dd1f93e285cc571c0202b14b63a42ebfc Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 18 Jun 2021 14:08:56 +0100 Subject: [PATCH 0388/1065] Modifies Migration Guide entry Commit makes corrections to Migration Guide entry for this task. Signed-off-by: Thomas Daubney --- docs/3.0-migration-guide.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a30e786771..6a21a653a6 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -140,10 +140,13 @@ encouraging them to upgrade their software. Remove support for truncated HMAC --------------------------------- -This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC` -`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and used the truncated HMAC extension. -Please consider using a CCM-8 ciphersuite instead of the Truncated HMAC -extension, or convincing your peer to upgrade their version of Mbed TLS. +This affects users of truncated HMAC, that is, users who called +`mbedtls_ssl_conf_truncated_hmac( ..., MBEDTLS_SSL_TRUNC_HMAC_ENABLED)`, +regardless of whether the standard version was used or compatibility version +(`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT`). + +The recommended migration path for people who want minimal overhead is to use a +CCM-8 ciphersuite. Remove support for TLS record-level compression ----------------------------------------------- From 487b4ae426c22e819fd73697658be0cafb22b78b Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 18 Jun 2021 15:37:21 +0100 Subject: [PATCH 0389/1065] Update changelog formatting - Missing Free Context The original formatting was in dos and the changelog assembler would fail. The length of the description was too long horizontally. This has been updated. Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4176.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt index 35cc8470ef..8ca386f41a 100644 --- a/ChangeLog.d/issue4176.txt +++ b/ChangeLog.d/issue4176.txt @@ -1,3 +1,3 @@ -Bugfix - * Fix an issue where resource is never freed when running one particular test suite with an alternative AES implementation -Fixes #4176 \ No newline at end of file +Bugfix + * Fix an issue where resource is never freed when running one particular + test suite with an alternative AES implementation. Fixes #4176 From 534bb99f17dac336b404c7db1b6512cbf5c40d7e Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 1 Mar 2021 15:35:48 +0100 Subject: [PATCH 0390/1065] Add test for one-shot MAC functions Tests for psa_mac_compute and psa_mac_verify functions. Signed-off-by: gabor-mezei-arm Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.function | 45 +++++++++++++++++++-- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5b5531f037..10426302dd 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1984,7 +1984,21 @@ void mac_sign( int key_type_arg, mbedtls_test_set_step( output_size ); ASSERT_ALLOC( actual_mac, output_size ); - /* Calculate the MAC. */ + /* Calculate the MAC, one-shot case. */ + TEST_EQUAL( psa_mac_compute( key, alg, + input->x, input->len, + actual_mac, output_size, &mac_length ), + expected_status ); + if( expected_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( expected_mac->x, expected_mac->len, + actual_mac, mac_length ); + } + + if( output_size > 0 ) + memset( actual_mac, 0, output_size ); + + /* Calculate the MAC, multi-part case. */ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); @@ -2036,7 +2050,11 @@ void mac_verify( int key_type_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - /* Test the correct MAC. */ + /* Verify correct MAC, one-shot case. */ + PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len, + expected_mac->x, expected_mac->len ) ); + + /* Verify correct MAC, multi-part case. */ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); @@ -2044,7 +2062,14 @@ void mac_verify( int key_type_arg, expected_mac->x, expected_mac->len ) ); - /* Test a MAC that's too short. */ + /* Test a MAC that's too short, one-shot case. */ + TEST_EQUAL( psa_mac_verify( key, alg, + input->x, input->len, + expected_mac->x, + expected_mac->len - 1 ), + PSA_ERROR_INVALID_SIGNATURE ); + + /* Test a MAC that's too short, multi-part case. */ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); @@ -2053,9 +2078,15 @@ void mac_verify( int key_type_arg, expected_mac->len - 1 ), PSA_ERROR_INVALID_SIGNATURE ); - /* Test a MAC that's too long. */ + /* Test a MAC that's too long, one-shot case. */ ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 ); memcpy( perturbed_mac, expected_mac->x, expected_mac->len ); + TEST_EQUAL( psa_mac_verify( key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len + 1 ), + PSA_ERROR_INVALID_SIGNATURE ); + + /* Test a MAC that's too long, multi-part case. */ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); @@ -2069,6 +2100,12 @@ void mac_verify( int key_type_arg, { mbedtls_test_set_step( i ); perturbed_mac[i] ^= 1; + + TEST_EQUAL( psa_mac_verify( key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len ), + PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); From dc5660c4c0d951a8e586aef9e5780efe8d5d98ac Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 18 Jun 2021 17:40:54 +0100 Subject: [PATCH 0391/1065] Update changlog formatting - Missing Free Context Trailing white space causing `check_files.py` to fail Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4176.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt index 8ca386f41a..e1ed5d6e19 100644 --- a/ChangeLog.d/issue4176.txt +++ b/ChangeLog.d/issue4176.txt @@ -1,3 +1,3 @@ Bugfix - * Fix an issue where resource is never freed when running one particular + * Fix an issue where resource is never freed when running one particular test suite with an alternative AES implementation. Fixes #4176 From 78ba2af7c2e24626bb01fece73513a06c4a4fa74 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 10:27:05 +0100 Subject: [PATCH 0392/1065] Remove old key export API Seems to be an oversight that this wasn't marked deprecated. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 30 ------------------------------ library/ssl_tls.c | 16 ---------------- 2 files changed, 46 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 603615b3c8..6c24aab77b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1033,9 +1033,6 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - /** Callback to export key block and master secret */ - int (*MBEDTLS_PRIVATE(f_export_keys))( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t ); /** Callback to export key block, master secret, * tls_prf and random bytes. Should replace f_export_keys */ int (*MBEDTLS_PRIVATE(f_export_keys_ext))( void *, const unsigned char *, @@ -1919,33 +1916,6 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, uint32_t *lifetime ); #if defined(MBEDTLS_SSL_EXPORT_KEYS) -/** - * \brief Callback type: Export key block and master secret - * - * \note This is required for certain uses of TLS, e.g. EAP-TLS - * (RFC 5216) and Thread. The key pointers are ephemeral and - * therefore must not be stored. The master secret and keys - * should not be used directly except as an input to a key - * derivation function. - * - * \param p_expkey Context for the callback - * \param ms Pointer to master secret (fixed length: 48 bytes) - * \param kb Pointer to key block, see RFC 5246 section 6.3 - * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen). - * \param maclen MAC length - * \param keylen Key length - * \param ivlen IV length - * - * \return 0 if successful, or - * a specific MBEDTLS_ERR_XXX code. - */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen ); - /** * \brief Callback type: Export key block, master secret, * handshake randbytes and the tls_prf function diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2961637a85..e6bc790fe5 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -986,14 +986,6 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, ((void) mac_enc); #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys != NULL ) - { - ssl->conf->f_export_keys( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len ); - } - if( ssl->conf->f_export_keys_ext != NULL ) { ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys, @@ -4193,14 +4185,6 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) -{ - conf->f_export_keys = f_export_keys; - conf->p_export_keys = p_export_keys; -} - void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, void *p_export_keys ) From 2d6e6f8fec7fe3a116f7aefe39644bad0df6506b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 10:58:31 +0100 Subject: [PATCH 0393/1065] Remove '_ext' suffix from SSL key exporter API Signed-off-by: Hanno Becker --- include/mbedtls/config.h | 2 +- include/mbedtls/ssl.h | 12 ++++++------ library/ssl_tls.c | 10 +++++----- programs/ssl/ssl_client2.c | 6 +++--- programs/ssl/ssl_server2.c | 6 +++--- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 598e59fcbd..e9da07a6e2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1556,7 +1556,7 @@ * (see Section 5 of RFC 5764), are not handled by this feature. * Instead, after successful completion of a handshake negotiating * the use of DTLS-SRTP, the extended key exporter API - * mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement + * mbedtls_ssl_conf_export_keys_cb() should be used to implement * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 * (this is implemented in the SSL example programs). * The resulting key should then be passed to an SRTP stack. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6c24aab77b..410ac0e0a2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1035,7 +1035,7 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** Callback to export key block, master secret, * tls_prf and random bytes. Should replace f_export_keys */ - int (*MBEDTLS_PRIVATE(f_export_keys_ext))( void *, const unsigned char *, + int (*MBEDTLS_PRIVATE(f_export_keys))( void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, const unsigned char[32], const unsigned char[32], mbedtls_tls_prf_types ); @@ -1941,7 +1941,7 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, +typedef int mbedtls_ssl_export_keys_t( void *p_expkey, const unsigned char *ms, const unsigned char *kb, size_t maclen, @@ -2020,16 +2020,16 @@ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, * \brief Configure extended key export callback. * (Default: none.) * - * \note See \c mbedtls_ssl_export_keys_ext_t. + * \note See \c mbedtls_ssl_export_keys_t. * \warning Exported key material must not be used for any purpose * before the (D)TLS handshake is completed * * \param conf SSL configuration context - * \param f_export_keys_ext Callback for exporting keys + * \param f_export_keys Callback for exporting keys * \param p_export_keys Context for the callback */ -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, +void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, void *p_export_keys ); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e6bc790fe5..94f906afcb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -986,9 +986,9 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, ((void) mac_enc); #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys_ext != NULL ) + if( ssl->conf->f_export_keys != NULL ) { - ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys, + ssl->conf->f_export_keys( ssl->conf->p_export_keys, master, keyblk, mac_key_len, keylen, iv_copy_len, @@ -4185,11 +4185,11 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, +void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, void *p_export_keys ) { - conf->f_export_keys_ext = f_export_keys_ext; + conf->f_export_keys = f_export_keys; conf->p_export_keys = p_export_keys; } #endif diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 322cef8b45..bc5ed2e9ee 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1739,19 +1739,19 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) if( opt.eap_tls != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, + mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, &eap_tls_keying ); } else if( opt.nss_keylog != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, + mbedtls_ssl_conf_export_keys_cb( &conf, nss_keylog_export, NULL ); } #if defined( MBEDTLS_SSL_DTLS_SRTP ) else if( opt.use_srtp != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, + mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, &dtls_srtp_keying ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 51125bdb69..334eb7d445 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2528,19 +2528,19 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) if( opt.eap_tls != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, + mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, &eap_tls_keying ); } else if( opt.nss_keylog != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, + mbedtls_ssl_conf_export_keys_cb( &conf, nss_keylog_export, NULL ); } #if defined( MBEDTLS_SSL_DTLS_SRTP ) else if( opt.use_srtp != 0 ) { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, + mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, &dtls_srtp_keying ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ From 457d61602f4fcf6d0f50edc2c070a674646b96b5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 10:27:39 +0100 Subject: [PATCH 0394/1065] Define and implement new key export API for Mbed TLS 3.0 Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 151 ++++++++++++++++++++---------------------- library/ssl_tls.c | 15 ++--- 2 files changed, 79 insertions(+), 87 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 410ac0e0a2..38a4a64d36 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -458,18 +458,6 @@ typedef enum } mbedtls_ssl_states; -/* - * The tls_prf function types. - */ -typedef enum -{ - MBEDTLS_SSL_TLS_PRF_NONE, - MBEDTLS_SSL_TLS_PRF_TLS1, - MBEDTLS_SSL_TLS_PRF_SHA384, - MBEDTLS_SSL_TLS_PRF_SHA256 -} -mbedtls_tls_prf_types; - /** * \brief Callback type: send data on the network. * @@ -967,6 +955,58 @@ struct mbedtls_ssl_session #endif }; +/* + * Identifiers for PRFs used in various versions of TLS. + */ +typedef enum +{ + MBEDTLS_SSL_TLS_PRF_NONE, + MBEDTLS_SSL_TLS_PRF_TLS1, + MBEDTLS_SSL_TLS_PRF_SHA384, + MBEDTLS_SSL_TLS_PRF_SHA256, + MBEDTLS_SSL_HKDF_EXPAND_SHA384, + MBEDTLS_SSL_HKDF_EXPAND_SHA256 +} +mbedtls_tls_prf_types; + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) +typedef enum +{ + MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0, +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_EARLY_SECRET, + MBEDTLS_SSL_KEY_EXPORT_TLS13_EARLY_EXPORTER_SECRET, + MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET, + MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET, + MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET, + MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET, +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +} mbedtls_ssl_key_export_type; + +/** + * \brief Callback type: Export key alongside random values for + * session identification, and PRF for + * implementation of TLS key exporters. + * + * \param p_expkey Context for the callback. + * \param type The type of the key that is being exported. + * \param client_random The client random bytes. + * \param server_random The server random bytes. + * \param tls_prf_type The identifier for the PRF used in the handshake + * to which the key belongs. + * + * \return \c 0 if successful. + * \return A negative error code on failure. + */ +typedef int mbedtls_ssl_export_keys_t( void *p_expkey, + mbedtls_ssl_key_export_type type, + const unsigned char *secret, + size_t secret_len, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type ); +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + /** * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. */ @@ -1033,12 +1073,8 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - /** Callback to export key block, master secret, - * tls_prf and random bytes. Should replace f_export_keys */ - int (*MBEDTLS_PRIVATE(f_export_keys))( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t, - const unsigned char[32], const unsigned char[32], - mbedtls_tls_prf_types ); + /** Callback to export key block and master secret */ + mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ #endif @@ -1915,43 +1951,6 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, size_t *tlen, uint32_t *lifetime ); -#if defined(MBEDTLS_SSL_EXPORT_KEYS) -/** - * \brief Callback type: Export key block, master secret, - * handshake randbytes and the tls_prf function - * used to derive keys. - * - * \note This is required for certain uses of TLS, e.g. EAP-TLS - * (RFC 5216) and Thread. The key pointers are ephemeral and - * therefore must not be stored. The master secret and keys - * should not be used directly except as an input to a key - * derivation function. - * - * \param p_expkey Context for the callback. - * \param ms Pointer to master secret (fixed length: 48 bytes). - * \param kb Pointer to key block, see RFC 5246 section 6.3. - * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen). - * \param maclen MAC length. - * \param keylen Key length. - * \param ivlen IV length. - * \param client_random The client random bytes. - * \param server_random The server random bytes. - * \param tls_prf_type The tls_prf enum type. - * - * \return 0 if successful, or - * a specific MBEDTLS_ERR_XXX code. - */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ); -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - /** * \brief Callback type: parse and load session ticket * @@ -2003,34 +2002,28 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** - * \brief Configure key export callback. - * (Default: none.) + * \brief Configure a key export callback. + * (Default: none.) * - * \note See \c mbedtls_ssl_export_keys_t. + * This API can be used for two purposes: + * - Debugging: Use this API to e.g. generate an NSSKeylog + * file and use it to inspect encrypted traffic in tools + * such as Wireshark. + * - Application-specific export: Use this API to implement + * key exporters, e.g. for EAP-TLS or DTLS-SRTP. * - * \param conf SSL configuration context - * \param f_export_keys Callback for exporting keys - * \param p_export_keys Context for the callback + * + * \param conf The SSL configuration to which the export + * callback should be attached. All connections + * subsequently bound to this configuration will + * have their keys exported. + * \param f_export_keys The callback for the key export. + * \param p_export_keys The opaque context pointer to be passed to the + * callback \p f_export_keys. */ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); - -/** - * \brief Configure extended key export callback. - * (Default: none.) - * - * \note See \c mbedtls_ssl_export_keys_t. - * \warning Exported key material must not be used for any purpose - * before the (D)TLS handshake is completed - * - * \param conf SSL configuration context - * \param f_export_keys Callback for exporting keys - * \param p_export_keys Context for the callback - */ -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 94f906afcb..4c69a0872b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -989,12 +989,11 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, if( ssl->conf->f_export_keys != NULL ) { ssl->conf->f_export_keys( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len, - randbytes + 32, - randbytes, - tls_prf_get_type( tls_prf ) ); + MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET, + master, 48, + randbytes + 32, + randbytes, + tls_prf_get_type( tls_prf ) ); } #endif @@ -4186,8 +4185,8 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_EXPORT_KEYS) void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ) { conf->f_export_keys = f_export_keys; conf->p_export_keys = p_export_keys; From c4c38caca584098ffc98db4031d84ecd7a189fb2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 10:57:07 +0100 Subject: [PATCH 0395/1065] Adjust example programs to new key export API Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 8 ++-- programs/ssl/ssl_server2.c | 8 ++-- programs/ssl/ssl_test_common_source.c | 67 ++++++++++++--------------- 3 files changed, 37 insertions(+), 46 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index bc5ed2e9ee..c25b9ee10a 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1740,19 +1740,19 @@ int main( int argc, char *argv[] ) if( opt.eap_tls != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); + &eap_tls_keying ); } else if( opt.nss_keylog != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, - nss_keylog_export, - NULL ); + nss_keylog_export, + NULL ); } #if defined( MBEDTLS_SSL_DTLS_SRTP ) else if( opt.use_srtp != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); + &dtls_srtp_keying ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 334eb7d445..9cecf7f3d8 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2529,19 +2529,19 @@ int main( int argc, char *argv[] ) if( opt.eap_tls != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); + &eap_tls_keying ); } else if( opt.nss_keylog != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, - nss_keylog_export, - NULL ); + nss_keylog_export, + NULL ); } #if defined( MBEDTLS_SSL_DTLS_SRTP ) else if( opt.use_srtp != 0 ) { mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); + &dtls_srtp_keying ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index fa2c606975..6da0ba4a50 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -26,54 +26,48 @@ #if defined(MBEDTLS_SSL_EXPORT_KEYS) int eap_tls_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, const unsigned char client_random[32], const unsigned char server_random[32], mbedtls_tls_prf_types tls_prf_type ) { eap_tls_keys *keys = (eap_tls_keys *)p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); + /* We're only interested in the TLS 1.2 master secret */ + if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) + return( 0 ); + if( secret_len != sizeof( keys->master_secret ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); memcpy( keys->randbytes, client_random, 32 ); memcpy( keys->randbytes + 32, server_random, 32 ); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf("exported maclen is %u\n", (unsigned)maclen); - mbedtls_printf("exported keylen is %u\n", (unsigned)keylen); - mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen); - } return( 0 ); } int nss_keylog_export( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, const unsigned char client_random[32], const unsigned char server_random[32], mbedtls_tls_prf_types tls_prf_type ) { char nss_keylog_line[ 200 ]; size_t const client_random_len = 32; - size_t const master_secret_len = 48; size_t len = 0; size_t j; int ret = 0; + /* We're only interested in the TLS 1.2 master secret */ + if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) + return( 0 ); + ((void) p_expkey); - ((void) kb); - ((void) maclen); - ((void) keylen); - ((void) ivlen); ((void) server_random); ((void) tls_prf_type); @@ -88,10 +82,10 @@ int nss_keylog_export( void *p_expkey, len += sprintf( nss_keylog_line + len, " " ); - for( j = 0; j < master_secret_len; j++ ) + for( j = 0; j < secret_len; j++ ) { len += sprintf( nss_keylog_line + len, - "%02x", ms[j] ); + "%02x", secret[j] ); } len += sprintf( nss_keylog_line + len, "\n" ); @@ -130,29 +124,26 @@ exit: #if defined( MBEDTLS_SSL_DTLS_SRTP ) int dtls_srtp_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, const unsigned char client_random[32], const unsigned char server_random[32], mbedtls_tls_prf_types tls_prf_type ) { dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); + /* We're only interested in the TLS 1.2 master secret */ + if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) + return( 0 ); + if( secret_len != sizeof( keys->master_secret ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); memcpy( keys->randbytes, client_random, 32 ); memcpy( keys->randbytes + 32, server_random, 32 ); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen ); - mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen ); - mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen ); - } return( 0 ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ From d5c9cc7c90c91acb67693664aa0fc6a8728d55ce Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 11:12:43 +0100 Subject: [PATCH 0396/1065] Add migration guide for modified key export API Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/key-export.md | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 docs/3.0-migration-guide.d/key-export.md diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md new file mode 100644 index 0000000000..43781a2fb1 --- /dev/null +++ b/docs/3.0-migration-guide.d/key-export.md @@ -0,0 +1,28 @@ +SSL key export interface change +------------------------------- + +This affects users of the SSL key export APIs: +``` + mbedtls_ssl_conf_export_keys_cb() + mbedtls_ssl_conf_export_keys_ext_cb() +``` + +The API `mbedtls_ssl_conf_export_keys_ext_cb()` has been removed, +and the function type of key export callback passed to +`mbedtls_ssl_conf_export_keys_cb()` has changed, as follows: +- It no longer exports raw keys and IV. +- A secret type parameter has been added to identify which key + is being exported. For TLS 1.2, only the master secret is + exported, but upcoming TLS 1.3 support will add other kinds of keys. + +For users which do not rely on raw keys and IV, adjusting to the new +callback type should be straightforward - see the example programs +programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks +for NSSKeylog, EAP-TLS and DTLS-SRTP. + +Users which require access to the raw keys used to secure application +traffic may derive those by hand based on the master secret and the +handshake transcript hashes which can be obtained from the raw data +on the wire. Such users are also encouraged to reach out to the +Mbed TLS team on the mailing list, to let the team know about their +use case. From 5a234e8718741a660aec8d9ec718b0f6e0434b2e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 24 May 2021 11:15:29 +0100 Subject: [PATCH 0397/1065] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/key-export.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/key-export.txt diff --git a/ChangeLog.d/key-export.txt b/ChangeLog.d/key-export.txt new file mode 100644 index 0000000000..5882d231e4 --- /dev/null +++ b/ChangeLog.d/key-export.txt @@ -0,0 +1,8 @@ +API changes + * mbedtls_ssl_conf_export_keys_ext_cb() has been removed. + * The signature of key export callbacks configured via + mbedtls_ssl_conf_export_keys_cb() has changed, and raw + keys and IVs are no longer exported. Further, callbacks + now receive an additional parameter indicating the type + of secret that's being exported, paving the way for the + larger number of secrets in TLS 1.3. From 11a4c1abcd7a5da2341f2f4bb79d550874148d6f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 26 May 2021 04:46:20 +0100 Subject: [PATCH 0398/1065] Adapt key export test in ssl-opt.sh to reduced output Signed-off-by: Hanno Becker --- tests/ssl-opt.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d1221112ae..4210847dfa 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8555,12 +8555,6 @@ run_test "export keys functionality" \ "$P_SRV eap_tls=1 debug_level=3" \ "$P_CLI eap_tls=1 debug_level=3" \ 0 \ - -s "exported maclen is " \ - -s "exported keylen is " \ - -s "exported ivlen is " \ - -c "exported maclen is " \ - -c "exported keylen is " \ - -c "exported ivlen is " \ -c "EAP-TLS key material is:"\ -s "EAP-TLS key material is:"\ -c "EAP-TLS IV is:" \ From ddc739cac41f4c03ac1e137d839dd186b7b59588 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 05:10:38 +0100 Subject: [PATCH 0399/1065] Add missing documentation for key export callback parameters Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 38a4a64d36..bf8a9e2b43 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -988,8 +988,11 @@ typedef enum * session identification, and PRF for * implementation of TLS key exporters. * - * \param p_expkey Context for the callback. - * \param type The type of the key that is being exported. + * \param p_expkey Context for the callback. + * \param type The type of the key that is being exported. + * \param secret The address of the buffer holding the secret + * that's being exporterd. + * \param secret_len The length of \p secret in bytes. * \param client_random The client random bytes. * \param server_random The server random bytes. * \param tls_prf_type The identifier for the PRF used in the handshake From 22b34f75cdc371ee05ea4130c54c8906810d3790 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 05:11:25 +0100 Subject: [PATCH 0400/1065] Remote key export identifier used for TLS < 1.2. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index bf8a9e2b43..540f5527cd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -961,7 +961,6 @@ struct mbedtls_ssl_session typedef enum { MBEDTLS_SSL_TLS_PRF_NONE, - MBEDTLS_SSL_TLS_PRF_TLS1, MBEDTLS_SSL_TLS_PRF_SHA384, MBEDTLS_SSL_TLS_PRF_SHA256, MBEDTLS_SSL_HKDF_EXPAND_SHA384, From a7991f2e11290a66e1d5a759dbb7b35b792580d6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 05:14:18 +0100 Subject: [PATCH 0401/1065] Remove all occurrences of TLS < 1.2 PRF identifier Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index a497076c14..10f8f28bff 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9278,14 +9278,6 @@ ssl_tls1_3_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.0 enabled -depends_on:MBEDTLS_SSL_PROTO_TLS1 -ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":0 - -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.1 enabled -depends_on:MBEDTLS_SSL_PROTO_TLS1_1 -ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":0 - SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 depends_on:MBEDTLS_SHA384_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":0 @@ -9294,10 +9286,6 @@ SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA256 depends_on:MBEDTLS_SHA256_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA256:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"7f9998393198a02c8d731ccc2ef90b2c":0 -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.X not enabled -depends_on:!MBEDTLS_SSL_PROTO_TLS1:!MBEDTLS_SSL_PROTO_TLS1_1 -ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE - SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-384 not enabled depends_on:!MBEDTLS_SHA384_C ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE From 7e6c178b6dd200c0f36a603f9ab3fa4d4e83e709 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 8 Jun 2021 09:24:55 +0100 Subject: [PATCH 0402/1065] Make key export callback and context connection-specific Fixes #2188 Signed-off-by: Hanno Becker --- ChangeLog.d/key-export.txt | 13 +++++--- docs/3.0-migration-guide.d/key-export.md | 10 ++++-- include/mbedtls/ssl.h | 24 +++++++------- library/ssl_tls.c | 24 +++++++------- programs/ssl/ssl_client2.c | 42 ++++++++++++------------ programs/ssl/ssl_server2.c | 42 ++++++++++++------------ 6 files changed, 81 insertions(+), 74 deletions(-) diff --git a/ChangeLog.d/key-export.txt b/ChangeLog.d/key-export.txt index 5882d231e4..10d8c89913 100644 --- a/ChangeLog.d/key-export.txt +++ b/ChangeLog.d/key-export.txt @@ -1,8 +1,13 @@ API changes - * mbedtls_ssl_conf_export_keys_ext_cb() has been removed. + * mbedtls_ssl_conf_export_keys_ext_cb() and + mbedtls_ssl_conf_export_keys_cb() have been removed + and replaced by a new API + mbedtls_ssl_set_export_keys_cb(). * The signature of key export callbacks configured via - mbedtls_ssl_conf_export_keys_cb() has changed, and raw - keys and IVs are no longer exported. Further, callbacks + mbedtls_ssl_set_export_keys_cb() is different from that + of the previous mbedtls_ssl_conf_export_keys_cb(): First, + raw keys and IVs are no longer exported. Further, callbacks now receive an additional parameter indicating the type of secret that's being exported, paving the way for the - larger number of secrets in TLS 1.3. + larger number of secrets in TLS 1.3. Finally, the key export + callback and context are now connection-specific. diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md index 43781a2fb1..967ecf87bf 100644 --- a/docs/3.0-migration-guide.d/key-export.md +++ b/docs/3.0-migration-guide.d/key-export.md @@ -7,9 +7,13 @@ This affects users of the SSL key export APIs: mbedtls_ssl_conf_export_keys_ext_cb() ``` -The API `mbedtls_ssl_conf_export_keys_ext_cb()` has been removed, -and the function type of key export callback passed to -`mbedtls_ssl_conf_export_keys_cb()` has changed, as follows: +Those APIs have been removed and replaced by the new API +`mbedtls_ssl_set_export_keys_cb()`. This API differs from +the previous key export API in the following ways: + +- It is no longer bound to an SSL configuration, but to an + SSL context. This allows users to more easily identify the + connection an exported key belongs to. - It no longer exports raw keys and IV. - A secret type parameter has been added to identify which key is being exported. For TLS 1.2, only the master secret is diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 540f5527cd..25800209e0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1074,12 +1074,6 @@ struct mbedtls_ssl_config void *MBEDTLS_PRIVATE(p_ticket); /*!< context for the ticket callbacks */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - /** Callback to export key block and master secret */ - mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); - void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ -#endif - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) size_t MBEDTLS_PRIVATE(cid_len); /*!< The length of CIDs for incoming DTLS records. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -1260,6 +1254,12 @@ struct mbedtls_ssl_context int MBEDTLS_PRIVATE(minor_ver); /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + /** Callback to export key block and master secret */ + mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); + void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ +#endif + #if defined(MBEDTLS_X509_CRT_PARSE_C) /** Callback to customize X.509 certificate chain verification */ int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *); @@ -2015,17 +2015,15 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, * key exporters, e.g. for EAP-TLS or DTLS-SRTP. * * - * \param conf The SSL configuration to which the export - * callback should be attached. All connections - * subsequently bound to this configuration will - * have their keys exported. + * \param ssl The SSL context to which the export + * callback should be attached. * \param f_export_keys The callback for the key export. * \param p_export_keys The opaque context pointer to be passed to the * callback \p f_export_keys. */ -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); +void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4c69a0872b..9268ede285 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -986,14 +986,14 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, ((void) mac_enc); #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys != NULL ) + if( ssl->f_export_keys != NULL ) { - ssl->conf->f_export_keys( ssl->conf->p_export_keys, - MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET, - master, 48, - randbytes + 32, - randbytes, - tls_prf_get_type( tls_prf ) ); + ssl->f_export_keys( ssl->p_export_keys, + MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET, + master, 48, + randbytes + 32, + randbytes, + tls_prf_get_type( tls_prf ) ); } #endif @@ -4184,12 +4184,12 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) +void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ) { - conf->f_export_keys = f_export_keys; - conf->p_export_keys = p_export_keys; + ssl->f_export_keys = f_export_keys; + ssl->p_export_keys = p_export_keys; } #endif diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index c25b9ee10a..a7b7ece4f4 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1736,27 +1736,6 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); #endif -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); - } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, - nss_keylog_export, - NULL ); - } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); - } -#endif /* MBEDTLS_SSL_DTLS_SRTP */ -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - #if defined(MBEDTLS_DHM_C) if( opt.dhmlen != DFL_DHMLEN ) mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); @@ -1886,6 +1865,27 @@ int main( int argc, char *argv[] ) goto exit; } +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + if( opt.eap_tls != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation, + &eap_tls_keying ); + } + else if( opt.nss_keylog != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, + nss_keylog_export, + NULL ); + } +#if defined( MBEDTLS_SSL_DTLS_SRTP ) + else if( opt.use_srtp != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, dtls_srtp_key_derivation, + &dtls_srtp_keying ); + } +#endif /* MBEDTLS_SSL_DTLS_SRTP */ +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 9cecf7f3d8..cb15866b04 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2525,27 +2525,6 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); #endif -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); - } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, - nss_keylog_export, - NULL ); - } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); - } -#endif /* MBEDTLS_SSL_DTLS_SRTP */ -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) @@ -2872,6 +2851,27 @@ int main( int argc, char *argv[] ) goto exit; } +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + if( opt.eap_tls != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation, + &eap_tls_keying ); + } + else if( opt.nss_keylog != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, + nss_keylog_export, + NULL ); + } +#if defined( MBEDTLS_SSL_DTLS_SRTP ) + else if( opt.use_srtp != 0 ) + { + mbedtls_ssl_set_export_keys_cb( &ssl, dtls_srtp_key_derivation, + &dtls_srtp_keying ); + } +#endif /* MBEDTLS_SSL_DTLS_SRTP */ +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + io_ctx.ssl = &ssl; io_ctx.net = &client_fd; mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb, From e0dad720ee3962264abba2867a0620a8de4babb9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 11 Jun 2021 15:38:37 +0100 Subject: [PATCH 0403/1065] Remove return value from key export callback Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 25800209e0..a434912868 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -996,17 +996,14 @@ typedef enum * \param server_random The server random bytes. * \param tls_prf_type The identifier for the PRF used in the handshake * to which the key belongs. - * - * \return \c 0 if successful. - * \return A negative error code on failure. */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - mbedtls_ssl_key_export_type type, - const unsigned char *secret, - size_t secret_len, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ); +typedef void mbedtls_ssl_export_keys_t( void *p_expkey, + mbedtls_ssl_key_export_type type, + const unsigned char *secret, + size_t secret_len, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type ); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ /** From 1e1c23d768a83827d6a0e86d363fd87c1bebcb7f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 11 Jun 2021 15:40:16 +0100 Subject: [PATCH 0404/1065] Improve ChangeLog wording for key export Signed-off-by: Hanno Becker --- ChangeLog.d/key-export.txt | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/ChangeLog.d/key-export.txt b/ChangeLog.d/key-export.txt index 10d8c89913..2fc01a4c52 100644 --- a/ChangeLog.d/key-export.txt +++ b/ChangeLog.d/key-export.txt @@ -1,13 +1,10 @@ API changes * mbedtls_ssl_conf_export_keys_ext_cb() and - mbedtls_ssl_conf_export_keys_cb() have been removed - and replaced by a new API - mbedtls_ssl_set_export_keys_cb(). - * The signature of key export callbacks configured via - mbedtls_ssl_set_export_keys_cb() is different from that - of the previous mbedtls_ssl_conf_export_keys_cb(): First, - raw keys and IVs are no longer exported. Further, callbacks - now receive an additional parameter indicating the type - of secret that's being exported, paving the way for the - larger number of secrets in TLS 1.3. Finally, the key export - callback and context are now connection-specific. + mbedtls_ssl_conf_export_keys_cb() have been removed and + replaced by a new API mbedtls_ssl_set_export_keys_cb(). + Raw keys and IVs are no longer passed to the callback. + Further, callbacks now receive an additional parameter + indicating the type of secret that's being exported, + paving the way for the larger number of secrets + in TLS 1.3. Finally, the key export callback and + context are now connection-specific. From d8f32e72b4ef90ab09e2b647932b182ac1a6ea53 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 17 Jun 2021 05:14:58 +0100 Subject: [PATCH 0405/1065] Move export callback and context to the end of SSL context This saves some code when compiling for Thumb, where access to fields with offset index > 127 requires intermediate address computations. Frequently used fields should therefore be located at the top of the structure, while less frequently used ones -- such as the export callback -- can be moved to the back. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index a434912868..512f0ccfd6 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1251,12 +1251,6 @@ struct mbedtls_ssl_context int MBEDTLS_PRIVATE(minor_ver); /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - /** Callback to export key block and master secret */ - mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); - void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ -#endif - #if defined(MBEDTLS_X509_CRT_PARSE_C) /** Callback to customize X.509 certificate chain verification */ int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *); @@ -1427,6 +1421,12 @@ struct mbedtls_ssl_context * Possible values are #MBEDTLS_SSL_CID_ENABLED * and #MBEDTLS_SSL_CID_DISABLED. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + /** Callback to export key block and master secret */ + mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); + void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ +#endif }; /** From e6ef5febfb938432c80173f9d2d1183e522045ee Mon Sep 17 00:00:00 2001 From: Joe Subbiani <85489920+JoeSubbiani@users.noreply.github.com> Date: Fri, 18 Jun 2021 18:51:27 +0100 Subject: [PATCH 0406/1065] Update changelog formatting - Missing Free Context Missing trailing full stop added to the end of the fixed issue number Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4176.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt index e1ed5d6e19..d362f1080e 100644 --- a/ChangeLog.d/issue4176.txt +++ b/ChangeLog.d/issue4176.txt @@ -1,3 +1,3 @@ Bugfix * Fix an issue where resource is never freed when running one particular - test suite with an alternative AES implementation. Fixes #4176 + test suite with an alternative AES implementation. Fixes #4176. From 28ea050cf4c695e627b9e7285e8005d846f2fc38 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Jun 2021 16:10:24 +0200 Subject: [PATCH 0407/1065] psa: mac: Re-organize psa_mac_setup() internal function Re-organize psa_mac_setup() to prepare the move to a dedicated function of the additional checks on the algorithm and the key attributes done by this function. We want to move those checks in a dedicated function to be able to do them without duplicating them in psa_mac_compute(). Signed-off-by: Ronald Cron --- library/psa_crypto.c | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a6697f6f40..02b2f99a9e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2248,14 +2248,12 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + uint8_t mac_size; /* A context must be freshly initialized before it can be set up. */ if( operation->id != 0 ) return( PSA_ERROR_BAD_STATE ); - if( ! PSA_ALG_IS_MAC( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, @@ -2264,24 +2262,28 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - psa_key_attributes_t attributes = { + psa_key_attributes_t key_attributes = { .core = slot->attr }; + psa_key_attributes_t *attributes = &key_attributes; + + if( ! PSA_ALG_IS_MAC( alg ) ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } /* Validate the combination of key type and algorithm */ - status = psa_mac_key_can_do( alg, psa_get_key_type( &attributes ) ); + status = psa_mac_key_can_do( alg, psa_get_key_type( attributes ) ); if( status != PSA_SUCCESS ) goto exit; - operation->is_sign = is_sign; - /* Get the output length for the algorithm and key combination */ - operation->mac_size = PSA_MAC_LENGTH( - psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ), - alg ); + mac_size = PSA_MAC_LENGTH( psa_get_key_type( attributes ), + psa_get_key_bits( attributes ), + alg ); - if( operation->mac_size < 4 ) + if( mac_size < 4 ) { /* A very short MAC is too short for security since it can be * brute-forced. Ancient protocols with 32-bit MACs do exist, @@ -2291,9 +2293,9 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, goto exit; } - if( operation->mac_size > PSA_MAC_LENGTH( psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ), - PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) + if( mac_size > PSA_MAC_LENGTH( psa_get_key_type( attributes ), + psa_get_key_bits( attributes ), + PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) { /* It's impossible to "truncate" to a larger length than the full length * of the algorithm. */ @@ -2301,11 +2303,14 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, goto exit; } + operation->is_sign = is_sign; + operation->mac_size = mac_size; + /* Dispatch the MAC setup call with validated input */ if( is_sign ) { status = psa_driver_wrapper_mac_sign_setup( operation, - &attributes, + &key_attributes, slot->key.data, slot->key.bytes, alg ); @@ -2313,7 +2318,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, else { status = psa_driver_wrapper_mac_verify_setup( operation, - &attributes, + &key_attributes, slot->key.data, slot->key.bytes, alg ); From 2dff3b2a1807fc4f9f28993b9b479486687d4f3a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Jun 2021 16:33:22 +0200 Subject: [PATCH 0408/1065] psa: mac: Split psa_mac_setup() Split out of psa_mac_setup() the final checks on the requested algorithm and the key attributes. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 70 +++++++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 27 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 02b2f99a9e..e7320f7157 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2240,33 +2240,13 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( status ); } -static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - int is_sign ) +static psa_status_t psa_mac_finalize_alg_and_key_validation( + psa_algorithm_t alg, + const psa_key_attributes_t *attributes ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; uint8_t mac_size; - /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - return( PSA_ERROR_BAD_STATE ); - - status = psa_get_and_lock_key_slot_with_policy( - key, - &slot, - is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, - alg ); - if( status != PSA_SUCCESS ) - return( status ); - - psa_key_attributes_t key_attributes = { - .core = slot->attr - }; - psa_key_attributes_t *attributes = &key_attributes; - if( ! PSA_ALG_IS_MAC( alg ) ) { status = PSA_ERROR_INVALID_ARGUMENT; @@ -2303,14 +2283,50 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, goto exit; } - operation->is_sign = is_sign; - operation->mac_size = mac_size; + status = PSA_SUCCESS; +exit: + return( status ); +} + +static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + int is_sign ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + + /* A context must be freshly initialized before it can be set up. */ + if( operation->id != 0 ) + return( PSA_ERROR_BAD_STATE ); + + status = psa_get_and_lock_key_slot_with_policy( + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + status = psa_mac_finalize_alg_and_key_validation( alg, &attributes ); + if( status != PSA_SUCCESS ) + goto exit; + + operation->is_sign = is_sign; + operation->mac_size = PSA_MAC_LENGTH( psa_get_key_type( &attributes ), + psa_get_key_bits( &attributes ), + alg ); /* Dispatch the MAC setup call with validated input */ if( is_sign ) { status = psa_driver_wrapper_mac_sign_setup( operation, - &key_attributes, + &attributes, slot->key.data, slot->key.bytes, alg ); @@ -2318,7 +2334,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, else { status = psa_driver_wrapper_mac_verify_setup( operation, - &key_attributes, + &attributes, slot->key.data, slot->key.bytes, alg ); From 79bdd82eaa18d0bdf19063272ae06f38c5c176b5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Jun 2021 16:46:44 +0200 Subject: [PATCH 0409/1065] psa: mac: Improve implementation of psa_mac_finalize_alg_and_key_validation() Signed-off-by: Ronald Cron --- library/psa_crypto.c | 43 ++++++++++++++++--------------------------- 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e7320f7157..9e5e009324 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2242,51 +2242,42 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) static psa_status_t psa_mac_finalize_alg_and_key_validation( psa_algorithm_t alg, - const psa_key_attributes_t *attributes ) + const psa_key_attributes_t *attributes, + uint8_t *mac_size ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - uint8_t mac_size; + psa_key_type_t key_type = psa_get_key_type( attributes ); + size_t key_bits = psa_get_key_bits( attributes ); if( ! PSA_ALG_IS_MAC( alg ) ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } + return( PSA_ERROR_INVALID_ARGUMENT ); /* Validate the combination of key type and algorithm */ - status = psa_mac_key_can_do( alg, psa_get_key_type( attributes ) ); + status = psa_mac_key_can_do( alg, key_type ); if( status != PSA_SUCCESS ) - goto exit; + return( status ); /* Get the output length for the algorithm and key combination */ - mac_size = PSA_MAC_LENGTH( psa_get_key_type( attributes ), - psa_get_key_bits( attributes ), - alg ); + *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg ); - if( mac_size < 4 ) + if( *mac_size < 4 ) { /* A very short MAC is too short for security since it can be * brute-forced. Ancient protocols with 32-bit MACs do exist, * so we make this our minimum, even though 32 bits is still * too small for security. */ - status = PSA_ERROR_NOT_SUPPORTED; - goto exit; + return( PSA_ERROR_NOT_SUPPORTED ); } - if( mac_size > PSA_MAC_LENGTH( psa_get_key_type( attributes ), - psa_get_key_bits( attributes ), - PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) + if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits, + PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) { /* It's impossible to "truncate" to a larger length than the full length * of the algorithm. */ - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; + return( PSA_ERROR_INVALID_ARGUMENT ); } - status = PSA_SUCCESS; - -exit: - return( status ); + return( PSA_SUCCESS ); } static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, @@ -2314,14 +2305,12 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, .core = slot->attr }; - status = psa_mac_finalize_alg_and_key_validation( alg, &attributes ); + status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, + &operation->mac_size ); if( status != PSA_SUCCESS ) goto exit; operation->is_sign = is_sign; - operation->mac_size = PSA_MAC_LENGTH( psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ), - alg ); /* Dispatch the MAC setup call with validated input */ if( is_sign ) { From 76be3e08a61141b4ee94c2e7779ee0b04db35b3a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Jun 2021 17:34:43 +0200 Subject: [PATCH 0410/1065] psa: mac: Add MAC compute builtin implementation Signed-off-by: Ronald Cron --- library/psa_crypto_mac.c | 62 ++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 20c56a0214..135fa352da 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -359,30 +359,6 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, return( status ); } -static psa_status_t mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - /* One-shot MAC has not been implemented in this PSA implementation yet. */ - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - (void) input; - (void) input_length; - (void) mac; - (void) mac_size; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - static psa_status_t mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, @@ -497,6 +473,44 @@ cleanup: return( status ); } + +static psa_status_t mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; + + status = mac_setup( &operation, + attributes, key_buffer, key_buffer_size, + alg ); + if( status != PSA_SUCCESS ) + goto exit; + + if( input_length > 0 ) + { + status = mac_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + } + + status = mac_finish_internal( &operation, mac, mac_size ); + if( status == PSA_SUCCESS ) + *mac_length = mac_size; + +exit: + mac_abort( &operation ); + + return( status ); +} + #endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) From 6364d32e47138a5448671709cd791a5d8e46f8a8 Mon Sep 17 00:00:00 2001 From: Spencer Burke Date: Sat, 12 Jun 2021 21:36:34 -0700 Subject: [PATCH 0411/1065] Remove the duplicate code in mbedtls/include/mbedtls/check_config.h Removing the extra preprocessor directives found within the specified source file. Signed-off-by: Spencer Burke --- include/mbedtls/check_config.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 85f7efde20..9b91f32004 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -461,10 +461,6 @@ #error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY) -#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY) #error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites" #endif From 05360005e37d66ae5b5e437c2f6ec1dadf13735b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 20 Jun 2021 23:08:19 +0200 Subject: [PATCH 0412/1065] Refactor file descriptor checks into a common function This will make it easier to change the behavior uniformly. No behavior change. Signed-off-by: Gilles Peskine --- library/net_sockets.c | 54 +++++++++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/library/net_sockets.c b/library/net_sockets.c index 8f79b7401a..746ed2a730 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -135,6 +135,26 @@ static int net_prepare( void ) return( 0 ); } +/* + * Return 0 if the file descriptor is valid, an error otherwise. + * If for_select != 0, check whether the file descriptor is within the range + * allowed for fd_set used for the FD_xxx macros and the select() function. + */ +static int check_fd( int fd, int for_select ) +{ + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + /* A limitation of select() is that it only works with file descriptors + * that are strictly less than FD_SETSIZE. This is a limitation of the + * fd_set type. Error out early, because attempting to call FD_SET on a + * large file descriptor is a buffer overflow on typical platforms. */ + if( for_select && fd >= FD_SETSIZE ) + return( MBEDTLS_ERR_NET_POLL_FAILED ); + + return( 0 ); +} + /* * Initialize a context */ @@ -466,15 +486,9 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) int fd = ctx->fd; - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - - /* A limitation of select() is that it only works with file descriptors - * that are strictly less than FD_SETSIZE. This is a limitation of the - * fd_set type. Error out early, because attempting to call FD_SET on a - * large file descriptor is a buffer overflow on typical platforms. */ - if( fd >= FD_SETSIZE ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + ret = check_fd( fd, 1 ); + if( ret != 0 ) + return( ret ); #if defined(__has_feature) #if __has_feature(memory_sanitizer) @@ -553,8 +567,9 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + ret = check_fd( fd, 0 ); + if( ret != 0 ) + return( ret ); ret = (int) read( fd, buf, len ); @@ -592,15 +607,9 @@ int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, fd_set read_fds; int fd = ((mbedtls_net_context *) ctx)->fd; - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - - /* A limitation of select() is that it only works with file descriptors - * that are strictly less than FD_SETSIZE. This is a limitation of the - * fd_set type. Error out early, because attempting to call FD_SET on a - * large file descriptor is a buffer overflow on typical platforms. */ - if( fd >= FD_SETSIZE ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + ret = check_fd( fd, 1 ); + if( ret != 0 ) + return( ret ); FD_ZERO( &read_fds ); FD_SET( fd, &read_fds ); @@ -640,8 +649,9 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + ret = check_fd( fd, 0 ); + if( ret != 0 ) + return( ret ); ret = (int) write( fd, buf, len ); From a5dd7bded8a0fb84043db1ef28b3577d173a54a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 20 Jun 2021 22:01:36 +0200 Subject: [PATCH 0413/1065] Fix fd range for select on Windows Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with MBEDTLS_ERR_NET_POLL_FAILED on Windows: they were testing that the file descriptor is in range for fd_set, but on Windows socket descriptors are not limited to a small range. Fixes #4465. Signed-off-by: Gilles Peskine --- ChangeLog.d/winsock.txt | 4 ++++ library/net_sockets.c | 5 +++++ 2 files changed, 9 insertions(+) create mode 100644 ChangeLog.d/winsock.txt diff --git a/ChangeLog.d/winsock.txt b/ChangeLog.d/winsock.txt new file mode 100644 index 0000000000..0b42e691c2 --- /dev/null +++ b/ChangeLog.d/winsock.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with + MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465. + diff --git a/library/net_sockets.c b/library/net_sockets.c index 746ed2a730..5fbe1f764a 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -145,12 +145,17 @@ static int check_fd( int fd, int for_select ) if( fd < 0 ) return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + (void) for_select; +#else /* A limitation of select() is that it only works with file descriptors * that are strictly less than FD_SETSIZE. This is a limitation of the * fd_set type. Error out early, because attempting to call FD_SET on a * large file descriptor is a buffer overflow on typical platforms. */ if( for_select && fd >= FD_SETSIZE ) return( MBEDTLS_ERR_NET_POLL_FAILED ); +#endif return( 0 ); } From 51131b53fe755c8e4f8801e6151a87e79fc06b75 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Jun 2021 17:17:20 +0200 Subject: [PATCH 0414/1065] psa: mac: Add driver delegation support for psa_mac_compute() Signed-off-by: Ronald Cron --- library/psa_crypto.c | 50 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 41 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9e5e009324..6d01b4c4b5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2463,27 +2463,59 @@ psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + uint8_t operation_mac_size = 0; - status = psa_mac_sign_setup( &operation, key, alg ); + status = psa_get_and_lock_key_slot_with_policy( + key, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) goto exit; - status = psa_mac_update( &operation, input, input_length ); + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, + &operation_mac_size ); if( status != PSA_SUCCESS ) goto exit; - status = psa_mac_sign_finish( &operation, mac, mac_size, mac_length ); - if( status != PSA_SUCCESS ) + if( mac_size < operation_mac_size ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; + } + + status = psa_driver_wrapper_mac_compute( + &attributes, + slot->key.data, slot->key.bytes, + alg, + input, input_length, + mac, operation_mac_size, mac_length ); exit: - if ( status == PSA_SUCCESS ) - status = psa_mac_abort( &operation ); + if( status == PSA_SUCCESS ) + { + /* Set the excess room in the output buffer to an invalid value, to + * avoid potentially leaking a longer MAC. */ + if( mac_size > operation_mac_size ) + memset( &mac[operation_mac_size], + '!', + mac_size - operation_mac_size ); + } else - psa_mac_abort( &operation ); + { + /* Set the output length and content to a safe default, such that in + * case the caller misses an error check, the output would be an + * unachievable MAC. */ + *mac_length = mac_size; + memset( mac, '!', mac_size ); + } - return ( status ); + unlock_status = psa_unlock_key_slot( slot ); + + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, From c3dd75f71b7e0bef1e013ead0bbb15ca517b48e1 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 18 Jun 2021 13:05:48 +0200 Subject: [PATCH 0415/1065] psa: mac: Improve MAC finalization code Signed-off-by: Ronald Cron --- library/psa_crypto.c | 50 +++++++++++++++++++------------------------- 1 file changed, 22 insertions(+), 28 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6d01b4c4b5..514ab40dad 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2403,24 +2403,22 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, mac, operation->mac_size, mac_length ); - if( status == PSA_SUCCESS ) + /* In case of success, set the potential excess room in the output buffer + * to an invalid value, to avoid potentially leaking a longer MAC. + * In case of error, set the output length and content to a safe default, + * such that in case the caller misses an error check, the output would be + * an unachievable MAC. + */ + if( status != PSA_SUCCESS ) { - /* Set the excess room in the output buffer to an invalid value, to - * avoid potentially leaking a longer MAC. */ - if( mac_size > operation->mac_size ) - memset( &mac[operation->mac_size], - '!', - mac_size - operation->mac_size ); - } - else - { - /* Set the output length and content to a safe default, such that in - * case the caller misses an error check, the output would be an - * unachievable MAC. */ *mac_length = mac_size; - memset( mac, '!', mac_size ); + operation->mac_size = 0; } + if( mac_size > operation->mac_size ) + memset( &mac[operation->mac_size], '!', + mac_size - operation->mac_size ); + abort_status = psa_mac_abort( operation ); return( status == PSA_SUCCESS ? abort_status : status ); @@ -2495,23 +2493,19 @@ psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, mac, operation_mac_size, mac_length ); exit: - if( status == PSA_SUCCESS ) + /* In case of success, set the potential excess room in the output buffer + * to an invalid value, to avoid potentially leaking a longer MAC. + * In case of error, set the output length and content to a safe default, + * such that in case the caller misses an error check, the output would be + * an unachievable MAC. + */ + if( status != PSA_SUCCESS ) { - /* Set the excess room in the output buffer to an invalid value, to - * avoid potentially leaking a longer MAC. */ - if( mac_size > operation_mac_size ) - memset( &mac[operation_mac_size], - '!', - mac_size - operation_mac_size ); - } - else - { - /* Set the output length and content to a safe default, such that in - * case the caller misses an error check, the output would be an - * unachievable MAC. */ *mac_length = mac_size; - memset( mac, '!', mac_size ); + operation_mac_size = 0; } + if( mac_size > operation_mac_size ) + memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size ); unlock_status = psa_unlock_key_slot( slot ); From 094b06a5729b98d047b8a13fe8409f9a3f509bf1 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 18 Jun 2021 14:01:50 +0200 Subject: [PATCH 0416/1065] psa: mac: Add driver dispatch tests for psa_mac_compute Signed-off-by: Ronald Cron --- ..._suite_psa_crypto_driver_wrappers.function | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index e86309b065..c9a2a47de7 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1118,7 +1118,31 @@ void mac_sign( int key_type_arg, ASSERT_ALLOC( actual_mac, mac_buffer_size ); mbedtls_test_driver_mac_hooks.forced_status = forced_status; - /* Calculate the MAC. */ + /* + * Calculate the MAC, one-shot case. + */ + status = psa_mac_compute( key, alg, + input->x, input->len, + actual_mac, mac_buffer_size, + &mac_length ); + + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + if( forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED ) + { + PSA_ASSERT( status ); + } + else + TEST_EQUAL( forced_status, status ); + + if( mac_buffer_size > 0 ) + memset( actual_mac, 0, mac_buffer_size ); + mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); + mbedtls_test_driver_mac_hooks.forced_status = forced_status; + + /* + * Calculate the MAC, multipart case. + */ status = psa_mac_sign_setup( &operation, key, alg ); TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); From cd989b55983363893c340a38fdb22a5bd8238491 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 18 Jun 2021 14:23:33 +0200 Subject: [PATCH 0417/1065] psa: mac: Introduce psa_mac_compute_internal Introduce psa_mac_compute_internal with an additional `is_sign` parameter compared to the psa_mac_compute API. The intent is to call psa_mac_compute_internal() from psa_mac_verify() as well to compute the message MAC. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 514ab40dad..ec4f7d94e9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2452,13 +2452,14 @@ cleanup: return( status == PSA_SUCCESS ? abort_status : status ); } -psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) +static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length, + int is_sign ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -2466,7 +2467,9 @@ psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, uint8_t operation_mac_size = 0; status = psa_get_and_lock_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); + key, &slot, + is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, + alg ); if( status != PSA_SUCCESS ) goto exit; @@ -2512,6 +2515,19 @@ exit: return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } +psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + return( psa_mac_compute_internal( key, alg, + input, input_length, + mac, mac_size, mac_length, 1 ) ); +} + psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, From a587cbc3a4ae6063efc2aeacf6f5b43c043bb4c5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 18 Jun 2021 14:51:29 +0200 Subject: [PATCH 0418/1065] psa: mac: Add driver delegation support for psa_mac_verify() Signed-off-by: Ronald Cron --- library/psa_crypto.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ec4f7d94e9..466845d8a5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2536,25 +2536,29 @@ psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, size_t mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + uint8_t actual_mac[PSA_MAC_MAX_SIZE]; + size_t actual_mac_length; - status = psa_mac_verify_setup( &operation, key, alg ); + status = psa_mac_compute_internal( key, alg, + input, input_length, + actual_mac, sizeof( actual_mac ), + &actual_mac_length, 0 ); if( status != PSA_SUCCESS ) goto exit; - status = psa_mac_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) + if( mac_length != actual_mac_length ) + { + status = PSA_ERROR_INVALID_SIGNATURE; goto exit; - - status = psa_mac_verify_finish( &operation, mac, mac_length ); - if( status != PSA_SUCCESS ) + } + if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 ) + { + status = PSA_ERROR_INVALID_SIGNATURE; goto exit; + } exit: - if ( status == PSA_SUCCESS ) - status = psa_mac_abort( &operation ); - else - psa_mac_abort( &operation ); + mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); return ( status ); } From fb01081212814cf243aa9097c6d2f2ebd4c4efdd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 18 Jun 2021 15:05:36 +0200 Subject: [PATCH 0419/1065] psa: mac: Add driver dispatch tests for psa_mac_verify Signed-off-by: Ronald Cron --- ..._suite_psa_crypto_driver_wrappers.function | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index c9a2a47de7..3a9eff9557 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1238,7 +1238,27 @@ void mac_verify( int key_type_arg, mbedtls_test_driver_mac_hooks.forced_status = forced_status; - /* Test the correct MAC. */ + /* + * Verify the MAC, one-shot case. + */ + status = psa_mac_verify( key, alg, + input->x, input->len, + expected_mac->x, expected_mac->len ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + if( forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED ) + { + PSA_ASSERT( status ); + } + else + TEST_EQUAL( forced_status, status ); + + mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); + mbedtls_test_driver_mac_hooks.forced_status = forced_status; + + /* + * Verify the MAC, multi-part case. + */ status = psa_mac_verify_setup( &operation, key, alg ); TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); From 4d91bcd4135587ecc62b18e0bb745bf7a5876b7c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 21 Jun 2021 09:58:03 +0200 Subject: [PATCH 0420/1065] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/one-shot-mac.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/one-shot-mac.txt diff --git a/ChangeLog.d/one-shot-mac.txt b/ChangeLog.d/one-shot-mac.txt new file mode 100644 index 0000000000..112891decc --- /dev/null +++ b/ChangeLog.d/one-shot-mac.txt @@ -0,0 +1,3 @@ +Features + * Implement psa_mac_compute() and psa_mac_verify() as defined in the + PSA Cryptograpy API 1.0.0 specification. From 3f9e64c03c3b4f275af7b3a125417a4014f5ac7e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 21 Jun 2021 09:10:55 +0100 Subject: [PATCH 0421/1065] Fix improper spacing Spacing between brackets did not follow the appropriate coding style Signed-off-by: Joe Subbiani --- tests/suites/test_suite_aes.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index dac6edc958..1892c2595a 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -208,7 +208,7 @@ void aes_crypt_xts_size( int size, int retval ) TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); exit: - mbedtls_aes_xts_free(&ctx); + mbedtls_aes_xts_free( &ctx ); } /* END_CASE */ From 296fefeb981f8c95d580abfb46d52e1838a082eb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 21 Jun 2021 09:32:27 +0100 Subject: [PATCH 0422/1065] Fix return type of example key export callbacks Signed-off-by: Hanno Becker --- programs/ssl/ssl_test_common_source.c | 60 ++++++++++++--------------- 1 file changed, 26 insertions(+), 34 deletions(-) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 6da0ba4a50..d30c36ea56 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -25,47 +25,44 @@ */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -int eap_tls_key_derivation( void *p_expkey, - mbedtls_ssl_key_export_type secret_type, - const unsigned char *secret, - size_t secret_len, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +void eap_tls_key_derivation( void *p_expkey, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type ) { eap_tls_keys *keys = (eap_tls_keys *)p_expkey; /* We're only interested in the TLS 1.2 master secret */ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) - return( 0 ); + return; if( secret_len != sizeof( keys->master_secret ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + return; memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); memcpy( keys->randbytes, client_random, 32 ); memcpy( keys->randbytes + 32, server_random, 32 ); keys->tls_prf_type = tls_prf_type; - - return( 0 ); } -int nss_keylog_export( void *p_expkey, - mbedtls_ssl_key_export_type secret_type, - const unsigned char *secret, - size_t secret_len, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +void nss_keylog_export( void *p_expkey, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type ) { char nss_keylog_line[ 200 ]; size_t const client_random_len = 32; size_t len = 0; size_t j; - int ret = 0; /* We're only interested in the TLS 1.2 master secret */ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) - return( 0 ); + return; ((void) p_expkey); ((void) server_random); @@ -102,13 +99,11 @@ int nss_keylog_export( void *p_expkey, if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL ) { - ret = -1; goto exit; } if( fwrite( nss_keylog_line, 1, len, f ) != len ) { - ret = -1; fclose( f ); goto exit; } @@ -119,32 +114,29 @@ int nss_keylog_export( void *p_expkey, exit: mbedtls_platform_zeroize( nss_keylog_line, sizeof( nss_keylog_line ) ); - return( ret ); } #if defined( MBEDTLS_SSL_DTLS_SRTP ) -int dtls_srtp_key_derivation( void *p_expkey, - mbedtls_ssl_key_export_type secret_type, - const unsigned char *secret, - size_t secret_len, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +void dtls_srtp_key_derivation( void *p_expkey, + mbedtls_ssl_key_export_type secret_type, + const unsigned char *secret, + size_t secret_len, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type ) { dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey; /* We're only interested in the TLS 1.2 master secret */ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET ) - return( 0 ); + return; if( secret_len != sizeof( keys->master_secret ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + return; memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); memcpy( keys->randbytes, client_random, 32 ); memcpy( keys->randbytes + 32, server_random, 32 ); keys->tls_prf_type = tls_prf_type; - - return( 0 ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ From b795332401763903487b07668131fe1168fe69b2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 1 Apr 2021 14:44:17 +0100 Subject: [PATCH 0423/1065] mbedtls_rsa_rsassa_pss_*: improve documentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Hashes used in RSA-PSS encoding (EMSA-PSS-ENCODE, see §9.1.1 in RFC 8017): - H1: Hashing the message (step 2) - H2: Hashing in the salt (step 6) - H3: Mask generation function (step 9) According to the standard: - H1 and H2 MUST be done by the same hash function - H3 is RECOMMENDED to be the same as the hash used for H1 and H2. According to the implementation: - H1 happens outside of the function call. It might or might not happen and the implementation might or might not be aware of the hash used. - H2 happens inside the function call, consistency with H1 is not enforced and might not even be possible to detect. - H3 is done with the same hash as H2 (with the exception of mbedtls_rsassa_pss_verify_ext(), which takes a dedicated parameter for the hash used in the MGF). Issues with the documentation: - The comments weren't always clear about the three hashes involved and often only mentioned two of them (which two varied from function to function). - The documentation was giving the impression that the standard recommends aligning H2 and H1 (which is not a recommendation but a must). Signed-off-by: Janos Follath --- include/mbedtls/rsa.h | 55 +++++++++++++++++++++++-------------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index f29a0aa9a5..c953a89490 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -857,12 +857,13 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v2.1 PSS signature * operation (RSASSA-PSS-SIGN). * - * \note The \p hash_id in the RSA context is the one used for the - * encoding. \p md_alg in the function call is the type of hash - * that is encoded. According to RFC-3447: Public-Key + * \note The \c hash_id set in \p ctx by calling + * mbedtls_rsa_set_padding() selects the hash used for the + * encoding operation and for the mask generation function + * (MGF1). For more details on the encoding operation and the + * mask generation function, consult RFC-3447: Public-Key * Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography - * Specifications it is advised to keep both hashes the - * same. + * Specifications. * * \note This function enforces that the provided salt length complies * with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 v2.2) §9.1.1 @@ -910,12 +911,13 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v2.1 PSS signature * operation (RSASSA-PSS-SIGN). * - * \note The \p hash_id in the RSA context is the one used for the - * encoding. \p md_alg in the function call is the type of hash - * that is encoded. According to RFC-3447: Public-Key + * \note The \c hash_id set in \p ctx by calling + * mbedtls_rsa_set_padding() selects the hash used for the + * encoding operation and for the mask generation function + * (MGF1). For more details on the encoding operation and the + * mask generation function, consult RFC-3447: Public-Key * Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography - * Specifications it is advised to keep both hashes the - * same. + * Specifications. * * \note This function always uses the maximum possible salt size, * up to the length of the payload hash. This choice of salt @@ -934,7 +936,7 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. - * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * This is only used if \p md_alg is #MBEDTLS_MD_NONE. * \param hash The buffer holding the message digest or raw data. * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable * buffer of length \p hashlen Bytes. If \p md_alg is not @@ -1021,16 +1023,15 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v2.1 PSS verification * operation (RSASSA-PSS-VERIFY). * - * The hash function for the MGF mask generating function - * is that specified in the RSA context. - * - * \note The \p hash_id in the RSA context is the one used for the - * verification. \p md_alg in the function call is the type of - * hash that is verified. According to RFC-3447: Public-Key + * \note The \c hash_id set in \p ctx by calling + * mbedtls_rsa_set_padding() selects the hash used for the + * encoding operation and for the mask generation function + * (MGF1). For more details on the encoding operation and the + * mask generation function, consult RFC-3447: Public-Key * Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography - * Specifications it is advised to keep both hashes the - * same. If \p hash_id in the RSA context is unset, - * the \p md_alg from the function call is used. + * Specifications. If the \c hash_id set in \p ctx by + * mbedtls_rsa_set_padding() is #MBEDTLS_MD_NONE, the \p md_alg + * parameter is used. * * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. @@ -1059,13 +1060,11 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v2.1 PSS verification * operation (RSASSA-PSS-VERIFY). * - * The hash function for the MGF mask generating function - * is that specified in \p mgf1_hash_id. - * * \note The \p sig buffer must be as large as the size * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. * - * \note The \p hash_id in the RSA context is ignored. + * \note The \c hash_id set in \p ctx by mbedtls_rsa_set_padding() is + * ignored. * * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. @@ -1077,7 +1076,13 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * buffer of length \p hashlen Bytes. If \p md_alg is not * #MBEDTLS_MD_NONE, it must be a readable buffer of length * the size of the hash corresponding to \p md_alg. - * \param mgf1_hash_id The message digest used for mask generation. + * \param mgf1_hash_id The message digest algorithm used for the + * verification operation and the mask generation + * function (MGF1). For more details on the encoding + * operation and the mask generation function, consult + * RFC-3447: Public-Key Cryptography Standards + * (PKCS) #1 v2.1: RSA Cryptography + * Specifications. * \param expected_salt_len The length of the salt used in padding. Use * #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length. * \param sig The buffer holding the signature. This must be a readable From 0af093b6c81f04134477df2b48b422b006f098aa Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 7 Jun 2021 14:34:10 +0100 Subject: [PATCH 0424/1065] PSA RSA PSS: pass pre-hash algorithm to Mbed TLS PSA Crypto always passed MBEDTLS_MD_NONE to Mbed TLS, which worked well as Mbed TLS does not use this parameter for anything beyond determining the input lengths. Some alternative implementations however check the consistency of the algorithm used for pre-hash and for other uses in verification (verify operation and mask generation) and fail if they don't match. This makes all such verifications fail. Furthermore, the PSA Crypto API mandates that the pre-hash and internal uses are aligned as well. Fixes #3990. Signed-off-by: Janos Follath --- library/psa_crypto_rsa.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index f2e9a1c052..4363e913d1 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -360,27 +360,19 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_ERROR_INVALID_ARGUMENT ); #endif -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) - /* For PKCS#1 v1.5 signature, if using a hash, the hash length - * must be correct. */ - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) && - alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) + /* For signatures using a hash, the hash length must be correct. */ + if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) { if( md_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( mbedtls_md_get_size( md_info ) != hash_length ) return( PSA_ERROR_INVALID_ARGUMENT ); } -#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ - -#if defined(BUILTIN_ALG_RSA_PSS) - /* PSS requires a hash internally. */ - if( PSA_ALG_IS_RSA_PSS( alg ) ) + else { - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if( hash_alg != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); } -#endif /* BUILTIN_ALG_RSA_PSS */ return( PSA_SUCCESS ); } @@ -516,7 +508,7 @@ static psa_status_t rsa_verify_hash( if( ret == 0 ) { ret = mbedtls_rsa_rsassa_pss_verify( rsa, - MBEDTLS_MD_NONE, + md_alg, (unsigned int) hash_length, hash, signature ); From ae50d28e4ce6217073bea11a8330be3ea2f90b05 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 7 Jun 2021 14:41:53 +0100 Subject: [PATCH 0425/1065] Fix verify_hash tests for PSA RSA PSS The psa_verify_hash() is the pre-hashed version of the API and supposed to work on hashes generated by the user. There were tests passing that were getting "hashes" of sizes different from the expected. Transform these into properly failing tests. Signed-off-by: Janos Follath --- tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4d9c7b69bf..3af4473d81 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2206,6 +2206,14 @@ PSA sign hash: RSA PKCS#1 v1.5 SHA-256, output buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL +PSA sign hash: RSA PSS SHA-256, wrong hash length (0 bytes) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT + +PSA sign hash: RSA PSS SHA-256, wrong hash length (129 bytes) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT + PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL @@ -2246,18 +2254,10 @@ PSA sign/verify hash: RSA PKCS#1 v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA sign/verify hash: RSA PSS SHA-256, 0 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" - PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA sign/verify hash: RSA PSS SHA-256, 129 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" @@ -2314,17 +2314,17 @@ PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA verify hash: RSA PSS SHA-256, good signature, 0 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" - PSA verify hash: RSA PSS SHA-256, good signature, 32 bytes (hash size) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" -PSA verify hash: RSA PSS SHA-256, good signature, 129 bytes +PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT + +PSA verify hash: RSA PSS SHA-256, wrong hash length (129 bytes) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: ECDSA SECP256R1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 From 4c0b60e5fa681a76194222bb9cb264edca0cbfa2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Jun 2021 12:34:30 +0100 Subject: [PATCH 0426/1065] Fix exercise key test Hash and sign algorithms require the alignment of the input length with the hash length at verification as well not just when signing. Signed-off-by: Janos Follath --- tests/src/psa_exercise_key.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index f48a64e947..e4e55c9c2c 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -316,13 +316,14 @@ static int exercise_signature_key( mbedtls_svc_key_id_t key, #endif } + /* Some algorithms require the payload to have the size of + * the hash encoded in the algorithm. Use this input size + * even for algorithms that allow other input sizes. */ + if( hash_alg != 0 ) + payload_length = PSA_HASH_LENGTH( hash_alg ); + if( usage & PSA_KEY_USAGE_SIGN_HASH ) { - /* Some algorithms require the payload to have the size of - * the hash encoded in the algorithm. Use this input size - * even for algorithms that allow other input sizes. */ - if( hash_alg != 0 ) - payload_length = PSA_HASH_LENGTH( hash_alg ); PSA_ASSERT( psa_sign_hash( key, alg, payload, payload_length, signature, sizeof( signature ), From 3dd3ff00961b4aa29d7103a89452220630377210 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 15 Jun 2021 16:08:29 +0100 Subject: [PATCH 0427/1065] Add ChangeLog entry Signed-off-by: Janos Follath --- ChangeLog.d/psa-rsa-verify-alt-fix.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/psa-rsa-verify-alt-fix.txt diff --git a/ChangeLog.d/psa-rsa-verify-alt-fix.txt b/ChangeLog.d/psa-rsa-verify-alt-fix.txt new file mode 100644 index 0000000000..74804caf7a --- /dev/null +++ b/ChangeLog.d/psa-rsa-verify-alt-fix.txt @@ -0,0 +1,7 @@ +Bugfix + * psa_verify_hash() was relying on implementation-specific behavior of + mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT + implementations. This reliance is now removed. Fixes #3990. + * Disallow inputs of length different from the corresponding hash when + signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates + that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.) From ab97e003f33a8ff74bcfc0e2d67ed2c47f9b6792 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 21 Jun 2021 10:56:29 +0100 Subject: [PATCH 0428/1065] Improve psa_rsa_decode_md_type() Remove a case that cannot be triggered as PSA_ALG_SIGN_GET_HASH always returns 0 for raw algorithms. Signed-off-by: Janos Follath --- library/psa_crypto_rsa.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 4363e913d1..53889234bb 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -368,11 +368,6 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, if( mbedtls_md_get_size( md_info ) != hash_length ) return( PSA_ERROR_INVALID_ARGUMENT ); } - else - { - if( hash_alg != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } return( PSA_SUCCESS ); } From f41dc7cb356db6efc06b0baba3ad0b95b9694ff0 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 21 Jun 2021 13:27:29 +0200 Subject: [PATCH 0429/1065] Removal of RC4 certs and fixes to docs and tests Signed-off-by: TRodziewicz --- .../rename_the__ret_functions.md | 8 --- docs/3.0-migration-guide.md | 2 +- .../rsa_pkcs8_pbe_sha1_1024_rc4_128.der | Bin 674 -> 0 bytes .../rsa_pkcs8_pbe_sha1_1024_rc4_128.pem | 17 ------ .../rsa_pkcs8_pbe_sha1_2048_rc4_128.der | Bin 1256 -> 0 bytes .../rsa_pkcs8_pbe_sha1_2048_rc4_128.pem | 29 ---------- .../rsa_pkcs8_pbe_sha1_4096_rc4_128.der | Bin 2412 -> 0 bytes .../rsa_pkcs8_pbe_sha1_4096_rc4_128.pem | 53 ------------------ tests/suites/test_suite_ccm.data | 2 +- tests/suites/test_suite_nist_kw.data | 4 ++ 10 files changed, 6 insertions(+), 109 deletions(-) delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der delete mode 100644 tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md index 44435f8722..875164b25b 100644 --- a/docs/3.0-migration-guide.d/rename_the__ret_functions.md +++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md @@ -13,14 +13,6 @@ original names of those functions. The renamed functions are: |------------------------------|--------------------------| | mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update | | mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update | -| mbedtls_md2_starts_ret | mbedtls_md2_starts | -| mbedtls_md2_update_ret | mbedtls_md2_update | -| mbedtls_md2_finish_ret | mbedtls_md2_finish | -| mbedtls_md2_ret | mbedtls_md2 | -| mbedtls_md4_starts_ret | mbedtls_md4_starts | -| mbedtls_md4_update_ret | mbedtls_md4_update | -| mbedtls_md4_finish_ret | mbedtls_md4_finish | -| mbedtls_md4_ret | mbedtls_md4 | | mbedtls_md5_starts_ret | mbedtls_md5_starts | | mbedtls_md5_update_ret | mbedtls_md5_update | | mbedtls_md5_finish_ret | mbedtls_md5_finish | diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a4a59b8895..d0ba43d0f9 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -22,7 +22,7 @@ in order to match the new signature. Deprecated functions were removed from hashing modules ------------------------------------------------------ -Modules: MD2, MD4, MD5, SHA1, SHA256, SHA512, MD. +Modules: MD5, SHA1, SHA256, SHA512, MD. - The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`, `mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der deleted file mode 100644 index e7e32b0becd4c95a83d3acf00d0f68280b8e77b1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 674 zcmV;T0$u$uf&!i}90m$1hDe6@4FL=R0Wb~(2#NLD)Dq1ka{>Yg00e>pd~;XIT-7rX zDBm0EzJ&z0p)Y4&28CpLV5F_nJg`kPcZfgZVhqQG8-V3KlXVTXT)TRknZnX$FDG{e zrxgP)xd}A&a=QuPP#*PtKVvyEqd)oq%u8q?YO9P#{M*|+xNrbIcNcnA=cC+f;(zcI z|1s}Ke9Tb!sI-vlDJ#lNjma@NlhATwOc;1Kj1s# z6M467t|kNez>TOu*EGK*#Wt|_z&~Av*3O(_&qEEA5&2ka7wp;Qo^_mOM%taaD_9K1 zliO`z*qp_tgu15nn(vHy*fzP2t%n%`CiJ}DXAnd98$^KrCH+#L0ScrzMBF7M){?rA zutv)QT?SYL%hFgQhOVu7KUoD=Z;4L0KMoykHtduh(SlP1GU7)pI`=%dll$t zaOZ?CPMlhUAC@UDX&!Nx9yZn;=yEACUY#YU{{(KxafZ&7wt0#IgJ6qWrhz**q?oID z0=u@-r7yy&+kLoy&#hCf5c!SC@n0FonKhs!r=GE?`ko%R*+)OmVX&%xP;oaL5M1E+ ztDaOt>St=!nMs;Rs(%U8P+V6>2ha#FZcM9lk)sjPE4nUbPM*`UoR1Prow4~sxsYeC IUzg?1#0gSGs{jB1 diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem deleted file mode 100644 index 089945b055..0000000000 --- a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIICnjAcBgoqhkiG9w0BDAEBMA4ECHgR0/cyo14UAgIIAASCAnzDfJIvSkRQKqrV -lAzAMnhd42XlhqWAJLh6aB76LIWVmepDkNnXRNX0W1R+XE27/uzgs4lcovW5hU40 -2HZlv3R0u9MEvMhadjL4ZWS94143p9y7P4vnYembOcc2WnlhFaGSMLFSwMI5vgnL -8xz2P9+d8IuxGpFSgw8S8zchg4Ewzk+0nSdG0px4T5K21uhsFzjvZRLrG7XXuIee -tKluUauy4diqA5jrJ1ShmrFmNTvtzAPfMX+QohuY8nhRUeH6bx9dEWpbIq/1K/25 -1uIdInZff850YKRQpK1IkinW0YfFxoA+sUGvxs+aDecbq8w3noaRIjJN7r7ipFEK -dhdehOxD21Mq7iqsujV9RJxAbqkuoTfECHJP6N/Dmp9CY0wpnE1lnHOTZwCWqDPh -aumtaFsMxJdNPZ3M5xmGInPWnT3JpW2hwtoOF0Vb0pP9VSfo+3yCm9b5ipFvcs8C -+c2MdK87zSqFvKc19cuv9tggguCzNjAcECHN7pgY4VId7cWMK/y3k4mk2C8hPQDw -S7gm/n76BSxjZFjs9ZQn9n5meO/47ohgV1ua2WICPMuPmzz+IPJpT6mQrcPTbzm+ -nNGrBVRooPYwnHPYKGlPJWkfFzsWnQ6dRgEOcM3DJMfU29QLHmNHu0ucz2k2f2C2 -AHB1EFEIC5Rw2BxH1x/gqYlZAB7TCHZ86XWIzbYdJlyNjb+poXNczLvghpvoIBC6 -dxEEsxVVzRYCRbmLtNTdXa7XfQfEaRs5GR3qrKoNNDzms11btQWo8eiZUNIMA6sA -i3Qhs73feJ5P3hup8Kl2P9N29MuAjYsS2oeZApjdiXAzf5IeFaqTQRHR6Vumvn65 -TLE= ------END ENCRYPTED PRIVATE KEY----- diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der deleted file mode 100644 index 7ebca110c1bb346d99cbe0b362f40dd53fd9cd22..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1256 zcmVr!ebm9w|w(s z#P5MFH=4cWYna;;oVKlDrR|k~RJ*%xqi@pUm2%PbHXQ6`@St{=65wIRTV)d(cae>HfU+p&^c%{7jv zF;HqMVcD;+c3LJ5tMeEYECvcP`M3uV3gu*3Y+hmE>lC$9yAd*aQzUn4>0#Mfki9KE zy1qqBv6qI7@1)M6e_KJw;h8`fGlk7RMsGRjMEJ<-(>Qnl#J$!yAG!uYdHix^&k5P~ z`%g7FbHT(C9ER(bCw`4?x3vybB{`9S_%EpvjYnpg=1K>RU0*2hzYY^M`{O5Q+tJ97 zADe6iSS@7E(}G;be6{o@&$}6bq{v8~671B9m_dV#1)!xBe+x&@#YG9M1OZBZW$cLE zz^gj-pu)16-uX}5sf{*8VDqwF ziNu5q!w^p{UjPWCf|r3?+f&hCjc*2cnDHVU_7-S>YueOY2dg;j))Vu-v6LOdLV)j2 zxX1I#u}>K9sC+LcNMx^8k{csUj;}Y?C6h_^QjfTMI!4@U(_ot0-!G9C%(;BJmcsu> zBeU1(*yn_xAX$23M5i4{(D+CG1%a)VB{vhl4Ql4nk6-QP!bEZ}mud-q(CMi=m7`P6 z4)y;^;xq-Tmrd1ln@rWMwJHuiR4{E3<{xy|p+2?UEj|q$bMjuqOHr5T?DqWAbU7Ve zjgb8fomayTu~mFS4tyd8rlt{NOXv6gj|ShyvvE+d0@(6(2--<^hw6KFV9Qs-(RLsP zE6MB_FFj-6RLxYnEwGwD{dRG0&R9*I!})xM^H861<;Y}Y-0bosf=J`QO4mKL-lys@ z=ZE2@VeHVV8~JdLKZut>I&OsPGW2N4FFfAl)Cy+lq_uvZ87SBrct_Y$;?<%UBkh6| zX2oGWhW#R|@?w;qF}g5NLK1_r)ti5T6W{(><>*URJvbgVFoa4bf4zYxW^>L%JHGtc z^FZ~^fTyjSLi7CYyG4ErJhdi`-@ZM~irMwH(1Av5wo)znsR6N&HijLnlj~ikOJXHVQnC(}+E=E!xGj&4eJhWiSw7Rcl%xyg zCKY&^3k)=kNXe z$UUzvaElx>)jR-R-smI-3!ja!(fMW73dKywM(Z0H-uQW) z@5Fvn`oD+=-66Vl!b=vj;W=;adBlq=!Ri@3)@YPWE#?n- z9r{cHB`sVOrT2jD?_pXG^OMeV7Nd8(50ho!2VlRWfuR|8lngZiVHq}x3MC+fXfXrz z2O7_91I#w-%qav!Bf(u#65B$TVR%61e!*JgOFL=F-F3CU%yQb#PVf(DZn3WmhZC3! zC`Jfzm}beXNqTBHUp~dBLAPs`D#lz@2=_*!Y|R|KiX;Ci`Z9KPvulOe|9!u_I8v+9 zOv6c^a3A|^5ewrciRI-LJ7O^zVoiGtvJAP^q@?MIo5Mp}>oK$P#5#;u+F33*Iav(C{%%(GI-u zmi2GSZ*UQrlcIA{U3KE7{D+2iI$ZmfzQ}SCzBTA28*n*_ADH(LsM04{RX~BsWk2UV zSm9@Z7xOdjNR?#Zs&_X-pBma3Z^N;x(1&sx7Hn01Z2_KXO>}Ic#d@9;WL9`#?Wv5E zzg?i`S+LI`)Nu-}4gf{$sRP{@ES*?Va-pk{H0^3{rDgL|u{th3D~BaJv59ND8^ui8 zKx&8S#;JVRQ&7O#rD_lWLsrqh2{mYcMlR2Ayvhysp@F2)NiJ&Q;&f!FF2M7EzF^G4 z#jib>ozEm2C4gYvcR0{s?tV}7+B=(Lcx@09*$>>IN2zXVA8ybEooy>}_W>=~4@Kcj z-F_oM4^U_3(Nu*2OIa9Bt>t(4d7Nxqys>F8FmpA%Uu^a|9N%E)c~adl&M5JsdQDHK z@OxwC6LPIE68vc_X=Ckqc{)iOn4rcq!`n2ofJ)^?K*c7XVb2EclAw~($@3Fc2tGMm zZ8Wz~{D|P{H$bmBQ`)z`2~P%wa92Og3Dyuj@b3Cd**I%R(FAbsy8Oa`f;r!z6a!)p zUYoNTcatp675L&?Lx7R)jZ5#u8G61Hs!hD54J1B@eB<--WcM&xWM6W{TtSX?J4v)-X#WcOKaZ36zf&;Yp}>@e*UhUu?SR z5cR{|@j+E)CF_jZc&DJ$;fj;~@>ac9{nvHm1Euz`VJyFYY)iU(%XR@EPt7J}qmGRs z5z2y41eWrFmt(8(mNL)opytdQ?yM}n7jAg|4b;9|RcJ}{%F5dTwxScUYtEiw`%oBJ z)TJjQ(_YHH z4VpZmfjZ&pB*MwFb?1>Ng=7^XT0k33@Sm-P31IIB0PS|KeBP)$rX&v3LGJT7eW!2i z&Zy!608|}89re~qf5&k6$`1)7IKG%l(=IwbuG+?)#l~ZXzWKg`jvT2k<(_m`+5q_*P=BH zpt-f(5sPy8DMFLf22?|9X+8Dn$(ar0+O2DRZCEnY*aEv^dJ!$r&fqFTc*U}q{v$$#;+4>m+BG}<;v@7*g9m~pSL8D zxe2GxlcKKTApoBeWWXK6UV%4iW6)FW+4l6lM!#Gl#vB@|t#)KPp}9bt82;BGo!Os_ z(6NN?y@^i8M}hp5uL?<_F^;;&+F-Y6L?IU1X%VxQ&YFv0LU=hlGF<{W|CB&Z+w-80 zg`2>l9{AGey1@*%qc4r4)lnY}qZe8q%tdBLq8I!Cx}br^zuskK**>TXd&)m~+xS0; zlrrYSsYH^canBsb{3_wgvR3L4o_(7;@-K(E%!NhTXuVI&Cn>9RD$O@k9GAelYp#~@ zYc5Luz03ijVJs_y2pE?M(d8jS0TpJ8nKsr1`}Kq&jdj<1pgZx;>;;}yz;+C9nN__s zHlDUGt*{As0#fMc!+dntoJe*Aifp2onPWJ$uF3!L9fghbIF`ECUZ=OB#!wpNN}}v0 zH3tkQTwvk0`W4a0g~+yWF1!KRVqNAw1fZ-{|9U|SFWV1L9Q(i2H-a^xA4=$fmUp=y za~WDETR<{0o+aj;O@%=&DA7?pT z=|an#z}|BQfd0Hs!9#AlEb~)5eOJd}V6cEFtj$O(lks90m2?fgycoJ6LTEa%a7%H$ e4b>KVe;92Q%sFRX4hjGC7p+t1Yx5%ihJV6X=AK;u diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem deleted file mode 100644 index 53867ac535..0000000000 --- a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem +++ /dev/null @@ -1,53 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIJaDAcBgoqhkiG9w0BDAEBMA4ECOJxEWpN/HEEAgIIAASCCUYouEt15A4DUZoG -aJvr19vCKfGPErYDkh1fI9u04hDEKCdb+Z7oxaqXQ34rr0H1t8/SPdhpvqms9Bsz -3nMIlgzEPnppyiRLCa4Ycev0jtA66xkxgGGXnA5uxZQcTOFsGDR4gpTn2hi7//BO -gHhKVDbCd6nShZkNgNUe++tclNg65Fmazm2pwpnCPfY9TGnou8bynMrJrau0CPB+ -v+pI3NR39yxDcq6MNII542Ma8bZWE++WmqmSXjsnXyEV850Dw4j7khbevXlKIh3C -fsf1mb1/lUc+8HtsjFLgBS3Iag2D/AfAbCDCY3wWG5KcMJk2CtNayOAmMetL7P1t -S+i/zTmqAeNVaUF/6ciwY8JNA9YHnjV/0LH04I1Dn1emQVltcqKJahDSoxwGeLD0 -lv0EMQ9CBRHqdKKVaDjBJSqLkwQzLuiqye6ZREnoeIL2cYXDqWoxZzjtxr5t261F -jl+gGBvAX5RRKz3+Vj7hb8y4n7npYJYXk+CanrsTblsBhOMaFhgup+Vd+UhHGQku -FqHR28bHlJzxgUvlhYV/WdMUtHlGHvpax1Zo57ToC0JxlX/o+lPHiZvvpGZegYOe -Mta5f4xI8PcfVrVbfpHaEnt+ffZPtDVZUfhfZwlMniUKX/kJgKGdtpnrgm0wefUR -ymKmn4af2tY/nT828+pOBcRY8WV5G5EPthkA/EemXTor04bb9mglX9ZJ78vrv0n9 -XaOXkMGYuj698Rqkx5BtaVX8EjWKnknHn/GOLSINu38UelRDV+xf5GQyDQREHsuu -Mkj6AcygD5eP0p4AZZaHw9H6nytoZ9SX/vhUmRTk2vbrgnAPwRBFnZy6S4mipfFc -m82EyC4RHklbIriMRRY7EHamBrUTg+8axCqBWY1jtSvTXwm40ybpigsiphtbcaCN -9hT13VfVkglyQIbmxvxeoo9McgKv2BoP+0i5xIdmstu63bcHxO/DaMXw9WPOGgdm -kyFU4MwJZhvk57H4HwleIPXXJd93OJ0NNunDgBWxh3mnKqnM9hpit6ljjl8y41RC -QvJTO5cR3cKuzPpzTqfpC8eYeXiYChuFDgXKXubGE/PSSzSmU7cnKUrHAOyrXlD0 -EdCZkQBFF0gnLksVSjaF/owORlc1KualcD9ahOgWoaup4MqlyW7A+BHJ+f3Iz22z -oezU/B/FGPTcRc+kEpPyIHG+98nNeh2N5nmY1+piXkJCsq0WdcjB13t8MHLLGqQ8 -shUpiKtkwtO45DIP3xVykntZsPb2gHuj2JoHjXYnxmZ7MRVbTe+s1F3xpITNa+G2 -2Yorp0zqVrhNfvtsLG1i0XdOwockHo5k+dAFkNngJvQVTwsBUw/gqcDwgkoG0yKZ -NZTZDRJDv3yfopbIvGxmXBj723/OcR0prKLHUc5qaCvK5y0rvM7G+Dg2/W1rzRGx -9IjCOyZzkUVwE9vKZO+mdsa1zeVja1DtU1sjh3k3+Lw6P2+LcVZKWI7IjJ7vcNxt -XRI6+jlaR3/ht++3+ADgBpZUVAzBwiKeaneanFoiu0kbXv+G74bVDXvKLTXXbynv -0mabkp8cszm2wMehp9WuqnBKtAot5Q6sPg4i6E0si3LrdDzKgENgMAF8+ShG5r4w -ULHQBwMpvNS6LnrY69TqAQp7MNS5JoCCHnQqXSgUQN53Zmcnmaz9qysHvbJLK/On -Rp0akU5A+WHFNPvGqkF8ou5OZRrN9XQMk75RRgi1YYY+UddiaBAsxqFQBKq5ooxN -0sE65WM76WU2/v10va4iCNPTFjB0MhGLrq08sgSNfHhePpBK+WANuzjWDUWS+ekC -VCTNBAARzlPoxuF0YsUUhwYxqFw/VC4PW9WeT0kx8pvaIwhf7Xk++4TKbdayQehK -ImH5vmvpeWxNa1O7nVyvaJfNvSoj49X1zNg4PKDAOm+kEAjGvWeWKEOiHTLIXbzu -HztTw/pjNJ5NaCNVWeThYYduFuRZaqap5khpqP4s07zvDvkTyKiJj3MSFel/K7UV -uy1e0HPymTFToeinLW0x3YaJnLcOKDmF0DSJB1gVwl55B3rEYb8tODF6BLjz149J -BT91EXgj/Futj3YpPTcIjJXsBDElP/KaBtB6uZGkmXgnz8OvRgg7wJR3n1uHU6r+ -S+19ugY5I5hAFFMLAIg+zO2IqSXW1B+CiE94tr5z96VTyIckO2Ov6p5fcGpI1VkB -KtcuXGUVuF9pqFRKkFChu90OiqxdcdKYqgjHy1z1jovuYm2pfCB4kvPLn57XVsmB -T0ZcdHFBf+SwxuKdr8KsK2k4er5c4jTTIflWWktrD9JLcWLc1WUecL18lFByOOWh -5fF7zX+NNsbMBES3F6TG+06NfgC6z24/h29zfnps75usEExBc7YHJsmWl3Aef6bF -vcoS2ug8ZXaiefhlFkyx/frGpRnD57ZOvLCi/TUVf2G0cynEKvfsb21LN50eMKD2 -HiIBGoNj9f3vJdIhLTDFurf42ocY5EQzLGleIQ0Zpv6285LqwqKKl5v28o+A4qnp -Xhkt/3pqZ6aJeSCNQd9Zg5tOd1tXpcTdzl/BmFIvmE+SIsYydLxrX1UEWfJfEL41 -J6qXTzebh7N16bGfxU09OT7puztuK+/vAHEvCGINddDaOJFayVdEaMVUux9nDkoz -b1U/5UxzpzFdNUZBHg1JjkUWK8oTGmkJTlI1aKJKKA1RfmnzwOd4PeHI1hIuT8YQ -8qwKY72mCCb4Sr+Xiw43CqJ9NgWCxYr0ua+hqm2xv43QMhSCNd7v1Dg0bi3ZgOi8 -1eSns5VZFww2JkYo7rrKz21EiFXjhZ4u8MF45M5/cbDqbaPVb6FMx7MqaKmnkpQ8 -xT4BC2M4xCiXnYrrjhugw2/FMkMchIN9jG47IQiACQ8pNqoTd2tLFCFpTZeeRCaP -Dgd8rvaMXjY/Uu9zB+LgRlQ/c01hGL+/d8cNEFzTU9jajOLobi3pKQqLdvlo40Dl -qH6eLTnYusrZnZySBuZD5c57BBW4GMuetvtqr2l8iV4BJnMvLZ9tB69eA1PhKXwq -tHY7a0YkhLUUqKFyPvYcnHjU9Bvg9PnciXnoDFMP1Obkou27vpI6NVmIFKMX1OxQ -A2IJ5YWaN6h8nJOV/THzKjMDmPbXLmtQDuaDPpDaNE+oDwto/UlSQPV8KtW/MR+s -k3rLyN3KXoVl95gT ------END ENCRYPTED PRIVATE KEY----- diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index a1b876e60c..a14d4be252 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -13,7 +13,7 @@ CCM init #3 AES-224: bad key size depends_on:MBEDTLS_AES_C mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT -CCM init #4 BLOWFISH-128: bad block size +CCM init #4 DES: bad block size depends_on:MBEDTLS_DES_C mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_DES:128:MBEDTLS_ERR_CCM_BAD_INPUT diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data index 2d7b672d08..ec8282417a 100644 --- a/tests/suites/test_suite_nist_kw.data +++ b/tests/suites/test_suite_nist_kw.data @@ -20,6 +20,10 @@ NIST KW init #4 AES-224: bad key size depends_on:MBEDTLS_AES_C mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:224:1:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +NIST KW init #5 3DES: bad cipher +depends_on:MBEDTLS_DES_C +mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_3DES:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + NIST KW lengths #1 KW plaintext OK (2 to 2^54 - 1 semiblocks) nist_kw_plaintext_lengths:16:24:MBEDTLS_KW_MODE_KW:0 From 4a28ade6e96be18e22db09f3b24ff0e3e65a7ad4 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 21 Jun 2021 17:37:39 +0200 Subject: [PATCH 0430/1065] Changing the key length to 32 bytes in one of the PSA cipher setup tests Signed-off-by: TRodziewicz --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 56ba2412c6..b4df5ec7e6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1397,7 +1397,7 @@ cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CT PSA cipher setup: incompatible key ChaCha20 for CTR depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here -cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED +cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED PSA cipher: bad order function calls cipher_bad_order: From 08b5ab2b812b5efbac71462039e8288d64d1cd9f Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 21 Jun 2021 16:50:51 +0100 Subject: [PATCH 0431/1065] Reword changelog - Test Resource Leak MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - “Fix an issue where X happens” → ”Fix X“ the extra words are just a distraction. - “resource” → “a resource” - “where resource is never freed” has a name: it's a resource leak - “when running one particular test suite” → “in a test suite” Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4176.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt index d362f1080e..ddca37f9be 100644 --- a/ChangeLog.d/issue4176.txt +++ b/ChangeLog.d/issue4176.txt @@ -1,3 +1,3 @@ Bugfix - * Fix an issue where resource is never freed when running one particular - test suite with an alternative AES implementation. Fixes #4176. + * Fix a resource leak in a test suite with an alternative AES + implementation. Fixes #4176. From 18d1e66fcf920d51543c8b55f971a89871cd602d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 11:26:19 +0200 Subject: [PATCH 0432/1065] Tweak MSVC detection to work with non-English Visual Studio Fix #4699 Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/c_build_helper.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 18c1e76067..459afba426 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -135,8 +135,7 @@ def get_c_expression_values( stdout=subprocess.DEVNULL, stderr=subprocess.PIPE, universal_newlines=True) - cc_is_msvc = 'Microsoft (R) C/C++ Optimizing Compiler' in \ - proc.communicate()[1] + cc_is_msvc = 'Microsoft (R) C/C++' in proc.communicate()[1] cmd += ['-I' + dir for dir in include_path] if cc_is_msvc: From e7885e54416a42690f153e0cf476ed83a477aa86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 22 Jun 2021 12:29:27 +0200 Subject: [PATCH 0433/1065] RSA: Require hashlen to match md_alg when applicable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/require-matching-hashlen-rsa.txt | 4 + .../require-matching-hashlen-rsa.md | 13 +++ include/mbedtls/rsa.h | 80 ++++++++----------- 3 files changed, 49 insertions(+), 48 deletions(-) create mode 100644 ChangeLog.d/require-matching-hashlen-rsa.txt create mode 100644 docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md diff --git a/ChangeLog.d/require-matching-hashlen-rsa.txt b/ChangeLog.d/require-matching-hashlen-rsa.txt new file mode 100644 index 0000000000..d1420d1f94 --- /dev/null +++ b/ChangeLog.d/require-matching-hashlen-rsa.txt @@ -0,0 +1,4 @@ +API changes + * Functions in the RSA module that accept a hashlen parameter now require + it to match the output size of the hash algorithm used, except when + signing raw data. diff --git a/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md b/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md new file mode 100644 index 0000000000..75fadd8783 --- /dev/null +++ b/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md @@ -0,0 +1,13 @@ +RSA signature functions now require `hashlen` to match the expected value +------------------------------------------------------------------------- + +This only affects users of the low-level RSA API; users of the high-level PK +API or of the PSA Crypto API are not affected. + +All the functions in the RSA module that accept a `hashlen` parameter used to +ignore it unless the `md_alg` parameter was `MBEDTLS_MD_NONE`, indicating raw +data was signed. They now require this parameter's value to be equal to the +output size of the hash algorithm used when signing a hash. (The requirements +when signing raw data are unchanged.) + +The migration path is to pass the correct value to those functions. diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index c953a89490..9a070e703a 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -796,13 +796,11 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. A buffer length of @@ -830,13 +828,11 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. A buffer length of @@ -878,13 +874,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param saltlen The length of the salt that should be used. * If passed #MBEDTLS_RSA_SALT_LEN_ANY, the function will use * the largest possible salt length up to the hash length, @@ -935,13 +929,11 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. A buffer length of @@ -972,13 +964,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer holding the signature. This must be a readable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. @@ -999,13 +989,11 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer holding the signature. This must be a readable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. @@ -1036,13 +1024,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param sig The buffer holding the signature. This must be a readable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. @@ -1069,13 +1055,11 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. - * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hashlen The length of the message digest or raw data in Bytes. + * If \p md_alg is not #MBEDTLS_MD_NONE, this must match the + * output length of the corresponding hash algorithm. * \param hash The buffer holding the message digest or raw data. - * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable - * buffer of length \p hashlen Bytes. If \p md_alg is not - * #MBEDTLS_MD_NONE, it must be a readable buffer of length - * the size of the hash corresponding to \p md_alg. + * This must be a readable buffer of at least \p hashlen Bytes. * \param mgf1_hash_id The message digest algorithm used for the * verification operation and the mask generation * function (MGF1). For more details on the encoding From 5fb6f700ba3d3a0f360c4720d5fc62738ec3a7af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jun 2021 23:00:17 +0200 Subject: [PATCH 0434/1065] Clarify a few test descriptions (mostly involving 0) Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 553b8eb4f1..7968501136 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -145,7 +145,7 @@ mbedtls_mpi_bitlen:10:"16":5 Base test mbedtls_mpi_bitlen #6 mbedtls_mpi_bitlen:10:"10":4 -Base test mbedtls_mpi_bitlen #7 +Base test mbedtls_mpi_bitlen: 0 (1 limb) mbedtls_mpi_bitlen:10:"0":0 Base test mbedtls_mpi_cmp_int #1 @@ -298,7 +298,7 @@ mbedtls_mpi_cmp_abs:10:"-2":10:"-3":-1 Base test mbedtls_mpi_cmp_abs (Negative values) #3 mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1 -Base test mbedtls_mpi_cmp_abs (Zero and Zero) #4 +Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb) mbedtls_mpi_cmp_abs:10:"0":10:"0":0 Base test mbedtls_mpi_cmp_abs (Mix values) #1 @@ -628,7 +628,7 @@ mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630 Base test mbedtls_mpi_div_mpi #1 mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0 -Base test mbedtls_mpi_div_mpi #2 (Divide by zero) +Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb)) mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO Base test mbedtls_mpi_div_mpi #3 @@ -664,7 +664,7 @@ mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338 Base test mbedtls_mpi_mod_mpi #1 mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0 -Base test mbedtls_mpi_mod_mpi #2 (Divide by zero) +Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb)) mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO Base test mbedtls_mpi_mod_mpi #3 @@ -762,16 +762,16 @@ mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769 Base test mbedtls_mpi_inv_mod #1 mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0 -Base test mbedtls_mpi_inv_mod #2 +Test mbedtls_mpi_inv_mod: mod 0 (1 limb) mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Base test mbedtls_mpi_inv_mod #3 +Test mbedtls_mpi_inv_mod: mod negative mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Base test mbedtls_mpi_inv_mod #4 +Test mbedtls_mpi_inv_mod: 2^-1 mod 4 mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -Base test mbedtls_mpi_inv_mod #5 +Test mbedtls_mpi_inv_mod: mod 1 mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Test mbedtls_mpi_inv_mod #1 From ebc49e5bffda3ea681993f7e2464577ee29d8020 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Jun 2021 14:13:53 +0200 Subject: [PATCH 0435/1065] New test helper mbedtls_test_read_mpi This test helper reads an MPI from a string and guarantees control over the number of limbs of the MPI, allowing test cases to construct values with or without leading zeros, including 0 with 0 limbs. Signed-off-by: Gilles Peskine --- tests/include/test/helpers.h | 25 +++++++++++++++++++++++++ tests/src/helpers.c | 15 +++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index ab9a0c3cd0..c0d2c00724 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -59,6 +59,10 @@ #include #include +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" +#endif + typedef enum { MBEDTLS_TEST_RESULT_SUCCESS = 0, @@ -210,4 +214,25 @@ void mbedtls_test_err_add_check( int high, int low, const char *file, int line); #endif +#if defined(MBEDTLS_BIGNUM_C) +/** Read an MPI from a string. + * + * Like mbedtls_mpi_read_string(), but size the resulting bignum based + * on the number of digits in the string. In particular, construct a + * bignum with 0 limbs for an empty string, and a bignum with leading 0 + * limbs if the string has sufficiently many leading 0 digits. + * + * This is important so that the "0 (null)" and "0 (1 limb)" and + * "leading zeros" test cases do what they claim. + * + * \param[out] X The MPI object to populate. It must be initialized. + * \param radix The radix (2 to 16). + * \param[in] s The null-terminated string to read from. + * + * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. + */ +/* Since the library has exactly the desired behavior, this is trivial. */ +int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ); +#endif /* MBEDTLS_BIGNUM_C */ + #endif /* TEST_HELPERS_H */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index cac6d4cc0a..4d3d53da50 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -259,3 +259,18 @@ void mbedtls_test_err_add_check( int high, int low, } } #endif /* MBEDTLS_TEST_HOOKS */ + +#if defined(MBEDTLS_BIGNUM_C) +int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ) +{ + /* mbedtls_mpi_read_string() currently retains leading zeros. + * It always allocates at least one limb for the value 0. */ + if( s[0] == 0 ) + { + mbedtls_mpi_free( X ); + return( 0 ); + } + else + return( mbedtls_mpi_read_string( X, radix, s ) ); +} +#endif From 20edee7b177c99907efd76612c57c6f827409d38 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 23:18:39 +0200 Subject: [PATCH 0436/1065] Use mbedtls_test_read_mpi in test suites Replace calls to mbedtls_mpi_read_string() with a wrapper mbedtls_test_read_mpi() when reading test data except for the purpose of testing mbedtls_mpi_read_string() itself. The wrapper lets the test data control precisely how many limbs the constructed MPI has. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_asn1parse.function | 2 +- tests/suites/test_suite_debug.function | 4 +- tests/suites/test_suite_dhm.function | 10 +- tests/suites/test_suite_ecdh.function | 10 +- tests/suites/test_suite_ecdsa.function | 14 +- tests/suites/test_suite_ecp.function | 80 +++++------ tests/suites/test_suite_mpi.function | 150 ++++++++++----------- tests/suites/test_suite_pk.function | 22 +-- tests/suites/test_suite_pkcs1_v15.function | 24 ++-- tests/suites/test_suite_rsa.function | 140 +++++++++---------- tests/suites/test_suite_x509write.function | 2 +- 11 files changed, 228 insertions(+), 230 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index abcd1dbc71..535274b74e 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -417,7 +417,7 @@ void get_integer( const data_t *input, } #if defined(MBEDTLS_BIGNUM_C) - ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex ); + ret = mbedtls_test_read_mpi( &expected_mpi, 16, expected_hex ); TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) { diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index fda6939871..197a7ef313 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -179,9 +179,7 @@ void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - /* If value is empty, keep val->n == 0. */ - if( value[0] != 0 ) - TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 5286bc7b86..bc43016656 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -116,8 +116,8 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, /* * Set params */ - TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, radix_G, input_G ) == 0 ); pub_cli_len = mbedtls_mpi_size( &ctx_srv.P ); TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_P, &ctx_srv.P ) ); TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_G, &ctx_srv.G ) ); @@ -239,7 +239,7 @@ void dhm_make_public( int P_bytes, int radix_G, char *input_G, int result ) TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 ); TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &G, radix_G, input_G ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &G, radix_G, input_G ) == 0 ); TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 ); TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ), @@ -263,8 +263,8 @@ void dhm_file( char * filename, char * p, char * g, int len ) mbedtls_dhm_init( &ctx ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, 16, p ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &G, 16, g ) == 0 ); TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 ); diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 94030d89d3..6893bcfa40 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -157,21 +157,21 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, mbedtls_test_rnd_buffer_rand, &rnd_info_A ) == 0 ); TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xA_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yA_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 ); TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB, mbedtls_test_rnd_buffer_rand, &rnd_info_B ) == 0 ); TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xB_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yB_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, z_str ) == 0 ); TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 354f17842c..8803762946 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -92,9 +92,9 @@ void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 ); rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info.fallback_p_rng = NULL; rnd_info.buf = rnd_buf->x; @@ -157,9 +157,9 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, memset( hash, 0, sizeof( hash ) ); TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 ); md_info = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md_info != NULL ); @@ -388,7 +388,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, memset( sig, 0, sizeof( sig ) ); TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, 16, d_str ) == 0 ); md_info = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md_info != NULL ); diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index d795fe2146..2afc355347 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -82,9 +82,9 @@ void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex, TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z_hex ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret ); @@ -135,13 +135,13 @@ void ecp_test_vect_restart( int id, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 ); mbedtls_ecp_set_max_ops( (unsigned) max_ops ); @@ -222,13 +222,13 @@ void ecp_muladd_restart( int id, char *xR_str, char *yR_str, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &u1, 16, u1_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &u2, 16, u2_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xR, 16, xR_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yR, 16, yR_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, 16, xQ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, 16, yQ_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 ); mbedtls_ecp_set_max_ops( (unsigned) max_ops ); @@ -285,14 +285,14 @@ void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str, TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yB, 16, yB_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 ); TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); @@ -342,11 +342,11 @@ void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex, TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &xS, 16, xS_hex ) == 0 ); TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); @@ -508,7 +508,7 @@ void ecp_fast_mod( int id, char * N_str ) mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R ); mbedtls_ecp_group_init( &grp ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, 16, N_str ) == 0 ); TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); TEST_ASSERT( grp.modp != NULL ); @@ -547,9 +547,9 @@ void ecp_write_binary( int id, char * x, char * y, char * z, int format, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z ) == 0 ); TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format, &olen, buf, blen ) == ret ); @@ -579,9 +579,9 @@ void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 ); TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret ); @@ -623,9 +623,9 @@ void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y, TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 ); TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret ); @@ -760,7 +760,7 @@ void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret ) mbedtls_mpi_init( &d ); TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, key_hex ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret ); @@ -789,7 +789,7 @@ void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub, if( id != MBEDTLS_ECP_DP_NONE ) TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 ); TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, 16, d ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index eb918b31eb..eaede01b49 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -214,7 +214,7 @@ void mbedtls_mpi_write_binary( int radix_X, char * input_X, mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); buflen = mbedtls_mpi_size( &X ); if( buflen > (size_t) output_size ) @@ -246,7 +246,7 @@ void mbedtls_mpi_write_binary_le( int radix_X, char * input_X, mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); buflen = mbedtls_mpi_size( &X ); if( buflen > (size_t) output_size ) @@ -310,7 +310,7 @@ void mbedtls_mpi_write_file( int radix_X, char * input_X, int output_radix, mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); file_out = fopen( output_file, "w" ); TEST_ASSERT( file_out != NULL ); @@ -336,7 +336,7 @@ void mbedtls_mpi_get_bit( int radix_X, char * input_X, int pos, int val ) { mbedtls_mpi X; mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val ); exit: @@ -351,8 +351,8 @@ void mbedtls_mpi_set_bit( int radix_X, char * input_X, int pos, int val, mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, output_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, output_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result ); if( result == 0 ) @@ -371,7 +371,7 @@ void mbedtls_mpi_lsb( int radix_X, char * input_X, int nr_bits ) mbedtls_mpi X; mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits ); exit: @@ -385,7 +385,7 @@ void mbedtls_mpi_bitlen( int radix_X, char * input_X, int nr_bits ) mbedtls_mpi X; mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits ); exit: @@ -400,9 +400,9 @@ void mbedtls_mpi_gcd( int radix_X, char * input_X, int radix_Y, mbedtls_mpi A, X, Y, Z; mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); @@ -432,8 +432,8 @@ void mbedtls_mpi_cmp_mpi( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A ); exit: @@ -451,8 +451,8 @@ void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X, mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 ); @@ -473,8 +473,8 @@ void mbedtls_mpi_cmp_abs( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A ); exit: @@ -559,9 +559,9 @@ void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign, mbedtls_mpi X, Y, XX; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x_str ) == 0 ); X.s = x_sign; - TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y_str ) == 0 ); Y.s = y_sign; TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 ); @@ -585,9 +585,9 @@ void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign, mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x_str ) == 0 ); X.s = x_sign; - TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y_str ) == 0 ); Y.s = y_sign; TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 ); @@ -673,16 +673,16 @@ void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 ); @@ -700,17 +700,17 @@ void mbedtls_mpi_add_mpi_inplace( int radix_X, char * input_X, int radix_A, mbedtls_mpi X, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); @@ -727,16 +727,16 @@ void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 ); @@ -754,8 +754,8 @@ void mbedtls_mpi_add_int( int radix_X, char * input_X, int input_Y, mbedtls_mpi X, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); @@ -771,16 +771,16 @@ void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 ); @@ -800,9 +800,9 @@ void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y, int res; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); res = mbedtls_mpi_sub_abs( &Z, &X, &Y ); TEST_ASSERT( res == sub_result ); @@ -813,7 +813,7 @@ void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result ); if( sub_result == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result ); @@ -832,8 +832,8 @@ void mbedtls_mpi_sub_int( int radix_X, char * input_X, int input_Y, mbedtls_mpi X, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); @@ -849,9 +849,9 @@ void mbedtls_mpi_mul_mpi( int radix_X, char * input_X, int radix_Y, mbedtls_mpi X, Y, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); @@ -868,8 +868,8 @@ void mbedtls_mpi_mul_int( int radix_X, char * input_X, int input_Y, mbedtls_mpi X, Z, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 ); if( strcmp( result_comparison, "==" ) == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); @@ -893,10 +893,10 @@ void mbedtls_mpi_div_mpi( int radix_X, char * input_X, int radix_Y, mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 ); res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y ); TEST_ASSERT( res == div_result ); if( res == 0 ) @@ -921,9 +921,9 @@ void mbedtls_mpi_div_int( int radix_X, char * input_X, int input_Y, mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 ); res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y ); TEST_ASSERT( res == div_result ); if( res == 0 ) @@ -947,9 +947,9 @@ void mbedtls_mpi_mod_mpi( int radix_X, char * input_X, int radix_Y, int res; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); res = mbedtls_mpi_mod_mpi( &X, &X, &Y ); TEST_ASSERT( res == div_result ); if( res == 0 ) @@ -971,7 +971,7 @@ void mbedtls_mpi_mod_int( int radix_X, char * input_X, int input_Y, mbedtls_mpi_uint r; mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); res = mbedtls_mpi_mod_int( &r, &X, input_Y ); TEST_ASSERT( res == div_result ); if( res == 0 ) @@ -995,13 +995,13 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); if( strlen( input_RR ) ) - TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 ); res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); TEST_ASSERT( res == div_result ); @@ -1040,7 +1040,7 @@ void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes, TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 ); if( strlen( input_RR ) ) - TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 ); TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result ); @@ -1059,9 +1059,9 @@ void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y, int res; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); res = mbedtls_mpi_inv_mod( &Z, &X, &Y ); TEST_ASSERT( res == div_result ); if( res == 0 ) @@ -1081,7 +1081,7 @@ void mbedtls_mpi_is_prime( int radix_X, char * input_X, int div_result ) int res; mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL ); TEST_ASSERT( res == div_result ); @@ -1167,8 +1167,8 @@ void mbedtls_mpi_shift_l( int radix_X, char * input_X, int shift_X, mbedtls_mpi X, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); @@ -1184,8 +1184,8 @@ void mbedtls_mpi_shift_r( int radix_X, char * input_X, int shift_X, mbedtls_mpi X, A; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 5ccb072e74..0d4ff08ea2 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -403,8 +403,8 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, rsa = mbedtls_pk_rsa( pk ); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); if( mbedtls_md_info_from_type( digest ) != NULL ) @@ -446,8 +446,8 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, rsa = mbedtls_pk_rsa( pk ); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); if( digest != MBEDTLS_MD_NONE ) @@ -534,7 +534,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 ); TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 ); @@ -720,8 +720,8 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N, rsa = mbedtls_pk_rsa( pk ); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len, output, &olen, sizeof( output ), @@ -759,12 +759,12 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P, rsa = mbedtls_pk_rsa( pk ); /* load public key */ - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); /* load private key */ - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d78ee88959..2089c6251a 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -30,8 +30,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -80,10 +80,10 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); @@ -288,10 +288,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, memset( hash_result, 0x00, sizeof( hash_result ) ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); @@ -336,8 +336,8 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, MBEDTLS_RSA_PKCS_V15, hash ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index eb96e30eb9..bb2df8d930 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -99,10 +99,10 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -147,8 +147,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, MBEDTLS_MD_NONE ) == 0 ); memset( hash_result, 0x00, sizeof( hash_result ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -187,10 +187,10 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -232,8 +232,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -268,8 +268,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -311,8 +311,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, MBEDTLS_MD_NONE ) == 0 ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -361,10 +361,10 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -407,8 +407,8 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, mbedtls_rsa_init( &ctx2 ); memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -466,10 +466,10 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); @@ -542,11 +542,11 @@ void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E, if( strlen( input_N ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); } if( strlen( input_E ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); } TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); @@ -574,36 +574,36 @@ void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P, ctx.len = mod / 8; if( strlen( input_P ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 ); } if( strlen( input_Q ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 ); } if( strlen( input_N ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 ); } if( strlen( input_E ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 ); } if( strlen( input_D ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 ); } #if !defined(MBEDTLS_RSA_NO_CRT) if( strlen( input_DP ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 ); } if( strlen( input_DQ ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 ); } if( strlen( input_QP ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 ); } #else ((void) radix_DP); ((void) input_DP); @@ -638,45 +638,45 @@ void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub, if( strlen( input_Npub ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 ); } if( strlen( input_Epub ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 ); } if( strlen( input_P ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 ); } if( strlen( input_Q ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 ); } if( strlen( input_N ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 ); } if( strlen( input_E ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 ); } if( strlen( input_D ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 ); } #if !defined(MBEDTLS_RSA_NO_CRT) if( strlen( input_DP ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 ); } if( strlen( input_DQ ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 ); } if( strlen( input_QP ) ) { - TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 ); } #else ((void) radix_DP); ((void) input_DP); @@ -737,11 +737,11 @@ void mbedtls_rsa_deduce_primes( int radix_N, char *input_N, mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 ); if( corrupt ) TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 ); @@ -778,10 +778,10 @@ void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P, mbedtls_mpi_init( &E ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp ); - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 ); if( corrupt ) { @@ -864,19 +864,19 @@ void mbedtls_rsa_import( int radix_N, char *input_N, (const unsigned char *) pers, strlen( pers ) ) == 0 ); if( have_N ) - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); if( have_P ) - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); if( have_Q ) - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); if( have_D ) - TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); if( have_E ) - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); if( !successive ) { @@ -1008,19 +1008,19 @@ void mbedtls_rsa_export( int radix_N, char *input_N, /* Setup RSA context */ if( have_N ) - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); if( have_P ) - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); if( have_Q ) - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); if( have_D ) - TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); if( have_E ) - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, strlen( input_N ) ? &N : NULL, @@ -1128,19 +1128,19 @@ void mbedtls_rsa_validate_params( int radix_N, char *input_N, strlen( pers ) ) == 0 ); if( have_N ) - TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); if( have_P ) - TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); if( have_Q ) - TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); if( have_D ) - TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); if( have_E ) - TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL, have_P ? &P : NULL, diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index c9b7cf9c5d..261794c7f8 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -248,7 +248,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, (void) rsa_alt; #endif - TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &serial, 10, serial_str ) == 0 ); if( ver != -1 ) mbedtls_x509write_crt_set_version( &crt, ver ); From dffc710008b5f2de69087c7a194c1170a5fa0fa9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 15:34:15 +0200 Subject: [PATCH 0437/1065] Test the validity of the sign bit after constructing an MPI object This is mostly to look for cases where the sign bit may have been left at 0 after zerozing memory, or a value of 0 with the sign bit set to -11. Both of these mostly work fine, so they can go otherwise undetected by unit tests, but they can break when certain combinations of functions are used. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 63 ++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index eaede01b49..d45d3dcf81 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -6,6 +6,18 @@ #define MPI_MAX_BITS_LARGER_THAN_792 #endif +/* Check the validity of the sign bit in an MPI object. Reject representations + * that are not supported by the rest of the library and indicate a bug when + * constructing the value. */ +static int sign_is_valid( const mbedtls_mpi *X ) +{ + if( X->s != 1 && X->s != -1 ) + return( 0 ); // invalid sign bit, e.g. 0 + if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 ) + return( 0 ); // negative zero + return( 1 ); +} + typedef struct mbedtls_test_mpi_random { data_t *data; @@ -150,6 +162,7 @@ void mpi_read_write_string( int radix_X, char * input_X, int radix_A, TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read ); if( result_read == 0 ) { + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write ); if( result_write == 0 ) { @@ -174,6 +187,7 @@ void mbedtls_mpi_read_binary( data_t * buf, int radix_A, char * input_A ) TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 ); TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); @@ -193,6 +207,7 @@ void mbedtls_mpi_read_binary_le( data_t * buf, int radix_A, char * input_A ) TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 ); TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); @@ -287,6 +302,7 @@ void mbedtls_mpi_read_file( int radix_X, char * input_file, if( result == 0 ) { + TEST_ASSERT( sign_is_valid( &X ) ); buflen = mbedtls_mpi_size( &X ); TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 ); @@ -357,6 +373,7 @@ void mbedtls_mpi_set_bit( int radix_X, char * input_X, int pos, int val, if( result == 0 ) { + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); } @@ -404,6 +421,7 @@ void mbedtls_mpi_gcd( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); exit: @@ -492,6 +510,7 @@ void mbedtls_mpi_copy_sint( int input_X, int input_Y ) TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); @@ -512,6 +531,7 @@ void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); @@ -566,9 +586,11 @@ void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign, TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 ); TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 ); TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); exit: @@ -594,10 +616,14 @@ void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign, TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 ); TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 ); @@ -619,6 +645,8 @@ void mbedtls_mpi_swap_sint( int input_X, int input_Y ) TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 ); mbedtls_mpi_swap( &X, &Y ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); @@ -640,6 +668,8 @@ void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y ) TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 ); mbedtls_mpi_swap( &X, &Y ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); @@ -659,6 +689,7 @@ void mpi_swap_self( data_t *input_X ) TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); mbedtls_mpi_swap( &X, &X ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); exit: @@ -677,15 +708,18 @@ void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); exit: @@ -705,13 +739,16 @@ void mbedtls_mpi_add_mpi_inplace( int radix_X, char * input_X, int radix_A, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); exit: @@ -731,15 +768,18 @@ void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); exit: @@ -757,6 +797,7 @@ void mbedtls_mpi_add_int( int radix_X, char * input_X, int input_Y, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); exit: @@ -775,15 +816,18 @@ void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); exit: @@ -806,17 +850,20 @@ void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y, res = mbedtls_mpi_sub_abs( &Z, &X, &Y ); TEST_ASSERT( res == sub_result ); + TEST_ASSERT( sign_is_valid( &Z ) ); if( res == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); /* result == first operand */ TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result ); + TEST_ASSERT( sign_is_valid( &X ) ); if( sub_result == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); /* result == second operand */ TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result ); + TEST_ASSERT( sign_is_valid( &Y ) ); if( sub_result == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); @@ -835,6 +882,7 @@ void mbedtls_mpi_sub_int( int radix_X, char * input_X, int input_Y, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); exit: @@ -853,6 +901,7 @@ void mbedtls_mpi_mul_mpi( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); exit: @@ -871,6 +920,7 @@ void mbedtls_mpi_mul_int( int radix_X, char * input_X, int input_Y, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 ); + TEST_ASSERT( sign_is_valid( &Z ) ); if( strcmp( result_comparison, "==" ) == 0 ) TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); else if( strcmp( result_comparison, "!=" ) == 0 ) @@ -901,6 +951,8 @@ void mbedtls_mpi_div_mpi( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( res == div_result ); if( res == 0 ) { + TEST_ASSERT( sign_is_valid( &Q ) ); + TEST_ASSERT( sign_is_valid( &R ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); } @@ -928,6 +980,8 @@ void mbedtls_mpi_div_int( int radix_X, char * input_X, int input_Y, TEST_ASSERT( res == div_result ); if( res == 0 ) { + TEST_ASSERT( sign_is_valid( &Q ) ); + TEST_ASSERT( sign_is_valid( &R ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); } @@ -954,6 +1008,7 @@ void mbedtls_mpi_mod_mpi( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( res == div_result ); if( res == 0 ) { + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); } @@ -1007,6 +1062,7 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, TEST_ASSERT( res == div_result ); if( res == 0 ) { + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); } @@ -1066,6 +1122,7 @@ void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y, TEST_ASSERT( res == div_result ); if( res == 0 ) { + TEST_ASSERT( sign_is_valid( &Z ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); } @@ -1141,6 +1198,7 @@ void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret ) TEST_ASSERT( actual_bits >= (size_t) bits ); TEST_ASSERT( actual_bits <= (size_t) bits + 1 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, @@ -1170,6 +1228,7 @@ void mbedtls_mpi_shift_l( int radix_X, char * input_X, int shift_X, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); exit: @@ -1187,6 +1246,7 @@ void mbedtls_mpi_shift_r( int radix_X, char * input_X, int shift_X, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); exit: @@ -1228,6 +1288,7 @@ void mpi_fill_random( int wanted_bytes, int rng_bytes, TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros == (size_t) wanted_bytes ); TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes ); + TEST_ASSERT( sign_is_valid( &X ) ); } exit: @@ -1285,6 +1346,7 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, mbedtls_test_rnd_std_rand, NULL ) ); + TEST_ASSERT( sign_is_valid( &result ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); if( full_stats ) @@ -1366,6 +1428,7 @@ void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before ) bound_bytes->x, bound_bytes->len ) ); TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, mbedtls_test_rnd_std_rand, NULL ) ); + TEST_ASSERT( sign_is_valid( &result ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); From 90ec8e857c044d8789b92ec8f77d704e11fde445 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 15:17:30 +0200 Subject: [PATCH 0438/1065] Overhaul testing of mbedtls_mpi_copy Replace the two test functions mbedtls_mpi_copy_sint (supporting signed inputs but always with exactly one limb) and mbedtls_mpi_copy_binary (supporting arbitrary-sized inputs but not negative inputs) by a single function that supports both arbitrary-sized inputs and arbitrary-signed inputs. This will allows testing combinations like negative source and zero-sized destination. Also generalize mpi_copy_self to support arbitrary inputs. Generate a new list of test cases systematically enumerating all possibilities among various categories: zero with 0 or 1 limb, negative or positive with 1 limb, negative or positive with >1 limb. I used the following Perl script: ``` sub rhs { $_ = $_[0]; s/bead/beef/; s/ca5cadedb01dfaceacc01ade/face1e55ca11ab1ecab005e5/; $_ } %v = ( "zero (null)" => "", "zero (1 limb)" => "0", "small positive" => "bead", "large positive" => "ca5cadedb01dfaceacc01ade", "small negative" => "-bead", "large negative" => "-ca5cadedb01dfaceacc01ade", ); foreach $s (sort keys %v) { foreach $d (sort keys %v) { printf "Copy %s to %s\nmbedtls_mpi_copy:\"%s\":\"%s\"\n\n", $s, $d, $v{$s}, rhs($v{$d}); } } foreach $s (sort keys %v) { printf "Copy self: %s\nmpi_copy_self:\"%s\"\n\n", $s, $v{$s}; } ``` Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 137 ++++++++++++++++++++++----- tests/suites/test_suite_mpi.function | 56 ++++------- 2 files changed, 133 insertions(+), 60 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 7968501136..2f8cab2a7b 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -310,44 +310,131 @@ mbedtls_mpi_cmp_abs:10:"2":10:"-3":-1 Base test mbedtls_mpi_cmp_abs (Mix values) #3 mbedtls_mpi_cmp_abs:10:"-2":10:"1":1 -Copy zero (1 limb) to positive (1 limb) -mbedtls_mpi_copy_sint:0:1500 +Copy large negative to large negative +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" -Copy zero (1 limb) to negative (1 limb) -mbedtls_mpi_copy_sint:0:-1500 +Copy large negative to large positive +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" -Copy positive (1 limb) to zero (1 limb) -mbedtls_mpi_copy_sint:1500:0 +Copy large negative to small negative +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef" -Copy negative (1 limb) to zero (1 limb) -mbedtls_mpi_copy_sint:-1500:0 +Copy large negative to small positive +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef" -Copy positive (1 limb) to negative (1 limb) -mbedtls_mpi_copy_sint:1500:-42 +Copy large negative to zero (1 limb) +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"0" -Copy negative (1 limb) to positive (1 limb) -mbedtls_mpi_copy_sint:-42:1500 +Copy large negative to zero (null) +mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"" + +Copy large positive to large negative +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Copy large positive to large positive +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Copy large positive to small negative +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef" + +Copy large positive to small positive +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"beef" + +Copy large positive to zero (1 limb) +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"0" + +Copy large positive to zero (null) +mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"" + +Copy small negative to large negative +mbedtls_mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5" + +Copy small negative to large positive +mbedtls_mpi_copy:"-bead":"face1e55ca11ab1ecab005e5" + +Copy small negative to small negative +mbedtls_mpi_copy:"-bead":"-beef" + +Copy small negative to small positive +mbedtls_mpi_copy:"-bead":"beef" + +Copy small negative to zero (1 limb) +mbedtls_mpi_copy:"-bead":"0" + +Copy small negative to zero (null) +mbedtls_mpi_copy:"-bead":"" + +Copy small positive to large negative +mbedtls_mpi_copy:"bead":"-face1e55ca11ab1ecab005e5" + +Copy small positive to large positive +mbedtls_mpi_copy:"bead":"face1e55ca11ab1ecab005e5" + +Copy small positive to small negative +mbedtls_mpi_copy:"bead":"-beef" + +Copy small positive to small positive +mbedtls_mpi_copy:"bead":"beef" + +Copy small positive to zero (1 limb) +mbedtls_mpi_copy:"bead":"0" + +Copy small positive to zero (null) +mbedtls_mpi_copy:"bead":"" + +Copy zero (1 limb) to large negative +mbedtls_mpi_copy:"0":"-face1e55ca11ab1ecab005e5" + +Copy zero (1 limb) to large positive +mbedtls_mpi_copy:"0":"face1e55ca11ab1ecab005e5" + +Copy zero (1 limb) to small negative +mbedtls_mpi_copy:"0":"-beef" + +Copy zero (1 limb) to small positive +mbedtls_mpi_copy:"0":"beef" + +Copy zero (1 limb) to zero (1 limb) +mbedtls_mpi_copy:"0":"0" + +Copy zero (1 limb) to zero (null) +mbedtls_mpi_copy:"0":"" + +Copy zero (null) to large negative +mbedtls_mpi_copy:"":"-face1e55ca11ab1ecab005e5" + +Copy zero (null) to large positive +mbedtls_mpi_copy:"":"face1e55ca11ab1ecab005e5" + +Copy zero (null) to small negative +mbedtls_mpi_copy:"":"-beef" + +Copy zero (null) to small positive +mbedtls_mpi_copy:"":"beef" + +Copy zero (null) to zero (1 limb) +mbedtls_mpi_copy:"":"0" Copy zero (null) to zero (null) -mbedtls_mpi_copy_binary:"":"" +mbedtls_mpi_copy:"":"" -Copy zero (null) to positive (1 limb) -mbedtls_mpi_copy_binary:"":"1234" +Copy self: large negative +mpi_copy_self:"-ca5cadedb01dfaceacc01ade" -Copy positive (1 limb) to zero (null) -mbedtls_mpi_copy_binary:"1234":"" +Copy self: large positive +mpi_copy_self:"ca5cadedb01dfaceacc01ade" -Copy positive to larger -mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade" +Copy self: small negative +mpi_copy_self:"-bead" -Copy positive to smaller -mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead" - -Copy self: positive (1 limb) -mpi_copy_self:14 +Copy self: small positive +mpi_copy_self:"bead" Copy self: zero (1 limb) -mpi_copy_self:0 +mpi_copy_self:"0" + +Copy self: zero (null) +mpi_copy_self:"" Swap zero (1 limb) with positive (1 limb) mbedtls_mpi_swap_sint:0:1500 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index d45d3dcf81..42dbafa2d7 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -501,56 +501,42 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_copy_sint( int input_X, int input_Y ) +void mbedtls_mpi_copy( char *src_hex, char *dst_hex ) { - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi src, dst; + mbedtls_mpi_init( &src ); + mbedtls_mpi_init( &dst ); - TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 ); + + TEST_ASSERT( sign_is_valid( &dst ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free( &src ); + mbedtls_mpi_free( &dst ); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y ) +void mpi_copy_self( char *input_X ) { - mbedtls_mpi X, Y, X0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_copy_self( int input_X ) -{ - mbedtls_mpi X; + mbedtls_mpi X, A; + mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); + + TEST_ASSERT( mbedtls_test_read_mpi( &A, 16, input_X ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); exit: + mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); } /* END_CASE */ From fc1eeefc991c7b45964d87d09494138fe6810d4f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 22:29:57 +0200 Subject: [PATCH 0439/1065] Overhaul testing of mbedtls_mpi_swap Similarly to "Overhaul testing of mbedtls_mpi_copy", simplify the code to test mbedtls_mpi_swap to have just one function for distinct MPIs and one function for swapping an MPI with itself, covering all cases of size (0, 1, >1) and sign (>0, <0). The test cases are exactly the same as for mbedtls_mpi_copy with the following replacements: * `Copy` -> `Swap` * ` to ` -> ` with ` * `_copy` -> `_swap` Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 135 ++++++++++++++++++++++----- tests/suites/test_suite_mpi.function | 106 +++++++++------------ 2 files changed, 153 insertions(+), 88 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 2f8cab2a7b..357484edc7 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -436,43 +436,130 @@ mpi_copy_self:"0" Copy self: zero (null) mpi_copy_self:"" -Swap zero (1 limb) with positive (1 limb) -mbedtls_mpi_swap_sint:0:1500 +Swap large negative with large negative +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" -Swap zero (1 limb) with negative (1 limb) -mbedtls_mpi_swap_sint:0:-1500 +Swap large negative with large positive +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" -Swap positive (1 limb) with zero (1 limb) -mbedtls_mpi_swap_sint:1500:0 +Swap large negative with small negative +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef" -Swap negative (1 limb) with zero (1 limb) -mbedtls_mpi_swap_sint:-1500:0 +Swap large negative with small positive +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef" -Swap positive (1 limb) with negative (1 limb) -mbedtls_mpi_swap_sint:1500:-42 +Swap large negative with zero (1 limb) +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"0" -Swap negative (1 limb) with positive (1 limb) -mbedtls_mpi_swap_sint:-42:1500 +Swap large negative with zero (null) +mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"" + +Swap large positive with large negative +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Swap large positive with large positive +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Swap large positive with small negative +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef" + +Swap large positive with small positive +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"beef" + +Swap large positive with zero (1 limb) +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"0" + +Swap large positive with zero (null) +mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"" + +Swap small negative with large negative +mbedtls_mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5" + +Swap small negative with large positive +mbedtls_mpi_swap:"-bead":"face1e55ca11ab1ecab005e5" + +Swap small negative with small negative +mbedtls_mpi_swap:"-bead":"-beef" + +Swap small negative with small positive +mbedtls_mpi_swap:"-bead":"beef" + +Swap small negative with zero (1 limb) +mbedtls_mpi_swap:"-bead":"0" + +Swap small negative with zero (null) +mbedtls_mpi_swap:"-bead":"" + +Swap small positive with large negative +mbedtls_mpi_swap:"bead":"-face1e55ca11ab1ecab005e5" + +Swap small positive with large positive +mbedtls_mpi_swap:"bead":"face1e55ca11ab1ecab005e5" + +Swap small positive with small negative +mbedtls_mpi_swap:"bead":"-beef" + +Swap small positive with small positive +mbedtls_mpi_swap:"bead":"beef" + +Swap small positive with zero (1 limb) +mbedtls_mpi_swap:"bead":"0" + +Swap small positive with zero (null) +mbedtls_mpi_swap:"bead":"" + +Swap zero (1 limb) with large negative +mbedtls_mpi_swap:"0":"-face1e55ca11ab1ecab005e5" + +Swap zero (1 limb) with large positive +mbedtls_mpi_swap:"0":"face1e55ca11ab1ecab005e5" + +Swap zero (1 limb) with small negative +mbedtls_mpi_swap:"0":"-beef" + +Swap zero (1 limb) with small positive +mbedtls_mpi_swap:"0":"beef" + +Swap zero (1 limb) with zero (1 limb) +mbedtls_mpi_swap:"0":"0" + +Swap zero (1 limb) with zero (null) +mbedtls_mpi_swap:"0":"" + +Swap zero (null) with large negative +mbedtls_mpi_swap:"":"-face1e55ca11ab1ecab005e5" + +Swap zero (null) with large positive +mbedtls_mpi_swap:"":"face1e55ca11ab1ecab005e5" + +Swap zero (null) with small negative +mbedtls_mpi_swap:"":"-beef" + +Swap zero (null) with small positive +mbedtls_mpi_swap:"":"beef" + +Swap zero (null) with zero (1 limb) +mbedtls_mpi_swap:"":"0" Swap zero (null) with zero (null) -mbedtls_mpi_swap_binary:"":"" +mbedtls_mpi_swap:"":"" -Swap zero (null) with positive (1 limb) -mbedtls_mpi_swap_binary:"":"1234" +Swap self: large negative +mpi_swap_self:"-ca5cadedb01dfaceacc01ade" -Swap positive (1 limb) with zero (null) -mbedtls_mpi_swap_binary:"1234":"" +Swap self: large positive +mpi_swap_self:"ca5cadedb01dfaceacc01ade" -Swap positive with larger -mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade" +Swap self: small negative +mpi_swap_self:"-bead" -Swap positive with smaller -mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead" +Swap self: small positive +mpi_swap_self:"bead" -Swap self: 1 limb -mpi_swap_self:"face" +Swap self: zero (1 limb) +mpi_swap_self:"0" -Swap self: null +Swap self: zero (null) mpi_swap_self:"" Shrink 2 limbs in a buffer of size 2 to 4 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 42dbafa2d7..02dc847e17 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -541,6 +541,48 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_mpi_swap( char *X_hex, char *Y_hex ) +{ + mbedtls_mpi X, Y, X0, Y0; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); + + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 ); + + mbedtls_mpi_swap( &X, &Y ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_swap_self( char *X_hex ) +{ + mbedtls_mpi X, X0; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); + + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 ); + + mbedtls_mpi_swap( &X, &X ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_mpi_shrink( int before, int used, int min, int after ) { @@ -619,70 +661,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void mbedtls_mpi_swap_sint( int input_X, int input_Y ) -{ - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 ); - - mbedtls_mpi_swap( &X, &Y ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y ) -{ - mbedtls_mpi X, Y, X0, Y0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 ); - - mbedtls_mpi_swap( &X, &Y ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_swap_self( data_t *input_X ) -{ - mbedtls_mpi X, X0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); - - mbedtls_mpi_swap( &X, &X ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 ); -} -/* END_CASE */ - /* BEGIN_CASE */ void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y, char * input_Y, int radix_A, char * input_A ) From d0722f8e714e1a6795ad7484dbbb8cc378234a30 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 23:00:33 +0200 Subject: [PATCH 0440/1065] Test mbedtls_mpi_safe_cond_{assign,swap} with the basic functions Test mbedtls_mpi_safe_cond_assign() and mbedtls_mpi_safe_cond_swap() with their "unsafe" counterparts mbedtls_mpi_copy() and mbedtls_mpi_swap(). This way we don't need to repeat the coverage of test cases. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 36 --------- tests/suites/test_suite_mpi.function | 111 +++++++++++---------------- 2 files changed, 45 insertions(+), 102 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 357484edc7..5a4a08317f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -586,42 +586,6 @@ mbedtls_mpi_shrink:4:1:0:1 Shrink 0 limbs in a buffer of size 4 to 0 yielding 1 mbedtls_mpi_shrink:4:0:0:1 -Test mbedtls_mpi_safe_cond_assign #1 -mbedtls_mpi_safe_cond_assign:+1:"01":+1:"02" - -Test mbedtls_mpi_safe_cond_assign #2 -mbedtls_mpi_safe_cond_assign:+1:"FF000000000000000001":+1:"02" - -Test mbedtls_mpi_safe_cond_assign #3 -mbedtls_mpi_safe_cond_assign:+1:"01":+1:"FF000000000000000002" - -Test mbedtls_mpi_safe_cond_assign #4 -mbedtls_mpi_safe_cond_assign:+1:"01":-1:"02" - -Test mbedtls_mpi_safe_cond_assign #5 -mbedtls_mpi_safe_cond_assign:-1:"01":+1:"02" - -Test mbedtls_mpi_safe_cond_assign #6 -mbedtls_mpi_safe_cond_assign:-1:"01":-1:"02" - -Test mbedtls_mpi_safe_cond_swap #1 -mbedtls_mpi_safe_cond_swap:+1:"01":+1:"02" - -Test mbedtls_mpi_safe_cond_swap #2 -mbedtls_mpi_safe_cond_swap:+1:"FF000000000000000001":+1:"02" - -Test mbedtls_mpi_safe_cond_swap #3 -mbedtls_mpi_safe_cond_swap:+1:"01":+1:"FF000000000000000002" - -Test mbedtls_mpi_safe_cond_swap #4 -mbedtls_mpi_safe_cond_swap:+1:"01":-1:"02" - -Test mbedtls_mpi_safe_cond_swap #5 -mbedtls_mpi_safe_cond_swap:-1:"01":+1:"02" - -Test mbedtls_mpi_safe_cond_swap #6 -mbedtls_mpi_safe_cond_swap:-1:"01":-1:"02" - Base test mbedtls_mpi_add_abs #1 mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209" diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 02dc847e17..1d2da2964e 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -503,21 +503,38 @@ exit: /* BEGIN_CASE */ void mbedtls_mpi_copy( char *src_hex, char *dst_hex ) { - mbedtls_mpi src, dst; + mbedtls_mpi src, dst, ref; mbedtls_mpi_init( &src ); mbedtls_mpi_init( &dst ); + mbedtls_mpi_init( &ref ); TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &ref, 16, dst_hex ) == 0 ); + + /* mbedtls_mpi_copy() */ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); + /* mbedtls_mpi_safe_cond_assign(), assignment done */ + mbedtls_mpi_free( &dst ); + TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); + TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 ); + TEST_ASSERT( sign_is_valid( &dst ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); + + /* mbedtls_mpi_safe_cond_assign(), assignment not done */ + mbedtls_mpi_free( &dst ); + TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); + TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 ); + TEST_ASSERT( sign_is_valid( &dst ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 ); + exit: mbedtls_mpi_free( &src ); mbedtls_mpi_free( &dst ); + mbedtls_mpi_free( &ref ); } /* END_CASE */ @@ -548,17 +565,40 @@ void mbedtls_mpi_swap( char *X_hex, char *Y_hex ) mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 ); + /* mbedtls_mpi_swap() */ + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); mbedtls_mpi_swap( &X, &Y ); TEST_ASSERT( sign_is_valid( &X ) ); TEST_ASSERT( sign_is_valid( &Y ) ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + /* mbedtls_mpi_safe_cond_swap(), swap done */ + mbedtls_mpi_free( &X ); + mbedtls_mpi_free( &Y ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); + TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + + /* mbedtls_mpi_safe_cond_swap(), swap not done */ + mbedtls_mpi_free( &X ); + mbedtls_mpi_free( &Y ); + TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); + TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 ); + TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT( sign_is_valid( &Y ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 ); + exit: mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); @@ -600,67 +640,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign, - char * y_str ) -{ - mbedtls_mpi X, Y, XX; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x_str ) == 0 ); - X.s = x_sign; - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y_str ) == 0 ); - Y.s = y_sign; - TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &XX ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign, - char * y_str ) -{ - mbedtls_mpi X, Y, XX, YY; - - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x_str ) == 0 ); - X.s = x_sign; - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y_str ) == 0 ); - Y.s = y_sign; - - TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &XX ); mbedtls_mpi_free( &YY ); -} -/* END_CASE */ - /* BEGIN_CASE */ void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y, char * input_Y, int radix_A, char * input_A ) From 9e9314ff930575faf2bd9ac9db32defc61e85451 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 10:52:12 +0200 Subject: [PATCH 0441/1065] Add some GCD tests Add GCD tests with negative arguments and with large non-co-prime arguments. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 41 +++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 5a4a08317f..054239b38a 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -894,9 +894,48 @@ mbedtls_mpi_gcd:10:"1764":10:"868":10:"28" Base test GCD #3 mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1" -Test GCD #1 +Test GCD #1: A > 0, B > 0 mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" +Test GCD #1 with A > B +mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1" + +Test GCD #1: A > 0, B < 0 +mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" + +Test GCD #1: A < 0, B > 0 +mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" + +Test GCD #1: A < 0, B < 0 +mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" + +Test GCD #2 +mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2" + +Test GCD #2 with A > B +mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2" + +Test GCD #3 +mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3" + +Test GCD #3 with A > B +mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3" + +Test GCD #4 +mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4" + +Test GCD #4 with A > B +mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4" + +Test GCD #6 +mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6" + +Test GCD #5 (A = B) +mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847" + +Test GCD #6 with A > B +mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6" + Base test mbedtls_mpi_inv_mod #1 mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0 From 424390c517401e4b459faaf0d4ad763784b35798 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 18:28:35 +0200 Subject: [PATCH 0442/1065] mbedtls_mpi_exp_mod test: don't read RR from test data Remove the RR parameter to the mbedtls_mpi_exp_mod test function. It was never used in the test data, so there is no loss of functionality. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 18 +++++++++--------- tests/suites/test_suite_mpi.function | 6 +----- 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 054239b38a..66fec75b16 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -839,22 +839,22 @@ Base test mbedtls_mpi_mod_int #8 (By 2) mbedtls_mpi_mod_int:10:"1000":2:0:0 Base test mbedtls_mpi_exp_mod #1 -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"":10:"24":0 +mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0 Base test mbedtls_mpi_exp_mod #2 (Even N) -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_exp_mod #3 (Negative N) -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_exp_mod #4 (Negative base) -mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"":10:"5":0 +mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"5":0 Base test mbedtls_mpi_exp_mod #5 (Negative exponent) -mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent) -mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Test mbedtls_mpi_exp_mod: MAX_SIZE exponent mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0 @@ -876,14 +876,14 @@ mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:10: Test mbedtls_mpi_exp_mod #1 depends_on:MPI_MAX_BITS_LARGER_THAN_792 -mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0 +mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0 Test mbedtls_mpi_exp_mod (Negative base) [#1] -mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0 +mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"1":0 Test mbedtls_mpi_exp_mod (Negative base) [#2] depends_on:MPI_MAX_BITS_LARGER_THAN_792 -mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0 +mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0 Base test GCD #1 mbedtls_mpi_gcd:10:"693":10:"609":10:"21" diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 1d2da2964e..8a46066901 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -985,8 +985,7 @@ exit: /* BEGIN_CASE */ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, char * input_E, int radix_N, char * input_N, - int radix_RR, char * input_RR, int radix_X, - char * input_X, int div_result ) + int radix_X, char * input_X, int div_result ) { mbedtls_mpi A, E, N, RR, Z, X; int res; @@ -998,9 +997,6 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - if( strlen( input_RR ) ) - TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 ); - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); TEST_ASSERT( res == div_result ); if( res == 0 ) From 342f71b512e947cac74317029df75503c29800c3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 18:31:35 +0200 Subject: [PATCH 0443/1065] Test mbedtls_mpi_exp_mod both with and without _RR mbedtls_mpi_exp_mod can be called in three ways regarding the speed-up parameter _RR: null (unused), zero (will be updated), nonzero (will be used). Systematically test all three. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 8a46066901..ea1346433f 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -997,6 +997,24 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); + res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL ); + TEST_ASSERT( res == div_result ); + if( res == 0 ) + { + TEST_ASSERT( sign_is_valid( &Z ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); + } + + /* Now test again with the speed-up parameter supplied as an output. */ + res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); + TEST_ASSERT( res == div_result ); + if( res == 0 ) + { + TEST_ASSERT( sign_is_valid( &Z ) ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); + } + + /* Now test again with the speed-up parameter supplied in calculated form. */ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); TEST_ASSERT( res == div_result ); if( res == 0 ) From 3637488eb4736f0395ddc672a9ba2313d21be4e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jun 2021 23:01:13 +0200 Subject: [PATCH 0444/1065] Add many test cases involving 0 Test both 0 represented with 0 limbs ("0 (null)") and 0 represented with 1 limb ("0 (1 limb)"), because occasionally there are bugs with 0-limb bignums and occasionally there are bugs with removing leading zero limbs. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 319 +++++++++++++++++++++++++++ tests/suites/test_suite_mpi.function | 3 +- 2 files changed, 321 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 66fec75b16..ea1f27e270 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -115,6 +115,12 @@ mbedtls_mpi_read_file:10:"data_files/mpi_too_big":"":MBEDTLS_ERR_MPI_BUFFER_TOO_ Base test mbedtls_mpi_write_file #1 mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write" +Test mbedtls_mpi_lsb: 0 (null) +mbedtls_mpi_lsb:16:"":0 + +Test mbedtls_mpi_lsb: 0 (1 limb) +mbedtls_mpi_lsb:16:"0":0 + Base test mbedtls_mpi_lsb #1 mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2 @@ -145,6 +151,9 @@ mbedtls_mpi_bitlen:10:"16":5 Base test mbedtls_mpi_bitlen #6 mbedtls_mpi_bitlen:10:"10":4 +Base test mbedtls_mpi_bitlen: 0 (null) +mbedtls_mpi_bitlen:10:"":0 + Base test mbedtls_mpi_bitlen: 0 (1 limb) mbedtls_mpi_bitlen:10:"0":0 @@ -193,6 +202,30 @@ mbedtls_mpi_cmp_mpi:10:"2":10:"-3":1 Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1 +Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null) +mbedtls_mpi_cmp_mpi:10:"":10:"":0 + +Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb) +mbedtls_mpi_cmp_mpi:10:"":10:"0":0 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null) +mbedtls_mpi_cmp_mpi:10:"0":10:"":0 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb) +mbedtls_mpi_cmp_mpi:10:"0":10:"0":0 + +Test mbedtls_mpi_cmp_mpi: 0 < positive +mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 > negative +mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1 + +Test mbedtls_mpi_cmp_mpi: positive > 0 +mbedtls_mpi_cmp_mpi:10:"123":10:"":1 + +Test mbedtls_mpi_cmp_mpi: negative < 0 +mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1 + Base test mbedtls_mpi_lt_mpi_ct #1 mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0 @@ -226,6 +259,9 @@ mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Base test mbedtls_mpi_lt_mpi_ct (length=0) +mbedtls_mpi_lt_mpi_ct:0:"":0:"":0:0 + Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0 @@ -298,6 +334,15 @@ mbedtls_mpi_cmp_abs:10:"-2":10:"-3":-1 Base test mbedtls_mpi_cmp_abs (Negative values) #3 mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1 +Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null) +mbedtls_mpi_cmp_abs:10:"":10:"":0 + +Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb) +mbedtls_mpi_cmp_abs:10:"":10:"0":0 + +Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null) +mbedtls_mpi_cmp_abs:10:"0":10:"":0 + Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb) mbedtls_mpi_cmp_abs:10:"0":10:"0":0 @@ -562,6 +607,9 @@ mpi_swap_self:"0" Swap self: zero (null) mpi_swap_self:"" +Shrink 0 limbs in a buffer of size 0 to 0 +mbedtls_mpi_shrink:0:0:0:0 + Shrink 2 limbs in a buffer of size 2 to 4 mbedtls_mpi_shrink:2:2:4:4 @@ -598,6 +646,15 @@ mbedtls_mpi_add_abs:10:"12345678":10:"-642531":10:"12988209" Base test mbedtls_mpi_add_abs #4 mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209" +Test mbedtls_mpi_add_abs: 0 + 0 +mbedtls_mpi_add_abs:16:"":16:"":16:"" + +Test mbedtls_mpi_add_abs: 0 + 1 +mbedtls_mpi_add_abs:16:"":16:"01":16:"01" + +Test mbedtls_mpi_add_abs: 1 + 0 +mbedtls_mpi_add_abs:16:"01":16:"":16:"01" + Test mbedtls_mpi_add_abs #1 mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924" @@ -619,6 +676,21 @@ mbedtls_mpi_add_mpi:10:"12345678":10:"-642531":10:"11703147" Base test mbedtls_mpi_add_mpi #4 mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209" +Test mbedtls_mpi_add_mpi: 0 + 0 +mbedtls_mpi_add_mpi:16:"":16:"":16:"" + +Test mbedtls_mpi_add_mpi: 0 + 1 +mbedtls_mpi_add_mpi:16:"":16:"01":16:"01" + +Test mbedtls_mpi_add_mpi: 1 + 0 +mbedtls_mpi_add_mpi:16:"01":16:"":16:"01" + +Test mbedtls_mpi_add_mpi: 0 + -1 +mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01" + +Test mbedtls_mpi_add_mpi: -1 + 0 +mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01" + Test mbedtls_mpi_add_mpi #1 mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342" @@ -640,6 +712,12 @@ mbedtls_mpi_add_int:10:"20395687835640197740576586692903457728019399331434826309 Test mbedtls_mpi_add_int #2 mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" +Test mbedtls_mpi_add_int: 0 (null) + 0 +mbedtls_mpi_add_int:16:"":0:16:"" + +Test mbedtls_mpi_add_int: 0 (null) + 1 +mbedtls_mpi_add_int:16:"":1:16:"1" + Base test mbedtls_mpi_sub_abs #1 (|B| > |A|) mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE @@ -676,6 +754,24 @@ mbedtls_mpi_sub_abs:10:"-7":10:"5":10:"2":0 Base test mbedtls_mpi_sub_abs #4 mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0 +Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null) +mbedtls_mpi_sub_abs:16:"":16:"":16:"":0 + +Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb) +mbedtls_mpi_sub_abs:16:"":16:"00":16:"":0 + +Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null) +mbedtls_mpi_sub_abs:16:"00":16:"":16:"":0 + +Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb) +mbedtls_mpi_sub_abs:16:"00":16:"00":16:"":0 + +Test mbedtls_mpi_sub_abs: 1 - 0 (null) +mbedtls_mpi_sub_abs:16:"01":16:"":16:"01":0 + +Test mbedtls_mpi_sub_abs: 0 (null) - 1 +mbedtls_mpi_sub_abs:16:"":16:"01":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + Test mbedtls_mpi_sub_abs #1 mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0 @@ -700,6 +796,27 @@ mbedtls_mpi_sub_mpi:10:"-5":10:"7":10:"-12" Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction) mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12" +Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null) +mbedtls_mpi_sub_mpi:16:"":16:"":16:"" + +Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb) +mbedtls_mpi_sub_mpi:16:"":16:"00":16:"" + +Test mbedtls_mpi_sub_mpi: 0 (null) - 1 +mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1" + +Test mbedtls_mpi_sub_mpi: 0 (null) - -1 +mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1" + +Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null) +mbedtls_mpi_sub_mpi:16:"00":16:"":16:"" + +Test mbedtls_mpi_sub_mpi: 1 - 0 (null) +mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1" + +Test mbedtls_mpi_sub_mpi: -1 - 0 (null) +mbedtls_mpi_sub_mpi:16:"-1":16:"":16:"-1" + Test mbedtls_mpi_sub_mpi #1 mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096" @@ -712,12 +829,30 @@ mbedtls_mpi_sub_int:10:"20395687835640197740576586692903457728019399331434826309 Test mbedtls_mpi_sub_int #2 mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" +Test mbedtls_mpi_sub_int: 0 (null) - 0 +mbedtls_mpi_sub_int:16:"":0:16:"" + +Test mbedtls_mpi_sub_int: 0 (null) - 1 +mbedtls_mpi_sub_int:16:"":1:16:"-1" + +Test mbedtls_mpi_sub_int: 0 (null) - -1 +mbedtls_mpi_sub_int:16:"":-1:16:"1" + Test mbedtls_mpi_shift_l #1 mbedtls_mpi_shift_l:10:"64":1:10:"128" Test mbedtls_mpi_shift_l #2 mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704" +Test mbedtls_mpi_shift_l: 0 (null) <<= 0 +mbedtls_mpi_shift_l:16:"":1:16:"" + +Test mbedtls_mpi_shift_l: 0 (null) <<= 1 +mbedtls_mpi_shift_l:16:"":1:16:"" + +Test mbedtls_mpi_shift_l: 0 (null) <<= 64 +mbedtls_mpi_shift_l:16:"":64:16:"" + Test mbedtls_mpi_shift_r #1 mbedtls_mpi_shift_r:10:"128":1:10:"64" @@ -736,6 +871,15 @@ mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":65:16:"00" Test mbedtls_mpi_shift_r #7 mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00" +Test mbedtls_mpi_shift_r: 0 (null) >>= 0 +mbedtls_mpi_shift_r:16:"":0:16:"" + +Test mbedtls_mpi_shift_r: 0 (null) >>= 1 +mbedtls_mpi_shift_r:16:"":1:16:"" + +Test mbedtls_mpi_shift_r: 0 (null) >>= 64 +mbedtls_mpi_shift_r:16:"":64:16:"" + Base test mbedtls_mpi_mul_mpi #1 mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35" @@ -748,6 +892,27 @@ mbedtls_mpi_mul_mpi:10:"5":10:"-7":10:"-35" Base test mbedtls_mpi_mul_mpi #4 mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35" +Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null) +mbedtls_mpi_mul_mpi:16:"":16:"":16:"" + +Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb) +mbedtls_mpi_mul_mpi:16:"":16:"00":16:"" + +Test mbedtls_mpi_mul_mpi: 0 (null) * 1 +mbedtls_mpi_mul_mpi:16:"":16:"01":16:"" + +Test mbedtls_mpi_mul_mpi: 0 (null) * -1 +mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"" + +Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) +mbedtls_mpi_mul_mpi:16:"":16:"00":16:"" + +Test mbedtls_mpi_mul_mpi: 1 * 0 (null) +mbedtls_mpi_mul_mpi:16:"01":16:"":16:"" + +Test mbedtls_mpi_mul_mpi: -1 * 0 (null) +mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"" + Test mbedtls_mpi_mul_mpi #1 mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761" @@ -763,15 +928,45 @@ mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630 Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure) mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!=" +Test mbedtls_mpi_mul_int: 0 (null) * 0 +mbedtls_mpi_mul_int:16:"":0:16:"":"==" + +Test mbedtls_mpi_mul_int: 0 (null) * 1 +mbedtls_mpi_mul_int:16:"":1:16:"":"==" + +Test mbedtls_mpi_mul_int: 0 (null) * 0x1234 +mbedtls_mpi_mul_int:16:"":0x1234:16:"":"==" + Base test mbedtls_mpi_div_mpi #1 mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0 Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb)) mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO +Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null)) +mbedtls_mpi_div_mpi:10:"1000":10:"":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + Base test mbedtls_mpi_div_mpi #3 mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0 +Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null) +mbedtls_mpi_div_mpi:16:"":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb) +mbedtls_mpi_div_mpi:16:"":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null) +mbedtls_mpi_div_mpi:16:"0":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb) +mbedtls_mpi_div_mpi:16:"0":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (null) / 1 +mbedtls_mpi_div_mpi:16:"":16:"1":16:"":16:"":0 + +Test mbedtls_mpi_div_mpi: 0 (null) / -1 +mbedtls_mpi_div_mpi:16:"":16:"-1":16:"":16:"":0 + Test mbedtls_mpi_div_mpi #1 mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0 @@ -799,9 +994,21 @@ mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338 Test mbedtls_mpi_div_int #2 mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0 +Test mbedtls_mpi_div_int: 0 (null) / 0 +mbedtls_mpi_div_int:16:"":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_int: 0 (1 limb) / 0 +mbedtls_mpi_div_int:16:"00":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_int: 0 (null) / 1 +mbedtls_mpi_div_int:16:"":1:16:"":16:"":0 + Base test mbedtls_mpi_mod_mpi #1 mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0 +Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null)) +mbedtls_mpi_mod_mpi:10:"1000":10:"":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb)) mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO @@ -814,6 +1021,12 @@ mbedtls_mpi_mod_mpi:10:"1000":10:"-13":10:"-1":MBEDTLS_ERR_MPI_NEGATIVE_VALUE Base test mbedtls_mpi_mod_mpi #5 (Negative modulo) mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE +Test mbedtls_mpi_mod_mpi: 0 (null) % 1 +mbedtls_mpi_mod_mpi:16:"":16:"1":16:"":0 + +Test mbedtls_mpi_mod_mpi: 0 (null) % -1 +mbedtls_mpi_mod_mpi:16:"":16:"-1":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + Base test mbedtls_mpi_mod_int #1 mbedtls_mpi_mod_int:10:"1000":13:12:0 @@ -838,12 +1051,21 @@ mbedtls_mpi_mod_int:10:"1001":2:1:0 Base test mbedtls_mpi_mod_int #8 (By 2) mbedtls_mpi_mod_int:10:"1000":2:0:0 +Test mbedtls_mpi_mod_int: 0 (null) % 1 +mbedtls_mpi_mod_int:16:"":1:0:0 + +Test mbedtls_mpi_mod_int: 0 (null) % -1 +mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE + Base test mbedtls_mpi_exp_mod #1 mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0 Base test mbedtls_mpi_exp_mod #2 (Even N) mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Base test mbedtls_mpi_exp_mod #2 (N = 0 (null)) +mbedtls_mpi_exp_mod:10:"23":10:"13":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + Base test mbedtls_mpi_exp_mod #3 (Negative N) mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA @@ -856,6 +1078,52 @@ mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DA Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent) mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9 +depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH +mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9 +depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH +mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9 +depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH +mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9 +depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH +mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9 +mbedtls_mpi_exp_mod:16:"00":16:"":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9 +mbedtls_mpi_exp_mod:16:"00":16:"00":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9 +mbedtls_mpi_exp_mod:16:"00":16:"01":16:"09":16:"":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9 +mbedtls_mpi_exp_mod:16:"00":16:"02":16:"09":16:"":0 + +Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9 +mbedtls_mpi_exp_mod:16:"01":16:"":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9 +mbedtls_mpi_exp_mod:16:"04":16:"":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9 +mbedtls_mpi_exp_mod:16:"0a":16:"":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9 +mbedtls_mpi_exp_mod:16:"01":16:"00":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9 +mbedtls_mpi_exp_mod:16:"04":16:"00":16:"09":16:"1":0 + +Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9 +mbedtls_mpi_exp_mod:16:"0a":16:"00":16:"09":16:"1":0 + Test mbedtls_mpi_exp_mod: MAX_SIZE exponent mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0 @@ -894,6 +1162,39 @@ mbedtls_mpi_gcd:10:"1764":10:"868":10:"28" Base test GCD #3 mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1" +Test GCD: 0 (null), 0 (null) +mbedtls_mpi_gcd:16:"":16:"":16:"" + +Test GCD: 0 (null), 0 (1 limb) +mbedtls_mpi_gcd:16:"":16:"00":16:"" + +Test GCD: 0 (null), 3 +mbedtls_mpi_gcd:16:"":16:"03":16:"3" + +Test GCD: 0 (null), 6 +mbedtls_mpi_gcd:16:"":16:"06":16:"6" + +Test GCD: 0 (1 limb), 0 (null) +mbedtls_mpi_gcd:16:"00":16:"00":16:"" + +Test GCD: 0 (1 limb), 3 +mbedtls_mpi_gcd:16:"00":16:"03":16:"3" + +Test GCD: 0 (1 limb), 6 +mbedtls_mpi_gcd:16:"00":16:"06":16:"6" + +Test GCD: 3, 0 (null) +mbedtls_mpi_gcd:16:"03":16:"":16:"3" + +Test GCD: 3, 0 (1 limb) +mbedtls_mpi_gcd:16:"03":16:"00":16:"3" + +Test GCD: 6, 0 (null) +mbedtls_mpi_gcd:16:"06":16:"":16:"6" + +Test GCD: 6, 0 (1 limb) +mbedtls_mpi_gcd:16:"06":16:"00":16:"6" + Test GCD #1: A > 0, B > 0 mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" @@ -939,6 +1240,9 @@ mbedtls_mpi_gcd:10:"346892299678669733829054550006704459555027502778749383722549 Base test mbedtls_mpi_inv_mod #1 mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0 +Test mbedtls_mpi_inv_mod: mod 0 (null) +mbedtls_mpi_inv_mod:10:"3":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + Test mbedtls_mpi_inv_mod: mod 0 (1 limb) mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA @@ -951,6 +1255,12 @@ mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE Test mbedtls_mpi_inv_mod: mod 1 mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Test mbedtls_mpi_inv_mod: 0 (null) ^-1 +mbedtls_mpi_inv_mod:16:"":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1 +mbedtls_mpi_inv_mod:16:"00":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + Test mbedtls_mpi_inv_mod #1 mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0 @@ -1135,6 +1445,9 @@ mbedtls_mpi_get_bit:10:"49979687":26:0 Test bit getting (Larger and non-existing limb) mbedtls_mpi_get_bit:10:"49979687":500:0 +Test bit getting in 0 (null) +mbedtls_mpi_get_bit:10:"":500:0 + Test bit getting (Value bit 24) mbedtls_mpi_get_bit:10:"49979687":24:0 @@ -1153,6 +1466,12 @@ mbedtls_mpi_set_bit:10:"49979687":80:0:10:"49979687":0 Test bit set (Add above existing limbs with a 1) mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0 +Test bit set (Add to 0 (null) with a 0) +mbedtls_mpi_set_bit:16:"":65:0:16:"":0 + +Test bit set (Add to 0 (null) with a 1) +mbedtls_mpi_set_bit:16:"":65:1:16:"020000000000000000":0 + Test bit set (Bit index larger than 31 with a 0) mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index ea1346433f..c682a9e872 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -631,7 +631,8 @@ void mbedtls_mpi_shrink( int before, int used, int min, int after ) TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 ); TEST_ASSERT( used <= before ); - memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) ); + if( before > 0 ) + memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) ); TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 ); TEST_ASSERT( X.n == (size_t) after ); From 3da1a8ff39d780a5134975cd4730e87488ed5a63 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jun 2021 23:17:42 +0200 Subject: [PATCH 0445/1065] Fix null pointer dereference in mbedtls_mpi_exp_mod Fix a null pointer dereference in mbedtls_mpi_exp_mod(X, A, N, E, _RR) when A is the value 0 represented with 0 limbs. Make the code a little more robust against similar bugs. Signed-off-by: Gilles Peskine --- library/bignum.c | 27 +++++++++++++++++++++++++-- tests/suites/test_suite_mpi.data | 4 ---- 2 files changed, 25 insertions(+), 6 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index c49d63e037..40f1239e93 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -203,7 +203,13 @@ static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) } /* - * Copy the contents of Y into X + * Copy the contents of Y into X. + * + * This function is not constant-time. Leading zeros in Y may be removed. + * + * Ensure that X does not shrink. This is not guaranteed by the public API, + * but some code in the bignum module relies on this property, for example + * in mbedtls_mpi_exp_mod(). */ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) { @@ -217,7 +223,11 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) if( Y->n == 0 ) { - mbedtls_mpi_free( X ); + if( X->n != 0 ) + { + X->s = 1; + memset( X->p, 0, X->n * ciL ); + } return( 0 ); } @@ -2175,6 +2185,11 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, #endif j = N->n + 1; + /* All W[i] and X must have at least N->n limbs for the mpi_montmul() + * and mpi_montred() calls later. Here we ensure that W[1] and X are + * large enough, and later we'll grow other W[i] to the same length. + * They must not be shrunk midway through this function! + */ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) ); @@ -2209,10 +2224,18 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * W[1] = A * R^2 * R^-1 mod N = A * R mod N */ if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 ) + { MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) ); + /* This should be a no-op because W[1] is already that large before + * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow + * in mpi_montmul() below, so let's make sure. */ + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n +1 ) ); + } else MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); + /* Note that this is safe because W[1] always has at least N->n limbs + * (it grew above and was preserved by mbedtls_mpi_copy()). */ mpi_montmul( &W[1], &RR, N, mm, &T ); /* diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index ea1f27e270..630e008399 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1079,19 +1079,15 @@ Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent) mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9 -depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0 Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9 -depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0 Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9 -depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0 Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9 -depends_on:TEST_TEMPORARILY_DISABLED_BECAUSE_IT_CAUSES_A_CRASH mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0 Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9 From 3008dde386f9db5fd1702983779fdccf4fbb34fd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 18:55:57 +0200 Subject: [PATCH 0446/1065] Changelog for the fix to mbedtls_mpi_exp_mod(A=0) In Mbed TLS 2.26.0, the bug was hard to trigger, since all methods for parsing a bignum (mbedtls_mpi_read_xxx functions) constructed an mbedtls_mpi object with at least one limb. In the development branch, after the commit "New internal function mbedtls_mpi_resize_clear", this bug could be triggered by a TLS server, by passing invalid custom Diffie-Hellman parameters with G=0 transmitted as a 0-length byte string. Since the behavior change in mbedtls_mpi_read_binary and mbedtls_mpi_read_binary_le (constructing 0 limbs instead of 1 when passed empty input) turned out to have consequences despite being in principle an internal detail, mention it in the changelog. Signed-off-by: Gilles Peskine --- ChangeLog.d/mpi_exp_mod-zero.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/mpi_exp_mod-zero.txt diff --git a/ChangeLog.d/mpi_exp_mod-zero.txt b/ChangeLog.d/mpi_exp_mod-zero.txt new file mode 100644 index 0000000000..9df9031a91 --- /dev/null +++ b/ChangeLog.d/mpi_exp_mod-zero.txt @@ -0,0 +1,7 @@ +Bugfix + * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with + A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug + could not be triggered by code that constructed A with one of the + mbedtls_mpi_read_xxx functions (including in particular TLS code) since + those always built an mpi object with at least one limb. + Credit to OSS-Fuzz. Fixes #4641. From 27253bc88599a159ca7160ba44d29cdacb8e6c53 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 13:26:43 +0200 Subject: [PATCH 0447/1065] mbedtls_mpi_gcd: fix the case B==0 Signed-off-by: Gilles Peskine --- ChangeLog.d/mpi_gcd-0.txt | 4 ++++ library/bignum.c | 10 ++++++++++ 2 files changed, 14 insertions(+) create mode 100644 ChangeLog.d/mpi_gcd-0.txt diff --git a/ChangeLog.d/mpi_gcd-0.txt b/ChangeLog.d/mpi_gcd-0.txt new file mode 100644 index 0000000000..41e11e1f6b --- /dev/null +++ b/ChangeLog.d/mpi_gcd-0.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no + effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect + applications that call mbedtls_mpi_gcd() directly. Fixes #4642. diff --git a/library/bignum.c b/library/bignum.c index 40f1239e93..2b41a143e6 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2391,6 +2391,16 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B lz = mbedtls_mpi_lsb( &TA ); lzt = mbedtls_mpi_lsb( &TB ); + /* The loop below gives the correct result when A==0 but not when B==0. + * So have a special case for B==0. Leverage the fact that we just + * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test + * slightly more efficient than cmp_int(). */ + if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 ) + { + ret = mbedtls_mpi_copy( G, A ); + goto cleanup; + } + if( lzt < lz ) lz = lzt; From b4347d859b5203d56c28c6cb3291f6e4b3f526ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 13:27:05 +0200 Subject: [PATCH 0448/1065] mbedtls_mpi_gcd: small optimization Shifting TA and TB before the loop is not necessary. If A != 0, it will be done at the start of the loop iteration. If A == 0, then lz==0 and G is correctly set to B after 0 loop iterations. Signed-off-by: Gilles Peskine --- library/bignum.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 2b41a143e6..acdccde11a 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2404,9 +2404,6 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B if( lzt < lz ) lz = lzt; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) ); - TA.s = TB.s = 1; while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) From f4998b0a202951a35ed8a06d15b99b78d5f46a56 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jun 2021 15:51:54 +0200 Subject: [PATCH 0449/1065] Fix multiplication producing a negative zero Fix mbedtls_mpi_mul_mpi() when one of the operands is zero and the other is negative. The sign of the result must be 1, since some library functions do not treat {-1, 0, NULL} or {-1, n, {0}} as representing the value 0. Signed-off-by: Gilles Peskine --- ChangeLog | 8 ++++++-- library/bignum.c | 12 +++++++++++- tests/suites/test_suite_mpi.data | 6 ++++++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 565ce1c788..fcd842708f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -81,8 +81,12 @@ Bugfix in line with version 1.0.0 of the specification. Fix #4162. * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits zero. Fixes #1792 - * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated - as equal to 0 in all cases. Fix it to produce the same object as "0". + * Fix some cases in the bignum module where the library constructed an + unintended representation of the value 0 which was not processed + correctly by some bignum operations. This could happen when + mbedtls_mpi_read_string() was called on "-0", or when + mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of + the arguments being negative and the other being 0. Fixes #4643. Changes * Fix the setting of the read timeout in the DTLS sample programs. diff --git a/library/bignum.c b/library/bignum.c index acdccde11a..418fbf20e9 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1658,7 +1658,17 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi for( ; j > 0; j-- ) mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] ); - X->s = A->s * B->s; + /* If the result is 0, we don't shortcut the operation, which reduces + * but does not eliminate side channels leaking the zero-ness. We do + * need to take care to set the sign bit properly since the library does + * not fully support an MPI object with a value of 0 and s == -1. */ + if( ( i == 0 && ( A->n == 0 || A->p[0] == 0 ) ) || + ( j == 0 && ( B->n == 0 || B->p[0] == 0 ) ) ) + { + X->s = 1; + } + else + X->s = A->s * B->s; cleanup: diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 630e008399..cf62d884c4 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -904,6 +904,9 @@ mbedtls_mpi_mul_mpi:16:"":16:"01":16:"" Test mbedtls_mpi_mul_mpi: 0 (null) * -1 mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"" +Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1 +mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"" + Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) mbedtls_mpi_mul_mpi:16:"":16:"00":16:"" @@ -913,6 +916,9 @@ mbedtls_mpi_mul_mpi:16:"01":16:"":16:"" Test mbedtls_mpi_mul_mpi: -1 * 0 (null) mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"" +Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb) +mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"" + Test mbedtls_mpi_mul_mpi #1 mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761" From 058d009a61b60e3ec7784ada38a30d4a248f2bec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 16:24:35 +0200 Subject: [PATCH 0450/1065] Add RSA tests with message=0 Signed-off-by: Gilles Peskine --- tests/suites/test_suite_rsa.data | 6 ++++++ tests/suites/test_suite_rsa.function | 8 ++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index e81f208ef1..49301aa85f 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -373,12 +373,18 @@ mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d041 RSA Private (Data larger than N) mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +RSA Private (Data = 0 ) +mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 + RSA Public (Correct) mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0 RSA Public (Data larger than N) mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +RSA Public (Data = 0) +mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 + RSA Generate Key - 128bit key mbedtls_rsa_gen_key:128:3:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index bb2df8d930..db30fc458d 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -411,10 +411,12 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); + + /* Check test data consistency */ + TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result ); if( result == 0 ) { @@ -472,11 +474,13 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); + + /* Check test data consistency */ + TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - /* repeat three times to test updating of blinding values */ for( i = 0; i < 3; i++ ) { From 45adf6fca95dc739f5f37fbaab767fe43121b487 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jun 2021 13:37:31 +0200 Subject: [PATCH 0451/1065] DHM: test some edge cases for the generator Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index e5fb428570..863e25c173 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -82,6 +82,27 @@ dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BA Diffie-Hellman zero modulus dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +Diffie-Hellman with G=0 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + +Diffie-Hellman with G=1 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + +Diffie-Hellman with G=P-1 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + +Diffie-Hellman with G=P-2 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409621":0 + +Diffie-Hellman with G=P +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409623":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + +Diffie-Hellman with G=P+1 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409624":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + +Diffie-Hellman with G=P+2 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409625":0 + Diffie-Hellman: x_size < 0 dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA From 7cba859235473fb1caf554150f2a92078d650d76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jun 2021 18:32:34 +0200 Subject: [PATCH 0452/1065] mbedtls_mpi_read_string: make an empty bignum for an empty string In mbedtls_mpi_read_string, if the string is empty, return an empty bignum rather than a bignum with one limb with the value 0. Both representations are correct, so this is not, in principle, a user-visible change. The change does leak however through mbedtls_mpi_write_string in base 16 (but not in other bases), as it writes a bignum with 0 limbs as "" but a bignum with the value 0 and at least one limb as "00". This change makes it possible to construct an empty bignum through mbedtls_mpi_read_string, which is especially useful to construct test cases (a common use of mbedtls_mpi_read_string, as most formats use in production encode numbers in binary, to be read with mbedtls_mpi_read_binary or mbedtls_mpi_read_binary_le). Signed-off-by: Gilles Peskine --- library/bignum.c | 6 ++++++ tests/suites/test_suite_mpi.data | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 418fbf20e9..d2284a4b70 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -512,6 +512,12 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) mbedtls_mpi_init( &T ); + if( s[0] == 0 ) + { + mbedtls_mpi_free( X ); + return( 0 ); + } + if( s[0] == '-' ) { ++s; diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index cf62d884c4..6df73cd17f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -62,13 +62,13 @@ Test mpi_read_write_string #7 mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0 Test mpi_read_write_string #8 (Empty MPI hex -> hex) -mpi_read_write_string:16:"":16:"00":4:0:0 +mpi_read_write_string:16:"":16:"":4:0:0 Test mpi_read_write_string #9 (Empty MPI hex -> dec) mpi_read_write_string:16:"":10:"0":4:0:0 Test mpi_read_write_string #8 (Empty MPI dec -> hex) -mpi_read_write_string:10:"":16:"00":4:0:0 +mpi_read_write_string:10:"":16:"":4:0:0 Test mpi_read_write_string #9 (Empty MPI dec -> dec) mpi_read_write_string:10:"":10:"0":4:0:0 From 34bfa15b21dbbfa2a82389d4b339e49db95dfd54 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Jun 2021 16:25:36 +0200 Subject: [PATCH 0453/1065] Changelog entry for the mbedtls_mpi_read_xxx changes mbedtls_mpi_read_binary{,_le} (in https://github.com/ARMmbed/mbedtls/pull/4276) and mbedtls_mpi_read_string (in https://github.com/ARMmbed/mbedtls/pull/4644) changed their behavior on an empty input from constructing an MPI object with one limb to not allocating a limb. In principle, this change should be transparent to applications, however it caused a bug in the library and it does affect the value when writing back out, so list the change in the changelog. Signed-off-by: Gilles Peskine --- ChangeLog.d/mpi_read_zero.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/mpi_read_zero.txt diff --git a/ChangeLog.d/mpi_read_zero.txt b/ChangeLog.d/mpi_read_zero.txt new file mode 100644 index 0000000000..0c25159d94 --- /dev/null +++ b/ChangeLog.d/mpi_read_zero.txt @@ -0,0 +1,9 @@ +Changes + * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and + mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs + when their input has length 0. Note that this is an implementation detail + and can change at any time, so this change should be transparent, but it + may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string() + now writing an empty string where it previously wrote one or more + zero digits when operating from values constructed with an mpi_read + function and some mpi operations. From 9466d81fe8e0f1a5bed9b07a4db05d8d826d8dea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:10:16 +0200 Subject: [PATCH 0454/1065] Make GCD test descriptions more uniform Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 6df73cd17f..81d2016cea 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1197,46 +1197,46 @@ mbedtls_mpi_gcd:16:"06":16:"":16:"6" Test GCD: 6, 0 (1 limb) mbedtls_mpi_gcd:16:"06":16:"00":16:"6" -Test GCD #1: A > 0, B > 0 +Test GCD: gcd=1, 0 < A < B mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" -Test GCD #1 with A > B +Test GCD: gcd=1, 0 < B < A mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1" -Test GCD #1: A > 0, B < 0 +Test GCD: gcd=1, A > 0, B < 0 mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" -Test GCD #1: A < 0, B > 0 +Test GCD: gcd=1, A < 0 < B, |A| < |B| mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" -Test GCD #1: A < 0, B < 0 +Test GCD: gcd=1, B < A < 0 mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" -Test GCD #2 +Test GCD: gcd=2, 0 < A < B mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2" -Test GCD #2 with A > B +Test GCD: gcd=2, 0 < B < A mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2" -Test GCD #3 +Test GCD: gcd=3, 0 < A < B mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3" -Test GCD #3 with A > B +Test GCD: gcd=3, 0 < B < A mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3" -Test GCD #4 +Test GCD: gcd=4, 0 < A < B mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4" -Test GCD #4 with A > B +Test GCD: gcd=4, 0 < B < A mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4" -Test GCD #6 +Test GCD: gcd=6, 0 < A < B mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6" -Test GCD #5 (A = B) +Test GCD: 0 < A = B mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847" -Test GCD #6 with A > B +Test GCD: gcd=6, 0 < B < A mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6" Base test mbedtls_mpi_inv_mod #1 From 3f1c3c9605290fbaf87016f58ff9d390dff2c3ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:10:50 +0200 Subject: [PATCH 0455/1065] Tweak grouping of GCD test cases Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 81d2016cea..72a46bdd39 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1233,12 +1233,12 @@ mbedtls_mpi_gcd:10:"231261533119113155886036366671136306370018335185832922481699 Test GCD: gcd=6, 0 < A < B mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6" -Test GCD: 0 < A = B -mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847" - Test GCD: gcd=6, 0 < B < A mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6" +Test GCD: 0 < A = B +mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847" + Base test mbedtls_mpi_inv_mod #1 mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0 From e109175d054f7eca5f614e44437a9694378514c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:19:18 +0200 Subject: [PATCH 0456/1065] mpi_shrink test: just set the top bit No need to bypass the API to fill limbs. It's a better test to just set the top bit that we want to have set, and it's one less bypass of the API. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index c682a9e872..8f5ccf9acc 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -630,11 +630,14 @@ void mbedtls_mpi_shrink( int before, int used, int min, int after ) mbedtls_mpi_init( &X ); TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 ); - TEST_ASSERT( used <= before ); - if( before > 0 ) - memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) ); + if( used > 0 ) + { + size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint ); + TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 ); + } + TEST_EQUAL( X.n, (size_t) before ); TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 ); - TEST_ASSERT( X.n == (size_t) after ); + TEST_EQUAL( X.n, (size_t) after ); exit: mbedtls_mpi_free( &X ); From 2aa3f1651237397c2d9f120d20921b9d2cd73d32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:22:48 +0200 Subject: [PATCH 0457/1065] Whitespace fix Signed-off-by: Gilles Peskine --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index d2284a4b70..5c171a0ede 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2245,7 +2245,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* This should be a no-op because W[1] is already that large before * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow * in mpi_montmul() below, so let's make sure. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n +1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) ); } else MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); From 997be0aba3227f66d99279645da6b72756031961 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:44:32 +0200 Subject: [PATCH 0458/1065] Fix multiplication with negative result and a low-order 0 limb Fix a bug introduced in "Fix multiplication producing a negative zero" that caused the sign to be forced to +1 when A > 0, B < 0 and B's low-order limb is 0. Add a non-regression test. More generally, systematically test combinations of leading zeros, trailing zeros and signs. Signed-off-by: Gilles Peskine --- library/bignum.c | 10 ++-- tests/suites/test_suite_mpi.data | 98 +++++++++++++++++++++++++++++++- 2 files changed, 103 insertions(+), 5 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 5c171a0ede..c0cba6e781 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1641,6 +1641,7 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi TA, TB; + int result_is_zero = 0; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); @@ -1653,10 +1654,14 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi for( i = A->n; i > 0; i-- ) if( A->p[i - 1] != 0 ) break; + if( i == 0 && ( A->n == 0 || A->p[0] == 0 ) ) + result_is_zero = 1; for( j = B->n; j > 0; j-- ) if( B->p[j - 1] != 0 ) break; + if( j == 0 && ( B->n == 0 || B->p[0] == 0 ) ) + result_is_zero = 1; MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); @@ -1668,11 +1673,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi * but does not eliminate side channels leaking the zero-ness. We do * need to take care to set the sign bit properly since the library does * not fully support an MPI object with a value of 0 and s == -1. */ - if( ( i == 0 && ( A->n == 0 || A->p[0] == 0 ) ) || - ( j == 0 && ( B->n == 0 || B->p[0] == 0 ) ) ) - { + if( result_is_zero ) X->s = 1; - } else X->s = A->s * B->s; diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 72a46bdd39..b17c007d38 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -920,7 +920,103 @@ Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb) mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"" Test mbedtls_mpi_mul_mpi #1 -mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761" +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A +mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0 +mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0 +mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0 +mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0 +mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" Test mbedtls_mpi_mul_int #1 mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"==" From d96b3650ec33e177a1fbddb887545dd19fcd3aeb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:49:31 +0200 Subject: [PATCH 0459/1065] In test cases where the result is 0, express it as "0", not "" Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 50 ++++++++++++++++---------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index b17c007d38..6397cd61f8 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -647,7 +647,7 @@ Base test mbedtls_mpi_add_abs #4 mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209" Test mbedtls_mpi_add_abs: 0 + 0 -mbedtls_mpi_add_abs:16:"":16:"":16:"" +mbedtls_mpi_add_abs:16:"":16:"":16:"0" Test mbedtls_mpi_add_abs: 0 + 1 mbedtls_mpi_add_abs:16:"":16:"01":16:"01" @@ -677,7 +677,7 @@ Base test mbedtls_mpi_add_mpi #4 mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209" Test mbedtls_mpi_add_mpi: 0 + 0 -mbedtls_mpi_add_mpi:16:"":16:"":16:"" +mbedtls_mpi_add_mpi:16:"":16:"":16:"0" Test mbedtls_mpi_add_mpi: 0 + 1 mbedtls_mpi_add_mpi:16:"":16:"01":16:"01" @@ -713,7 +713,7 @@ Test mbedtls_mpi_add_int #2 mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" Test mbedtls_mpi_add_int: 0 (null) + 0 -mbedtls_mpi_add_int:16:"":0:16:"" +mbedtls_mpi_add_int:16:"":0:16:"0" Test mbedtls_mpi_add_int: 0 (null) + 1 mbedtls_mpi_add_int:16:"":1:16:"1" @@ -797,10 +797,10 @@ Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction) mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12" Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null) -mbedtls_mpi_sub_mpi:16:"":16:"":16:"" +mbedtls_mpi_sub_mpi:16:"":16:"":16:"0" Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb) -mbedtls_mpi_sub_mpi:16:"":16:"00":16:"" +mbedtls_mpi_sub_mpi:16:"":16:"00":16:"0" Test mbedtls_mpi_sub_mpi: 0 (null) - 1 mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1" @@ -809,7 +809,7 @@ Test mbedtls_mpi_sub_mpi: 0 (null) - -1 mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1" Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null) -mbedtls_mpi_sub_mpi:16:"00":16:"":16:"" +mbedtls_mpi_sub_mpi:16:"00":16:"":16:"0" Test mbedtls_mpi_sub_mpi: 1 - 0 (null) mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1" @@ -830,7 +830,7 @@ Test mbedtls_mpi_sub_int #2 mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" Test mbedtls_mpi_sub_int: 0 (null) - 0 -mbedtls_mpi_sub_int:16:"":0:16:"" +mbedtls_mpi_sub_int:16:"":0:16:"0" Test mbedtls_mpi_sub_int: 0 (null) - 1 mbedtls_mpi_sub_int:16:"":1:16:"-1" @@ -845,13 +845,13 @@ Test mbedtls_mpi_shift_l #2 mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704" Test mbedtls_mpi_shift_l: 0 (null) <<= 0 -mbedtls_mpi_shift_l:16:"":1:16:"" +mbedtls_mpi_shift_l:16:"":1:16:"0" Test mbedtls_mpi_shift_l: 0 (null) <<= 1 -mbedtls_mpi_shift_l:16:"":1:16:"" +mbedtls_mpi_shift_l:16:"":1:16:"0" Test mbedtls_mpi_shift_l: 0 (null) <<= 64 -mbedtls_mpi_shift_l:16:"":64:16:"" +mbedtls_mpi_shift_l:16:"":64:16:"0" Test mbedtls_mpi_shift_r #1 mbedtls_mpi_shift_r:10:"128":1:10:"64" @@ -872,13 +872,13 @@ Test mbedtls_mpi_shift_r #7 mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00" Test mbedtls_mpi_shift_r: 0 (null) >>= 0 -mbedtls_mpi_shift_r:16:"":0:16:"" +mbedtls_mpi_shift_r:16:"":0:16:"0" Test mbedtls_mpi_shift_r: 0 (null) >>= 1 -mbedtls_mpi_shift_r:16:"":1:16:"" +mbedtls_mpi_shift_r:16:"":1:16:"0" Test mbedtls_mpi_shift_r: 0 (null) >>= 64 -mbedtls_mpi_shift_r:16:"":64:16:"" +mbedtls_mpi_shift_r:16:"":64:16:"0" Base test mbedtls_mpi_mul_mpi #1 mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35" @@ -893,31 +893,31 @@ Base test mbedtls_mpi_mul_mpi #4 mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35" Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null) -mbedtls_mpi_mul_mpi:16:"":16:"":16:"" +mbedtls_mpi_mul_mpi:16:"":16:"":16:"0" Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb) -mbedtls_mpi_mul_mpi:16:"":16:"00":16:"" +mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0" Test mbedtls_mpi_mul_mpi: 0 (null) * 1 -mbedtls_mpi_mul_mpi:16:"":16:"01":16:"" +mbedtls_mpi_mul_mpi:16:"":16:"01":16:"0" Test mbedtls_mpi_mul_mpi: 0 (null) * -1 -mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"" +mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"0" Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1 -mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"" +mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0" Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) -mbedtls_mpi_mul_mpi:16:"":16:"00":16:"" +mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0" Test mbedtls_mpi_mul_mpi: 1 * 0 (null) -mbedtls_mpi_mul_mpi:16:"01":16:"":16:"" +mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0" Test mbedtls_mpi_mul_mpi: -1 * 0 (null) -mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"" +mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"0" Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb) -mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"" +mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"0" Test mbedtls_mpi_mul_mpi #1 mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" @@ -1261,10 +1261,10 @@ Base test GCD #3 mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1" Test GCD: 0 (null), 0 (null) -mbedtls_mpi_gcd:16:"":16:"":16:"" +mbedtls_mpi_gcd:16:"":16:"":16:"0" Test GCD: 0 (null), 0 (1 limb) -mbedtls_mpi_gcd:16:"":16:"00":16:"" +mbedtls_mpi_gcd:16:"":16:"00":16:"0" Test GCD: 0 (null), 3 mbedtls_mpi_gcd:16:"":16:"03":16:"3" @@ -1273,7 +1273,7 @@ Test GCD: 0 (null), 6 mbedtls_mpi_gcd:16:"":16:"06":16:"6" Test GCD: 0 (1 limb), 0 (null) -mbedtls_mpi_gcd:16:"00":16:"00":16:"" +mbedtls_mpi_gcd:16:"00":16:"00":16:"0" Test GCD: 0 (1 limb), 3 mbedtls_mpi_gcd:16:"00":16:"03":16:"3" From 5afc5e430576e4aa205d577cb788adef6a15b03e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:53:47 +0200 Subject: [PATCH 0460/1065] Unify G=1 and G=-1 test cases Signed-off-by: Gilles Peskine --- tests/suites/test_suite_dhm.data | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index 863e25c173..f18db2eaba 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -70,12 +70,6 @@ dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622 Diffie-Hellman full exchange: 286-bit dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0 -Diffie-Hellman trivial subgroup #1 -dhm_do_dhm:10:"23":1:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA - -Diffie-Hellman trivial subgroup #2 -dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA - Diffie-Hellman small modulus dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA @@ -88,6 +82,9 @@ dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPU Diffie-Hellman with G=1 dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +Diffie-Hellman with G=-1 +dhm_do_dhm:10:"93450983094850938450983409623":13:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA + Diffie-Hellman with G=P-1 dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA From 722c62c81aee43850aa858ee77439d9987190bec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 21:55:05 +0200 Subject: [PATCH 0461/1065] Fix copypasta in test function argument name Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 8f5ccf9acc..1372668b52 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -989,7 +989,7 @@ exit: /* BEGIN_CASE */ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, char * input_E, int radix_N, char * input_N, - int radix_X, char * input_X, int div_result ) + int radix_X, char * input_X, int exp_result ) { mbedtls_mpi A, E, N, RR, Z, X; int res; @@ -1002,7 +1002,7 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL ); - TEST_ASSERT( res == div_result ); + TEST_ASSERT( res == exp_result ); if( res == 0 ) { TEST_ASSERT( sign_is_valid( &Z ) ); @@ -1011,7 +1011,7 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, /* Now test again with the speed-up parameter supplied as an output. */ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == div_result ); + TEST_ASSERT( res == exp_result ); if( res == 0 ) { TEST_ASSERT( sign_is_valid( &Z ) ); @@ -1020,7 +1020,7 @@ void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, /* Now test again with the speed-up parameter supplied in calculated form. */ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == div_result ); + TEST_ASSERT( res == exp_result ); if( res == 0 ) { TEST_ASSERT( sign_is_valid( &Z ) ); From 8f70d3f4e23eb1033f4e25433881044124276eac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 22:01:23 +0200 Subject: [PATCH 0462/1065] Improve coverage of mbedtls_mpi_cmp_mpi Test with and without leading zeros on each side. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 68 ++++++++++++++++++++++++++++++-- 1 file changed, 64 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 6397cd61f8..17eed9108b 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -214,18 +214,78 @@ mbedtls_mpi_cmp_mpi:10:"0":10:"":0 Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb) mbedtls_mpi_cmp_mpi:10:"0":10:"0":0 -Test mbedtls_mpi_cmp_mpi: 0 < positive +Test mbedtls_mpi_cmp_mpi: 0 (null) < positive +mbedtls_mpi_cmp_mpi:10:"":10:"123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1 -Test mbedtls_mpi_cmp_mpi: 0 > negative +Test mbedtls_mpi_cmp_mpi: 0 (null) > negative +mbedtls_mpi_cmp_mpi:10:"":10:"-123":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1 -Test mbedtls_mpi_cmp_mpi: positive > 0 +Test mbedtls_mpi_cmp_mpi: positive > 0 (null) mbedtls_mpi_cmp_mpi:10:"123":10:"":1 -Test mbedtls_mpi_cmp_mpi: negative < 0 +Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb) +mbedtls_mpi_cmp_mpi:10:"123":10:"0":1 + +Test mbedtls_mpi_cmp_mpi: negative < 0 (null) mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1 +Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb) +mbedtls_mpi_cmp_mpi:10:"-123":10:"0":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb +mbedtls_mpi_cmp_mpi:16:"":16:"0000000000000000123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb +mbedtls_mpi_cmp_mpi:16:"0":16:"0000000000000000123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb +mbedtls_mpi_cmp_mpi:16:"":16:"-0000000000000000123":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb +mbedtls_mpi_cmp_mpi:16:"0":16:"-0000000000000000123":1 + +Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null) +mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"":1 + +Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb) +mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"0":1 + +Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null) +mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"":-1 + +Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb) +mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"0":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive +mbedtls_mpi_cmp_mpi:16:"":16:"1230000000000000000":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive +mbedtls_mpi_cmp_mpi:16:"0":16:"1230000000000000000":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative +mbedtls_mpi_cmp_mpi:16:"":16:"-1230000000000000000":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative +mbedtls_mpi_cmp_mpi:16:"0":16:"-1230000000000000000":1 + +Test mbedtls_mpi_cmp_mpi: large positive > 0 (null) +mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"":1 + +Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb) +mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"0":1 + +Test mbedtls_mpi_cmp_mpi: large negative < 0 (null) +mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"":-1 + +Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb) +mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"0":-1 + Base test mbedtls_mpi_lt_mpi_ct #1 mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0 From 8998770771e78018af8daba9dadbc981263f5c54 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 22:03:37 +0200 Subject: [PATCH 0463/1065] Annotate the choice of representation of 0 in more places Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 17eed9108b..a859c268cb 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -706,13 +706,13 @@ mbedtls_mpi_add_abs:10:"12345678":10:"-642531":10:"12988209" Base test mbedtls_mpi_add_abs #4 mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209" -Test mbedtls_mpi_add_abs: 0 + 0 +Test mbedtls_mpi_add_abs: 0 (null) + 0 (null) mbedtls_mpi_add_abs:16:"":16:"":16:"0" -Test mbedtls_mpi_add_abs: 0 + 1 +Test mbedtls_mpi_add_abs: 0 (null) + 1 mbedtls_mpi_add_abs:16:"":16:"01":16:"01" -Test mbedtls_mpi_add_abs: 1 + 0 +Test mbedtls_mpi_add_abs: 1 + 0 (null) mbedtls_mpi_add_abs:16:"01":16:"":16:"01" Test mbedtls_mpi_add_abs #1 @@ -736,19 +736,19 @@ mbedtls_mpi_add_mpi:10:"12345678":10:"-642531":10:"11703147" Base test mbedtls_mpi_add_mpi #4 mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209" -Test mbedtls_mpi_add_mpi: 0 + 0 +Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null) mbedtls_mpi_add_mpi:16:"":16:"":16:"0" -Test mbedtls_mpi_add_mpi: 0 + 1 +Test mbedtls_mpi_add_mpi: 0 (null) + 1 mbedtls_mpi_add_mpi:16:"":16:"01":16:"01" -Test mbedtls_mpi_add_mpi: 1 + 0 +Test mbedtls_mpi_add_mpi: 1 + 0 (null) mbedtls_mpi_add_mpi:16:"01":16:"":16:"01" -Test mbedtls_mpi_add_mpi: 0 + -1 +Test mbedtls_mpi_add_mpi: 0 (null) + -1 mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01" -Test mbedtls_mpi_add_mpi: -1 + 0 +Test mbedtls_mpi_add_mpi: -1 + 0 (null) mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01" Test mbedtls_mpi_add_mpi #1 From bd5d6ef8de83ec570913a6f701b4e749f1c4fe77 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 22:06:02 +0200 Subject: [PATCH 0464/1065] Fix copypasta in test cases Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index a859c268cb..49151465d5 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -905,7 +905,7 @@ Test mbedtls_mpi_shift_l #2 mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704" Test mbedtls_mpi_shift_l: 0 (null) <<= 0 -mbedtls_mpi_shift_l:16:"":1:16:"0" +mbedtls_mpi_shift_l:16:"":0:16:"0" Test mbedtls_mpi_shift_l: 0 (null) <<= 1 mbedtls_mpi_shift_l:16:"":1:16:"0" @@ -968,7 +968,7 @@ Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1 mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0" Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) -mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0" +mbedtls_mpi_mul_mpi:16:"00":16:"":16:"0" Test mbedtls_mpi_mul_mpi: 1 * 0 (null) mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0" @@ -1333,7 +1333,7 @@ Test GCD: 0 (null), 6 mbedtls_mpi_gcd:16:"":16:"06":16:"6" Test GCD: 0 (1 limb), 0 (null) -mbedtls_mpi_gcd:16:"00":16:"00":16:"0" +mbedtls_mpi_gcd:16:"00":16:"":16:"0" Test GCD: 0 (1 limb), 3 mbedtls_mpi_gcd:16:"00":16:"03":16:"3" From 4df3f1f250105e9ae10147ede26e47b884a941da Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 15 Jun 2021 22:09:39 +0200 Subject: [PATCH 0465/1065] Explain how the code relates to the description in HAC Signed-off-by: Gilles Peskine --- library/bignum.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index c0cba6e781..09e5a6ca86 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2424,6 +2424,13 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B TA.s = TB.s = 1; + /* We follow the procedure described in HAC 14.54, except that sequences + * of divisions by 2 are grouped into a single shift. The procedure in HAC + * assumes that the numbers are initially positive. The case B=0 was + * short-circuited above. If A=0, the loop goes through 0 iterations + * and the result is correctly B. + */ + while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) { MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) ); From 2a63c5b78183b3aaa49a571c0938335feb94fd93 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 16 Jun 2021 13:42:04 +0200 Subject: [PATCH 0466/1065] Write a proof of correctness for mbedtls_mpi_gcd Signed-off-by: Gilles Peskine --- library/bignum.c | 51 +++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 46 insertions(+), 5 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 09e5a6ca86..583241d7fe 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2424,18 +2424,49 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B TA.s = TB.s = 1; - /* We follow the procedure described in HAC 14.54, except that sequences - * of divisions by 2 are grouped into a single shift. The procedure in HAC - * assumes that the numbers are initially positive. The case B=0 was - * short-circuited above. If A=0, the loop goes through 0 iterations - * and the result is correctly B. + /* We mostly follow the procedure described in HAC 14.54, but with some + * minor differences: + * - Sequences of multiplications or divisions by 2 are grouped into a + * single shift operation. + * - The procedure in HAC assumes that 0 < A <= B. + * - The condition A <= B is not actually necessary for correctness; + * the first round through the loop results in TA < TB. + * - If A = 0, the loop goes through 0 iterations and the result is + * correctly B. + * - The case B=0 was short-circuited above. + * + * For the correctness proof below, decompose the original values of + * A and B as + * A = sa * 2^a * A' with A'=0 or A' odd, and sa = +-1 + * B = sb * 2^b * B' with B'=0 or B' odd, and sb = +-1 + * Then gcd(A, B) = 2^{min(a,b)} * gcd(A',B'), + * and gcd(A',B') is odd or 0. + * + * At the beginning, we have TA = |A| and TB = |B| so gcd(A,B) = gcd(TA,TB). + * The code maintains the following invariant: + * gcd(A,B) = 2^k * gcd(TA,TB) for some k (I) */ + /* Proof that the loop terminates: + * At each iteration, either the right-shift by 1 is made on a nonzero + * value and the nonnegative integer bitlen(TA) + bitlen(TB) decreases + * by at least 1, or the right-shift by 1 is made on zero and then + * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted + * since in that case TB is calculated from TB-TA with the condition TB>TA). + */ while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) { + /* Divisions by 2 preserve the invariant (I). */ MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) ); + /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd, + * TA-TB is even so the division by 2 has an integer result. + * Invariant (I) is preserved since any odd divisor of both TA and TB + * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2 + * also divides TB, and any odd divisior of both TB and |TA-TB|/2 also + * divides TA. + */ if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 ) { MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) ); @@ -2446,8 +2477,18 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) ); } + /* Note that one of TA or TB is still odd. */ } + /* By invariant (I), gcd(A,B) = 2^k * gcd(TA,TB) for some k. + * At the loop exit, TA = 0, so gcd(TA,TB) = TB. + * - If there was at least one loop iteration, then one of TA or TB is odd, + * and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case, + * lz = min(a,b) so gcd(A,B) = 2^lz * TB. + * - If there was no loop iteration, then A was 0, and gcd(A,B) = B. + * In this case, B = 2^lz * TB so gcd(A,B) = 2^lz * TB as well. + */ + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) ); From 2a3041f74e66626c5828425a92328148ea9c9855 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jun 2021 14:31:54 +0200 Subject: [PATCH 0467/1065] Fix copypasta in test data Signed-off-by: Gilles Peskine --- tests/suites/test_suite_mpi.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 49151465d5..02a11c8941 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -1007,16 +1007,16 @@ Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0 mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" +mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" +mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" +mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"00000000000000000503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" +mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" From 4169c32d6c7ca396e51efe18279214181dbafcda Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jun 2021 14:35:25 +0200 Subject: [PATCH 0468/1065] Simplify is-zero check The loop exits early iff there is a nonzero limb, so i==0 means that all limbs are 0, whether the number of limbs is 0 or not. Signed-off-by: Gilles Peskine --- library/bignum.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 583241d7fe..ced412088e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1654,13 +1654,13 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi for( i = A->n; i > 0; i-- ) if( A->p[i - 1] != 0 ) break; - if( i == 0 && ( A->n == 0 || A->p[0] == 0 ) ) + if( i == 0 ) result_is_zero = 1; for( j = B->n; j > 0; j-- ) if( B->p[j - 1] != 0 ) break; - if( j == 0 && ( B->n == 0 || B->p[0] == 0 ) ) + if( j == 0 ) result_is_zero = 1; MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) ); From 4d3fd36c4488742972fa63fcb2fbc164bd2ebcad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Jun 2021 11:40:38 +0200 Subject: [PATCH 0469/1065] Clarification in a comment Signed-off-by: Gilles Peskine --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index ced412088e..9aaebd31e7 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2486,7 +2486,7 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case, * lz = min(a,b) so gcd(A,B) = 2^lz * TB. * - If there was no loop iteration, then A was 0, and gcd(A,B) = B. - * In this case, B = 2^lz * TB so gcd(A,B) = 2^lz * TB as well. + * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well. */ MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) ); From b09c7eea97a696b615fc5db97aeb42923fd2ac09 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Jun 2021 18:58:39 +0200 Subject: [PATCH 0470/1065] Correct some statements about the ordering of A and B Signed-off-by: Gilles Peskine --- library/bignum.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 9aaebd31e7..10d824fdc7 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2428,12 +2428,15 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * minor differences: * - Sequences of multiplications or divisions by 2 are grouped into a * single shift operation. - * - The procedure in HAC assumes that 0 < A <= B. - * - The condition A <= B is not actually necessary for correctness; - * the first round through the loop results in TA < TB. - * - If A = 0, the loop goes through 0 iterations and the result is - * correctly B. - * - The case B=0 was short-circuited above. + * - The procedure in HAC assumes that 0 < TB <= TA. + * - The condition TB <= TA is not actually necessary for correctness. + * TA and TB have symmetric roles except for the loop termination + * condition, and the shifts at the beginning of the loop body + * remove any significance from the ordering of TA vs TB before + * the shifts. + * - If TA = 0, the loop goes through 0 iterations and the result is + * correctly TB. + * - The case TB = 0 was short-circuited above. * * For the correctness proof below, decompose the original values of * A and B as From 5ec50039927601005534460385bbe9206dcf7ad0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 22 Jun 2021 13:41:56 +0100 Subject: [PATCH 0471/1065] Document the return type change in the migration guide Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.d/key-export.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md index 967ecf87bf..f8b3505b51 100644 --- a/docs/3.0-migration-guide.d/key-export.md +++ b/docs/3.0-migration-guide.d/key-export.md @@ -18,6 +18,10 @@ the previous key export API in the following ways: - A secret type parameter has been added to identify which key is being exported. For TLS 1.2, only the master secret is exported, but upcoming TLS 1.3 support will add other kinds of keys. +- The callback now specifies a void return type, rather than + returning an error code. It is the responsibility of the application + to handle failures in the key export callback, for example by + shutting down the TLS connection. For users which do not rely on raw keys and IV, adjusting to the new callback type should be straightforward - see the example programs From 9dbbc297a393bb129cf2653c2e36501f91d425e2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 18:28:13 +0200 Subject: [PATCH 0472/1065] PK signature function: require exact hash length Signed-off-by: Gilles Peskine --- ChangeLog.d/require-matching-hashlen-rsa.txt | 7 +++--- .../require-matching-hashlen-rsa.md | 25 +++++++++++++------ include/mbedtls/pk.h | 24 +++++++++--------- 3 files changed, 34 insertions(+), 22 deletions(-) diff --git a/ChangeLog.d/require-matching-hashlen-rsa.txt b/ChangeLog.d/require-matching-hashlen-rsa.txt index d1420d1f94..096b577b59 100644 --- a/ChangeLog.d/require-matching-hashlen-rsa.txt +++ b/ChangeLog.d/require-matching-hashlen-rsa.txt @@ -1,4 +1,5 @@ API changes - * Functions in the RSA module that accept a hashlen parameter now require - it to match the output size of the hash algorithm used, except when - signing raw data. + * Signature functions in the RSA and PK modules now require the hash + length parameter to be the size of the hash input. For RSA signatures + other than raw PKCS#1 v1.5, this must match the output size of the + specified hash algorithm. diff --git a/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md b/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md index 75fadd8783..d59a8d397a 100644 --- a/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md +++ b/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md @@ -1,13 +1,24 @@ -RSA signature functions now require `hashlen` to match the expected value -------------------------------------------------------------------------- +Signature functions now require the hash length to match the expected value +--------------------------------------------------------------------------- -This only affects users of the low-level RSA API; users of the high-level PK -API or of the PSA Crypto API are not affected. +This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. All the functions in the RSA module that accept a `hashlen` parameter used to ignore it unless the `md_alg` parameter was `MBEDTLS_MD_NONE`, indicating raw -data was signed. They now require this parameter's value to be equal to the -output size of the hash algorithm used when signing a hash. (The requirements -when signing raw data are unchanged.) +data was signed. The `hashlen` parameter is now always the size that is read +from the `hash` input buffer. This length must be equal to the output size of +the hash algorithm used when signing a hash. (The requirements when signing +raw data are unchanged.) This affects the following functions: + +* `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_pkcs1_verify` +* `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_verify` +* `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_verify` +* `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify_ext` + +The signature functions in the PK module no longer accept 0 as the `hash_len` parameter. The `hash_len` parameter is now always the size that is read from the `hash` input buffer. This affects the following functions: + +* `mbedtls_pk_sign`, `mbedtls_pk_verify` +* `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable` +* `mbedtls_pk_verify_ext` The migration path is to pass the correct value to those functions. diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 85bf7c906a..d29059dbec 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -399,9 +399,17 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); * \brief Verify signature (including padding if relevant). * * \param ctx The PK context to use. It must have been set up. - * \param md_alg Hash algorithm used (see notes) + * \param md_alg Hash algorithm used. + * This can be #MBEDTLS_MD_NONE if the signature algorithm + * does not rely on a hash algorithm (non-deterministic + * ECDSA, RSA PKCS#1 v1.5). + * For PKCS#1 v1.5, if \p md_alg is #MBEDTLS_MD_NONE, then + * \p hash is the DigestInfo structure used by RFC 8017 + * §9.2 steps 3–6. If \p md_alg is a valid hash + * algorithm then \p hash is the digest itself, and this + * function calculates the DigestInfo encoding internally. * \param hash Hash of the message to sign - * \param hash_len Hash length or 0 (see notes) + * \param hash_len Hash length * \param sig Signature to verify * \param sig_len Signature length * @@ -413,11 +421,6 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); * \note For RSA keys, the default padding type is PKCS#1 v1.5. * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) * to verify RSASSA_PSS signatures. - * - * \note If hash_len is 0, then the length associated with md_alg - * is used instead, or an error returned if it is invalid. - * - * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 */ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, @@ -490,7 +493,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * with a private key. * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign - * \param hash_len Hash length or 0 (see notes) + * \param hash_len Hash length * \param sig Place to write the signature. * It must have enough room for the signature. * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. @@ -507,9 +510,6 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * There is no interface in the PK module to make RSASSA-PSS * signatures yet. * - * \note If hash_len is 0, then the length associated with md_alg - * is used instead, or an error returned if it is invalid. - * * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. */ @@ -530,7 +530,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * with a private key. * \param md_alg Hash algorithm used (see notes for mbedtls_pk_sign()) * \param hash Hash of the message to sign - * \param hash_len Hash length or 0 (see notes for mbedtls_pk_sign()) + * \param hash_len Hash length * \param sig Place to write the signature. * It must have enough room for the signature. * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. From 6e3187b2122055bbd0bf43f59d01dd4d6dc89f35 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 18:39:53 +0200 Subject: [PATCH 0473/1065] RSA: Use hashlen as the hash input size as documented Where hashlen was previously ignored when the hash length could be inferred from an md_alg parameter, the two must now match. Adapt the existing tests accordingly. Adapt the sample programs accordingly. This commit does not add any negative testing. Signed-off-by: Gilles Peskine --- library/rsa.c | 20 ++++++++----- programs/pkey/dh_client.c | 2 +- programs/pkey/dh_server.c | 2 +- programs/pkey/rsa_sign.c | 2 +- programs/pkey/rsa_verify.c | 2 +- tests/suites/test_suite_pk.function | 22 +++++++------- tests/suites/test_suite_pkcs1_v15.function | 20 +++++++------ tests/suites/test_suite_pkcs1_v21.function | 35 +++++++++++++--------- tests/suites/test_suite_rsa.function | 22 +++++++------- 9 files changed, 71 insertions(+), 56 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index a788337a59..57b8a6f4bb 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1799,7 +1799,8 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, if( md_info == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = mbedtls_md_get_size( md_info ); + if( hashlen != mbedtls_md_get_size( md_info ) ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); @@ -1934,14 +1935,13 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * Parameters: * - md_alg: Identifies the hash algorithm used to generate the given hash; * MBEDTLS_MD_NONE if raw data is signed. - * - hashlen: Length of hash in case hashlen is MBEDTLS_MD_NONE. + * - hashlen: Length of hash. Must match md_alg if that's not NONE. * - hash: Buffer containing the hashed message or the raw data. * - dst_len: Length of the encoded message. * - dst: Buffer to hold the encoded message. * * Assumptions: - * - hash has size hashlen if md_alg == MBEDTLS_MD_NONE. - * - hash has size corresponding to md_alg if md_alg != MBEDTLS_MD_NONE. + * - hash has size hashlen. * - dst points to a buffer of size at least dst_len. * */ @@ -1966,7 +1966,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = mbedtls_md_get_size( md_info ); + if( hashlen != mbedtls_md_get_size( md_info ) ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); /* Double-check that 8 + hashlen + oid_size can be used as a * 1-byte ASN.1 length encoding and that there's no overflow. */ @@ -2031,6 +2032,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * TAG-NULL + LEN [ NULL ] ] * TAG-OCTET + LEN [ HASH ] ] */ + if( 0x08 + oid_size + hashlen >= 0x80 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char)( 0x08 + oid_size + hashlen ); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; @@ -2212,7 +2215,8 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, if( md_info == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = mbedtls_md_get_size( md_info ); + if( hashlen != mbedtls_md_get_size( md_info ) ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } md_info = mbedtls_md_info_from_type( mgf1_hash_id ); @@ -2683,7 +2687,7 @@ int mbedtls_rsa_self_test( int verbose ) } if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL, - MBEDTLS_MD_SHA1, 0, + MBEDTLS_MD_SHA1, 20, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) @@ -2696,7 +2700,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); - if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA1, 0, + if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA1, 20, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index d68dc24778..88e817eaa5 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -221,7 +221,7 @@ int main( void ) } if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256, - 0, hash, p ) ) != 0 ) + 32, hash, p ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 9d51c14a8f..e469bbc028 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -229,7 +229,7 @@ int main( void ) buf[n + 1] = (unsigned char)( rsa.MBEDTLS_PRIVATE(len) ); if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256, - 0, hash, buf + n + 2 ) ) != 0 ) + 32, hash, buf + n + 2 ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index d9ba3bb6eb..ebc88e457b 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -147,7 +147,7 @@ int main( int argc, char *argv[] ) } if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256, - 20, hash, buf ) ) != 0 ) + 32, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret ); goto exit; diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index fff568a3dd..5a68246e52 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -141,7 +141,7 @@ int main( int argc, char *argv[] ) } if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256, - 20, hash, buf ) ) != 0 ) + 32, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); goto exit; diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 573c9d4306..c7c5f507b9 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -444,9 +444,10 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, if( digest != MBEDTLS_MD_NONE ) { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), - message_str->x, message_str->len, hash_result ) == 0 ); - hash_len = 0; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, + hash_result ) == 0 ); + hash_len = mbedtls_md_get_size( md_info ); } else { @@ -611,7 +612,8 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) { mbedtls_pk_context pk; size_t sig_len; - unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + unsigned char hash[32]; // Hard-coded for SHA256 + size_t hash_len = sizeof( hash ); unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; void *rs_ctx = NULL; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) @@ -635,7 +637,7 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, &sig_len, + hash, hash_len, sig, &sig_len, mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret ); if( sign_ret == 0 ) TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); @@ -643,22 +645,22 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len ) == verify_ret ); + hash, hash_len, sig, sig_len ) == verify_ret ); if( verify_ret == 0 ) { hash[0]++; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len ) != 0 ); + hash, hash_len, sig, sig_len ) != 0 ); hash[0]--; sig[0]++; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len ) != 0 ); + hash, hash_len, sig, sig_len ) != 0 ); sig[0]--; } - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, + TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, hash_len, sig, &sig_len, mbedtls_test_rnd_std_rand, NULL ) == sign_ret ); @@ -668,7 +670,7 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret ); + hash, hash_len, sig, sig_len, rs_ctx ) == verify_ret ); if( verify_ret == 0 ) { diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d78ee88959..3d29f10bb1 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -269,6 +269,7 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, data_t * result_str, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); unsigned char output[128]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; @@ -298,13 +299,13 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, digest, 0, hash_result, - output ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_sign( + &ctx, &mbedtls_test_rnd_buffer_rand, &info, + digest, mbedtls_md_get_size( md_info ), hash_result, + output ) == result ); if( result == 0 ) { @@ -326,6 +327,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, data_t * result_str, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); @@ -343,10 +345,10 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, mbedtls_md_get_size( md_info ), hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index ec5591f6d1..27b0990d74 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -123,6 +123,7 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); unsigned char output[512]; mbedtls_rsa_context ctx; mbedtls_test_rnd_buf_info info; @@ -152,14 +153,15 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) { - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, digest, 0,hash_result, - output ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_sign( + &ctx, &mbedtls_test_rnd_buffer_rand, &info, + digest, mbedtls_md_get_size( md_info ), hash_result, + output ) == result ); if( result == 0 ) { ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); @@ -169,9 +171,10 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, info.length = rnd_buf->len; } - TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, digest, 0, hash_result, - fixed_salt_length, output ) == result ); + TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( + &ctx, &mbedtls_test_rnd_buffer_rand, &info, + digest, mbedtls_md_get_size( md_info ), hash_result, + fixed_salt_length, output ) == result ); if( result == 0 ) { ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); @@ -190,6 +193,7 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, char * salt, data_t * result_str, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); @@ -208,10 +212,10 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, mbedtls_md_get_size( md_info ), hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -248,9 +252,12 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, if( msg_digest_id != MBEDTLS_MD_NONE ) { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ), - message_str->x, message_str->len, hash_result ) == 0 ); - hash_len = 0; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type( msg_digest_id ); + TEST_ASSERT( mbedtls_md( md_info, + message_str->x, message_str->len, + hash_result ) == 0 ); + hash_len = mbedtls_md_get_size( md_info ); } else { diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 14b4afc3a3..1bffc769e6 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -86,6 +86,7 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, data_t * result_str, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; @@ -111,13 +112,13 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, digest, 0, hash_result, - output ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_sign( + &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, + digest, mbedtls_md_get_size( md_info ), hash_result, + output ) == result ); if( result == 0 ) { @@ -139,8 +140,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, data_t * result_str, int result ) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest ); mbedtls_rsa_context ctx; - mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); @@ -155,11 +156,10 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + if( md_info != NULL ) + TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, mbedtls_md_get_size( md_info ), hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); From f29857ca0aae2fd9680c08cf9814cdbe0db624da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Jun 2021 10:14:58 +0200 Subject: [PATCH 0474/1065] Reject low-order points on Curve25519 early MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We were already rejecting them at the end, due to the fact that with the usual (x, z) formulas they lead to the result (0, 0) so when we want to normalize at the end, trying to compute the modular inverse of z will give an error. If we wanted to support those points, we'd a special case in ecp_normalize_mxz(). But it's actually permitted by all sources (RFC 7748 say we MAY reject 0 as a result) and recommended by some to reject those points (either to ensure contributory behaviour, or to protect against timing attack when the underlying field arithmetic is not constant-time). Since our field arithmetic is indeed not constant-time, let's reject those points before they get mixed with sensitive data (in ecp_mul_mxz()), in order to avoid exploitable leaks caused by the special cases they would trigger. (See the "May the Fourth" paper https://eprint.iacr.org/2017/806.pdf) Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 61 ++++++++++++++++++++++++++++++++ tests/suites/test_suite_ecp.data | 6 ++-- 2 files changed, 64 insertions(+), 3 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 3dc13788ff..fcd3e9e5c4 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2746,6 +2746,56 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +/* + * Check that the input point is not one of the low-order points. + * This is recommended by the "May the Fourth" paper: + * https://eprint.iacr.org/2017/806.pdf + * Those points are never sent by an honest peer. + */ +static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) +{ + int ret; + mbedtls_mpi XmP, bad; + + mbedtls_mpi_init( &XmP ); + mbedtls_mpi_init( &bad ); + + /* Reduce X mod P so that we only need to check values less than P. + * We know X < 2^256 so we can proceed by subtraction. */ + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &XmP, X ) ); + while( mbedtls_mpi_cmp_mpi( &XmP, P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &XmP, &XmP, P ) ); + + /* Check against the known bad values that are less than P in the + * following list: https://cr.yp.to/ecdh.html#validate */ + if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ + return( MBEDTLS_ERR_ECP_INVALID_KEY ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &bad, 10, + "325606250916557431795983626356110631294008115727848805560023387167927233504" ) ); + if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &bad, 10, + "39382357235489614581723060781553021112529911719440698176882885853963445705823" ) ); + if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &bad, P, 1 ) ); + if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); + + ret = 0; + +cleanup: + mbedtls_mpi_free( &XmP ); + mbedtls_mpi_free( &bad ); + + return( ret ); +} +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + /* * Check validity of a public key for Montgomery curves with x-only schemes */ @@ -2757,6 +2807,17 @@ static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_ if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); + /* Implicit in all standards (as they don't consider negative numbers): + * X must be non-negative. This is normally ensured by the way it's + * encoded for transmission, but let's be extra sure. */ + if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + return( ecp_check_pubkey_x25519( &pt->X, &grp->P ) ); +#endif + return( 0 ); } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 485046f83d..70304771a4 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -473,15 +473,15 @@ ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2 ECP point multiplication Curve25519 (element of order 2: origin) #3 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY ECP point multiplication Curve25519 (element of order 4: 1) #4 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY ECP point multiplication Curve25519 (element of order 8) #5 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY ECP point multiplication rng fail secp256r1 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED From 98d45b90b02616621c36ea5f1eaea74a650e85aa Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 23 Jun 2021 10:45:14 +0200 Subject: [PATCH 0475/1065] Add missing tag_len in ccm api. Function ccm_set_lengths requires tag_len argument for the B[0] calculation. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 98f56939dd..4844d55c30 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -345,6 +345,9 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, * \param plaintext_len The length in bytes of the plaintext to encrypt or * result of the decryption (thus not encompassing the * additional data that are not encrypted). + * \param tag_len The length of the tag to generate in Bytes: + * 4, 6, 8, 10, 12, 14 or 16. + * For CCM*, zero is also valid. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: @@ -353,7 +356,8 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, */ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, size_t total_ad_len, - size_t plaintext_len ); + size_t plaintext_len, + size_t tag_len ); /** * \brief This function feeds an input buffer as associated data From f941fb99727fcef303aa6382f4e37069268e5645 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Jun 2021 11:40:35 +0200 Subject: [PATCH 0476/1065] Add test for check_pubkey for x25519 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_ecp.data | 82 ++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 70304771a4..01c4289eba 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -41,6 +41,88 @@ ECP check pubkey Montgomery #2 (biggest) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0 +ECP check pubkey Montgomery y ignored +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"-1":"1":0 + +ECP check pubkey Montgomery z is not 1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Montgomery x negative +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #2 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #1 0 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #2 1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #3 (let's call this u) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebe0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #4 (let's call this v) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"57119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c5f":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #5 p-1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #6 p +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #7 p+1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffee":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #8 p+u +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"80b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebcd":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #9 p+v +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"d7119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c4c":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #10 2p-1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd9":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #11 2p +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffda":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +# see https://cr.yp.to/ecdh.html#validate +ECP check pubkey Montgomery low-order point #12 2p+1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + ECP check pubkey Koblitz #1 (point not on curve) depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"1":MBEDTLS_ERR_ECP_INVALID_KEY From 2389a6000eb902395949403275c9cb9033320632 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Jun 2021 12:25:48 +0200 Subject: [PATCH 0477/1065] Use a more compact encoding of bad points MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Base 10 is horrible, base 256 is much better. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 21 ++++++++++----------- library/ecp_curves.c | 33 +++++++++++++++++++++++++++------ 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index fcd3e9e5c4..ae94d79490 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2747,6 +2747,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +/* The following constants are defined in ecp_curves.c */ +extern const mbedtls_mpi mbedtls_ecp_x25519_bad_point_1; +extern const mbedtls_mpi mbedtls_ecp_x25519_bad_point_2; + /* * Check that the input point is not one of the low-order points. * This is recommended by the "May the Fourth" paper: @@ -2756,10 +2760,9 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) { int ret; - mbedtls_mpi XmP, bad; + mbedtls_mpi XmP; mbedtls_mpi_init( &XmP ); - mbedtls_mpi_init( &bad ); /* Reduce X mod P so that we only need to check values less than P. * We know X < 2^256 so we can proceed by subtraction. */ @@ -2772,25 +2775,21 @@ static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ return( MBEDTLS_ERR_ECP_INVALID_KEY ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &bad, 10, - "325606250916557431795983626356110631294008115727848805560023387167927233504" ) ); - if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &XmP, &mbedtls_ecp_x25519_bad_point_1 ) == 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &bad, 10, - "39382357235489614581723060781553021112529911719440698176882885853963445705823" ) ); - if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &XmP, &mbedtls_ecp_x25519_bad_point_2 ) == 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &bad, P, 1 ) ); - if( mbedtls_mpi_cmp_mpi( &XmP, &bad ) == 0 ) + /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) ); + if( mbedtls_mpi_cmp_mpi( &XmP, P ) == 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); ret = 0; cleanup: mbedtls_mpi_free( &XmP ); - mbedtls_mpi_free( &bad ); return( ret ); } diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 9a32ac1202..9c1d1b4359 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -83,14 +83,13 @@ #define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT_ARRAY(x) \ + ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) + #define ECP_POINT_INIT_XY_Z0(x, y) { \ - ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x),\ - ECP_MPI_INIT(1, sizeof(y) / sizeof(mbedtls_mpi_uint), y), \ - ECP_MPI_INIT(1, 0, NULL) } + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(1, 0, NULL) } #define ECP_POINT_INIT_XY_Z1(x, y) { \ - ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x),\ - ECP_MPI_INIT(1, sizeof(y) / sizeof(mbedtls_mpi_uint), y), \ - ECP_MPI_INIT(1, 1, mpi_one) } + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(1, 1, mpi_one) } #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ @@ -4703,6 +4702,28 @@ cleanup: return( ret ); } + +/* + * Constants for the two points other than 0, 1, -1 (mod p) in + * https://cr.yp.to/ecdh.html#validate + * See ecp_check_pubkey_x25519(). + */ +static const mbedtls_mpi_uint x25519_bad_point_1[] = { + BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), + BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), + BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), + BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), +}; +static const mbedtls_mpi_uint x25519_bad_point_2[] = { + BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), + BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), + BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), + BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), +}; +const mbedtls_mpi mbedtls_ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( + x25519_bad_point_1 ); +const mbedtls_mpi mbedtls_ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( + x25519_bad_point_2 ); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) From 82c48c992cf9c7810d50839761508dda4488a422 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 23 Jun 2021 12:39:40 +0200 Subject: [PATCH 0478/1065] Adjust tag_len documentation for the mbedtls_ccm_finish(). Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 4844d55c30..9529e2f5d1 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -477,9 +477,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, * \param tag The buffer for holding the tag. If \p tag_len is greater * than zero, this must be a writable buffer of at least \p * tag_len Bytes. - * \param tag_len The length of the tag to generate in Bytes: - * 4, 6, 8, 10, 12, 14 or 16. - * For CCM*, zero is also valid. + * \param tag_len The length of the tag. Must match the tag length passed to + * mbedtls_ccm_set_lengths() function. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure: From 2d457b8fca96f047203ffb5b728e5e6766f10d30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Jun 2021 12:43:34 +0200 Subject: [PATCH 0479/1065] Use more compact encoding of Montgomery curve constants MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Base 256 beats base 16. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp_curves.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 9c1d1b4359..222b624eb4 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -4666,6 +4666,13 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +/* Constants used by ecp_use_curve25519() */ +static const unsigned char curve25519_a24[] = { 0x01, 0xDB, 0x42 }; +static const unsigned char curve25519_part_of_n[] = { + 0x14, 0xDE, 0xF9, 0xDE, 0xA2, 0xF7, 0x9C, 0xD6, + 0x58, 0x12, 0x63, 0x1A, 0x5C, 0xF5, 0xD3, 0xED, +}; + /* * Specialized function for creating the Curve25519 group */ @@ -4674,7 +4681,8 @@ static int ecp_use_curve25519( mbedtls_ecp_group *grp ) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->A, + curve25519_a24, sizeof( curve25519_a24 ) ) ); /* P = 2^255 - 19 */ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); @@ -4683,8 +4691,8 @@ static int ecp_use_curve25519( mbedtls_ecp_group *grp ) grp->pbits = mbedtls_mpi_bitlen( &grp->P ); /* N = 2^252 + 27742317777372353535851937790883648493 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->N, 16, - "14DEF9DEA2F79CD65812631A5CF5D3ED" ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->N, + curve25519_part_of_n, sizeof( curve25519_part_of_n ) ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 252, 1 ) ); /* Y intentionally not set, since we use x/z coordinates. @@ -4727,6 +4735,15 @@ const mbedtls_mpi mbedtls_ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +/* Constants used by ecp_use_curve448() */ +static const unsigned char curve448_a24[] = { 0x98, 0xAA }; +static const unsigned char curve448_part_of_n[] = { + 0x83, 0x35, 0xDC, 0x16, 0x3B, 0xB1, 0x24, + 0xB6, 0x51, 0x29, 0xC9, 0x6F, 0xDE, 0x93, + 0x3D, 0x8D, 0x72, 0x3A, 0x70, 0xAA, 0xDC, + 0x87, 0x3D, 0x6D, 0x54, 0xA7, 0xBB, 0x0D, +}; + /* * Specialized function for creating the Curve448 group */ @@ -4738,7 +4755,8 @@ static int ecp_use_curve448( mbedtls_ecp_group *grp ) mbedtls_mpi_init( &Ns ); /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "98AA" ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->A, + curve448_a24, sizeof( curve448_a24 ) ) ); /* P = 2^448 - 2^224 - 1 */ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); @@ -4756,8 +4774,8 @@ static int ecp_use_curve448( mbedtls_ecp_group *grp ) /* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */ MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 446, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Ns, 16, - "8335DC163BB124B65129C96FDE933D8D723A70AADC873D6D54A7BB0D" ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Ns, + curve448_part_of_n, sizeof( curve448_part_of_n ) ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &grp->N, &grp->N, &Ns ) ); /* Actually, the required msb for private keys */ From 06215eaa3e75131835951ccb5907f802555ccc57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 23 Jun 2021 12:53:18 +0200 Subject: [PATCH 0480/1065] Avoid complaints about undeclared non-static symbols MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Clang was complaining and check-names.sh too This only duplicates macros, so no impact on code size. In 3.0 we can probably avoid the duplication by using an internal header under library/ but this won't work for 2.16. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 47 +++++++++++++++++++++++++++++++++++++++----- library/ecp_curves.c | 22 --------------------- 2 files changed, 42 insertions(+), 27 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index ae94d79490..8edf5df888 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2747,9 +2747,46 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -/* The following constants are defined in ecp_curves.c */ -extern const mbedtls_mpi mbedtls_ecp_x25519_bad_point_1; -extern const mbedtls_mpi mbedtls_ecp_x25519_bad_point_2; +/* Duplicated macros from ecp_curves.c */ +#if defined(MBEDTLS_HAVE_INT32) +#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ + BYTES_TO_T_UINT_4( a, b, c, d ), \ + BYTES_TO_T_UINT_4( e, f, g, h ) +#else /* 64-bits */ +#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ + ( (mbedtls_mpi_uint) (a) << 0 ) | \ + ( (mbedtls_mpi_uint) (b) << 8 ) | \ + ( (mbedtls_mpi_uint) (c) << 16 ) | \ + ( (mbedtls_mpi_uint) (d) << 24 ) | \ + ( (mbedtls_mpi_uint) (e) << 32 ) | \ + ( (mbedtls_mpi_uint) (f) << 40 ) | \ + ( (mbedtls_mpi_uint) (g) << 48 ) | \ + ( (mbedtls_mpi_uint) (h) << 56 ) +#endif /* bits in mbedtls_mpi_uint */ +#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT_ARRAY(x) \ + ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) +/* + * Constants for the two points other than 0, 1, -1 (mod p) in + * https://cr.yp.to/ecdh.html#validate + * See ecp_check_pubkey_x25519(). + */ +static const mbedtls_mpi_uint x25519_bad_point_1[] = { + BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), + BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), + BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), + BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), +}; +static const mbedtls_mpi_uint x25519_bad_point_2[] = { + BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), + BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), + BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), + BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), +}; +static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( + x25519_bad_point_1 ); +static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( + x25519_bad_point_2 ); /* * Check that the input point is not one of the low-order points. @@ -2775,10 +2812,10 @@ static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ return( MBEDTLS_ERR_ECP_INVALID_KEY ); - if( mbedtls_mpi_cmp_mpi( &XmP, &mbedtls_ecp_x25519_bad_point_1 ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); - if( mbedtls_mpi_cmp_mpi( &XmP, &mbedtls_ecp_x25519_bad_point_2 ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 222b624eb4..16d211600d 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -4710,28 +4710,6 @@ cleanup: return( ret ); } - -/* - * Constants for the two points other than 0, 1, -1 (mod p) in - * https://cr.yp.to/ecdh.html#validate - * See ecp_check_pubkey_x25519(). - */ -static const mbedtls_mpi_uint x25519_bad_point_1[] = { - BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), - BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), - BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), - BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), -}; -static const mbedtls_mpi_uint x25519_bad_point_2[] = { - BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), - BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), - BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), - BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), -}; -const mbedtls_mpi mbedtls_ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_1 ); -const mbedtls_mpi mbedtls_ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_2 ); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) From 607eb7e4115bfe31aa9ca71eb55ed14afe600954 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:03:53 +0200 Subject: [PATCH 0481/1065] Add lifetime metadata tests Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 1 + .../test_suite_psa_crypto_metadata.data | 30 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.function | 21 +++++++++++++ 3 files changed, 52 insertions(+) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 395e038ca1..bc432be9f5 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -367,6 +367,7 @@ enumerate 'asymmetric_encryption_algorithm': [], 'pake_algorithm': [self.pake_algorithms], 'other_algorithm': [], + 'lifetime': [], } #type: Dict[str, List[Set[str]]] self.arguments_for['mac_length'] += ['1', '63'] self.arguments_for['min_mac_length'] += ['1', '63'] diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 9bf91b5864..4745ad44a8 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -344,3 +344,33 @@ ecc_key_family:PSA_ECC_FAMILY_TWISTED_EDWARDS DH group family: RFC 7919 dh_key_family:PSA_DH_FAMILY_RFC7919 + +Lifetime: VOLATILE +lifetime:PSA_KEY_LIFETIME_VOLATILE:KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: PERSISTENT +lifetime:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: volatile, local storage +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: default, local storage +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: 2, local storage +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):0:2:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: 254, local storage +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE + +Lifetime: volatile, 0x123456 +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456 + +Lifetime: default, 0x123456 +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0x123456):0:PSA_KEY_PERSISTENCE_DEFAULT:0x123456 + +Lifetime: 2, 0x123456 +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x123456 + +Lifetime: 254, 0x123456 +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 3ed08a6a04..5221279677 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -55,6 +55,11 @@ #define KEY_TYPE_IS_ECC ( 1u << 6 ) #define KEY_TYPE_IS_DH ( 1u << 7 ) +/* Flags for lifetime classification macros. There is a flag for every + * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the + * flag is the name of the classification macro without the PSA_ prefix. */ +#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 ) + #define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) @@ -665,3 +670,19 @@ void dh_key_family( int group_arg ) TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group ); } /* END_CASE */ + +/* BEGIN_CASE */ +void lifetime( int lifetime_arg, int classification_flags, + int persistence_arg, int location_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_persistence_t persistence = persistence_arg; + psa_key_location_t location = location_arg; + unsigned flags = classification_flags; + + TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_VOLATILE, lifetime, flags ); + + TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence ); + TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location ); +} +/* END_CASE */ From 90dfc35643e58d8fd3fa502c391141171044da1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:04:24 +0200 Subject: [PATCH 0482/1065] More informative message on invalid classification flags Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto_metadata.function | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 5221279677..cdb531212d 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -60,8 +60,15 @@ * flag is the name of the classification macro without the PSA_ prefix. */ #define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 ) -#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ - TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) +#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ + do \ + { \ + if( ( flags ) & ( flag ) ) \ + TEST_ASSERT( PSA_##flag( alg ) ); \ + else \ + TEST_ASSERT( ! PSA_##flag( alg ) ); \ + } \ + while( 0 ) /* Check the parity of value. * From d133bb2909332450febe2ac0cffdd63d27be9d44 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:05:59 +0200 Subject: [PATCH 0483/1065] New macro PSA_KEY_LIFETIME_IS_READ_ONLY Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 20 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.data | 6 ++++++ .../test_suite_psa_crypto_metadata.function | 2 ++ 3 files changed, 28 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 391ae60f72..6d075334cd 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2020,6 +2020,26 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_PERSISTENCE_VOLATILE) +/** Whether a key lifetime indicates that the key is read-only. + * + * Read-only keys cannot be created or destroyed through the PSA Crypto API. + * They must be created through platform-specific means that bypass the API. + * + * Some platforms may offer ways to destroy read-only keys. For example, + * a platform with multiple levels of privilege may expose a key to an + * application without allowing that application to destroy the key, in + * which case it may show the key a view of the key metadata where the + * lifetime is read-only. + * + * \param lifetime The lifetime value to query (value of type + * ::psa_key_lifetime_t). + * + * \return \c 1 if the key is read-only, otherwise \c 0. + */ +#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \ + (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ + PSA_KEY_PERSISTENCE_READ_ONLY) + /** Construct a lifetime from a persistence level and a location. * * \param persistence The persistence level diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 4745ad44a8..a3668fcc94 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -363,6 +363,9 @@ lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCA Lifetime: 254, local storage lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE +Lifetime: read-only, local storage +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:PSA_KEY_LOCATION_LOCAL_STORAGE + Lifetime: volatile, 0x123456 lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456 @@ -374,3 +377,6 @@ lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x12345 Lifetime: 254, 0x123456 lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456 + +Lifetime: read-only, 0x123456 +lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, 0x123456):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:0x123456 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index cdb531212d..4790be6de1 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -59,6 +59,7 @@ * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the * flag is the name of the classification macro without the PSA_ prefix. */ #define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 ) +#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 ) #define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ do \ @@ -688,6 +689,7 @@ void lifetime( int lifetime_arg, int classification_flags, unsigned flags = classification_flags; TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_VOLATILE, lifetime, flags ); + TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_READ_ONLY, lifetime, flags ); TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence ); TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location ); From f5f07c847a924c96eedb7d1bb9b76f8bc4e2b789 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:06:51 +0200 Subject: [PATCH 0484/1065] Fix mbedtls_psa_get_stats for keys with fancy lifetimes mbedtls_psa_get_stats() was written back before lifetimes were structured as persistence and location. Fix its classification of volatile external keys and internal keys with a non-default persistence. Signed-off-by: Gilles Peskine --- library/psa_crypto_slot_management.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4cf32db2b1..b198406688 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -545,16 +545,17 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) ++stats->empty_slots; continue; } - if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) ++stats->volatile_slots; - else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + else { psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); ++stats->persistent_slots; if( id > stats->max_open_internal_key_id ) stats->max_open_internal_key_id = id; } - else + if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) != + PSA_KEY_LOCATION_LOCAL_STORAGE ) { psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); ++stats->external_slots; From 1e1eca32333d953f1d76b01cd8170301859dfffe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:08:47 +0200 Subject: [PATCH 0485/1065] Add persistent key tests with a non-default persistence Signed-off-by: Gilles Peskine --- ...test_suite_psa_crypto_slot_management.data | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 0fedd14d55..a625604be7 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -78,6 +78,27 @@ Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN +Persistent slot, check after closing, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING + +Persistent slot, check after closing and restarting, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN + +Persistent slot, check after destroying, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING + +Persistent slot, check after destroying and restarting, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN + +Persistent slot, check after purging, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING + +Persistent slot, check after purging and restarting, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN + +Persistent slot, check after restart with live handle, persistence=2 +persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN + Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE From ad2ddfe874bf0899c06569cbbd7d4df08c6eab78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:29:32 +0200 Subject: [PATCH 0486/1065] Add negative tests for key creation with an invalid lifetime Attempting to create a key with an invalid location or with read-only persistence must be rejected. Signed-off-by: Gilles Peskine --- .../test_suite_psa_crypto_slot_management.data | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index a625604be7..35c850fa99 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -128,13 +128,17 @@ Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:1:PSA_ERROR_DOES_NOT_EXIST -Create failure: invalid lifetime for a persistent key +Create failure: read-only key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:0x7fffffff:1:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):1:PSA_ERROR_INVALID_ARGUMENT -Create failure: invalid lifetime for a volatile key +Create failure: invalid location for a persistent key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:0x7fffff00:0:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10c):1:PSA_ERROR_INVALID_ARGUMENT + +Create failure: invalid location for a volatile key +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10c):0:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (0) for a persistent key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C From 87bc91c13b07743cd038b7fc2a6e97e372d1767d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 21:23:40 +0200 Subject: [PATCH 0487/1065] Forbid creating a read-only key The persistence level PSA_KEY_PERSISTENCE_READ_ONLY can now only be used as intended, for keys that cannot be modified through normal use of the API. Signed-off-by: Gilles Peskine --- ChangeLog.d/psa-read-only-keys.txt | 4 ++++ library/psa_crypto_slot_management.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/psa-read-only-keys.txt diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt new file mode 100644 index 0000000000..9e3081030c --- /dev/null +++ b/ChangeLog.d/psa-read-only-keys.txt @@ -0,0 +1,4 @@ +Features + * The PSA API no longer allows the creation of keys with a read-only lifetime. + The persistence level PSA_KEY_PERSISTENCE_READ_ONLY can now only be used + as intended, for keys that cannot be modified through normal use of the API. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index b198406688..a95b4b33a6 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -455,7 +455,10 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ) { /* Persistent keys require storage support */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - return( PSA_SUCCESS ); + if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else + return( PSA_SUCCESS ); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ return( PSA_ERROR_NOT_SUPPORTED ); #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ From fbb914f6e6537451646f08b5b3114a7f6c9393f8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:09:23 +0200 Subject: [PATCH 0488/1065] Add negative tests for psa_destroy_key Test a non-existent key identifier in a valid range. Test identifiers outside the valid range. Signed-off-by: Gilles Peskine --- .../test_suite_psa_crypto_persistent_key.data | 9 +++++++++ .../test_suite_psa_crypto_persistent_key.function | 15 +++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index dad12057e3..b25063465b 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -119,3 +119,12 @@ import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c import/export-persistent symmetric key with restart: 16 bytes depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 + +Destroy invalid id: 0 +destroy_nonexistent:0:PSA_SUCCESS + +Destroy non-existent key +destroy_nonexistent:1:PSA_ERROR_INVALID_HANDLE + +Destroy invalid id: 0xffffffff +destroy_nonexistent:0xffffffff:PSA_ERROR_INVALID_HANDLE diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 975907785c..bd9b9c97f7 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -323,3 +323,18 @@ exit: psa_destroy_persistent_key( key_id ); } /* END_CASE */ + +/* BEGIN_CASE */ +void destroy_nonexistent( int id_arg, int expected_status_arg ) +{ + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + psa_status_t expected_status = expected_status_arg; + + PSA_INIT( ); + + TEST_EQUAL( expected_status, psa_destroy_key( id ) ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ From 45a4391897677698cba7c6d3b571737359b5df56 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 21:39:27 +0200 Subject: [PATCH 0489/1065] Collect lifetime constructors Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index bc432be9f5..6eb0d00d13 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -81,11 +81,15 @@ class PSAMacroEnumerator: `self.arguments_for` for arguments that are not of a kind that is enumerated here. """ + #pylint: disable=too-many-instance-attributes def __init__(self) -> None: """Set up an empty set of known constructor macros. """ self.statuses = set() #type: Set[str] + self.lifetimes = set() #type: Set[str] + self.locations = set() #type: Set[str] + self.persistence_levels = set() #type: Set[str] self.algorithms = set() #type: Set[str] self.ecc_curves = set() #type: Set[str] self.dh_groups = set() #type: Set[str] @@ -133,6 +137,9 @@ class PSAMacroEnumerator: self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) self.arguments_for['group'] = sorted(self.dh_groups) + self.arguments_for['persistence'] = sorted(self.persistence_levels) + self.arguments_for['location'] = sorted(self.locations) + self.arguments_for['lifetime'] = sorted(self.lifetimes) @staticmethod def _format_arguments(name: str, arguments: Iterable[str]) -> str: @@ -341,6 +348,9 @@ enumerate 'ALG': self.algorithms, 'ECC_CURVE': self.ecc_curves, 'DH_GROUP': self.dh_groups, + 'KEY_LIFETIME': self.lifetimes, + 'KEY_LOCATION': self.locations, + 'KEY_PERSISTENCE': self.persistence_levels, 'KEY_TYPE': self.key_types, 'KEY_USAGE': self.key_usage_flags, } #type: Dict[str, Set[str]] @@ -367,7 +377,7 @@ enumerate 'asymmetric_encryption_algorithm': [], 'pake_algorithm': [self.pake_algorithms], 'other_algorithm': [], - 'lifetime': [], + 'lifetime': [self.lifetimes], } #type: Dict[str, List[Set[str]]] self.arguments_for['mac_length'] += ['1', '63'] self.arguments_for['min_mac_length'] += ['1', '63'] From eb7bdaa1778c8628df982f3a3146b924f97fba1c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 22:05:34 +0200 Subject: [PATCH 0490/1065] Add storage tests for lifetimes Test keys with various persistence levels, enumerated from the metadata tests. For read-only keys, do not attempt to create or destroy the key through the API, only to read a key that has been injected into storage directly through filesystem access. Do not test keys with a non-default location, since they require a driver and we do not yet have a dependency mechanism to require the presence of a driver for a specific location value. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/psa_storage.py | 4 ++ tests/scripts/generate_psa_tests.py | 39 ++++++++++++++++++- ...t_suite_psa_crypto_storage_format.function | 22 ++++++++--- 3 files changed, 59 insertions(+), 6 deletions(-) diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 3a740072e6..45f0380e7b 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -164,6 +164,10 @@ class Key: """ return self.bytes().hex() + def location_value(self) -> int: + """The numerical value of the location encoded in the key's lifetime.""" + return self.lifetime.value() >> 8 + class TestKey(unittest.TestCase): # pylint: disable=line-too-long diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 8c53414f25..9615c29a3f 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -295,6 +295,38 @@ class StorageFormat: *extra_arguments]) return tc + def key_for_lifetime( + self, + lifetime: str, + ) -> StorageKey: + """Construct a test key for the given lifetime.""" + short = lifetime + short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION', + r'', short) + short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) + description = 'lifetime: ' + short + key = StorageKey(version=self.version, + id=1, lifetime=lifetime, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + material=b'L', + description=description) + return key + + def all_keys_for_lifetimes(self) -> Iterator[StorageKey]: + """Generate test keys covering lifetimes.""" + lifetimes = sorted(self.constructors.lifetimes) + expressions = self.constructors.generate_expressions(lifetimes) + for lifetime in expressions: + # Don't attempt to create or load a volatile key in storage + if 'VOLATILE' in lifetime: + continue + # Don't attempt to create a read-only key in storage, + # but do attempt to load one. + if 'READ_ONLY' in lifetime and self.forward: + continue + yield self.key_for_lifetime(lifetime) + def key_for_usage_flags( self, usage_flags: List[str], @@ -395,12 +427,17 @@ class StorageFormat: # one go, which is a significant performance gain as the information # includes numerical values obtained by compiling a C program. keys = [] #type: List[StorageKey] + keys += self.all_keys_for_lifetimes() keys += self.all_keys_for_usage_flags() keys += self.all_keys_for_types() keys += self.all_keys_for_algorithms() for key in keys: + if key.location_value() != 0: + # Skip keys with a non-default location, because they + # require a driver and we currently have no mechanism to + # determine whether a driver is available. + continue yield self.make_test_case(key) - # To do: vary id, lifetime class TestGenerator: diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 34d63a745b..003c70be07 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -8,6 +8,7 @@ #include #define TEST_FLAG_EXERCISE 0x00000001 +#define TEST_FLAG_READ_ONLY 0x00000002 /** Write a key with the given attributes and key material to storage. * Test that it has the expected representation. @@ -115,10 +116,22 @@ static int test_read_key( const psa_key_attributes_t *expected_attributes, psa_get_key_algorithm( expected_attributes ) ) ); } - /* Destroy the key. Confirm through direct access to the storage. */ - PSA_ASSERT( psa_destroy_key( key_id ) ); - TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST, - psa_its_get_info( uid, &storage_info ) ); + + if( flags & TEST_FLAG_READ_ONLY ) + { + /* Read-only keys cannot be removed through the API. + * The key will be removed through ITS in the cleanup code below. + * Purge the key from memory so that the test framework doesn't + * think the test is leaking it. */ + PSA_ASSERT( psa_purge_key( key_id ) ); + } + else + { + /* Destroy the key. Confirm through direct access to the storage. */ + PSA_ASSERT( psa_destroy_key( key_id ) ); + TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST, + psa_its_get_info( uid, &storage_info ) ); + } ok = 1; @@ -219,7 +232,6 @@ void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( key_id ); PSA_DONE( ); } /* END_CASE */ From 576464873a25196d2f0720e7183fcd7635dbdaae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 22:07:33 +0200 Subject: [PATCH 0491/1065] Check that attempting to destroy a read-only key fails Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto_storage_format.function | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 003c70be07..b90ef6efcb 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -120,10 +120,8 @@ static int test_read_key( const psa_key_attributes_t *expected_attributes, if( flags & TEST_FLAG_READ_ONLY ) { /* Read-only keys cannot be removed through the API. - * The key will be removed through ITS in the cleanup code below. - * Purge the key from memory so that the test framework doesn't - * think the test is leaking it. */ - PSA_ASSERT( psa_purge_key( key_id ) ); + * The key will be removed through ITS in the cleanup code below. */ + TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) ); } else { From 6687cd07f3d3e9092762e7ad8bda93bf3ab8f8b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 22:32:05 +0200 Subject: [PATCH 0492/1065] Refuse to destroy read-only keys Signed-off-by: Gilles Peskine --- ChangeLog.d/psa-read-only-keys.txt | 9 +++++---- library/psa_crypto.c | 12 ++++++++++++ 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt index 9e3081030c..a4a282373f 100644 --- a/ChangeLog.d/psa-read-only-keys.txt +++ b/ChangeLog.d/psa-read-only-keys.txt @@ -1,4 +1,5 @@ -Features - * The PSA API no longer allows the creation of keys with a read-only lifetime. - The persistence level PSA_KEY_PERSISTENCE_READ_ONLY can now only be used - as intended, for keys that cannot be modified through normal use of the API. +Bugfix + * The PSA API no longer allows the creation or destruction of keys with a + read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY + can now only be used as intended, for keys that cannot be modified through + normal use of the API. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a0acc3fd9f..2177141c87 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1052,6 +1052,18 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) return( PSA_ERROR_GENERIC_ERROR ); } + if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) ) + { + /* Refuse the destruction of a read-only key (which may or may not work + * if we attempt it, depending on whether the key is merely read-only + * by policy or actually physically read-only). + * Just do the best we can, which is to wipe the copy in memory. */ + status = psa_wipe_key_slot( slot ); + if( status != PSA_SUCCESS ) + return( status ); + return( PSA_ERROR_NOT_PERMITTED ); + } + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) driver = psa_get_se_driver_entry( slot->attr.lifetime ); if( driver != NULL ) From 56949f6b633ca8ba97ce12bc0489c6265c25c2ae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 28 May 2021 01:24:57 +0200 Subject: [PATCH 0493/1065] Make immediate constants unsigned PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION shifts the location value (location << 8). This can go outside the range of a 32-bit int if the location value is above 2^23 as is the case here. Asan rightfully complained about it. Make the value unsigned to avoid the integer overflow. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto_slot_management.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 35c850fa99..68b196d32a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -134,11 +134,11 @@ create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_R Create failure: invalid location for a persistent key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10c):1:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10cU):1:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid location for a volatile key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10c):0:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10cU):0:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (0) for a persistent key depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C From 095dadc5bc05450a70697fba939ed1c42b1186a9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 23 Jun 2021 12:48:52 +0100 Subject: [PATCH 0494/1065] Fix error in psa_crypto test suite The cipher_bad_order test happened to pass, but was not testing the failure case it intended to test. Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 33e7c95328..b36299fe24 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2305,6 +2305,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Call update without an IV where an IV is required. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); TEST_EQUAL( psa_cipher_update( &operation, text, sizeof( text ), buffer, sizeof( buffer ), From 52bb83e6ad178ca0f8f68ecdcff6acbd002160a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 28 May 2021 12:59:49 +0200 Subject: [PATCH 0495/1065] Fix mbedtls_svc_key_id_is_null when KEY_ID_ENCODES_OWNER A null key id is a null key id even when it has an owner attached to it. Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 6d075334cd..57ab4c509e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2160,7 +2160,7 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, */ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) { - return( ( key.MBEDTLS_PRIVATE(key_id) == 0 ) && ( key.MBEDTLS_PRIVATE(owner) == 0 ) ); + return( key.MBEDTLS_PRIVATE(key_id) == 0 ); } #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ From 91466c8d3f6d2b61fc2fc0a4c5fecb152971c968 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 23:21:50 +0200 Subject: [PATCH 0496/1065] Hopefully clarify the example Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 57ab4c509e..7d2f432587 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2026,10 +2026,11 @@ * They must be created through platform-specific means that bypass the API. * * Some platforms may offer ways to destroy read-only keys. For example, - * a platform with multiple levels of privilege may expose a key to an - * application without allowing that application to destroy the key, in - * which case it may show the key a view of the key metadata where the - * lifetime is read-only. + * consider a platform with multiple levels of privilege, where a + * low-privilege application can use a key but is not allowed to destroy + * it, and the platform exposes the key to the application with a read-only + * lifetime. High-privilege code can destroy the key even though the + * application sees the key as read-only. * * \param lifetime The lifetime value to query (value of type * ::psa_key_lifetime_t). From f9a046ecb59fb7f2c441e50781a059657636e6ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jun 2021 23:27:54 +0200 Subject: [PATCH 0497/1065] Remove duplicate wipe call in psa_destroy_key Signed-off-by: Gilles Peskine --- library/psa_crypto.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2177141c87..4f932c6c74 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1057,11 +1057,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) /* Refuse the destruction of a read-only key (which may or may not work * if we attempt it, depending on whether the key is merely read-only * by policy or actually physically read-only). - * Just do the best we can, which is to wipe the copy in memory. */ - status = psa_wipe_key_slot( slot ); - if( status != PSA_SUCCESS ) - return( status ); - return( PSA_ERROR_NOT_PERMITTED ); + * Just do the best we can, which is to wipe the copy in memory + * (done in this function's cleanup code). */ + overall_status = PSA_ERROR_NOT_PERMITTED; + goto exit; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -1125,12 +1124,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) exit: -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_wipe_key_slot( slot ); /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ - if( overall_status == PSA_SUCCESS ) + if( status != PSA_SUCCESS ) overall_status = status; return( overall_status ); } From fc60622710121fde2fb8ed73e3935ce9c7436307 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 16 Jun 2021 11:04:07 +0200 Subject: [PATCH 0498/1065] Add customized test functions for GCM update and update_ad. New functions are used to cover corner cases: * authentication data is fed to gcm with 0, 1 or 2 calls to gcm_update * ciphertext is fed to gcm with 0, 1 or 2 calls to gcm_update_ad AES-GCM NIST test vectors downloaded at 16.06.2021 from: csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.aes128_de.data | 24 +++ tests/suites/test_suite_gcm.aes128_en.data | 24 +++ tests/suites/test_suite_gcm.function | 175 +++++++++++++++++++++ 3 files changed, 223 insertions(+) diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index c865b0cba6..efafb9dc3e 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -670,6 +670,30 @@ AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0 +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0:0 + +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1:0 + +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2:0 + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index b1dae75390..8f68b37585 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -670,6 +670,30 @@ AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0 +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0:0 + +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1:0 + +AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1:0 + +AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2:0 + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index fc01b40337..86f7fb9929 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -61,6 +61,77 @@ exit: return( ok ); } +static void check_cipher_with_empty_ad( mbedtls_gcm_context *ctx, + int mode, + const data_t *iv, + const data_t *input, + const data_t *expected_output, + const data_t *tag, + size_t ad_update_count) +{ + size_t n; + uint8_t *output = NULL; + size_t olen; + + /* Sanity checks on the test data */ + TEST_EQUAL( input->len, expected_output->len ); + + TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, + iv->x, iv->len ) ); + + for( n = 0; n < ad_update_count; n += 1 ) + { + TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, NULL, 0 ) ); + } + + /* Allocate a tight buffer for each update call. This way, if the function + * tries to write beyond the advertised required buffer size, this will + * count as an overflow for memory sanitizers and static checkers. */ + ASSERT_ALLOC( output, input->len ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x, input->len, output, input->len, &olen ) ); + TEST_EQUAL( input->len, olen ); + ASSERT_COMPARE( output, olen, expected_output->x, input->len ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + +exit: + mbedtls_free( output ); +} + +static void check_empty_cipher_with_ad( mbedtls_gcm_context *ctx, + int mode, + const data_t *iv, + const data_t *add, + const data_t *tag, + size_t cipher_update_count) +{ + size_t olen; + size_t n; + uint8_t* output_tag = NULL; + + TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) ); + + for( n = 0; n < cipher_update_count; n += 1 ) + { + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, NULL, 0, NULL, 0, &olen ) ); + TEST_EQUAL( 0, olen ); + } + + ASSERT_ALLOC( output_tag, tag->len ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output_tag, tag->len ) ); + ASSERT_COMPARE( output_tag, tag->len, tag->x, tag->len ); + +exit: + mbedtls_free( output_tag ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -196,6 +267,110 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void gcm_decrypt_and_verify_empty_cipher( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * add_str, + data_t * tag_str, + int cipher_update_calls, + int init_result ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); + if( init_result == 0 ) + { + check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, add_str, tag_str, + cipher_update_calls ); + } + + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void gcm_decrypt_and_verify_empty_ad( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * src_str, + data_t * tag_str, + data_t * pt_result, + int ad_update_calls, + int init_result ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); + if( init_result == 0 ) + { + check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, src_str, pt_result, tag_str, + ad_update_calls ); + } + + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void gcm_encrypt_and_tag_empty_cipher( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * add_str, + data_t * tag_str, + int cipher_update_calls, + int init_result ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); + if( init_result == 0 ) + { + check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, add_str, tag_str, + cipher_update_calls ); + } + +exit: + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void gcm_encrypt_and_tag_empty_ad( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * src_str, + data_t * dst, + data_t * tag_str, + int ad_update_calls, + int init_result ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); + if( init_result == 0 ) + { + check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, src_str, dst, tag_str, + ad_update_calls ); + } + +exit: + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:NOT_DEFINED */ void gcm_invalid_param( ) { From f8a0d4d3bf4d5574f5521ae5b18a6445453cf308 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 17 Jun 2021 11:40:52 +0200 Subject: [PATCH 0499/1065] Fix nested loops set_step in gcm test suite. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.function | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 86f7fb9929..109f300e2c 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -194,11 +194,9 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { - mbedtls_test_set_step( n1 ); - for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 ) { - mbedtls_test_set_step( n1_add ); + mbedtls_test_set_step( n1 * 10000 + n1_add ); if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT, iv_str, add_str, src_str, dst, tag, @@ -248,10 +246,9 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { - mbedtls_test_set_step( n1 ); for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 ) { - mbedtls_test_set_step( n1_add ); + mbedtls_test_set_step( n1 * 10000 + n1_add ); if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT, iv_str, add_str, src_str, pt_result, tag_str, From 032a1ceaf32cdd16fa063e55c8fefe55ac0929aa Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 17 Jun 2021 11:50:26 +0200 Subject: [PATCH 0500/1065] Remove init_result check from custom gcm test functions. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.aes128_de.data | 12 ++--- tests/suites/test_suite_gcm.aes128_en.data | 12 ++--- tests/suites/test_suite_gcm.function | 56 ++++++++-------------- 3 files changed, 32 insertions(+), 48 deletions(-) diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index efafb9dc3e..ed41d1e3d5 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -672,27 +672,27 @@ gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114": AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0:0 +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0 AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1:0 +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1 AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2:0 +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0:0 +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1:0 +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 depends_on:MBEDTLS_AES_C -gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2:0 +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2 AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index 8f68b37585..40b2e5fbf1 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -672,27 +672,27 @@ gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"24 AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0:0 +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0 AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1:0 +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1 AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2:0 +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0:0 +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1:0 +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1 AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 depends_on:MBEDTLS_AES_C -gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2:0 +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2 AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 109f300e2c..af5cacd98c 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -270,20 +270,16 @@ void gcm_decrypt_and_verify_empty_cipher( int cipher_id, data_t * iv_str, data_t * add_str, data_t * tag_str, - int cipher_update_calls, - int init_result ) + int cipher_update_calls ) { mbedtls_gcm_context ctx; mbedtls_gcm_init( &ctx ); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_DECRYPT, - iv_str, add_str, tag_str, - cipher_update_calls ); - } + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, add_str, tag_str, + cipher_update_calls ); mbedtls_gcm_free( &ctx ); } @@ -296,20 +292,16 @@ void gcm_decrypt_and_verify_empty_ad( int cipher_id, data_t * src_str, data_t * tag_str, data_t * pt_result, - int ad_update_calls, - int init_result ) + int ad_update_calls ) { mbedtls_gcm_context ctx; mbedtls_gcm_init( &ctx ); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_DECRYPT, - iv_str, src_str, pt_result, tag_str, - ad_update_calls ); - } + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, src_str, pt_result, tag_str, + ad_update_calls ); mbedtls_gcm_free( &ctx ); } @@ -321,20 +313,16 @@ void gcm_encrypt_and_tag_empty_cipher( int cipher_id, data_t * iv_str, data_t * add_str, data_t * tag_str, - int cipher_update_calls, - int init_result ) + int cipher_update_calls ) { mbedtls_gcm_context ctx; mbedtls_gcm_init( &ctx ); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_str, add_str, tag_str, - cipher_update_calls ); - } + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, add_str, tag_str, + cipher_update_calls ); exit: mbedtls_gcm_free( &ctx ); @@ -348,20 +336,16 @@ void gcm_encrypt_and_tag_empty_ad( int cipher_id, data_t * src_str, data_t * dst, data_t * tag_str, - int ad_update_calls, - int init_result ) + int ad_update_calls ) { mbedtls_gcm_context ctx; mbedtls_gcm_init( &ctx ); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_str, src_str, dst, tag_str, - ad_update_calls ); - } + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, src_str, dst, tag_str, + ad_update_calls ); exit: mbedtls_gcm_free( &ctx ); From 58d3a7ef9775eecdeacb3643d63b1c6f0d5a4b37 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 17 Jun 2021 23:48:08 +0200 Subject: [PATCH 0501/1065] Add GCM tests with vectors lengths non-dividable by 16. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.aes128_de.data | 36 ++++++++++++++++++---- tests/suites/test_suite_gcm.aes128_en.data | 36 ++++++++++++++++++---- 2 files changed, 60 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index ed41d1e3d5..7b823dd784 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -670,30 +670,54 @@ AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 0 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 1 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 2 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 0 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":0 + +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 1 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":1 + +AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 2 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":2 + +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 0 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 1 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 2 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2 +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 0 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":0 + +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 1 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":1 + +AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2 +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2 + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index 40b2e5fbf1..f4856bff24 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -670,30 +670,54 @@ AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 0 +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 0 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 1 +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 1 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1 -AES-GCM NIST CAVS 14.0 - Empty ciphertext. Non-empty AD. Ciphertext updates: 2 +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 2 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 0 +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 0 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":0 + +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 1 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":1 + +AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 2 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":2 + +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 0 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 1 +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 1 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1 -AES-GCM NIST CAVS 14.0 - Empty AD. Non-empty ciphertext. AD updates: 2 +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 2 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2 +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 0 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":0 + +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 1 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":1 + +AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2 +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2 + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT From 469c9f35f6934e5e0727a5d47c5dd598a9ab4afd Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 18 Jun 2021 00:06:52 +0200 Subject: [PATCH 0502/1065] Add GCM tests for empty ciphertext/plaintext and empty AD. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_gcm.aes128_de.data | 4 ++ tests/suites/test_suite_gcm.aes128_en.data | 4 ++ tests/suites/test_suite_gcm.function | 53 ++++++++++++++++++++++ 3 files changed, 61 insertions(+) diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index 7b823dd784..3df31e56bf 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -718,6 +718,10 @@ AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2 depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2 +AES-GCM NIST - empty AD, empty ciphertext +depends_on:MBEDTLS_AES_C +gcm_decrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"cf063a34d4a9a76c2c86787d3f96db71":"113b9785971864c83b01c787":"72ac8493e3a5228b5d130a69d2510e42" + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index f4856bff24..d60c458bcd 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -718,6 +718,10 @@ AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2 depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2 +AES-GCM NIST - empty AD, empty plaintext +depends_on:MBEDTLS_AES_C +gcm_encrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"11754cd72aec309bf52f7687212e8957":"3c819d9a9bed087615030b65":"250327c674aaf477aef2675748cf6971" + AES-GCM Bad IV (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_AES_C gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index af5cacd98c..005c49884c 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -132,6 +132,23 @@ exit: mbedtls_free( output_tag ); } +static void check_no_cipher_no_ad( mbedtls_gcm_context *ctx, + int mode, + const data_t *iv, + const data_t *tag ) +{ + uint8_t *output = NULL; + + TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, + iv->x, iv->len ) ); + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + +exit: + mbedtls_free( output ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -307,6 +324,24 @@ void gcm_decrypt_and_verify_empty_ad( int cipher_id, } /* END_CASE */ +/* BEGIN_CASE */ +void gcm_decrypt_and_verify_no_ad_no_cipher( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * tag_str ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, tag_str ); + + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE */ void gcm_encrypt_and_tag_empty_cipher( int cipher_id, data_t * key_str, @@ -352,6 +387,24 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void gcm_encrypt_and_verify_no_ad_no_cipher( int cipher_id, + data_t * key_str, + data_t * iv_str, + data_t * tag_str ) +{ + mbedtls_gcm_context ctx; + + mbedtls_gcm_init( &ctx ); + + TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); + check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, tag_str ); + + mbedtls_gcm_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:NOT_DEFINED */ void gcm_invalid_param( ) { From 939a54cda35d927f4c9869d0c2108fab8296c620 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 22 Jun 2021 11:12:28 +0200 Subject: [PATCH 0503/1065] Fix typos and style issues. Signed-off-by: Mateusz Starzyk --- library/gcm.c | 10 +++++----- tests/suites/test_suite_gcm.function | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index 02265ce897..8fa4ee779b 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -281,7 +281,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( iv != NULL ); - /* IV is are limited to 2^64 bits, so 2^61 bytes */ + /* IV is limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ if( iv_len == 0 || (uint64_t) iv_len >> 61 != 0 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -335,8 +335,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, /** * mbedtls_gcm_context::buf contains the partial state of the computation of * the authentication tag. - * mbedtls_gcm_context::::add_len and mbedtls_gcm_context::len indicate - * differenet stages of the computation: + * mbedtls_gcm_context::add_len and mbedtls_gcm_context::len indicate + * different stages of the computation: * * len == 0 && add_len == 0: initial state * * len == 0 && add_len % 16 != 0: the first `add_len % 16` bytes have * a partial block of AD that has been @@ -357,7 +357,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - /* IV is are limited to 2^64 bits, so 2^61 bytes */ + /* IV is limited to 2^64 bits, so 2^61 bytes */ if( (uint64_t) add_len >> 61 != 0 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -370,7 +370,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, if( use_len > add_len ) use_len = add_len; - for ( i = 0; i < use_len; i++ ) + for( i = 0; i < use_len; i++ ) ctx->buf[i+offset] ^= p[i]; if( offset + use_len == 16 ) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 005c49884c..49859dda91 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -79,7 +79,7 @@ static void check_cipher_with_empty_ad( mbedtls_gcm_context *ctx, TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) ); - for( n = 0; n < ad_update_count; n += 1 ) + for( n = 0; n < ad_update_count; n++ ) { TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, NULL, 0 ) ); } @@ -117,7 +117,7 @@ static void check_empty_cipher_with_ad( mbedtls_gcm_context *ctx, TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) ); TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) ); - for( n = 0; n < cipher_update_count; n += 1 ) + for( n = 0; n < cipher_update_count; n++ ) { olen = 0xdeadbeef; TEST_EQUAL( 0, mbedtls_gcm_update( ctx, NULL, 0, NULL, 0, &olen ) ); From 647791da5b10885feb97d2fef908c1472acf4736 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 23 Jun 2021 12:49:59 +0100 Subject: [PATCH 0504/1065] Add negative tests for psa_abort in cipher and mac functions Various functions for PSA cipher and mac operations call abort on failure; test that this is done. The PSA spec does not require this behaviour, but it makes our implementation more robust in case the user does not abort the operation as required by the PSA spec. Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto.function | 23 +++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b36299fe24..5c44979cda 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -19,6 +19,11 @@ /* If this comes up, it's a bug in the test code or in the test data. */ #define UNUSED 0xdeadbeef +/* Assert that an operation is (not) active. + * This serves as a proxy for checking if the operation is aborted. */ +#define ASSERT_OPERATION_IS_ACTIVE( operation ) TEST_ASSERT( operation.id != 0 ) +#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 ) + /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -1919,19 +1924,25 @@ void mac_bad_order( ) /* Setup sign but try verify. */ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_mac_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Setup verify but try sign. */ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), &sign_mac_length ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_mac_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_destroy_key( key ) ); @@ -2255,11 +2266,14 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_generate_iv( &operation, buffer, sizeof( buffer ), &length ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_generate_iv( &operation, buffer, sizeof( buffer ), &length ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Generate an IV after it's already set. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); @@ -2281,10 +2295,13 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Set an IV after it's already generated. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); @@ -2306,12 +2323,15 @@ void cipher_bad_order( ) /* Call update without an IV where an IV is required. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_update( &operation, text, sizeof( text ), buffer, sizeof( buffer ), &length ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Call update after finish. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); @@ -2336,10 +2356,13 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); /* Not calling update means we are encrypting an empty buffer, which is OK * for cipher modes with padding. */ + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_finish( &operation, buffer, sizeof( buffer ), &length ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Call finish twice in a row. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); From 38e62aebc3168e195deafbdc19999d7c58be9fbb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 23 Jun 2021 11:38:39 +0100 Subject: [PATCH 0505/1065] Update cipher and mac functions to abort on error Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 80 +++++++++++++++++++++++++++++++------------- 1 file changed, 56 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a0acc3fd9f..2ffcb22a36 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2365,19 +2365,27 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, * unachievable MAC. */ *mac_length = mac_size; - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->id == 0 ) { + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } - if( ! operation->is_sign ) - return( PSA_ERROR_BAD_STATE ); + if( ! operation->is_sign ) { + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL) * once all the error checks are done. */ - if( operation->mac_size == 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->mac_size == 0 ) { + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } - if( mac_size < operation->mac_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if( mac_size < operation->mac_size ) { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto cleanup; + } status = psa_driver_wrapper_mac_sign_finish( operation, mac, operation->mac_size, @@ -2399,6 +2407,7 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, memset( &mac[operation->mac_size], '!', mac_size - operation->mac_size ); +cleanup: abort_status = psa_mac_abort( operation ); return( status == PSA_SUCCESS ? abort_status : status ); @@ -2411,11 +2420,15 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->id == 0 ) { + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } - if( operation->is_sign ) - return( PSA_ERROR_BAD_STATE ); + if( operation->is_sign ) { + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } if( operation->mac_size != mac_length ) { @@ -3257,12 +3270,14 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, if( operation->id == 0 ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } if( operation->iv_set || ! operation->iv_required ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } if( iv_size < operation->default_iv_length ) @@ -3297,19 +3312,26 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->id == 0 ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } - if( operation->iv_set || ! operation->iv_required ) - return( PSA_ERROR_BAD_STATE ); + if( operation->iv_set || ! operation->iv_required ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } - if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } status = psa_driver_wrapper_cipher_set_iv( operation, iv, iv_length ); +exit: if( status == PSA_SUCCESS ) operation->iv_set = 1; else @@ -3328,11 +3350,14 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, if( operation->id == 0 ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } + if( operation->iv_required && ! operation->iv_set ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } status = psa_driver_wrapper_cipher_update( operation, @@ -3341,6 +3366,8 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, output, output_size, output_length ); + +exit: if( status != PSA_SUCCESS ) psa_cipher_abort( operation ); @@ -3356,17 +3383,22 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, if( operation->id == 0 ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } + if( operation->iv_required && ! operation->iv_set ) { - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto exit; } status = psa_driver_wrapper_cipher_finish( operation, output, output_size, output_length ); + +exit: if( status == PSA_SUCCESS ) return( psa_cipher_abort( operation ) ); else From 5a7be1041936e9dbdea16eff5051fafbcfde021b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Jun 2021 21:51:32 +0200 Subject: [PATCH 0506/1065] Add output_length parameter to mbedtls_gcm_finish Without this parameter, it would be hard for callers to know how many bytes of output the function wrote into the output buffer. It would be possible, since the cumulated output must have the same length as the cumulated input, but it would be cumbersome for the caller to keep track. Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 5 +++++ library/cipher.c | 13 +++++++++++-- library/gcm.c | 8 +++++--- tests/suites/test_suite_gcm.function | 14 ++++++++++---- 4 files changed, 31 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index f3c30350de..06b06b48cb 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -339,6 +339,10 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * then mbedtls_gcm_finish() never produces any output, * so \p output_size can be \c 0. * - \p output_size never needs to be more than \c 15. + * \param output_length On success, \p *output_length contains the actual + * length of the output written in \p output. + * On failure, the content of \p *output_length is + * unspecified. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure: @@ -347,6 +351,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, */ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *output, size_t output_size, + size_t *output_length, unsigned char *tag, size_t tag_len ); /** diff --git a/library/cipher.c b/library/cipher.c index 4f56b52888..546cace552 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1109,9 +1109,14 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) + { + size_t output_length; + /* The code here doesn't yet support alternative implementations + * that can delay up to a block of output. */ return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, - NULL, 0, + NULL, 0, &output_length, tag, tag_len ) ); + } #endif #if defined(MBEDTLS_CHACHAPOLY_C) @@ -1158,12 +1163,16 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { + size_t output_length; + /* The code here doesn't yet support alternative implementations + * that can delay up to a block of output. */ + if( tag_len > sizeof( check_tag ) ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, - NULL, 0, + NULL, 0, &output_length, check_tag, tag_len ) ) ) { return( ret ); diff --git a/library/gcm.c b/library/gcm.c index 8fa4ee779b..835b1b2853 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -532,6 +532,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *output, size_t output_size, + size_t *output_length, unsigned char *tag, size_t tag_len ) { unsigned char work_buf[16]; @@ -546,6 +547,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, * for the sake of alternative implementations. */ (void) output; (void) output_size; + *output_length = 0; orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; @@ -616,7 +618,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, output, length, &olen ) ) != 0 ) return( ret ); - if( ( ret = mbedtls_gcm_finish( ctx, NULL, 0, tag, tag_len ) ) != 0 ) + if( ( ret = mbedtls_gcm_finish( ctx, NULL, 0, &olen, tag, tag_len ) ) != 0 ) return( ret ); return( 0 ); @@ -1068,7 +1070,7 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; } - ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag_buf, 16 ); if( ret != 0 ) goto exit; @@ -1140,7 +1142,7 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; } - ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag_buf, 16 ); if( ret != 0 ) goto exit; diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 49859dda91..c530e6b429 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -50,7 +50,8 @@ static int check_multipart( mbedtls_gcm_context *ctx, output = NULL; ASSERT_ALLOC( output, tag->len ); - TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) ); + TEST_EQUAL( 0, olen ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); mbedtls_free( output ); output = NULL; @@ -96,7 +97,8 @@ static void check_cipher_with_empty_ad( mbedtls_gcm_context *ctx, output = NULL; ASSERT_ALLOC( output, tag->len ); - TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) ); + TEST_EQUAL( 0, olen ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); exit: @@ -125,7 +127,9 @@ static void check_empty_cipher_with_ad( mbedtls_gcm_context *ctx, } ASSERT_ALLOC( output_tag, tag->len ); - TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output_tag, tag->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, + output_tag, tag->len ) ); + TEST_EQUAL( 0, olen ); ASSERT_COMPARE( output_tag, tag->len, tag->x, tag->len ); exit: @@ -138,11 +142,13 @@ static void check_no_cipher_no_ad( mbedtls_gcm_context *ctx, const data_t *tag ) { uint8_t *output = NULL; + size_t olen = 0; TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) ); ASSERT_ALLOC( output, tag->len ); - TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) ); + TEST_EQUAL( 0, olen ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); exit: From 5ae6f7547cda932ebf9d41c6fe4bdfef225f57e9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 11:36:14 +0100 Subject: [PATCH 0507/1065] Add negative tests for psa_abort in hash functions Various functions for PSA hash operations call abort on failure; test that this is done. The PSA spec does not require this behaviour, but it makes our implementation more robust in case the user does not abort the operation as required by the PSA spec. Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto.function | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5c44979cda..34d038b6b9 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1545,15 +1545,28 @@ void hash_bad_order( ) /* Call setup twice in a row. */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_hash_setup( &operation, alg ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_hash_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Call update without calling setup beforehand. */ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_hash_abort( &operation ) ); + /* Check that update calls abort on error. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + operation.ctx.mbedtls_ctx.alg = PSA_ALG_XTS; + ASSERT_OPERATION_IS_ACTIVE( operation ); + TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); + /* Call update after finish. */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); PSA_ASSERT( psa_hash_finish( &operation, @@ -1579,11 +1592,14 @@ void hash_bad_order( ) /* Call verify twice in a row. */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); PSA_ASSERT( psa_hash_verify( &operation, valid_hash, sizeof( valid_hash ) ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); TEST_EQUAL( psa_hash_verify( &operation, valid_hash, sizeof( valid_hash ) ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_hash_abort( &operation ) ); /* Call finish without calling setup beforehand. */ @@ -1632,8 +1648,12 @@ void hash_verify_bad_args( ) /* psa_hash_verify with a smaller hash than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ), PSA_ERROR_INVALID_SIGNATURE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* psa_hash_verify with a non-matching hash */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); @@ -1876,9 +1896,12 @@ void mac_bad_order( ) /* Call setup twice in a row. */ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_mac_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Call update after sign finish. */ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); @@ -2244,15 +2267,21 @@ void cipher_bad_order( ) /* Call encrypt setup twice in a row. */ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Call decrypt setup twice in a row. */ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); + ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); + ASSERT_OPERATION_IS_INACTIVE( operation ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_OPERATION_IS_INACTIVE( operation ); /* Generate an IV without calling setup beforehand. */ TEST_EQUAL( psa_cipher_generate_iv( &operation, From 685b6a742b457b92af9d1d64090ea3f2d2e1074f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 11:49:14 +0100 Subject: [PATCH 0508/1065] Update multipart hash operations to abort on error Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 57 ++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2ffcb22a36..75404aa951 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2080,34 +2080,51 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - return( PSA_ERROR_BAD_STATE ); + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( !PSA_ALG_IS_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + /* A context must be freshly initialized before it can be set up. */ + if( operation->id != 0 ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if( !PSA_ALG_IS_HASH( alg ) ) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only * directly zeroes the int-sized dummy member of the context union. */ memset( &operation->ctx, 0, sizeof( operation->ctx ) ); - return( psa_driver_wrapper_hash_setup( operation, alg ) ); + status = psa_driver_wrapper_hash_setup( operation, alg ); + +exit: + if( status != PSA_SUCCESS ) + psa_hash_abort(operation); + + return status; } psa_status_t psa_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if( operation->id == 0 ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ if( input_length == 0 ) return( PSA_SUCCESS ); - psa_status_t status = psa_driver_wrapper_hash_update( operation, - input, input_length ); + status = psa_driver_wrapper_hash_update( operation, input, input_length ); + +exit: if( status != PSA_SUCCESS ) psa_hash_abort( operation ); @@ -2139,13 +2156,23 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ); + if( status != PSA_SUCCESS ) - return( status ); - if( actual_hash_length != hash_length ) - return( PSA_ERROR_INVALID_SIGNATURE ); + goto exit; + + if( actual_hash_length != hash_length ) { + status = PSA_ERROR_INVALID_SIGNATURE; + goto exit; + } + if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) - return( PSA_ERROR_INVALID_SIGNATURE ); - return( PSA_SUCCESS ); + status = PSA_ERROR_INVALID_SIGNATURE; + +exit: + if( status != PSA_SUCCESS ) + psa_hash_abort(operation); + + return( status ); } psa_status_t psa_hash_compute( psa_algorithm_t alg, From 54648243cd71ebfb01f8ef53e99a051dbb0f6c4c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 11:49:45 +0100 Subject: [PATCH 0509/1065] Call abort on error in psa_mac/cipher setup Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 75404aa951..9ab7561f78 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2294,11 +2294,13 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; + psa_key_slot_t *slot = NULL; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->id != 0 ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } status = psa_get_and_lock_key_slot_with_policy( key, @@ -2306,7 +2308,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; psa_key_attributes_t attributes = { .core = slot->attr @@ -3216,18 +3218,22 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; + psa_key_slot_t *slot = NULL; psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_DECRYPT ); /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - return( PSA_ERROR_BAD_STATE ); + if( operation->id != 0 ) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } /* The requested algorithm must be one that can be processed by cipher. */ - if( ! PSA_ALG_IS_CIPHER( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( ! PSA_ALG_IS_CIPHER( alg ) ) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } /* Fetch key material from key storage. */ status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); From 8081ced91d5aac95f46b19ee70fe8302d0b68c30 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 14:24:13 +0100 Subject: [PATCH 0510/1065] Prevent memory leak in ecp_check_pubkey_x25519() Signed-off-by: Janos Follath --- library/ecp.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 8edf5df888..ba395b8dce 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2810,18 +2810,30 @@ static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) /* Check against the known bad values that are less than P in the * following list: https://cr.yp.to/ecdh.html#validate */ if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) ); if( mbedtls_mpi_cmp_mpi( &XmP, P ) == 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } ret = 0; From 2f1d7f9deb57afabf61bbc3884e35582d14042e2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 14:38:14 +0100 Subject: [PATCH 0511/1065] Remove redundant ecp_check_pub() tests Signed-off-by: Janos Follath --- tests/suites/test_suite_ecp.data | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 01c4289eba..0b225be879 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -63,16 +63,6 @@ ECP check pubkey Montgomery low-order point #2 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY -# see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #1 0 -depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY - -# see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #2 1 -depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY - # see https://cr.yp.to/ecdh.html#validate ECP check pubkey Montgomery low-order point #3 (let's call this u) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED From 8c70e815dda48df8fe7e60a3c0f6dcb5ed9a122d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 14:48:38 +0100 Subject: [PATCH 0512/1065] Move mpi constant macros to bn_mul.h Signed-off-by: Janos Follath --- library/bn_mul.h | 40 ++++++++++++++++++++++++++++++++++++++++ library/ecp.c | 17 +---------------- library/ecp_curves.c | 40 +--------------------------------------- 3 files changed, 42 insertions(+), 55 deletions(-) diff --git a/library/bn_mul.h b/library/bn_mul.h index 17d057f3ab..bf451932f2 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -44,6 +44,46 @@ #include "mbedtls/bignum.h" + +/* + * Conversion macros for embedded constants: + * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2 + */ +#if defined(MBEDTLS_HAVE_INT32) + +#define BYTES_TO_T_UINT_4( a, b, c, d ) \ + ( (mbedtls_mpi_uint) (a) << 0 ) | \ + ( (mbedtls_mpi_uint) (b) << 8 ) | \ + ( (mbedtls_mpi_uint) (c) << 16 ) | \ + ( (mbedtls_mpi_uint) (d) << 24 ) + +#define BYTES_TO_T_UINT_2( a, b ) \ + BYTES_TO_T_UINT_4( a, b, 0, 0 ) + +#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ + BYTES_TO_T_UINT_4( a, b, c, d ), \ + BYTES_TO_T_UINT_4( e, f, g, h ) + +#else /* 64-bits */ + +#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ + ( (mbedtls_mpi_uint) (a) << 0 ) | \ + ( (mbedtls_mpi_uint) (b) << 8 ) | \ + ( (mbedtls_mpi_uint) (c) << 16 ) | \ + ( (mbedtls_mpi_uint) (d) << 24 ) | \ + ( (mbedtls_mpi_uint) (e) << 32 ) | \ + ( (mbedtls_mpi_uint) (f) << 40 ) | \ + ( (mbedtls_mpi_uint) (g) << 48 ) | \ + ( (mbedtls_mpi_uint) (h) << 56 ) + +#define BYTES_TO_T_UINT_4( a, b, c, d ) \ + BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) + +#define BYTES_TO_T_UINT_2( a, b ) \ + BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) + +#endif /* bits in mbedtls_mpi_uint */ + #if defined(MBEDTLS_HAVE_ASM) #ifndef asm diff --git a/library/ecp.c b/library/ecp.c index ba395b8dce..c65358cb88 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -77,6 +77,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "bn_mul.h" #include "ecp_invasive.h" #include @@ -2747,22 +2748,6 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -/* Duplicated macros from ecp_curves.c */ -#if defined(MBEDTLS_HAVE_INT32) -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - BYTES_TO_T_UINT_4( a, b, c, d ), \ - BYTES_TO_T_UINT_4( e, f, g, h ) -#else /* 64-bits */ -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) | \ - ( (mbedtls_mpi_uint) (e) << 32 ) | \ - ( (mbedtls_mpi_uint) (f) << 40 ) | \ - ( (mbedtls_mpi_uint) (g) << 48 ) | \ - ( (mbedtls_mpi_uint) (h) << 56 ) -#endif /* bits in mbedtls_mpi_uint */ #define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} #define ECP_MPI_INIT_ARRAY(x) \ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 16d211600d..07c5c4e541 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -25,6 +25,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "bn_mul.h" #include "ecp_invasive.h" #include @@ -42,45 +43,6 @@ #define inline __inline #endif -/* - * Conversion macros for embedded constants: - * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2 - */ -#if defined(MBEDTLS_HAVE_INT32) - -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) - -#define BYTES_TO_T_UINT_2( a, b ) \ - BYTES_TO_T_UINT_4( a, b, 0, 0 ) - -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - BYTES_TO_T_UINT_4( a, b, c, d ), \ - BYTES_TO_T_UINT_4( e, f, g, h ) - -#else /* 64-bits */ - -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) | \ - ( (mbedtls_mpi_uint) (e) << 32 ) | \ - ( (mbedtls_mpi_uint) (f) << 40 ) | \ - ( (mbedtls_mpi_uint) (g) << 48 ) | \ - ( (mbedtls_mpi_uint) (h) << 56 ) - -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ - BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) - -#define BYTES_TO_T_UINT_2( a, b ) \ - BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) - -#endif /* bits in mbedtls_mpi_uint */ - #define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} #define ECP_MPI_INIT_ARRAY(x) \ From 8b8b781524ef5a13dcd97c6c7809ad8a205cbb76 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 15:00:33 +0100 Subject: [PATCH 0513/1065] Use mbedtls_mpi_lset() more Signed-off-by: Janos Follath --- library/ecp_curves.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 07c5c4e541..0aeb72294c 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -4629,7 +4629,7 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) /* Constants used by ecp_use_curve25519() */ -static const unsigned char curve25519_a24[] = { 0x01, 0xDB, 0x42 }; +static const mbedtls_mpi_sint curve25519_a24 = 0x01DB42; static const unsigned char curve25519_part_of_n[] = { 0x14, 0xDE, 0xF9, 0xDE, 0xA2, 0xF7, 0x9C, 0xD6, 0x58, 0x12, 0x63, 0x1A, 0x5C, 0xF5, 0xD3, 0xED, @@ -4643,8 +4643,7 @@ static int ecp_use_curve25519( mbedtls_ecp_group *grp ) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->A, - curve25519_a24, sizeof( curve25519_a24 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve25519_a24 ) ); /* P = 2^255 - 19 */ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); @@ -4676,7 +4675,7 @@ cleanup: #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) /* Constants used by ecp_use_curve448() */ -static const unsigned char curve448_a24[] = { 0x98, 0xAA }; +static const mbedtls_mpi_sint curve448_a24 = 0x98AA; static const unsigned char curve448_part_of_n[] = { 0x83, 0x35, 0xDC, 0x16, 0x3B, 0xB1, 0x24, 0xB6, 0x51, 0x29, 0xC9, 0x6F, 0xDE, 0x93, @@ -4695,8 +4694,7 @@ static int ecp_use_curve448( mbedtls_ecp_group *grp ) mbedtls_mpi_init( &Ns ); /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->A, - curve448_a24, sizeof( curve448_a24 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve448_a24 ) ); /* P = 2^448 - 2^224 - 1 */ MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); From 45af039682ddc5468e51de511f10a5e9fd53a33b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 15:10:15 +0100 Subject: [PATCH 0514/1065] Add DoS test case for ecp_check_pub A test case for which the loop would take practically forever if it was reached. The point would be to validate that the loop is not reached. The test case should cause the CI to time out if starting with the current code, ecp_check_pubkey_mx() was changed to call ecp_check_pubkey_x25519() first and run the mbedtls_mpi_size(() test afterwards, which would make no semantic difference in terms of memory contents when the function returns, but would open the way for a DoS. Signed-off-by: Janos Follath --- tests/suites/test_suite_ecp.data | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 0b225be879..5b513ab766 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -33,13 +33,17 @@ ECP curve info #8 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1" -ECP check pubkey Montgomery #1 (too big) +ECP check pubkey Montgomery #1 (biggest) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0 + +ECP check pubkey Montgomery #2 (too big) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check pubkey Montgomery #2 (biggest) +ECP check pubkey Montgomery #3 (DoS big) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0 +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY ECP check pubkey Montgomery y ignored depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED From 865a75e95b996fd5cea5de23277508918ec9bd4c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 15:34:59 +0100 Subject: [PATCH 0515/1065] Reject low-order points on Curve448 early We were already rejecting them at the end, due to the fact that with the usual (x, z) formulas they lead to the result (0, 0) so when we want to normalize at the end, trying to compute the modular inverse of z will give an error. If we wanted to support those points, we'd a special case in ecp_normalize_mxz(). But it's actually permitted by all sources (RFC 7748 say we MAY reject 0 as a result) and recommended by some to reject those points (either to ensure contributory behaviour, or to protect against timing attack when the underlying field arithmetic is not constant-time). Since our field arithmetic is indeed not constant-time, let's reject those points before they get mixed with sensitive data (in ecp_mul_mxz()), in order to avoid exploitable leaks caused by the special cases they would trigger. (See the "May the Fourth" paper https://eprint.iacr.org/2017/806.pdf) Signed-off-by: Janos Follath --- library/ecp.c | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index c65358cb88..0516e5ceac 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2772,6 +2772,7 @@ static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( x25519_bad_point_1 ); static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( x25519_bad_point_2 ); +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ /* * Check that the input point is not one of the low-order points. @@ -2779,7 +2780,8 @@ static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( * https://eprint.iacr.org/2017/806.pdf * Those points are never sent by an honest peer. */ -static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) +static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, + const mbedtls_ecp_group_id grp_id ) { int ret; mbedtls_mpi XmP; @@ -2792,25 +2794,31 @@ static int ecp_check_pubkey_x25519( const mbedtls_mpi *X, const mbedtls_mpi *P ) while( mbedtls_mpi_cmp_mpi( &XmP, P ) >= 0 ) MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &XmP, &XmP, P ) ); - /* Check against the known bad values that are less than P in the - * following list: https://cr.yp.to/ecdh.html#validate */ + /* Check against the known bad values that are less than P. For Curve448 + * these are 0, 1 and -1. For Curve25519 we check the values less than P + * from the following list: https://cr.yp.to/ecdh.html#validate */ if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) { - ret = MBEDTLS_ERR_ECP_INVALID_KEY; - goto cleanup; - } + if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) - { - ret = MBEDTLS_ERR_ECP_INVALID_KEY; - goto cleanup; + if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto cleanup; + } } +#endif /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) ); @@ -2827,7 +2835,6 @@ cleanup: return( ret ); } -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ /* * Check validity of a public key for Montgomery curves with x-only schemes @@ -2846,12 +2853,7 @@ static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_ if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) - return( ecp_check_pubkey_x25519( &pt->X, &grp->P ) ); -#endif - - return( 0 ); + return( ecp_check_bad_points_mx( &pt->X, &grp->P, grp->id ) ); } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ From 59e7aac4d1cf6c3163e5664f608a73cb91da92ac Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 24 Jun 2021 16:08:40 +0100 Subject: [PATCH 0516/1065] Add ecp_check_pub tests for Curve 448 Signed-off-by: Janos Follath --- tests/suites/test_suite_ecp.data | 80 +++++++++++++++++++++++++------- 1 file changed, 62 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 5b513ab766..2916fa36b2 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -33,90 +33,134 @@ ECP curve info #8 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1" -ECP check pubkey Montgomery #1 (biggest) +ECP check pubkey Curve25519 #1 (biggest) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0 -ECP check pubkey Montgomery #2 (too big) +ECP check pubkey Curve25519 #2 (too big) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check pubkey Montgomery #3 (DoS big) +ECP check pubkey Curve25519 #3 (DoS big) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check pubkey Montgomery y ignored +ECP check pubkey Curve25519 y ignored depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"-1":"1":0 -ECP check pubkey Montgomery z is not 1 +ECP check pubkey Curve25519 z is not 1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check pubkey Montgomery x negative +ECP check pubkey Curve25519 x negative depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #1 +ECP check pubkey Curve25519 low-order point #1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #2 +ECP check pubkey Curve25519 low-order point #2 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #3 (let's call this u) +ECP check pubkey Curve25519 low-order point #3 (let's call this u) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebe0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #4 (let's call this v) +ECP check pubkey Curve25519 low-order point #4 (let's call this v) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"57119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c5f":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #5 p-1 +ECP check pubkey Curve25519 low-order point #5 p-1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #6 p +ECP check pubkey Curve25519 low-order point #6 p depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #7 p+1 +ECP check pubkey Curve25519 low-order point #7 p+1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffee":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #8 p+u +ECP check pubkey Curve25519 low-order point #8 p+u depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"80b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebcd":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #9 p+v +ECP check pubkey Curve25519 low-order point #9 p+v depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"d7119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c4c":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #10 2p-1 +ECP check pubkey Curve25519 low-order point #10 2p-1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd9":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #11 2p +ECP check pubkey Curve25519 low-order point #11 2p depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffda":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate -ECP check pubkey Montgomery low-order point #12 2p+1 +ECP check pubkey Curve25519 low-order point #12 2p+1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY +ECP check pubkey Curve448 #1 (biggest) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0 + +ECP check pubkey Curve448 #2 (too big) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 #3 (DoS big) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 y ignored +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"-1":"1":0 + +ECP check pubkey Curve448 z is not 1 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 x negative +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"-1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 low-order point #1 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 low-order point #2 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 low-order point #3 p-1 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 low-order point #4 p +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check pubkey Curve448 low-order point #5 p+1 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY + ECP check pubkey Koblitz #1 (point not on curve) depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"1":MBEDTLS_ERR_ECP_INVALID_KEY From b5dd7c794d9567cbc2a4fafee5083fa34d6fc252 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 16:17:43 +0100 Subject: [PATCH 0517/1065] Correct coding style issues Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 47 +++++++++++++++++++++++++++++--------------- 1 file changed, 31 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9ab7561f78..43787cf270 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2083,12 +2083,14 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) { + if( operation->id != 0 ) + { status = PSA_ERROR_BAD_STATE; goto exit; } - if( !PSA_ALG_IS_HASH( alg ) ) { + if( !PSA_ALG_IS_HASH( alg ) ) + { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -2101,7 +2103,7 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, exit: if( status != PSA_SUCCESS ) - psa_hash_abort(operation); + psa_hash_abort( operation ); return status; } @@ -2112,7 +2114,8 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) { + if( operation->id == 0 ) + { status = PSA_ERROR_BAD_STATE; goto exit; } @@ -2160,7 +2163,8 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, if( status != PSA_SUCCESS ) goto exit; - if( actual_hash_length != hash_length ) { + if( actual_hash_length != hash_length ) + { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } @@ -2297,7 +2301,8 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_key_slot_t *slot = NULL; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) { + if( operation->id != 0 ) + { status = PSA_ERROR_BAD_STATE; goto exit; } @@ -2399,19 +2404,22 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, goto cleanup; } - if( ! operation->is_sign ) { + if( ! operation->is_sign ) + { status = PSA_ERROR_BAD_STATE; goto cleanup; } /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL) * once all the error checks are done. */ - if( operation->mac_size == 0 ) { + if( operation->mac_size == 0 ) + { status = PSA_ERROR_BAD_STATE; goto cleanup; } - if( mac_size < operation->mac_size ) { + if( mac_size < operation->mac_size ) + { status = PSA_ERROR_BUFFER_TOO_SMALL; goto cleanup; } @@ -2449,12 +2457,14 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) { + if( operation->id == 0 ) + { status = PSA_ERROR_BAD_STATE; goto cleanup; } - if( operation->is_sign ) { + if( operation->is_sign ) + { status = PSA_ERROR_BAD_STATE; goto cleanup; } @@ -3224,13 +3234,15 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, PSA_KEY_USAGE_DECRYPT ); /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) { + if( operation->id != 0 ) + { status = PSA_ERROR_BAD_STATE; goto exit; } /* The requested algorithm must be one that can be processed by cipher. */ - if( ! PSA_ALG_IS_CIPHER( alg ) ) { + if( ! PSA_ALG_IS_CIPHER( alg ) ) + { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -3345,17 +3357,20 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) { + if( operation->id == 0 ) + { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_set || ! operation->iv_required ) { + if( operation->iv_set || ! operation->iv_required ) + { status = PSA_ERROR_BAD_STATE; goto exit; } - if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) { + if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) + { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } From 8036bddb0189fc02c23f7a5c2038bf6a47a573e8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 16:19:08 +0100 Subject: [PATCH 0518/1065] Tidy up logic in psa_mac_sign_finish Simplify the logic in psa_mac_sign_finish. Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 43787cf270..e70aa4484f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2394,12 +2394,8 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - /* Set the output length and content to a safe default, such that in - * case the caller misses an error check, the output would be an - * unachievable MAC. */ - *mac_length = mac_size; - - if( operation->id == 0 ) { + if( operation->id == 0 ) + { status = PSA_ERROR_BAD_STATE; goto cleanup; } @@ -2428,6 +2424,7 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, mac, operation->mac_size, mac_length ); +cleanup: /* In case of success, set the potential excess room in the output buffer * to an invalid value, to avoid potentially leaking a longer MAC. * In case of error, set the output length and content to a safe default, @@ -2444,7 +2441,6 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, memset( &mac[operation->mac_size], '!', mac_size - operation->mac_size ); -cleanup: abort_status = psa_mac_abort( operation ); return( status == PSA_SUCCESS ? abort_status : status ); From a0f4b595c52ab797a0ae93353994f4e81c8e6024 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 24 Jun 2021 16:47:14 +0100 Subject: [PATCH 0519/1065] Fixes for PBKDF2 documentation Fix typos in the PBKDF2 documentation Correct the constraints on PSA_KEY_USAGE_DERIVE and PSA_KEY_USAGE_VERIFY_DERIVATION, aligning them with the note against psa_key_derivation_input_key(). All key inputs must have the required usage flag to permit output or verification. Correct the constraints on PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_PASSWORD, aligning them with 4feb611. psa_key_derivation_verify_key() does not require the secret/password input to be a key. Signed-off-by: Andrew Thoelke --- include/psa/crypto.h | 10 ++++---- include/psa/crypto_values.h | 51 +++++++++++++++++++------------------ 2 files changed, 31 insertions(+), 30 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3532fef4d7..b3ef3631d4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3805,7 +3805,7 @@ psa_status_t psa_key_derivation_output_key( * This function calculates output bytes from a key derivation algorithm and * compares those bytes to an expected value in constant time. * If you view the key derivation's output as a stream of bytes, this - * function destructively reads the requested number of bytes from the + * function destructively reads the expected number of bytes from the * stream before comparing them. * The operation's capacity decreases by the number of bytes read. * @@ -3824,13 +3824,13 @@ psa_status_t psa_key_derivation_output_key( * psa_key_derivation_abort(). * * \param[in,out] operation The key derivation operation object to read from. - * \param[in] expected_output Buffer where the output will be written. + * \param[in] expected_output Buffer containing the expected derivation output. * \param output_length Length ot the expected output; this is also the * number of bytes that will be read. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_SIGNATURE - * The output was read successfully, but if differs from the expected + * The output was read successfully, but it differs from the expected * output. * \retval #PSA_ERROR_NOT_PERMITTED * One of the inputs was a key whose policy didn't allow @@ -3840,7 +3840,7 @@ psa_status_t psa_key_derivation_output_key( * \p output_length bytes. Note that in this case, * the operation's capacity is set to 0, thus * subsequent calls to this function will not - * succeed, even with a smaller output buffer. + * succeed, even with a smaller expected output. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps). @@ -3905,7 +3905,7 @@ psa_status_t psa_key_derivation_verify_bytes( * the length of the expected value. In this case, * the operation's capacity is set to 0, thus * subsequent calls to this function will not - * succeed, even with a smaller output buffer. + * succeed, even with a smaller expected output. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps). diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 7d2f432587..f0357ce84e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -835,7 +835,7 @@ * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \p alg is a key stretching / passowrd hashing algorithm, 0 + * \return 1 if \p alg is a key stretching / password hashing algorithm, 0 * otherwise. This macro may return either 0 or 1 if \p alg is not a * supported algorithm identifier. */ @@ -2265,13 +2265,15 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** Whether the key may be used to derive other keys or produce a password * hash. + * + * This flag allows the key to be used for a key derivation operation or for + * a key agreement operation, if otherwise permitted by by the key's type and + * policy. * - * This flag allows the key to be used as the input of - * psa_key_derivation_input_key() at the step - * #PSA_KEY_DERIVATION_INPUT_SECRET of #PSA_KEY_DERIVATION_INPUT_PASSWORD - * depending on the algorithm, and allows the use of - * psa_key_derivation_output_bytes() or psa_key_derivation_output_key() - * at the end of the operation. + * If this flag is present on all keys used in calls to + * psa_key_derivation_input_key() for a key derivation operation, then it + * permits calling psa_key_derivation_output_bytes() or + * psa_key_derivation_output_key() at the end of the operation. */ #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) @@ -2280,14 +2282,13 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * This flag allows the key to be used: * - * - for a key of type #PSA_KEY_TYPE_PASSWORD_HASH, as the \c key argument of - * psa_key_derivation_verify_key(); - * - for a key of type #PSA_KEY_TYPE_PASSWORD (or #PSA_KEY_TYPE_DERIVE), as - * the input to psa_key_derivation_input_key() at the step - * #PSA_KEY_DERIVATION_INPUT_PASSWORD (or #PSA_KEY_DERIVATION_INPUT_SECRET); - * then at the end of the operation use of psa_key_derivation_verify_bytes() - * or psa_key_derivation_verify_key() will be permitted (but not - * psa_key_derivation_output_xxx() unless #PSA_KEY_USAGE_DERIVE is set). + * This flag allows the key to be used in a key derivation operation, if + * otherwise permitted by by the key's type and policy. + * + * If this flag is present on all keys used in calls to + * psa_key_derivation_input_key() for a key derivation operation, then it + * permits calling psa_key_derivation_verify_bytes() or + * psa_key_derivation_verify_key() at the end of the operation. */ #define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t)0x00008000) @@ -2306,11 +2307,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * The secret can also be a direct input (passed to * key_derivation_input_bytes()). In this case, the derivation operation - * may not be used to derive or verify keys: the operation will only allow - * psa_key_derivation_output_bytes() or - * psa_key_derivation_verify_bytes() but not - * psa_key_derivation_output_key() or - * psa_key_derivation_verify_key(). + * may not be used to derive keys: the operation will only allow + * psa_key_derivation_output_bytes(), + * psa_key_derivation_verify_bytes(), or + * psa_key_derivation_verify_key(), but not + * psa_key_derivation_output_key(). */ #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) @@ -2324,11 +2325,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * The secret can also be a direct input (passed to * key_derivation_input_bytes()). In this case, the derivation operation - * may not be used to derive or verify keys: the operation will only allow - * psa_key_derivation_output_bytes() or - * psa_key_derivation_verify_bytes(), not - * psa_key_derivation_output_key() or - * psa_key_derivation_verify_key(). + * may not be used to derive keys: the operation will only allow + * psa_key_derivation_output_bytes(), + * psa_key_derivation_verify_bytes(), or + * psa_key_derivation_verify_key(), but not + * psa_key_derivation_output_key(). */ #define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t)0x0102) From 6f7105818cdc4a8a01f39ea65ce1121195bf525c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 24 Jun 2021 18:14:52 +0100 Subject: [PATCH 0520/1065] Improve psa_hash_update negative test Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 34d038b6b9..41e29729b5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1559,7 +1559,7 @@ void hash_bad_order( ) /* Check that update calls abort on error. */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - operation.ctx.mbedtls_ctx.alg = PSA_ALG_XTS; + operation.id = UINT_MAX; ASSERT_OPERATION_IS_ACTIVE( operation ); TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); From f00f15244428a917503182c16d1c2a5cd738f91a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 00:09:00 +0200 Subject: [PATCH 0521/1065] Add output size parameter to signature functions The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(), mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable() now take an extra parameter indicating the size of the output buffer for the signature. No change to RSA because for RSA, the output size is trivial to calculate. Signed-off-by: Gilles Peskine --- ChangeLog.d/out_size.txt | 5 +++ docs/3.0-migration-guide.d/out_size.md | 9 +++++ include/mbedtls/ecdsa.h | 6 ++- include/mbedtls/pk.h | 7 +++- library/ecdsa.c | 15 +++++--- library/pk.c | 17 ++++++--- library/pk_wrap.c | 51 ++++++++++++-------------- library/pk_wrap.h | 4 +- library/ssl_cli.c | 9 ++++- library/ssl_srv.c | 7 ++++ library/x509write_crt.c | 2 +- library/x509write_csr.c | 9 +++-- programs/pkey/ecdsa.c | 2 +- programs/pkey/pk_sign.c | 5 ++- programs/pkey/rsa_sign_pss.c | 5 ++- programs/ssl/ssl_server2.c | 2 +- programs/test/benchmark.c | 4 +- tests/suites/test_suite_ecdsa.function | 12 +++--- tests/suites/test_suite_pk.function | 41 ++++++++++++--------- 19 files changed, 131 insertions(+), 81 deletions(-) create mode 100644 ChangeLog.d/out_size.txt create mode 100644 docs/3.0-migration-guide.d/out_size.md diff --git a/ChangeLog.d/out_size.txt b/ChangeLog.d/out_size.txt new file mode 100644 index 0000000000..721bf6aad6 --- /dev/null +++ b/ChangeLog.d/out_size.txt @@ -0,0 +1,5 @@ +API changes + * The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(), + mbedtls_ecdsa_write_signature() and + mbedtls_ecdsa_write_signature_restartable() now take an extra parameter + indicating the size of the output buffer for the signature. diff --git a/docs/3.0-migration-guide.d/out_size.md b/docs/3.0-migration-guide.d/out_size.md new file mode 100644 index 0000000000..49d3246a79 --- /dev/null +++ b/docs/3.0-migration-guide.d/out_size.md @@ -0,0 +1,9 @@ +Extra parameter for the output buffer size +------------------------------------------ + +The following functions now take an extra parameter indicating the size of the output buffer: + +* `mbedtls_ecdsa_write_signature()`, `mbedtls_ecdsa_write_signature_restartable()` +* `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` + +The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 735d37764f..ecb9df9ea1 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -294,6 +294,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * size of the curve used, plus 9. For example, 73 Bytes if * a 256-bit curve is used. A buffer length of * #MBEDTLS_ECDSA_MAX_LEN is always safe. + * \param sig_size The size of the \p sig buffer in bytes. * \param slen The address at which to store the actual length of * the signature written. Must not be \c NULL. * \param f_rng The RNG function. This must not be \c NULL if @@ -310,7 +311,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, + unsigned char *sig, size_t sig_size, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -336,6 +337,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, * size of the curve used, plus 9. For example, 73 Bytes if * a 256-bit curve is used. A buffer length of * #MBEDTLS_ECDSA_MAX_LEN is always safe. + * \param sig_size The size of the \p sig buffer in bytes. * \param slen The address at which to store the actual length of * the signature written. Must not be \c NULL. * \param f_rng The RNG function. This must not be \c NULL if @@ -356,7 +358,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, + unsigned char *sig, size_t sig_size, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ); diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index ec7fe6e723..a8a7a2e4a3 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -67,6 +67,7 @@ #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ +#define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880 /**< The output buffer is too small. */ #ifdef __cplusplus extern "C" { @@ -499,6 +500,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. * You may use a smaller buffer if it is large enough * given the key type. + * \param sig_size The size of the \p sig buffer in bytes. * \param sig_len On successful return, * the number of bytes written to \p sig. * \param f_rng RNG function, must not be \c NULL. @@ -515,7 +517,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, */ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** @@ -536,6 +538,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. * You may use a smaller buffer if it is large enough * given the key type. + * \param sig_size The size of the \p sig buffer in bytes. * \param sig_len On successful return, * the number of bytes written to \p sig. * \param f_rng RNG function, must not be \c NULL. @@ -549,7 +552,7 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_pk_restart_ctx *rs_ctx ); diff --git a/library/ecdsa.c b/library/ecdsa.c index 9220633564..0b612ce8af 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -648,7 +648,8 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * Convert a signature (given by context) to ASN.1 */ static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, - unsigned char *sig, size_t *slen ) + unsigned char *sig, size_t sig_size, + size_t *slen ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = {0}; @@ -662,6 +663,9 @@ static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + if( len > sig_size ) + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + memcpy( sig, p, len ); *slen = len; @@ -674,7 +678,7 @@ static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, + unsigned char *sig, size_t sig_size, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ) @@ -712,7 +716,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, #endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); + MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, sig_size, slen ) ); cleanup: mbedtls_mpi_free( &r ); @@ -727,7 +731,7 @@ cleanup: int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, + unsigned char *sig, size_t sig_size, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -736,7 +740,8 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, ECDSA_VALIDATE_RET( sig != NULL ); ECDSA_VALIDATE_RET( slen != NULL ); return( mbedtls_ecdsa_write_signature_restartable( - ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); + ctx, md_alg, hash, hlen, sig, sig_size, slen, + f_rng, p_rng, NULL ) ); } /* diff --git a/library/pk.c b/library/pk.c index 275d34bb1b..ea4869c14a 100644 --- a/library/pk.c +++ b/library/pk.c @@ -396,7 +396,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_pk_restart_ctx *rs_ctx ) { @@ -421,7 +421,9 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, return( ret ); ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg, - hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx ); + hash, hash_len, + sig, sig_size, sig_len, + f_rng, p_rng, rs_ctx->rs_ctx ); if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) mbedtls_pk_restart_free( rs_ctx ); @@ -435,8 +437,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, if( ctx->pk_info->sign_func == NULL ) return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); - return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng ) ); + return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, + hash, hash_len, + sig, sig_size, sig_len, + f_rng, p_rng ) ); } /* @@ -444,11 +448,12 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, */ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng, NULL ) ); + sig, sig_size, sig_len, + f_rng, p_rng, NULL ) ); } /* diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 864e495b3c..0aa2357eb9 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -108,7 +108,7 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; @@ -119,6 +119,8 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, #endif /* SIZE_MAX > UINT_MAX */ *sig_len = mbedtls_rsa_get_len( rsa ); + if( sig_size < *sig_len ) + return( MBEDTLS_ERR_PK_BUFFER_TOO_SMALL ); return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, md_alg, (unsigned int) hash_len, @@ -247,7 +249,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, @@ -269,7 +271,7 @@ static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -278,7 +280,8 @@ static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, mbedtls_ecdsa_init( &ecdsa ); if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) - ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, + ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, + sig, sig_size, sig_len, f_rng, p_rng ); mbedtls_ecdsa_free( &ecdsa ); @@ -295,7 +298,7 @@ static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ); @@ -367,7 +370,7 @@ cleanup: static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ) { @@ -383,7 +386,7 @@ static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg, - hash, hash_len, sig, sig_len, + hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, &rs->ecdsa_rs ) ); cleanup: @@ -652,11 +655,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); + md_alg, hash, hash_len, + sig, sig_size, sig_len, + f_rng, p_rng ) ); } #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -770,7 +775,7 @@ static size_t rsa_alt_get_bitlen( const void *ctx ) static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; @@ -783,6 +788,8 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, *sig_len = rsa_alt->key_len_func( rsa_alt->key ); if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if( *sig_len > sig_size ) + return( MBEDTLS_ERR_PK_BUFFER_TOO_SMALL ); return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, md_alg, (unsigned int) hash_len, hash, sig ) ); @@ -822,7 +829,8 @@ static int rsa_alt_check_pair( const void *pub, const void *prv, if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, hash, sizeof( hash ), - sig, &sig_len, f_rng, p_rng ) ) != 0 ) + sig, sizeof( sig ), &sig_len, + f_rng, p_rng ) ) != 0 ) { return( ret ); } @@ -1010,7 +1018,7 @@ static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { #if !defined(MBEDTLS_ECDSA_C) @@ -1019,41 +1027,28 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, ((void) hash); ((void) hash_len); ((void) sig); + ((void) sig_size); ((void) sig_len); ((void) f_rng); ((void) p_rng); return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); #else /* !MBEDTLS_ECDSA_C */ const psa_key_id_t *key = (const psa_key_id_t *) ctx; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); - size_t buf_len; psa_status_t status; /* PSA has its own RNG */ (void) f_rng; (void) p_rng; - /* PSA needs an output buffer of known size, but our API doesn't provide - * that information. Assume that the buffer is large enough for a - * maximal-length signature with that key (otherwise the application is - * buggy anyway). */ - status = psa_get_key_attributes( *key, &attributes ); - if( status != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( status ) ); - buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); - psa_reset_key_attributes( &attributes ); - if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - /* make the signature */ status = psa_sign_hash( *key, alg, hash, hash_len, - sig, buf_len, sig_len ); + sig, sig_size, sig_len ); if( status != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( status ) ); /* transcode it to ASN.1 sequence */ - return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) ); + return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) ); #endif /* !MBEDTLS_ECDSA_C */ } diff --git a/library/pk_wrap.h b/library/pk_wrap.h index b2db63739f..42ccca707c 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -53,7 +53,7 @@ struct mbedtls_pk_info_t /** Make signature */ int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -67,7 +67,7 @@ struct mbedtls_pk_info_t /** Make signature (restartable) */ int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 30e64c4843..f641970866 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3948,6 +3948,11 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; size_t hashlen; void *rs_ctx = NULL; +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + size_t out_buf_len = ssl->out_buf_len - ( ssl->out_msg - ssl->out_buf ); +#else + size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - ( ssl->out_msg - ssl->out_buf ); +#endif MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); @@ -4046,7 +4051,9 @@ sign: if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen, - ssl->out_msg + 6 + offset, &n, + ssl->out_msg + 6 + offset, + out_buf_len - 6 - offset, + &n, ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 47151298d4..07468546c0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2922,6 +2922,12 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, (void) signature_len; #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + size_t out_buf_len = ssl->out_buf_len - ( ssl->out_msg - ssl->out_buf ); +#else + size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - ( ssl->out_msg - ssl->out_buf ); +#endif + ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ /* @@ -3224,6 +3230,7 @@ curve_matching_done: if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen, ssl->out_msg + ssl->out_msglen + 2, + out_buf_len - ssl->out_msglen - 2, signature_len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c90f8bc4b0..c8169f1feb 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -474,7 +474,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, } if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, - hash, 0, sig, &sig_len, + hash, 0, sig, sizeof( sig ), &sig_len, f_rng, p_rng ) ) != 0 ) { return( ret ); diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 9f0ad93567..555f296315 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -136,7 +136,7 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - unsigned char *sig, + unsigned char *sig, size_t sig_size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -235,7 +235,8 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, if( ret != 0 ) return( ret ); #endif - if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, + if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, + sig, sig_size, &sig_len, f_rng, p_rng ) ) != 0 ) { return( ret ); @@ -304,7 +305,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, return( MBEDTLS_ERR_X509_ALLOC_FAILED ); } - ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng ); + ret = x509write_csr_der_internal( ctx, buf, size, + sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE, + f_rng, p_rng ); mbedtls_free( sig ); diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 31b4584fff..a21a544b67 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -184,7 +184,7 @@ int main( int argc, char *argv[] ) if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256, hash, sizeof( hash ), - sig, &sig_len, + sig, sizeof( sig ), &sig_len, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret ); diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 422fa257e2..fe46c20217 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -123,8 +123,9 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, + buf, sizeof( buf ), &olen, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret ); goto exit; diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index bbbe0a9bd2..50553ca17c 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -139,8 +139,9 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, + buf, sizeof( buf ), &olen, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_pk_sign returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index cf608b9b53..d2aa48a059 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1131,7 +1131,7 @@ static int ssl_async_resume( mbedtls_ssl_context *ssl, ret = mbedtls_pk_sign( key_slot->pk, ctx->md_alg, ctx->input, ctx->input_len, - output, output_len, + output, output_size, output_len, config_data->f_rng, config_data->p_rng ); break; default: diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 6a53647d08..6f730bc850 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1088,7 +1088,7 @@ int main( int argc, char *argv[] ) curve_info->name ); TIME_PUBLIC( title, "sign", ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) ); + tmp, sizeof( tmp ), &sig_len, myrand, NULL ) ); mbedtls_ecdsa_free( &ecdsa ); } @@ -1104,7 +1104,7 @@ int main( int argc, char *argv[] ) if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 || mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) != 0 ) + tmp, sizeof( tmp ), &sig_len, myrand, NULL ) != 0 ) { mbedtls_exit( 1 ); } diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 8803762946..4496812156 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -205,7 +205,7 @@ void ecdsa_write_read_zero( int id ) /* generate and write signature, then read and verify it */ TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + sig, sizeof( sig ), &sig_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), sig, sig_len ) == 0 ); @@ -269,7 +269,7 @@ void ecdsa_write_read_random( int id ) /* generate and write signature, then read and verify it */ TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + sig, sizeof( sig ), &sig_len, &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), sig, sig_len ) == 0 ); @@ -404,8 +404,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, cnt_restart = 0; do { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, - &rs_ctx ); + md_alg, hash, hlen, sig, sizeof( sig ), &slen, + mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -420,8 +420,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, if( min_restart > 0 ) { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, - &rs_ctx ); + md_alg, hash, hlen, sig, sizeof( sig ), &slen, + mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 6e93bc6d6e..56cc45b625 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -226,7 +226,7 @@ void valid_parameters( ) TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, + buf, sizeof( buf ), &len, mbedtls_test_rnd_std_rand, NULL, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -234,7 +234,7 @@ void valid_parameters( ) TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, + buf, sizeof( buf ), &len, mbedtls_test_rnd_std_rand, NULL, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -242,7 +242,7 @@ void valid_parameters( ) TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, + buf, sizeof( buf ), &len, mbedtls_test_rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -555,8 +555,9 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, cnt_restart = 0; do { ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, mbedtls_test_rnd_std_rand, - NULL, &rs_ctx ); + sig, sizeof( sig ), &slen, + mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -603,8 +604,9 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen = sizeof( sig ); ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, mbedtls_test_rnd_std_rand, - NULL, &rs_ctx ); + sig, sizeof sig, &slen, + mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } @@ -645,8 +647,10 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, - hash, hash_len, sig, &sig_len, - mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret ); + hash, hash_len, + sig, sizeof sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL, + rs_ctx ) == sign_ret ); if( sign_ret == 0 ) TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); else @@ -669,7 +673,7 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) } TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, hash_len, - sig, &sig_len, + sig, sizeof sig, &sig_len, mbedtls_test_rnd_std_rand, NULL ) == sign_ret ); if( sign_ret == 0 ) @@ -848,8 +852,9 @@ void pk_rsa_overflow( ) TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) + TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, + sig, sizeof sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); exit: @@ -903,12 +908,14 @@ void pk_rsa_alt( ) /* Test signature */ #if SIZE_MAX > UINT_MAX - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) + TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, + sig, sizeof sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); #endif /* SIZE_MAX > UINT_MAX */ - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) + TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, + sig, sizeof sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL ) == 0 ); TEST_ASSERT( sig_len == RSA_KEY_LEN ); TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE, @@ -996,7 +1003,7 @@ void pk_psa_sign( int grpid_arg, memset( sig, 0, sizeof sig ); TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, &sig_len, + hash, sizeof hash, sig, sizeof sig, &sig_len, NULL, NULL ) == 0 ); /* Export underlying public key for re-importing in a psa context. */ From 16fe8fcef3919862e3bc88766f3d67d78b21e7e5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 09:45:56 +0200 Subject: [PATCH 0522/1065] Fix unused variable warning Signed-off-by: Gilles Peskine --- library/ssl_srv.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 07468546c0..ab6d2d5c03 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2922,10 +2922,12 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, (void) signature_len; #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t out_buf_len = ssl->out_buf_len - ( ssl->out_msg - ssl->out_buf ); #else size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - ( ssl->out_msg - ssl->out_buf ); +#endif #endif ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ From 908982b275f83a39b6d398eef5dd95477be0ab03 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jun 2021 11:06:08 +0200 Subject: [PATCH 0523/1065] Fix the build with MBEDTLS_ECP_RESTARTABLE enabled Signed-off-by: Gilles Peskine --- library/pk_wrap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 0aa2357eb9..80c0aad27d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -686,13 +686,13 @@ static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ) { return( mbedtls_ecdsa_write_signature_restartable( (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, + md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, (mbedtls_ecdsa_restart_ctx *) rs_ctx ) ); } From f9f1bdfa7b2c6eca1e88174fd28235f3947b99f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Jun 2021 20:32:27 +0200 Subject: [PATCH 0524/1065] Translate MBEDTLS_ERR_PK_BUFFER_TOO_SMALL for PSA The error is currently never returned to any function that PSA calls, but keep mbedtls_to_psa_error up to date in case this changes. Signed-off-by: Gilles Peskine --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4f932c6c74..7c90102f5f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -267,6 +267,8 @@ psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH: return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_PK_BUFFER_TOO_SMALL: + return( PSA_ERROR_BUFFER_TOO_SMALL ); case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); From 90d1cb83a030b12fb5b18aad6fe5c0b7afa34393 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 25 Jun 2021 09:09:02 +0100 Subject: [PATCH 0525/1065] Use more standard label name Signed-off-by: Dave Rodgman --- library/psa_crypto.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e70aa4484f..76086c7fb1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2397,13 +2397,13 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, if( operation->id == 0 ) { status = PSA_ERROR_BAD_STATE; - goto cleanup; + goto exit; } if( ! operation->is_sign ) { status = PSA_ERROR_BAD_STATE; - goto cleanup; + goto exit; } /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL) @@ -2411,20 +2411,20 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, if( operation->mac_size == 0 ) { status = PSA_ERROR_BAD_STATE; - goto cleanup; + goto exit; } if( mac_size < operation->mac_size ) { status = PSA_ERROR_BUFFER_TOO_SMALL; - goto cleanup; + goto exit; } status = psa_driver_wrapper_mac_sign_finish( operation, mac, operation->mac_size, mac_length ); -cleanup: +exit: /* In case of success, set the potential excess room in the output buffer * to an invalid value, to avoid potentially leaking a longer MAC. * In case of error, set the output length and content to a safe default, @@ -2456,25 +2456,25 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, if( operation->id == 0 ) { status = PSA_ERROR_BAD_STATE; - goto cleanup; + goto exit; } if( operation->is_sign ) { status = PSA_ERROR_BAD_STATE; - goto cleanup; + goto exit; } if( operation->mac_size != mac_length ) { status = PSA_ERROR_INVALID_SIGNATURE; - goto cleanup; + goto exit; } status = psa_driver_wrapper_mac_verify_finish( operation, mac, mac_length ); -cleanup: +exit: abort_status = psa_mac_abort( operation ); return( status == PSA_SUCCESS ? abort_status : status ); From 52d18cd9a4a76f3dcb5587c5bdbafd1a9837049e Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Fri, 25 Jun 2021 11:03:57 +0100 Subject: [PATCH 0526/1065] Remove trailing space Signed-off-by: Andrew Thoelke --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index f0357ce84e..daef9416cc 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2265,7 +2265,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /** Whether the key may be used to derive other keys or produce a password * hash. - * + * * This flag allows the key to be used for a key derivation operation or for * a key agreement operation, if otherwise permitted by by the key's type and * policy. From e57dd2d4500c9d994dde97fc10c5eeb6e1b211db Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 25 Jun 2021 11:13:24 +0100 Subject: [PATCH 0527/1065] Fix potential free of uninitialised pointer A test was added in that could cause a jump to exit prior to initialisation of a pointer that would get freed if that test failed. Signed-off-by: Paul Elliott --- tests/suites/test_suite_rsa.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f5f4aacd8d..f5f515908e 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -179,11 +179,12 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_rsa_init( &ctx ); - TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, - MBEDTLS_MD_NONE ) == 0 ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + TEST_ASSERT( mbedtls_rsa_set_padding( &ctx, padding_mode, + MBEDTLS_MD_NONE ) == 0 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); From d910305856a7668af08f68a0ff0288353fc40c22 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 25 Jun 2021 12:28:49 +0100 Subject: [PATCH 0528/1065] Fix ecp_check_pub() test cases Negative x coordinate was tested with the value -1. It happens to be one of the low order points both for Curve25519 and Curve448 and might be rejected because of that and not because it is negative. Make sure that x < 0 is the only plausible reason for the point to be rejected. Signed-off-by: Janos Follath --- tests/suites/test_suite_ecp.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 2916fa36b2..ceafc79bec 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -55,7 +55,7 @@ ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY ECP check pubkey Curve25519 x negative depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY +ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY # see https://cr.yp.to/ecdh.html#validate ECP check pubkey Curve25519 low-order point #1 @@ -139,7 +139,7 @@ ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY ECP check pubkey Curve448 x negative depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED -ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"-1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY +ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY ECP check pubkey Curve448 low-order point #1 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED From 1107ee4e4487f6b67b472ce834f460c100037d7b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 25 Jun 2021 12:43:26 +0100 Subject: [PATCH 0529/1065] Add prefix to BYTES_TO_T_UINT_* These macros were moved into a header and now check-names.sh is failing. Add an MBEDTL_ prefix to the macro names to make it pass. Signed-off-by: Janos Follath --- library/bn_mul.h | 22 +- library/ecp.c | 16 +- library/ecp_curves.c | 5970 +++++++++++++++++++++--------------------- 3 files changed, 3007 insertions(+), 3001 deletions(-) diff --git a/library/bn_mul.h b/library/bn_mul.h index bf451932f2..a0fa677406 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -51,22 +51,22 @@ */ #if defined(MBEDTLS_HAVE_INT32) -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ +#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ ( (mbedtls_mpi_uint) (a) << 0 ) | \ ( (mbedtls_mpi_uint) (b) << 8 ) | \ ( (mbedtls_mpi_uint) (c) << 16 ) | \ ( (mbedtls_mpi_uint) (d) << 24 ) -#define BYTES_TO_T_UINT_2( a, b ) \ - BYTES_TO_T_UINT_4( a, b, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ + MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 ) -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - BYTES_TO_T_UINT_4( a, b, c, d ), \ - BYTES_TO_T_UINT_4( e, f, g, h ) +#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ + MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \ + MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h ) #else /* 64-bits */ -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ +#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ ( (mbedtls_mpi_uint) (a) << 0 ) | \ ( (mbedtls_mpi_uint) (b) << 8 ) | \ ( (mbedtls_mpi_uint) (c) << 16 ) | \ @@ -76,11 +76,11 @@ ( (mbedtls_mpi_uint) (g) << 48 ) | \ ( (mbedtls_mpi_uint) (h) << 56 ) -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ - BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ + MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) -#define BYTES_TO_T_UINT_2( a, b ) \ - BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ + MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) #endif /* bits in mbedtls_mpi_uint */ diff --git a/library/ecp.c b/library/ecp.c index 0516e5ceac..30e726a8c7 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2757,16 +2757,16 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * See ecp_check_pubkey_x25519(). */ static const mbedtls_mpi_uint x25519_bad_point_1[] = { - BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), - BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), - BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), - BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), }; static const mbedtls_mpi_uint x25519_bad_point_2[] = { - BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), - BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), - BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), - BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), }; static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( x25519_bad_point_1 ); diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 0aeb72294c..421a067bbf 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -79,190 +79,190 @@ static mbedtls_mpi_uint mpi_one[] = {1}; */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) static const mbedtls_mpi_uint secp192r1_p[] = { - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp192r1_b[] = { - BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ), - BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ), - BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ), }; static const mbedtls_mpi_uint secp192r1_gx[] = { - BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), - BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), - BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), }; static const mbedtls_mpi_uint secp192r1_gy[] = { - BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), - BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), - BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), }; static const mbedtls_mpi_uint secp192r1_n[] = { - BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ), - BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp192r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), - BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), - BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), }; static const mbedtls_mpi_uint secp192r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), - BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), - BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), }; static const mbedtls_mpi_uint secp192r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x97, 0x9E, 0xE3, 0x60, 0x59, 0xD1, 0xC4, 0xC2 ), - BYTES_TO_T_UINT_8( 0x91, 0xBD, 0x22, 0xD7, 0x2D, 0x07, 0xBD, 0xB6 ), - BYTES_TO_T_UINT_8( 0x74, 0x2A, 0xCF, 0x33, 0xF0, 0xBE, 0xD1, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x9E, 0xE3, 0x60, 0x59, 0xD1, 0xC4, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xBD, 0x22, 0xD7, 0x2D, 0x07, 0xBD, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x2A, 0xCF, 0x33, 0xF0, 0xBE, 0xD1, 0xED ), }; static const mbedtls_mpi_uint secp192r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x88, 0x71, 0x4B, 0xA8, 0xED, 0x7E, 0xC9, 0x1A ), - BYTES_TO_T_UINT_8( 0x8E, 0x2A, 0xF6, 0xDF, 0x0E, 0xE8, 0x4C, 0x0F ), - BYTES_TO_T_UINT_8( 0xC5, 0x35, 0xF7, 0x8A, 0xC3, 0xEC, 0xDE, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x71, 0x4B, 0xA8, 0xED, 0x7E, 0xC9, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x2A, 0xF6, 0xDF, 0x0E, 0xE8, 0x4C, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x35, 0xF7, 0x8A, 0xC3, 0xEC, 0xDE, 0x1E ), }; static const mbedtls_mpi_uint secp192r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x00, 0x67, 0xC2, 0x1D, 0x32, 0x8F, 0x10, 0xFB ), - BYTES_TO_T_UINT_8( 0xBB, 0x2D, 0x17, 0xF3, 0xE4, 0xFE, 0xD8, 0x13 ), - BYTES_TO_T_UINT_8( 0x55, 0x45, 0x10, 0x70, 0x2C, 0x3E, 0x52, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x67, 0xC2, 0x1D, 0x32, 0x8F, 0x10, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x2D, 0x17, 0xF3, 0xE4, 0xFE, 0xD8, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x45, 0x10, 0x70, 0x2C, 0x3E, 0x52, 0x3E ), }; static const mbedtls_mpi_uint secp192r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x61, 0xF1, 0x04, 0x5D, 0xEE, 0xD4, 0x56, 0xE6 ), - BYTES_TO_T_UINT_8( 0x78, 0xB7, 0x38, 0x27, 0x61, 0xAA, 0x81, 0x87 ), - BYTES_TO_T_UINT_8( 0x71, 0x37, 0xD7, 0x0E, 0x29, 0x0E, 0x11, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0xF1, 0x04, 0x5D, 0xEE, 0xD4, 0x56, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xB7, 0x38, 0x27, 0x61, 0xAA, 0x81, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x37, 0xD7, 0x0E, 0x29, 0x0E, 0x11, 0x14 ), }; static const mbedtls_mpi_uint secp192r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x1E, 0x35, 0x52, 0xC6, 0x31, 0xB7, 0x27, 0xF5 ), - BYTES_TO_T_UINT_8( 0x3D, 0xD4, 0x15, 0x98, 0x0F, 0xE7, 0xF3, 0x6A ), - BYTES_TO_T_UINT_8( 0xD3, 0x31, 0x70, 0x35, 0x09, 0xA0, 0x2B, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x35, 0x52, 0xC6, 0x31, 0xB7, 0x27, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xD4, 0x15, 0x98, 0x0F, 0xE7, 0xF3, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x31, 0x70, 0x35, 0x09, 0xA0, 0x2B, 0xC2 ), }; static const mbedtls_mpi_uint secp192r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0x21, 0x75, 0xA7, 0x4C, 0x88, 0xCF, 0x5B, 0xE4 ), - BYTES_TO_T_UINT_8( 0x17, 0x17, 0x48, 0x8D, 0xF2, 0xF0, 0x86, 0xED ), - BYTES_TO_T_UINT_8( 0x49, 0xCF, 0xFE, 0x6B, 0xB0, 0xA5, 0x06, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x75, 0xA7, 0x4C, 0x88, 0xCF, 0x5B, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x17, 0x48, 0x8D, 0xF2, 0xF0, 0x86, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0xCF, 0xFE, 0x6B, 0xB0, 0xA5, 0x06, 0xAB ), }; static const mbedtls_mpi_uint secp192r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x18, 0x6A, 0xDC, 0x9A, 0x6D, 0x7B, 0x47, 0x2E ), - BYTES_TO_T_UINT_8( 0x12, 0xFC, 0x51, 0x12, 0x62, 0x66, 0x0B, 0x59 ), - BYTES_TO_T_UINT_8( 0xCD, 0x40, 0x93, 0xA0, 0xB5, 0x5A, 0x58, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x6A, 0xDC, 0x9A, 0x6D, 0x7B, 0x47, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0xFC, 0x51, 0x12, 0x62, 0x66, 0x0B, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x40, 0x93, 0xA0, 0xB5, 0x5A, 0x58, 0xD7 ), }; static const mbedtls_mpi_uint secp192r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0xEF, 0xCB, 0xAF, 0xDC, 0x0B, 0xA1, 0x26, 0xFB ), - BYTES_TO_T_UINT_8( 0xDA, 0x36, 0x9D, 0xA3, 0xD7, 0x3B, 0xAD, 0x39 ), - BYTES_TO_T_UINT_8( 0xB4, 0x3B, 0x05, 0x9A, 0xA8, 0xAA, 0x69, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0xCB, 0xAF, 0xDC, 0x0B, 0xA1, 0x26, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x36, 0x9D, 0xA3, 0xD7, 0x3B, 0xAD, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x3B, 0x05, 0x9A, 0xA8, 0xAA, 0x69, 0xB2 ), }; static const mbedtls_mpi_uint secp192r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x6D, 0xD9, 0xD1, 0x4D, 0x4A, 0x6E, 0x96, 0x1E ), - BYTES_TO_T_UINT_8( 0x17, 0x66, 0x32, 0x39, 0xC6, 0x57, 0x7D, 0xE6 ), - BYTES_TO_T_UINT_8( 0x92, 0xA0, 0x36, 0xC2, 0x45, 0xF9, 0x00, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xD9, 0xD1, 0x4D, 0x4A, 0x6E, 0x96, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x66, 0x32, 0x39, 0xC6, 0x57, 0x7D, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xA0, 0x36, 0xC2, 0x45, 0xF9, 0x00, 0x62 ), }; static const mbedtls_mpi_uint secp192r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xB4, 0xEF, 0x59, 0x46, 0xDC, 0x60, 0xD9, 0x8F ), - BYTES_TO_T_UINT_8( 0x24, 0xB0, 0xE9, 0x41, 0xA4, 0x87, 0x76, 0x89 ), - BYTES_TO_T_UINT_8( 0x13, 0xD4, 0x0E, 0xB2, 0xFA, 0x16, 0x56, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xEF, 0x59, 0x46, 0xDC, 0x60, 0xD9, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0xB0, 0xE9, 0x41, 0xA4, 0x87, 0x76, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0xD4, 0x0E, 0xB2, 0xFA, 0x16, 0x56, 0xDC ), }; static const mbedtls_mpi_uint secp192r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x0A, 0x62, 0xD2, 0xB1, 0x34, 0xB2, 0xF1, 0x06 ), - BYTES_TO_T_UINT_8( 0xB2, 0xED, 0x55, 0xC5, 0x47, 0xB5, 0x07, 0x15 ), - BYTES_TO_T_UINT_8( 0x17, 0xF6, 0x2F, 0x94, 0xC3, 0xDD, 0x54, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x62, 0xD2, 0xB1, 0x34, 0xB2, 0xF1, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0xED, 0x55, 0xC5, 0x47, 0xB5, 0x07, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xF6, 0x2F, 0x94, 0xC3, 0xDD, 0x54, 0x2F ), }; static const mbedtls_mpi_uint secp192r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xFD, 0xA6, 0xD4, 0x8C, 0xA9, 0xCE, 0x4D, 0x2E ), - BYTES_TO_T_UINT_8( 0xB9, 0x4B, 0x46, 0xCC, 0xB2, 0x55, 0xC8, 0xB2 ), - BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x31, 0xED, 0x89, 0x65, 0x59, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xA6, 0xD4, 0x8C, 0xA9, 0xCE, 0x4D, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x4B, 0x46, 0xCC, 0xB2, 0x55, 0xC8, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x31, 0xED, 0x89, 0x65, 0x59, 0x55 ), }; static const mbedtls_mpi_uint secp192r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xCC, 0x0A, 0xD1, 0x1A, 0xC5, 0xF6, 0xEA, 0x43 ), - BYTES_TO_T_UINT_8( 0x0C, 0xFC, 0x0C, 0x1A, 0xFB, 0xA0, 0xC8, 0x70 ), - BYTES_TO_T_UINT_8( 0xEA, 0xFD, 0x53, 0x6F, 0x6D, 0xBF, 0xBA, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x0A, 0xD1, 0x1A, 0xC5, 0xF6, 0xEA, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0xFC, 0x0C, 0x1A, 0xFB, 0xA0, 0xC8, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xFD, 0x53, 0x6F, 0x6D, 0xBF, 0xBA, 0xAF ), }; static const mbedtls_mpi_uint secp192r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x2D, 0xB0, 0x7D, 0x83, 0x96, 0xE3, 0xCB, 0x9D ), - BYTES_TO_T_UINT_8( 0x6F, 0x6E, 0x55, 0x2C, 0x20, 0x53, 0x2F, 0x46 ), - BYTES_TO_T_UINT_8( 0xA6, 0x66, 0x00, 0x17, 0x08, 0xFE, 0xAC, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0xB0, 0x7D, 0x83, 0x96, 0xE3, 0xCB, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x6E, 0x55, 0x2C, 0x20, 0x53, 0x2F, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0x66, 0x00, 0x17, 0x08, 0xFE, 0xAC, 0x31 ), }; static const mbedtls_mpi_uint secp192r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x09, 0x12, 0x97, 0x3A, 0xC7, 0x57, 0x45, 0xCD ), - BYTES_TO_T_UINT_8( 0x38, 0x25, 0x99, 0x00, 0xF6, 0x97, 0xB4, 0x64 ), - BYTES_TO_T_UINT_8( 0x9B, 0x74, 0xE6, 0xE6, 0xA3, 0xDF, 0x9C, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x12, 0x97, 0x3A, 0xC7, 0x57, 0x45, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x25, 0x99, 0x00, 0xF6, 0x97, 0xB4, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x74, 0xE6, 0xE6, 0xA3, 0xDF, 0x9C, 0xCC ), }; static const mbedtls_mpi_uint secp192r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x32, 0xF4, 0x76, 0xD5, 0x5F, 0x2A, 0xFD, 0x85 ), - BYTES_TO_T_UINT_8( 0x62, 0x80, 0x7E, 0x3E, 0xE5, 0xE8, 0xD6, 0x63 ), - BYTES_TO_T_UINT_8( 0xE2, 0xAD, 0x1E, 0x70, 0x79, 0x3E, 0x3D, 0x83 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0xF4, 0x76, 0xD5, 0x5F, 0x2A, 0xFD, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x80, 0x7E, 0x3E, 0xE5, 0xE8, 0xD6, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0xAD, 0x1E, 0x70, 0x79, 0x3E, 0x3D, 0x83 ), }; static const mbedtls_mpi_uint secp192r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x8E, 0x15, 0xBB, 0xB3, 0x42, 0x6A, 0xA1, 0x7C ), - BYTES_TO_T_UINT_8( 0x9B, 0x58, 0xCB, 0x43, 0x25, 0x00, 0x14, 0x68 ), - BYTES_TO_T_UINT_8( 0x06, 0x4E, 0x93, 0x11, 0xE0, 0x32, 0x54, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x15, 0xBB, 0xB3, 0x42, 0x6A, 0xA1, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x58, 0xCB, 0x43, 0x25, 0x00, 0x14, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x4E, 0x93, 0x11, 0xE0, 0x32, 0x54, 0x98 ), }; static const mbedtls_mpi_uint secp192r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xA7, 0x52, 0xA2, 0xB4, 0x57, 0x32, 0xB9, 0x11 ), - BYTES_TO_T_UINT_8( 0x7D, 0x43, 0xA1, 0xB1, 0xFB, 0x01, 0xE1, 0xE7 ), - BYTES_TO_T_UINT_8( 0xA6, 0xFB, 0x5A, 0x11, 0xB8, 0xC2, 0x03, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x52, 0xA2, 0xB4, 0x57, 0x32, 0xB9, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x43, 0xA1, 0xB1, 0xFB, 0x01, 0xE1, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xFB, 0x5A, 0x11, 0xB8, 0xC2, 0x03, 0xE5 ), }; static const mbedtls_mpi_uint secp192r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x1C, 0x2B, 0x71, 0x26, 0x4E, 0x7C, 0xC5, 0x32 ), - BYTES_TO_T_UINT_8( 0x1F, 0xF5, 0xD3, 0xA8, 0xE4, 0x95, 0x48, 0x65 ), - BYTES_TO_T_UINT_8( 0x55, 0xAE, 0xD9, 0x5D, 0x9F, 0x6A, 0x22, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x2B, 0x71, 0x26, 0x4E, 0x7C, 0xC5, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0xF5, 0xD3, 0xA8, 0xE4, 0x95, 0x48, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0xAE, 0xD9, 0x5D, 0x9F, 0x6A, 0x22, 0xAD ), }; static const mbedtls_mpi_uint secp192r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0xD9, 0xCC, 0xA3, 0x4D, 0xA0, 0x1C, 0x34, 0xEF ), - BYTES_TO_T_UINT_8( 0xA3, 0x3C, 0x62, 0xF8, 0x5E, 0xA6, 0x58, 0x7D ), - BYTES_TO_T_UINT_8( 0x6D, 0x6E, 0x66, 0x8A, 0x3D, 0x17, 0xFF, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xCC, 0xA3, 0x4D, 0xA0, 0x1C, 0x34, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x3C, 0x62, 0xF8, 0x5E, 0xA6, 0x58, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x6E, 0x66, 0x8A, 0x3D, 0x17, 0xFF, 0x0F ), }; static const mbedtls_mpi_uint secp192r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xF7, 0xCD, 0xA8, 0xDD, 0xD1, 0x20, 0x5C, 0xEA ), - BYTES_TO_T_UINT_8( 0xBF, 0xFE, 0x17, 0xE2, 0xCF, 0xEA, 0x63, 0xDE ), - BYTES_TO_T_UINT_8( 0x74, 0x51, 0xC9, 0x16, 0xDE, 0xB4, 0xB2, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xCD, 0xA8, 0xDD, 0xD1, 0x20, 0x5C, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0xFE, 0x17, 0xE2, 0xCF, 0xEA, 0x63, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x51, 0xC9, 0x16, 0xDE, 0xB4, 0xB2, 0xDD ), }; static const mbedtls_mpi_uint secp192r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x59, 0xBE, 0x12, 0xD7, 0xA3, 0x0A, 0x50, 0x33 ), - BYTES_TO_T_UINT_8( 0x53, 0x87, 0xC5, 0x8A, 0x76, 0x57, 0x07, 0x60 ), - BYTES_TO_T_UINT_8( 0xE5, 0x1F, 0xC6, 0x1B, 0x66, 0xC4, 0x3D, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBE, 0x12, 0xD7, 0xA3, 0x0A, 0x50, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0x87, 0xC5, 0x8A, 0x76, 0x57, 0x07, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x1F, 0xC6, 0x1B, 0x66, 0xC4, 0x3D, 0x8A ), }; static const mbedtls_mpi_uint secp192r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x28, 0xA4, 0x85, 0x13, 0x8F, 0xA7, 0x35, 0x19 ), - BYTES_TO_T_UINT_8( 0x58, 0x0D, 0xFD, 0xFF, 0x1B, 0xD1, 0xD6, 0xEF ), - BYTES_TO_T_UINT_8( 0xBA, 0x7A, 0xD0, 0xC3, 0xB4, 0xEF, 0x39, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0xA4, 0x85, 0x13, 0x8F, 0xA7, 0x35, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x0D, 0xFD, 0xFF, 0x1B, 0xD1, 0xD6, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x7A, 0xD0, 0xC3, 0xB4, 0xEF, 0x39, 0x66 ), }; static const mbedtls_mpi_uint secp192r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x3A, 0xFE, 0xA5, 0x9C, 0x34, 0x30, 0x49, 0x40 ), - BYTES_TO_T_UINT_8( 0xDE, 0xC5, 0x39, 0x26, 0x06, 0xE3, 0x01, 0x17 ), - BYTES_TO_T_UINT_8( 0xE2, 0x2B, 0x66, 0xFC, 0x95, 0x5F, 0x35, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0xFE, 0xA5, 0x9C, 0x34, 0x30, 0x49, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xC5, 0x39, 0x26, 0x06, 0xE3, 0x01, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0x2B, 0x66, 0xFC, 0x95, 0x5F, 0x35, 0xF7 ), }; static const mbedtls_mpi_uint secp192r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x58, 0xCF, 0x54, 0x63, 0x99, 0x57, 0x05, 0x45 ), - BYTES_TO_T_UINT_8( 0x71, 0x6F, 0x00, 0x5F, 0x65, 0x08, 0x47, 0x98 ), - BYTES_TO_T_UINT_8( 0x62, 0x2A, 0x90, 0x6D, 0x67, 0xC6, 0xBC, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0xCF, 0x54, 0x63, 0x99, 0x57, 0x05, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x6F, 0x00, 0x5F, 0x65, 0x08, 0x47, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x2A, 0x90, 0x6D, 0x67, 0xC6, 0xBC, 0x45 ), }; static const mbedtls_mpi_uint secp192r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x8A, 0x4D, 0x88, 0x0A, 0x35, 0x9E, 0x33, 0x9C ), - BYTES_TO_T_UINT_8( 0x7C, 0x17, 0x0C, 0xF8, 0xE1, 0x7A, 0x49, 0x02 ), - BYTES_TO_T_UINT_8( 0xA4, 0x44, 0x06, 0x8F, 0x0B, 0x70, 0x2F, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x4D, 0x88, 0x0A, 0x35, 0x9E, 0x33, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x17, 0x0C, 0xF8, 0xE1, 0x7A, 0x49, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x44, 0x06, 0x8F, 0x0B, 0x70, 0x2F, 0x71 ), }; static const mbedtls_mpi_uint secp192r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x85, 0x4B, 0xCB, 0xF9, 0x8E, 0x6A, 0xDA, 0x1B ), - BYTES_TO_T_UINT_8( 0x29, 0x43, 0xA1, 0x3F, 0xCE, 0x17, 0xD2, 0x32 ), - BYTES_TO_T_UINT_8( 0x5D, 0x0D, 0xD2, 0x6C, 0x82, 0x37, 0xE5, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0x4B, 0xCB, 0xF9, 0x8E, 0x6A, 0xDA, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x43, 0xA1, 0x3F, 0xCE, 0x17, 0xD2, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x0D, 0xD2, 0x6C, 0x82, 0x37, 0xE5, 0xFC ), }; static const mbedtls_mpi_uint secp192r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x4A, 0x3C, 0xF4, 0x92, 0xB4, 0x8A, 0x95, 0x85 ), - BYTES_TO_T_UINT_8( 0x85, 0x96, 0xF1, 0x0A, 0x34, 0x2F, 0x74, 0x7E ), - BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0xAA, 0xBA, 0x86, 0x77, 0x4F, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x3C, 0xF4, 0x92, 0xB4, 0x8A, 0x95, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0x96, 0xF1, 0x0A, 0x34, 0x2F, 0x74, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0xAA, 0xBA, 0x86, 0x77, 0x4F, 0xA2 ), }; static const mbedtls_mpi_uint secp192r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xE5, 0x7F, 0xEF, 0x60, 0x50, 0x80, 0xD7, 0xD4 ), - BYTES_TO_T_UINT_8( 0x31, 0xAC, 0xC9, 0xFE, 0xEC, 0x0A, 0x1A, 0x9F ), - BYTES_TO_T_UINT_8( 0x6B, 0x2F, 0xBE, 0x91, 0xD7, 0xB7, 0x38, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x7F, 0xEF, 0x60, 0x50, 0x80, 0xD7, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0xAC, 0xC9, 0xFE, 0xEC, 0x0A, 0x1A, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x2F, 0xBE, 0x91, 0xD7, 0xB7, 0x38, 0x48 ), }; static const mbedtls_mpi_uint secp192r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xB1, 0xAE, 0x85, 0x98, 0xFE, 0x05, 0x7F, 0x9F ), - BYTES_TO_T_UINT_8( 0x91, 0xBE, 0xFD, 0x11, 0x31, 0x3D, 0x14, 0x13 ), - BYTES_TO_T_UINT_8( 0x59, 0x75, 0xE8, 0x30, 0x01, 0xCB, 0x9B, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xAE, 0x85, 0x98, 0xFE, 0x05, 0x7F, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xBE, 0xFD, 0x11, 0x31, 0x3D, 0x14, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x75, 0xE8, 0x30, 0x01, 0xCB, 0x9B, 0x1C ), }; static const mbedtls_ecp_point secp192r1_T[16] = { ECP_POINT_INIT_XY_Z1(secp192r1_T_0_X, secp192r1_T_0_Y), @@ -292,227 +292,227 @@ static const mbedtls_ecp_point secp192r1_T[16] = { */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) static const mbedtls_mpi_uint secp224r1_p[] = { - BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_b[] = { - BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ), - BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ), - BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ), - BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ), }; static const mbedtls_mpi_uint secp224r1_gx[] = { - BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), - BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), - BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), - BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ), }; static const mbedtls_mpi_uint secp224r1_gy[] = { - BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), - BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), - BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), - BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ), }; static const mbedtls_mpi_uint secp224r1_n[] = { - BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ), - BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp224r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), - BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), - BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), - BYTES_TO_T_UINT_8( 0xBD, 0x0C, 0x0E, 0xB7, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0x0C, 0x0E, 0xB7, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), - BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), - BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), - BYTES_TO_T_UINT_8( 0x88, 0x63, 0x37, 0xBD, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x63, 0x37, 0xBD, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0xE0, 0xF9, 0xB8, 0xD0, 0x3D, 0xD2, 0xD3, 0xFA ), - BYTES_TO_T_UINT_8( 0x1E, 0xFD, 0x99, 0x26, 0x19, 0xFE, 0x13, 0x6E ), - BYTES_TO_T_UINT_8( 0x1C, 0x0E, 0x4C, 0x48, 0x7C, 0xA2, 0x17, 0x01 ), - BYTES_TO_T_UINT_8( 0x3D, 0xA3, 0x13, 0x57, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0xF9, 0xB8, 0xD0, 0x3D, 0xD2, 0xD3, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xFD, 0x99, 0x26, 0x19, 0xFE, 0x13, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x0E, 0x4C, 0x48, 0x7C, 0xA2, 0x17, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xA3, 0x13, 0x57, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x9F, 0x16, 0x5C, 0x8F, 0xAA, 0xED, 0x0F, 0x58 ), - BYTES_TO_T_UINT_8( 0xBF, 0xC5, 0x43, 0x34, 0x93, 0x05, 0x2A, 0x4C ), - BYTES_TO_T_UINT_8( 0xE4, 0xE3, 0x6C, 0xCA, 0xC6, 0x14, 0xC2, 0x25 ), - BYTES_TO_T_UINT_8( 0xD3, 0x43, 0x6C, 0xD7, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0x16, 0x5C, 0x8F, 0xAA, 0xED, 0x0F, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0xC5, 0x43, 0x34, 0x93, 0x05, 0x2A, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xE3, 0x6C, 0xCA, 0xC6, 0x14, 0xC2, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x43, 0x6C, 0xD7, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0xC3, 0x5A, 0x98, 0x1E, 0xC8, 0xA5, 0x42, 0xA3 ), - BYTES_TO_T_UINT_8( 0x98, 0x49, 0x56, 0x78, 0xF8, 0xEF, 0xED, 0x65 ), - BYTES_TO_T_UINT_8( 0x1B, 0xBB, 0x64, 0xB6, 0x4C, 0x54, 0x5F, 0xD1 ), - BYTES_TO_T_UINT_8( 0x2F, 0x0C, 0x33, 0xCC, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x5A, 0x98, 0x1E, 0xC8, 0xA5, 0x42, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x49, 0x56, 0x78, 0xF8, 0xEF, 0xED, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0xBB, 0x64, 0xB6, 0x4C, 0x54, 0x5F, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x0C, 0x33, 0xCC, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0xFA, 0x79, 0xCB, 0x2E, 0x08, 0xFF, 0xD8, 0xE6 ), - BYTES_TO_T_UINT_8( 0x2E, 0x1F, 0xD4, 0xD7, 0x57, 0xE9, 0x39, 0x45 ), - BYTES_TO_T_UINT_8( 0xD8, 0xD6, 0x3B, 0x0A, 0x1C, 0x87, 0xB7, 0x6A ), - BYTES_TO_T_UINT_8( 0xEB, 0x30, 0xD8, 0x05, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x79, 0xCB, 0x2E, 0x08, 0xFF, 0xD8, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2E, 0x1F, 0xD4, 0xD7, 0x57, 0xE9, 0x39, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xD6, 0x3B, 0x0A, 0x1C, 0x87, 0xB7, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x30, 0xD8, 0x05, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0xAD, 0x79, 0x74, 0x9A, 0xE6, 0xBB, 0xC2, 0xC2 ), - BYTES_TO_T_UINT_8( 0xB4, 0x5B, 0xA6, 0x67, 0xC1, 0x91, 0xE7, 0x64 ), - BYTES_TO_T_UINT_8( 0xF0, 0xDF, 0x38, 0x82, 0x19, 0x2C, 0x4C, 0xCA ), - BYTES_TO_T_UINT_8( 0xD1, 0x2E, 0x39, 0xC5, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x79, 0x74, 0x9A, 0xE6, 0xBB, 0xC2, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x5B, 0xA6, 0x67, 0xC1, 0x91, 0xE7, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0xDF, 0x38, 0x82, 0x19, 0x2C, 0x4C, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x2E, 0x39, 0xC5, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0x99, 0x36, 0x78, 0x4E, 0xAE, 0x5B, 0x02, 0x76 ), - BYTES_TO_T_UINT_8( 0x14, 0xF6, 0x8B, 0xF8, 0xF4, 0x92, 0x6B, 0x42 ), - BYTES_TO_T_UINT_8( 0xBA, 0x4D, 0x71, 0x35, 0xE7, 0x0C, 0x2C, 0x98 ), - BYTES_TO_T_UINT_8( 0x9B, 0xA5, 0x1F, 0xAE, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x36, 0x78, 0x4E, 0xAE, 0x5B, 0x02, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0xF6, 0x8B, 0xF8, 0xF4, 0x92, 0x6B, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x4D, 0x71, 0x35, 0xE7, 0x0C, 0x2C, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0xA5, 0x1F, 0xAE, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0xAF, 0x1C, 0x4B, 0xDF, 0x5B, 0xF2, 0x51, 0xB7 ), - BYTES_TO_T_UINT_8( 0x05, 0x74, 0xB1, 0x5A, 0xC6, 0x0F, 0x0E, 0x61 ), - BYTES_TO_T_UINT_8( 0xE8, 0x24, 0x09, 0x62, 0xAF, 0xFC, 0xDB, 0x45 ), - BYTES_TO_T_UINT_8( 0x43, 0xE1, 0x80, 0x55, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0x1C, 0x4B, 0xDF, 0x5B, 0xF2, 0x51, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x74, 0xB1, 0x5A, 0xC6, 0x0F, 0x0E, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x24, 0x09, 0x62, 0xAF, 0xFC, 0xDB, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0xE1, 0x80, 0x55, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x3C, 0x82, 0xFE, 0xAD, 0xC3, 0xE5, 0xCF, 0xD8 ), - BYTES_TO_T_UINT_8( 0x24, 0xA2, 0x62, 0x17, 0x76, 0xF0, 0x5A, 0xFA ), - BYTES_TO_T_UINT_8( 0x3E, 0xB8, 0xE5, 0xAC, 0xB7, 0x66, 0x38, 0xAA ), - BYTES_TO_T_UINT_8( 0x97, 0xFD, 0x86, 0x05, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x82, 0xFE, 0xAD, 0xC3, 0xE5, 0xCF, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0xA2, 0x62, 0x17, 0x76, 0xF0, 0x5A, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xB8, 0xE5, 0xAC, 0xB7, 0x66, 0x38, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0xFD, 0x86, 0x05, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x59, 0xD3, 0x0C, 0x3C, 0xD1, 0x66, 0xB0, 0xF1 ), - BYTES_TO_T_UINT_8( 0xBC, 0x59, 0xB4, 0x8D, 0x90, 0x10, 0xB7, 0xA2 ), - BYTES_TO_T_UINT_8( 0x96, 0x47, 0x9B, 0xE6, 0x55, 0x8A, 0xE4, 0xEE ), - BYTES_TO_T_UINT_8( 0xB1, 0x49, 0xDB, 0x78, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xD3, 0x0C, 0x3C, 0xD1, 0x66, 0xB0, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x59, 0xB4, 0x8D, 0x90, 0x10, 0xB7, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x47, 0x9B, 0xE6, 0x55, 0x8A, 0xE4, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0x49, 0xDB, 0x78, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0x41, 0x97, 0xED, 0xDE, 0xFF, 0xB3, 0xDF, 0x48 ), - BYTES_TO_T_UINT_8( 0x10, 0xB9, 0x83, 0xB7, 0xEB, 0xBE, 0x40, 0x8D ), - BYTES_TO_T_UINT_8( 0xAF, 0xD3, 0xD3, 0xCD, 0x0E, 0x82, 0x79, 0x3D ), - BYTES_TO_T_UINT_8( 0x9B, 0x83, 0x1B, 0xF0, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x97, 0xED, 0xDE, 0xFF, 0xB3, 0xDF, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xB9, 0x83, 0xB7, 0xEB, 0xBE, 0x40, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xD3, 0xD3, 0xCD, 0x0E, 0x82, 0x79, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x83, 0x1B, 0xF0, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x3F, 0x22, 0xBB, 0x54, 0xD3, 0x31, 0x56, 0xFC ), - BYTES_TO_T_UINT_8( 0x80, 0x36, 0xE5, 0xE0, 0x89, 0x96, 0x8E, 0x71 ), - BYTES_TO_T_UINT_8( 0xE1, 0xEF, 0x0A, 0xED, 0xD0, 0x11, 0x4A, 0xFF ), - BYTES_TO_T_UINT_8( 0x15, 0x00, 0x57, 0x27, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x22, 0xBB, 0x54, 0xD3, 0x31, 0x56, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x36, 0xE5, 0xE0, 0x89, 0x96, 0x8E, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0xEF, 0x0A, 0xED, 0xD0, 0x11, 0x4A, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x00, 0x57, 0x27, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0x13, 0xCA, 0x3D, 0xF7, 0x64, 0x9B, 0x6E, 0x85 ), - BYTES_TO_T_UINT_8( 0x90, 0xE3, 0x70, 0x6B, 0x41, 0xD7, 0xED, 0x8F ), - BYTES_TO_T_UINT_8( 0x02, 0x44, 0x44, 0x80, 0xCE, 0x13, 0x37, 0x92 ), - BYTES_TO_T_UINT_8( 0x94, 0x73, 0x80, 0x79, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0xCA, 0x3D, 0xF7, 0x64, 0x9B, 0x6E, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xE3, 0x70, 0x6B, 0x41, 0xD7, 0xED, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x44, 0x44, 0x80, 0xCE, 0x13, 0x37, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x73, 0x80, 0x79, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xB7, 0x4D, 0x70, 0x7D, 0x31, 0x0F, 0x1C, 0x58 ), - BYTES_TO_T_UINT_8( 0x6D, 0x35, 0x88, 0x47, 0xC4, 0x24, 0x78, 0x3F ), - BYTES_TO_T_UINT_8( 0xBA, 0xF0, 0xCD, 0x91, 0x81, 0xB3, 0xDE, 0xB6 ), - BYTES_TO_T_UINT_8( 0x04, 0xCE, 0xC6, 0xF7, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x4D, 0x70, 0x7D, 0x31, 0x0F, 0x1C, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x35, 0x88, 0x47, 0xC4, 0x24, 0x78, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xF0, 0xCD, 0x91, 0x81, 0xB3, 0xDE, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xCE, 0xC6, 0xF7, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0xE9, 0x9C, 0x2D, 0xE8, 0xD2, 0x00, 0x8F, 0x10 ), - BYTES_TO_T_UINT_8( 0xD5, 0x5E, 0x7C, 0x0E, 0x0C, 0x6E, 0x58, 0x02 ), - BYTES_TO_T_UINT_8( 0xAE, 0x81, 0x21, 0xCE, 0x43, 0xF4, 0x24, 0x3D ), - BYTES_TO_T_UINT_8( 0x9E, 0xBC, 0xF0, 0xF4, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x9C, 0x2D, 0xE8, 0xD2, 0x00, 0x8F, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x5E, 0x7C, 0x0E, 0x0C, 0x6E, 0x58, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x81, 0x21, 0xCE, 0x43, 0xF4, 0x24, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0xBC, 0xF0, 0xF4, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0xD6, 0x10, 0xC2, 0x74, 0x4A, 0x8F, 0x8A, 0xCF ), - BYTES_TO_T_UINT_8( 0x89, 0x67, 0xF4, 0x2B, 0x38, 0x2B, 0x35, 0x17 ), - BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0C, 0xA9, 0xFA, 0x77, 0x5C, 0xBD ), - BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x19, 0x2B, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x10, 0xC2, 0x74, 0x4A, 0x8F, 0x8A, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x67, 0xF4, 0x2B, 0x38, 0x2B, 0x35, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0C, 0xA9, 0xFA, 0x77, 0x5C, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x19, 0x2B, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0xE7, 0x3E, 0x96, 0x22, 0x53, 0xE1, 0xE9, 0xBE ), - BYTES_TO_T_UINT_8( 0xE0, 0x13, 0xBC, 0xA1, 0x16, 0xEC, 0x01, 0x1A ), - BYTES_TO_T_UINT_8( 0x9A, 0x00, 0xC9, 0x7A, 0xC3, 0x73, 0xA5, 0x45 ), - BYTES_TO_T_UINT_8( 0xE1, 0xF4, 0x5E, 0xC1, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x3E, 0x96, 0x22, 0x53, 0xE1, 0xE9, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x13, 0xBC, 0xA1, 0x16, 0xEC, 0x01, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x00, 0xC9, 0x7A, 0xC3, 0x73, 0xA5, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0xF4, 0x5E, 0xC1, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0xA8, 0x95, 0xD6, 0xD9, 0x32, 0x30, 0x2B, 0xD0 ), - BYTES_TO_T_UINT_8( 0x77, 0x42, 0x09, 0x05, 0x61, 0x2A, 0x7E, 0x82 ), - BYTES_TO_T_UINT_8( 0x73, 0x84, 0xA2, 0x05, 0x88, 0x64, 0x65, 0xF9 ), - BYTES_TO_T_UINT_8( 0x03, 0x2D, 0x90, 0xB3, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x95, 0xD6, 0xD9, 0x32, 0x30, 0x2B, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x42, 0x09, 0x05, 0x61, 0x2A, 0x7E, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x84, 0xA2, 0x05, 0x88, 0x64, 0x65, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0x2D, 0x90, 0xB3, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0x0A, 0xE7, 0x2E, 0x85, 0x55, 0x80, 0x7C, 0x79 ), - BYTES_TO_T_UINT_8( 0x0F, 0xC1, 0xAC, 0x78, 0xB4, 0xAF, 0xFB, 0x6E ), - BYTES_TO_T_UINT_8( 0xD3, 0xC3, 0x28, 0x8E, 0x79, 0x18, 0x1F, 0x58 ), - BYTES_TO_T_UINT_8( 0x34, 0x46, 0xCF, 0x49, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0xE7, 0x2E, 0x85, 0x55, 0x80, 0x7C, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xC1, 0xAC, 0x78, 0xB4, 0xAF, 0xFB, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0xC3, 0x28, 0x8E, 0x79, 0x18, 0x1F, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x46, 0xCF, 0x49, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x63, 0x5F, 0xA8, 0x6C, 0x46, 0x83, 0x43, 0xFA ), - BYTES_TO_T_UINT_8( 0xFA, 0xA9, 0x93, 0x11, 0xB6, 0x07, 0x57, 0x74 ), - BYTES_TO_T_UINT_8( 0x77, 0x2A, 0x9D, 0x03, 0x89, 0x7E, 0xD7, 0x3C ), - BYTES_TO_T_UINT_8( 0x7B, 0x8C, 0x62, 0xCF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x5F, 0xA8, 0x6C, 0x46, 0x83, 0x43, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xA9, 0x93, 0x11, 0xB6, 0x07, 0x57, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x2A, 0x9D, 0x03, 0x89, 0x7E, 0xD7, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x8C, 0x62, 0xCF, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x44, 0x2C, 0x13, 0x59, 0xCC, 0xFA, 0x84, 0x9E ), - BYTES_TO_T_UINT_8( 0x51, 0xB9, 0x48, 0xBC, 0x57, 0xC7, 0xB3, 0x7C ), - BYTES_TO_T_UINT_8( 0xFC, 0x0A, 0x38, 0x24, 0x2E, 0x3A, 0x28, 0x25 ), - BYTES_TO_T_UINT_8( 0xBC, 0x0A, 0x43, 0xB8, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x2C, 0x13, 0x59, 0xCC, 0xFA, 0x84, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xB9, 0x48, 0xBC, 0x57, 0xC7, 0xB3, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x0A, 0x38, 0x24, 0x2E, 0x3A, 0x28, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x0A, 0x43, 0xB8, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0x59, 0x25, 0xAB, 0xC1, 0xEE, 0x70, 0x3C, 0xE1 ), - BYTES_TO_T_UINT_8( 0xF3, 0xDB, 0x45, 0x1D, 0x4A, 0x80, 0x75, 0x35 ), - BYTES_TO_T_UINT_8( 0xE8, 0x1F, 0x4D, 0x2D, 0x9A, 0x05, 0xF4, 0xCB ), - BYTES_TO_T_UINT_8( 0x6B, 0x10, 0xF0, 0x5A, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x25, 0xAB, 0xC1, 0xEE, 0x70, 0x3C, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0xDB, 0x45, 0x1D, 0x4A, 0x80, 0x75, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x1F, 0x4D, 0x2D, 0x9A, 0x05, 0xF4, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x10, 0xF0, 0x5A, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x35, 0x95, 0xE1, 0xDC, 0x15, 0x86, 0xC3, 0x7B ), - BYTES_TO_T_UINT_8( 0xEC, 0xDC, 0x27, 0xD1, 0x56, 0xA1, 0x14, 0x0D ), - BYTES_TO_T_UINT_8( 0x59, 0x0B, 0xD6, 0x77, 0x4E, 0x44, 0xA2, 0xF8 ), - BYTES_TO_T_UINT_8( 0x94, 0x42, 0x71, 0x1F, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0x95, 0xE1, 0xDC, 0x15, 0x86, 0xC3, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0xDC, 0x27, 0xD1, 0x56, 0xA1, 0x14, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x0B, 0xD6, 0x77, 0x4E, 0x44, 0xA2, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x42, 0x71, 0x1F, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x30, 0x86, 0xB2, 0xB0, 0xC8, 0x2F, 0x7B, 0xFE ), - BYTES_TO_T_UINT_8( 0x96, 0xEF, 0xCB, 0xDB, 0xBC, 0x9E, 0x3B, 0xC5 ), - BYTES_TO_T_UINT_8( 0x1B, 0x03, 0x86, 0xDD, 0x5B, 0xF5, 0x8D, 0x46 ), - BYTES_TO_T_UINT_8( 0x58, 0x95, 0x79, 0xD6, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x86, 0xB2, 0xB0, 0xC8, 0x2F, 0x7B, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xEF, 0xCB, 0xDB, 0xBC, 0x9E, 0x3B, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x03, 0x86, 0xDD, 0x5B, 0xF5, 0x8D, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x95, 0x79, 0xD6, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x84, 0x32, 0x14, 0xDA, 0x9B, 0x4F, 0x07, 0x39 ), - BYTES_TO_T_UINT_8( 0xB5, 0x3E, 0xFB, 0x06, 0xEE, 0xA7, 0x40, 0x40 ), - BYTES_TO_T_UINT_8( 0x76, 0x1F, 0xDF, 0x71, 0x61, 0xFD, 0x8B, 0xBE ), - BYTES_TO_T_UINT_8( 0x80, 0x8B, 0xAB, 0x8B, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x32, 0x14, 0xDA, 0x9B, 0x4F, 0x07, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x3E, 0xFB, 0x06, 0xEE, 0xA7, 0x40, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x1F, 0xDF, 0x71, 0x61, 0xFD, 0x8B, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x8B, 0xAB, 0x8B, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0xC9, 0x34, 0xB3, 0xB4, 0xBC, 0x9F, 0xB0, 0x5E ), - BYTES_TO_T_UINT_8( 0xE6, 0x58, 0x48, 0xA8, 0x77, 0xBB, 0x13, 0x2F ), - BYTES_TO_T_UINT_8( 0x41, 0xC6, 0xF7, 0x34, 0xCC, 0x89, 0x21, 0x0A ), - BYTES_TO_T_UINT_8( 0xCA, 0x33, 0xDD, 0x1F, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x34, 0xB3, 0xB4, 0xBC, 0x9F, 0xB0, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x58, 0x48, 0xA8, 0x77, 0xBB, 0x13, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xC6, 0xF7, 0x34, 0xCC, 0x89, 0x21, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x33, 0xDD, 0x1F, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0xCC, 0x81, 0xEF, 0xA4, 0xF2, 0x10, 0x0B, 0xCD ), - BYTES_TO_T_UINT_8( 0x83, 0xF7, 0x6E, 0x72, 0x4A, 0xDF, 0xDD, 0xE8 ), - BYTES_TO_T_UINT_8( 0x67, 0x23, 0x0A, 0x53, 0x03, 0x16, 0x62, 0xD2 ), - BYTES_TO_T_UINT_8( 0x0B, 0x76, 0xFD, 0x3C, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x81, 0xEF, 0xA4, 0xF2, 0x10, 0x0B, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0xF7, 0x6E, 0x72, 0x4A, 0xDF, 0xDD, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x23, 0x0A, 0x53, 0x03, 0x16, 0x62, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x76, 0xFD, 0x3C, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0xCB, 0x14, 0xA1, 0xFA, 0xA0, 0x18, 0xBE, 0x07 ), - BYTES_TO_T_UINT_8( 0x03, 0x2A, 0xE1, 0xD7, 0xB0, 0x6C, 0xA0, 0xDE ), - BYTES_TO_T_UINT_8( 0xD1, 0xC0, 0xB0, 0xC6, 0x63, 0x24, 0xCD, 0x4E ), - BYTES_TO_T_UINT_8( 0x33, 0x38, 0x2C, 0xB1, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x14, 0xA1, 0xFA, 0xA0, 0x18, 0xBE, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0x2A, 0xE1, 0xD7, 0xB0, 0x6C, 0xA0, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0xC0, 0xB0, 0xC6, 0x63, 0x24, 0xCD, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x38, 0x2C, 0xB1, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0xEE, 0xCD, 0x7D, 0x20, 0x0C, 0xFE, 0xAC, 0xC3 ), - BYTES_TO_T_UINT_8( 0x09, 0x97, 0x9F, 0xA2, 0xB6, 0x45, 0xF7, 0x7B ), - BYTES_TO_T_UINT_8( 0xCA, 0x99, 0xF3, 0xD2, 0x20, 0x02, 0xEB, 0x04 ), - BYTES_TO_T_UINT_8( 0x43, 0x18, 0x5B, 0x7B, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0xCD, 0x7D, 0x20, 0x0C, 0xFE, 0xAC, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x97, 0x9F, 0xA2, 0xB6, 0x45, 0xF7, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x99, 0xF3, 0xD2, 0x20, 0x02, 0xEB, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x18, 0x5B, 0x7B, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0x2B, 0xDD, 0x77, 0x91, 0x60, 0xEA, 0xFD, 0xD3 ), - BYTES_TO_T_UINT_8( 0x7D, 0xD3, 0xB5, 0xD6, 0x90, 0x17, 0x0E, 0x1A ), - BYTES_TO_T_UINT_8( 0x00, 0xF4, 0x28, 0xC1, 0xF2, 0x53, 0xF6, 0x63 ), - BYTES_TO_T_UINT_8( 0x49, 0x58, 0xDC, 0x61, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0xDD, 0x77, 0x91, 0x60, 0xEA, 0xFD, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0xD3, 0xB5, 0xD6, 0x90, 0x17, 0x0E, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0xF4, 0x28, 0xC1, 0xF2, 0x53, 0xF6, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x58, 0xDC, 0x61, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xA8, 0x20, 0x01, 0xFB, 0xF1, 0xBD, 0x5F, 0x45 ), - BYTES_TO_T_UINT_8( 0xD0, 0x7F, 0x06, 0xDA, 0x11, 0xCB, 0xBA, 0xA6 ), - BYTES_TO_T_UINT_8( 0xA7, 0x41, 0x00, 0xA4, 0x1B, 0x30, 0x33, 0x79 ), - BYTES_TO_T_UINT_8( 0xF4, 0xFF, 0x27, 0xCA, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x20, 0x01, 0xFB, 0xF1, 0xBD, 0x5F, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x7F, 0x06, 0xDA, 0x11, 0xCB, 0xBA, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x41, 0x00, 0xA4, 0x1B, 0x30, 0x33, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0xFF, 0x27, 0xCA, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_ecp_point secp224r1_T[16] = { ECP_POINT_INIT_XY_Z1(secp224r1_T_0_X, secp224r1_T_0_Y), @@ -542,227 +542,227 @@ static const mbedtls_ecp_point secp224r1_T[16] = { */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) static const mbedtls_mpi_uint secp256r1_p[] = { - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp256r1_b[] = { - BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ), - BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ), - BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ), - BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ), }; static const mbedtls_mpi_uint secp256r1_gx[] = { - BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), - BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), - BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), - BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), }; static const mbedtls_mpi_uint secp256r1_gy[] = { - BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), - BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), - BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), - BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), }; static const mbedtls_mpi_uint secp256r1_n[] = { - BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ), - BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp256r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), - BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), - BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), - BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), }; static const mbedtls_mpi_uint secp256r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), - BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), - BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), - BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), }; static const mbedtls_mpi_uint secp256r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x70, 0xC8, 0xBA, 0x04, 0xB7, 0x4B, 0xD2, 0xF7 ), - BYTES_TO_T_UINT_8( 0xAB, 0xC6, 0x23, 0x3A, 0xA0, 0x09, 0x3A, 0x59 ), - BYTES_TO_T_UINT_8( 0x1D, 0x9D, 0x4C, 0xF9, 0x58, 0x23, 0xCC, 0xDF ), - BYTES_TO_T_UINT_8( 0x02, 0xED, 0x7B, 0x29, 0x87, 0x0F, 0xFA, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0xC8, 0xBA, 0x04, 0xB7, 0x4B, 0xD2, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0xC6, 0x23, 0x3A, 0xA0, 0x09, 0x3A, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x9D, 0x4C, 0xF9, 0x58, 0x23, 0xCC, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0xED, 0x7B, 0x29, 0x87, 0x0F, 0xFA, 0x3C ), }; static const mbedtls_mpi_uint secp256r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x40, 0x69, 0xF2, 0x40, 0x0B, 0xA3, 0x98, 0xCE ), - BYTES_TO_T_UINT_8( 0xAF, 0xA8, 0x48, 0x02, 0x0D, 0x1C, 0x12, 0x62 ), - BYTES_TO_T_UINT_8( 0x9B, 0xAF, 0x09, 0x83, 0x80, 0xAA, 0x58, 0xA7 ), - BYTES_TO_T_UINT_8( 0xC6, 0x12, 0xBE, 0x70, 0x94, 0x76, 0xE3, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x69, 0xF2, 0x40, 0x0B, 0xA3, 0x98, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xA8, 0x48, 0x02, 0x0D, 0x1C, 0x12, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0xAF, 0x09, 0x83, 0x80, 0xAA, 0x58, 0xA7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x12, 0xBE, 0x70, 0x94, 0x76, 0xE3, 0xE4 ), }; static const mbedtls_mpi_uint secp256r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x7D, 0x7D, 0xEF, 0x86, 0xFF, 0xE3, 0x37, 0xDD ), - BYTES_TO_T_UINT_8( 0xDB, 0x86, 0x8B, 0x08, 0x27, 0x7C, 0xD7, 0xF6 ), - BYTES_TO_T_UINT_8( 0x91, 0x54, 0x4C, 0x25, 0x4F, 0x9A, 0xFE, 0x28 ), - BYTES_TO_T_UINT_8( 0x5E, 0xFD, 0xF0, 0x6D, 0x37, 0x03, 0x69, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x7D, 0xEF, 0x86, 0xFF, 0xE3, 0x37, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x86, 0x8B, 0x08, 0x27, 0x7C, 0xD7, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x54, 0x4C, 0x25, 0x4F, 0x9A, 0xFE, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0xFD, 0xF0, 0x6D, 0x37, 0x03, 0x69, 0xD6 ), }; static const mbedtls_mpi_uint secp256r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x96, 0xD5, 0xDA, 0xAD, 0x92, 0x49, 0xF0, 0x9F ), - BYTES_TO_T_UINT_8( 0xF9, 0x73, 0x43, 0x9E, 0xAF, 0xA7, 0xD1, 0xF3 ), - BYTES_TO_T_UINT_8( 0x67, 0x41, 0x07, 0xDF, 0x78, 0x95, 0x3E, 0xA1 ), - BYTES_TO_T_UINT_8( 0x22, 0x3D, 0xD1, 0xE6, 0x3C, 0xA5, 0xE2, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xD5, 0xDA, 0xAD, 0x92, 0x49, 0xF0, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x73, 0x43, 0x9E, 0xAF, 0xA7, 0xD1, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x41, 0x07, 0xDF, 0x78, 0x95, 0x3E, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x3D, 0xD1, 0xE6, 0x3C, 0xA5, 0xE2, 0x20 ), }; static const mbedtls_mpi_uint secp256r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0xBF, 0x6A, 0x5D, 0x52, 0x35, 0xD7, 0xBF, 0xAE ), - BYTES_TO_T_UINT_8( 0x5A, 0xA2, 0xBE, 0x96, 0xF4, 0xF8, 0x02, 0xC3 ), - BYTES_TO_T_UINT_8( 0xA4, 0x20, 0x49, 0x54, 0xEA, 0xB3, 0x82, 0xDB ), - BYTES_TO_T_UINT_8( 0x2E, 0xDB, 0xEA, 0x02, 0xD1, 0x75, 0x1C, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x6A, 0x5D, 0x52, 0x35, 0xD7, 0xBF, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0xA2, 0xBE, 0x96, 0xF4, 0xF8, 0x02, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x20, 0x49, 0x54, 0xEA, 0xB3, 0x82, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2E, 0xDB, 0xEA, 0x02, 0xD1, 0x75, 0x1C, 0x62 ), }; static const mbedtls_mpi_uint secp256r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xF0, 0x85, 0xF4, 0x9E, 0x4C, 0xDC, 0x39, 0x89 ), - BYTES_TO_T_UINT_8( 0x63, 0x6D, 0xC4, 0x57, 0xD8, 0x03, 0x5D, 0x22 ), - BYTES_TO_T_UINT_8( 0x70, 0x7F, 0x2D, 0x52, 0x6F, 0xC9, 0xDA, 0x4F ), - BYTES_TO_T_UINT_8( 0x9D, 0x64, 0xFA, 0xB4, 0xFE, 0xA4, 0xC4, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x85, 0xF4, 0x9E, 0x4C, 0xDC, 0x39, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x6D, 0xC4, 0x57, 0xD8, 0x03, 0x5D, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x7F, 0x2D, 0x52, 0x6F, 0xC9, 0xDA, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x64, 0xFA, 0xB4, 0xFE, 0xA4, 0xC4, 0xD7 ), }; static const mbedtls_mpi_uint secp256r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x2A, 0x37, 0xB9, 0xC0, 0xAA, 0x59, 0xC6, 0x8B ), - BYTES_TO_T_UINT_8( 0x3F, 0x58, 0xD9, 0xED, 0x58, 0x99, 0x65, 0xF7 ), - BYTES_TO_T_UINT_8( 0x88, 0x7D, 0x26, 0x8C, 0x4A, 0xF9, 0x05, 0x9F ), - BYTES_TO_T_UINT_8( 0x9D, 0x73, 0x9A, 0xC9, 0xE7, 0x46, 0xDC, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x37, 0xB9, 0xC0, 0xAA, 0x59, 0xC6, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x58, 0xD9, 0xED, 0x58, 0x99, 0x65, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x7D, 0x26, 0x8C, 0x4A, 0xF9, 0x05, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x73, 0x9A, 0xC9, 0xE7, 0x46, 0xDC, 0x00 ), }; static const mbedtls_mpi_uint secp256r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0xF2, 0xD0, 0x55, 0xDF, 0x00, 0x0A, 0xF5, 0x4A ), - BYTES_TO_T_UINT_8( 0x6A, 0xBF, 0x56, 0x81, 0x2D, 0x20, 0xEB, 0xB5 ), - BYTES_TO_T_UINT_8( 0x11, 0xC1, 0x28, 0x52, 0xAB, 0xE3, 0xD1, 0x40 ), - BYTES_TO_T_UINT_8( 0x24, 0x34, 0x79, 0x45, 0x57, 0xA5, 0x12, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0xD0, 0x55, 0xDF, 0x00, 0x0A, 0xF5, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0xBF, 0x56, 0x81, 0x2D, 0x20, 0xEB, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xC1, 0x28, 0x52, 0xAB, 0xE3, 0xD1, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x34, 0x79, 0x45, 0x57, 0xA5, 0x12, 0x03 ), }; static const mbedtls_mpi_uint secp256r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0xEE, 0xCF, 0xB8, 0x7E, 0xF7, 0x92, 0x96, 0x8D ), - BYTES_TO_T_UINT_8( 0x3D, 0x01, 0x8C, 0x0D, 0x23, 0xF2, 0xE3, 0x05 ), - BYTES_TO_T_UINT_8( 0x59, 0x2E, 0xE3, 0x84, 0x52, 0x7A, 0x34, 0x76 ), - BYTES_TO_T_UINT_8( 0xE5, 0xA1, 0xB0, 0x15, 0x90, 0xE2, 0x53, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0xCF, 0xB8, 0x7E, 0xF7, 0x92, 0x96, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x01, 0x8C, 0x0D, 0x23, 0xF2, 0xE3, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x2E, 0xE3, 0x84, 0x52, 0x7A, 0x34, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0xA1, 0xB0, 0x15, 0x90, 0xE2, 0x53, 0x3C ), }; static const mbedtls_mpi_uint secp256r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xD4, 0x98, 0xE7, 0xFA, 0xA5, 0x7D, 0x8B, 0x53 ), - BYTES_TO_T_UINT_8( 0x91, 0x35, 0xD2, 0x00, 0xD1, 0x1B, 0x9F, 0x1B ), - BYTES_TO_T_UINT_8( 0x3F, 0x69, 0x08, 0x9A, 0x72, 0xF0, 0xA9, 0x11 ), - BYTES_TO_T_UINT_8( 0xB3, 0xFE, 0x0E, 0x14, 0xDA, 0x7C, 0x0E, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x98, 0xE7, 0xFA, 0xA5, 0x7D, 0x8B, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x35, 0xD2, 0x00, 0xD1, 0x1B, 0x9F, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x69, 0x08, 0x9A, 0x72, 0xF0, 0xA9, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0xFE, 0x0E, 0x14, 0xDA, 0x7C, 0x0E, 0xD3 ), }; static const mbedtls_mpi_uint secp256r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x83, 0xF6, 0xE8, 0xF8, 0x87, 0xF7, 0xFC, 0x6D ), - BYTES_TO_T_UINT_8( 0x90, 0xBE, 0x7F, 0x3F, 0x7A, 0x2B, 0xD7, 0x13 ), - BYTES_TO_T_UINT_8( 0xCF, 0x32, 0xF2, 0x2D, 0x94, 0x6D, 0x42, 0xFD ), - BYTES_TO_T_UINT_8( 0xAD, 0x9A, 0xE3, 0x5F, 0x42, 0xBB, 0x84, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0xF6, 0xE8, 0xF8, 0x87, 0xF7, 0xFC, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xBE, 0x7F, 0x3F, 0x7A, 0x2B, 0xD7, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0x32, 0xF2, 0x2D, 0x94, 0x6D, 0x42, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x9A, 0xE3, 0x5F, 0x42, 0xBB, 0x84, 0xED ), }; static const mbedtls_mpi_uint secp256r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xFC, 0x95, 0x29, 0x73, 0xA1, 0x67, 0x3E, 0x02 ), - BYTES_TO_T_UINT_8( 0xE3, 0x30, 0x54, 0x35, 0x8E, 0x0A, 0xDD, 0x67 ), - BYTES_TO_T_UINT_8( 0x03, 0xD7, 0xA1, 0x97, 0x61, 0x3B, 0xF8, 0x0C ), - BYTES_TO_T_UINT_8( 0xF2, 0x33, 0x3C, 0x58, 0x55, 0x34, 0x23, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x95, 0x29, 0x73, 0xA1, 0x67, 0x3E, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x30, 0x54, 0x35, 0x8E, 0x0A, 0xDD, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0xD7, 0xA1, 0x97, 0x61, 0x3B, 0xF8, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x33, 0x3C, 0x58, 0x55, 0x34, 0x23, 0xA3 ), }; static const mbedtls_mpi_uint secp256r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0x99, 0x5D, 0x16, 0x5F, 0x7B, 0xBC, 0xBB, 0xCE ), - BYTES_TO_T_UINT_8( 0x61, 0xEE, 0x4E, 0x8A, 0xC1, 0x51, 0xCC, 0x50 ), - BYTES_TO_T_UINT_8( 0x1F, 0x0D, 0x4D, 0x1B, 0x53, 0x23, 0x1D, 0xB3 ), - BYTES_TO_T_UINT_8( 0xDA, 0x2A, 0x38, 0x66, 0x52, 0x84, 0xE1, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x5D, 0x16, 0x5F, 0x7B, 0xBC, 0xBB, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0xEE, 0x4E, 0x8A, 0xC1, 0x51, 0xCC, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x0D, 0x4D, 0x1B, 0x53, 0x23, 0x1D, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x2A, 0x38, 0x66, 0x52, 0x84, 0xE1, 0x95 ), }; static const mbedtls_mpi_uint secp256r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x5B, 0x9B, 0x83, 0x0A, 0x81, 0x4F, 0xAD, 0xAC ), - BYTES_TO_T_UINT_8( 0x0F, 0xFF, 0x42, 0x41, 0x6E, 0xA9, 0xA2, 0xA0 ), - BYTES_TO_T_UINT_8( 0x2F, 0xA1, 0x4F, 0x1F, 0x89, 0x82, 0xAA, 0x3E ), - BYTES_TO_T_UINT_8( 0xF3, 0xB8, 0x0F, 0x6B, 0x8F, 0x8C, 0xD6, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x9B, 0x83, 0x0A, 0x81, 0x4F, 0xAD, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xFF, 0x42, 0x41, 0x6E, 0xA9, 0xA2, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xA1, 0x4F, 0x1F, 0x89, 0x82, 0xAA, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0xB8, 0x0F, 0x6B, 0x8F, 0x8C, 0xD6, 0x68 ), }; static const mbedtls_mpi_uint secp256r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0xF1, 0xB3, 0xBB, 0x51, 0x69, 0xA2, 0x11, 0x93 ), - BYTES_TO_T_UINT_8( 0x65, 0x4F, 0x0F, 0x8D, 0xBD, 0x26, 0x0F, 0xE8 ), - BYTES_TO_T_UINT_8( 0xB9, 0xCB, 0xEC, 0x6B, 0x34, 0xC3, 0x3D, 0x9D ), - BYTES_TO_T_UINT_8( 0xE4, 0x5D, 0x1E, 0x10, 0xD5, 0x44, 0xE2, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0xB3, 0xBB, 0x51, 0x69, 0xA2, 0x11, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x4F, 0x0F, 0x8D, 0xBD, 0x26, 0x0F, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xCB, 0xEC, 0x6B, 0x34, 0xC3, 0x3D, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x5D, 0x1E, 0x10, 0xD5, 0x44, 0xE2, 0x54 ), }; static const mbedtls_mpi_uint secp256r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x28, 0x9E, 0xB1, 0xF1, 0x6E, 0x4C, 0xAD, 0xB3 ), - BYTES_TO_T_UINT_8( 0xB7, 0xE3, 0xC2, 0x58, 0xC0, 0xFB, 0x34, 0x43 ), - BYTES_TO_T_UINT_8( 0x25, 0x9C, 0xDF, 0x35, 0x07, 0x41, 0xBD, 0x19 ), - BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x10, 0xEC, 0x0E, 0xEC, 0xBB, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x9E, 0xB1, 0xF1, 0x6E, 0x4C, 0xAD, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xE3, 0xC2, 0x58, 0xC0, 0xFB, 0x34, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0x9C, 0xDF, 0x35, 0x07, 0x41, 0xBD, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x10, 0xEC, 0x0E, 0xEC, 0xBB, 0xD6 ), }; static const mbedtls_mpi_uint secp256r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0xC8, 0xCF, 0xEF, 0x3F, 0x83, 0x1A, 0x88, 0xE8 ), - BYTES_TO_T_UINT_8( 0x0B, 0x29, 0xB5, 0xB9, 0xE0, 0xC9, 0xA3, 0xAE ), - BYTES_TO_T_UINT_8( 0x88, 0x46, 0x1E, 0x77, 0xCD, 0x7E, 0xB3, 0x10 ), - BYTES_TO_T_UINT_8( 0xB6, 0x21, 0xD0, 0xD4, 0xA3, 0x16, 0x08, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xCF, 0xEF, 0x3F, 0x83, 0x1A, 0x88, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x29, 0xB5, 0xB9, 0xE0, 0xC9, 0xA3, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x46, 0x1E, 0x77, 0xCD, 0x7E, 0xB3, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x21, 0xD0, 0xD4, 0xA3, 0x16, 0x08, 0xEE ), }; static const mbedtls_mpi_uint secp256r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xA1, 0xCA, 0xA8, 0xB3, 0xBF, 0x29, 0x99, 0x8E ), - BYTES_TO_T_UINT_8( 0xD1, 0xF2, 0x05, 0xC1, 0xCF, 0x5D, 0x91, 0x48 ), - BYTES_TO_T_UINT_8( 0x9F, 0x01, 0x49, 0xDB, 0x82, 0xDF, 0x5F, 0x3A ), - BYTES_TO_T_UINT_8( 0xE1, 0x06, 0x90, 0xAD, 0xE3, 0x38, 0xA4, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0xCA, 0xA8, 0xB3, 0xBF, 0x29, 0x99, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0xF2, 0x05, 0xC1, 0xCF, 0x5D, 0x91, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0x01, 0x49, 0xDB, 0x82, 0xDF, 0x5F, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x06, 0x90, 0xAD, 0xE3, 0x38, 0xA4, 0xC4 ), }; static const mbedtls_mpi_uint secp256r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0xC9, 0xD2, 0x3A, 0xE8, 0x03, 0xC5, 0x6D, 0x5D ), - BYTES_TO_T_UINT_8( 0xBE, 0x35, 0xD0, 0xAE, 0x1D, 0x7A, 0x9F, 0xCA ), - BYTES_TO_T_UINT_8( 0x33, 0x1E, 0xD2, 0xCB, 0xAC, 0x88, 0x27, 0x55 ), - BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x9C, 0xE0, 0x31, 0xDD, 0x99, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xD2, 0x3A, 0xE8, 0x03, 0xC5, 0x6D, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x35, 0xD0, 0xAE, 0x1D, 0x7A, 0x9F, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x1E, 0xD2, 0xCB, 0xAC, 0x88, 0x27, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x9C, 0xE0, 0x31, 0xDD, 0x99, 0x86 ), }; static const mbedtls_mpi_uint secp256r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x61, 0xF9, 0x9B, 0x32, 0x96, 0x41, 0x58, 0x38 ), - BYTES_TO_T_UINT_8( 0xF9, 0x5A, 0x2A, 0xB8, 0x96, 0x0E, 0xB2, 0x4C ), - BYTES_TO_T_UINT_8( 0xC1, 0x78, 0x2C, 0xC7, 0x08, 0x99, 0x19, 0x24 ), - BYTES_TO_T_UINT_8( 0xB7, 0x59, 0x28, 0xE9, 0x84, 0x54, 0xE6, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0xF9, 0x9B, 0x32, 0x96, 0x41, 0x58, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x5A, 0x2A, 0xB8, 0x96, 0x0E, 0xB2, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x78, 0x2C, 0xC7, 0x08, 0x99, 0x19, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x59, 0x28, 0xE9, 0x84, 0x54, 0xE6, 0x16 ), }; static const mbedtls_mpi_uint secp256r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xDD, 0x38, 0x30, 0xDB, 0x70, 0x2C, 0x0A, 0xA2 ), - BYTES_TO_T_UINT_8( 0x7C, 0x5C, 0x9D, 0xE9, 0xD5, 0x46, 0x0B, 0x5F ), - BYTES_TO_T_UINT_8( 0x83, 0x0B, 0x60, 0x4B, 0x37, 0x7D, 0xB9, 0xC9 ), - BYTES_TO_T_UINT_8( 0x5E, 0x24, 0xF3, 0x3D, 0x79, 0x7F, 0x6C, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x38, 0x30, 0xDB, 0x70, 0x2C, 0x0A, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x5C, 0x9D, 0xE9, 0xD5, 0x46, 0x0B, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x0B, 0x60, 0x4B, 0x37, 0x7D, 0xB9, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x24, 0xF3, 0x3D, 0x79, 0x7F, 0x6C, 0x18 ), }; static const mbedtls_mpi_uint secp256r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x7F, 0xE5, 0x1C, 0x4F, 0x60, 0x24, 0xF7, 0x2A ), - BYTES_TO_T_UINT_8( 0xED, 0xD8, 0xE2, 0x91, 0x7F, 0x89, 0x49, 0x92 ), - BYTES_TO_T_UINT_8( 0x97, 0xA7, 0x2E, 0x8D, 0x6A, 0xB3, 0x39, 0x81 ), - BYTES_TO_T_UINT_8( 0x13, 0x89, 0xB5, 0x9A, 0xB8, 0x8D, 0x42, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7F, 0xE5, 0x1C, 0x4F, 0x60, 0x24, 0xF7, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0xD8, 0xE2, 0x91, 0x7F, 0x89, 0x49, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0xA7, 0x2E, 0x8D, 0x6A, 0xB3, 0x39, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x89, 0xB5, 0x9A, 0xB8, 0x8D, 0x42, 0x9C ), }; static const mbedtls_mpi_uint secp256r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x8D, 0x45, 0xE6, 0x4B, 0x3F, 0x4F, 0x1E, 0x1F ), - BYTES_TO_T_UINT_8( 0x47, 0x65, 0x5E, 0x59, 0x22, 0xCC, 0x72, 0x5F ), - BYTES_TO_T_UINT_8( 0xF1, 0x93, 0x1A, 0x27, 0x1E, 0x34, 0xC5, 0x5B ), - BYTES_TO_T_UINT_8( 0x63, 0xF2, 0xA5, 0x58, 0x5C, 0x15, 0x2E, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0x45, 0xE6, 0x4B, 0x3F, 0x4F, 0x1E, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x65, 0x5E, 0x59, 0x22, 0xCC, 0x72, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x93, 0x1A, 0x27, 0x1E, 0x34, 0xC5, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0xF2, 0xA5, 0x58, 0x5C, 0x15, 0x2E, 0xC6 ), }; static const mbedtls_mpi_uint secp256r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0xF4, 0x7F, 0xBA, 0x58, 0x5A, 0x84, 0x6F, 0x5F ), - BYTES_TO_T_UINT_8( 0xAD, 0xA6, 0x36, 0x7E, 0xDC, 0xF7, 0xE1, 0x67 ), - BYTES_TO_T_UINT_8( 0x04, 0x4D, 0xAA, 0xEE, 0x57, 0x76, 0x3A, 0xD3 ), - BYTES_TO_T_UINT_8( 0x4E, 0x7E, 0x26, 0x18, 0x22, 0x23, 0x9F, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x7F, 0xBA, 0x58, 0x5A, 0x84, 0x6F, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xA6, 0x36, 0x7E, 0xDC, 0xF7, 0xE1, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x4D, 0xAA, 0xEE, 0x57, 0x76, 0x3A, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x7E, 0x26, 0x18, 0x22, 0x23, 0x9F, 0xFF ), }; static const mbedtls_mpi_uint secp256r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x1D, 0x4C, 0x64, 0xC7, 0x55, 0x02, 0x3F, 0xE3 ), - BYTES_TO_T_UINT_8( 0xD8, 0x02, 0x90, 0xBB, 0xC3, 0xEC, 0x30, 0x40 ), - BYTES_TO_T_UINT_8( 0x9F, 0x6F, 0x64, 0xF4, 0x16, 0x69, 0x48, 0xA4 ), - BYTES_TO_T_UINT_8( 0xFA, 0x44, 0x9C, 0x95, 0x0C, 0x7D, 0x67, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x4C, 0x64, 0xC7, 0x55, 0x02, 0x3F, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x02, 0x90, 0xBB, 0xC3, 0xEC, 0x30, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0x6F, 0x64, 0xF4, 0x16, 0x69, 0x48, 0xA4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x44, 0x9C, 0x95, 0x0C, 0x7D, 0x67, 0x5E ), }; static const mbedtls_mpi_uint secp256r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x44, 0x91, 0x8B, 0xD8, 0xD0, 0xD7, 0xE7, 0xE2 ), - BYTES_TO_T_UINT_8( 0x1F, 0xF9, 0x48, 0x62, 0x6F, 0xA8, 0x93, 0x5D ), - BYTES_TO_T_UINT_8( 0xEA, 0x3A, 0x99, 0x02, 0xD5, 0x0B, 0x3D, 0xE3 ), - BYTES_TO_T_UINT_8( 0x1E, 0xD3, 0x00, 0x31, 0xE6, 0x0C, 0x9F, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x91, 0x8B, 0xD8, 0xD0, 0xD7, 0xE7, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0xF9, 0x48, 0x62, 0x6F, 0xA8, 0x93, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0x3A, 0x99, 0x02, 0xD5, 0x0B, 0x3D, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xD3, 0x00, 0x31, 0xE6, 0x0C, 0x9F, 0x44 ), }; static const mbedtls_mpi_uint secp256r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x56, 0xB2, 0xAA, 0xFD, 0x88, 0x15, 0xDF, 0x52 ), - BYTES_TO_T_UINT_8( 0x4C, 0x35, 0x27, 0x31, 0x44, 0xCD, 0xC0, 0x68 ), - BYTES_TO_T_UINT_8( 0x53, 0xF8, 0x91, 0xA5, 0x71, 0x94, 0x84, 0x2A ), - BYTES_TO_T_UINT_8( 0x92, 0xCB, 0xD0, 0x93, 0xE9, 0x88, 0xDA, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0xB2, 0xAA, 0xFD, 0x88, 0x15, 0xDF, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4C, 0x35, 0x27, 0x31, 0x44, 0xCD, 0xC0, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xF8, 0x91, 0xA5, 0x71, 0x94, 0x84, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xCB, 0xD0, 0x93, 0xE9, 0x88, 0xDA, 0xE4 ), }; static const mbedtls_mpi_uint secp256r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x24, 0xC6, 0x39, 0x16, 0x5D, 0xA3, 0x1E, 0x6D ), - BYTES_TO_T_UINT_8( 0xBA, 0x07, 0x37, 0x26, 0x36, 0x2A, 0xFE, 0x60 ), - BYTES_TO_T_UINT_8( 0x51, 0xBC, 0xF3, 0xD0, 0xDE, 0x50, 0xFC, 0x97 ), - BYTES_TO_T_UINT_8( 0x80, 0x2E, 0x06, 0x10, 0x15, 0x4D, 0xFA, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0xC6, 0x39, 0x16, 0x5D, 0xA3, 0x1E, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x07, 0x37, 0x26, 0x36, 0x2A, 0xFE, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xBC, 0xF3, 0xD0, 0xDE, 0x50, 0xFC, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x2E, 0x06, 0x10, 0x15, 0x4D, 0xFA, 0xF7 ), }; static const mbedtls_mpi_uint secp256r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0x27, 0x65, 0x69, 0x5B, 0x66, 0xA2, 0x75, 0x2E ), - BYTES_TO_T_UINT_8( 0x9C, 0x16, 0x00, 0x5A, 0xB0, 0x30, 0x25, 0x1A ), - BYTES_TO_T_UINT_8( 0x42, 0xFB, 0x86, 0x42, 0x80, 0xC1, 0xC4, 0x76 ), - BYTES_TO_T_UINT_8( 0x5B, 0x1D, 0x83, 0x8E, 0x94, 0x01, 0x5F, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x65, 0x69, 0x5B, 0x66, 0xA2, 0x75, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x16, 0x00, 0x5A, 0xB0, 0x30, 0x25, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xFB, 0x86, 0x42, 0x80, 0xC1, 0xC4, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x1D, 0x83, 0x8E, 0x94, 0x01, 0x5F, 0x82 ), }; static const mbedtls_mpi_uint secp256r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0x39, 0x37, 0x70, 0xEF, 0x1F, 0xA1, 0xF0, 0xDB ), - BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x5B, 0xCE, 0xC4, 0x9B, 0x6F, 0x10 ), - BYTES_TO_T_UINT_8( 0x50, 0x11, 0x11, 0x24, 0x4F, 0x4C, 0x79, 0x61 ), - BYTES_TO_T_UINT_8( 0x17, 0x3A, 0x72, 0xBC, 0xFE, 0x72, 0x58, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0x37, 0x70, 0xEF, 0x1F, 0xA1, 0xF0, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x5B, 0xCE, 0xC4, 0x9B, 0x6F, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x11, 0x11, 0x24, 0x4F, 0x4C, 0x79, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x3A, 0x72, 0xBC, 0xFE, 0x72, 0x58, 0x43 ), }; static const mbedtls_ecp_point secp256r1_T[16] = { ECP_POINT_INIT_XY_Z1(secp256r1_T_0_X, secp256r1_T_0_Y), @@ -793,557 +793,557 @@ static const mbedtls_ecp_point secp256r1_T[16] = { */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) static const mbedtls_mpi_uint secp384r1_p[] = { - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp384r1_b[] = { - BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ), - BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ), - BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ), - BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ), - BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ), - BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ), }; static const mbedtls_mpi_uint secp384r1_gx[] = { - BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), - BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), - BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), - BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), - BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), - BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), }; static const mbedtls_mpi_uint secp384r1_gy[] = { - BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), - BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), - BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), - BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), - BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), - BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), }; static const mbedtls_mpi_uint secp384r1_n[] = { - BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ), - BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ), - BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp384r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), - BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), - BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), - BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), - BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), - BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), }; static const mbedtls_mpi_uint secp384r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), - BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), - BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), - BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), - BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), - BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), }; static const mbedtls_mpi_uint secp384r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x46, 0x92, 0x00, 0x2C, 0x78, 0xDB, 0x1F, 0x37 ), - BYTES_TO_T_UINT_8( 0x17, 0xF3, 0xEB, 0xB7, 0x06, 0xF7, 0xB6, 0xBC ), - BYTES_TO_T_UINT_8( 0x3D, 0xBC, 0x2C, 0xCF, 0xD8, 0xED, 0x53, 0xE7 ), - BYTES_TO_T_UINT_8( 0x52, 0x75, 0x7B, 0xA3, 0xAB, 0xC3, 0x2C, 0x85 ), - BYTES_TO_T_UINT_8( 0xE5, 0x9D, 0x78, 0x41, 0xF6, 0x76, 0x84, 0xAC ), - BYTES_TO_T_UINT_8( 0x54, 0x56, 0xE8, 0x52, 0xB3, 0xCB, 0xA8, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x92, 0x00, 0x2C, 0x78, 0xDB, 0x1F, 0x37 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xF3, 0xEB, 0xB7, 0x06, 0xF7, 0xB6, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xBC, 0x2C, 0xCF, 0xD8, 0xED, 0x53, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0x75, 0x7B, 0xA3, 0xAB, 0xC3, 0x2C, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x9D, 0x78, 0x41, 0xF6, 0x76, 0x84, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x56, 0xE8, 0x52, 0xB3, 0xCB, 0xA8, 0xBD ), }; static const mbedtls_mpi_uint secp384r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x6D, 0xF2, 0xAE, 0xA4, 0xB6, 0x89, 0x1B, 0xDA ), - BYTES_TO_T_UINT_8( 0x01, 0x0F, 0xCE, 0x1C, 0x7C, 0xF6, 0x50, 0x4C ), - BYTES_TO_T_UINT_8( 0x4C, 0xEB, 0x90, 0xE6, 0x4D, 0xC7, 0xD4, 0x7A ), - BYTES_TO_T_UINT_8( 0xD1, 0x49, 0x2D, 0x8A, 0x01, 0x99, 0x60, 0x94 ), - BYTES_TO_T_UINT_8( 0x5F, 0x80, 0x9B, 0x9B, 0x6A, 0xB0, 0x07, 0xD9 ), - BYTES_TO_T_UINT_8( 0xC2, 0xA2, 0xEE, 0x59, 0xBE, 0x95, 0xBC, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xF2, 0xAE, 0xA4, 0xB6, 0x89, 0x1B, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x0F, 0xCE, 0x1C, 0x7C, 0xF6, 0x50, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4C, 0xEB, 0x90, 0xE6, 0x4D, 0xC7, 0xD4, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x49, 0x2D, 0x8A, 0x01, 0x99, 0x60, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x80, 0x9B, 0x9B, 0x6A, 0xB0, 0x07, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0xA2, 0xEE, 0x59, 0xBE, 0x95, 0xBC, 0x23 ), }; static const mbedtls_mpi_uint secp384r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0xE6, 0x9D, 0x56, 0xAE, 0x59, 0xFB, 0x1F, 0x98 ), - BYTES_TO_T_UINT_8( 0xCF, 0xAC, 0x91, 0x80, 0x87, 0xA8, 0x6E, 0x58 ), - BYTES_TO_T_UINT_8( 0x30, 0x08, 0xA7, 0x08, 0x94, 0x32, 0xFC, 0x67 ), - BYTES_TO_T_UINT_8( 0x9F, 0x29, 0x9E, 0x84, 0xF4, 0xE5, 0x6E, 0x7E ), - BYTES_TO_T_UINT_8( 0x55, 0x21, 0xB9, 0x50, 0x24, 0xF8, 0x9C, 0xC7 ), - BYTES_TO_T_UINT_8( 0x34, 0x04, 0x01, 0xC2, 0xFB, 0x77, 0x3E, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x9D, 0x56, 0xAE, 0x59, 0xFB, 0x1F, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0xAC, 0x91, 0x80, 0x87, 0xA8, 0x6E, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x08, 0xA7, 0x08, 0x94, 0x32, 0xFC, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0x29, 0x9E, 0x84, 0xF4, 0xE5, 0x6E, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x21, 0xB9, 0x50, 0x24, 0xF8, 0x9C, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x04, 0x01, 0xC2, 0xFB, 0x77, 0x3E, 0xDE ), }; static const mbedtls_mpi_uint secp384r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x00, 0x38, 0xEE, 0xE3, 0xC7, 0x9D, 0xEC, 0xA6 ), - BYTES_TO_T_UINT_8( 0xB6, 0x88, 0xCF, 0x43, 0xFA, 0x92, 0x5E, 0x8E ), - BYTES_TO_T_UINT_8( 0xE9, 0xCA, 0x43, 0xF8, 0x3B, 0x49, 0x7E, 0x75 ), - BYTES_TO_T_UINT_8( 0x1C, 0xE7, 0xEB, 0x17, 0x45, 0x86, 0xC2, 0xE1 ), - BYTES_TO_T_UINT_8( 0x92, 0x69, 0x57, 0x32, 0xE0, 0x9C, 0xD1, 0x00 ), - BYTES_TO_T_UINT_8( 0xD9, 0x10, 0xB8, 0x4D, 0xB8, 0xF4, 0x0D, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x38, 0xEE, 0xE3, 0xC7, 0x9D, 0xEC, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x88, 0xCF, 0x43, 0xFA, 0x92, 0x5E, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0xCA, 0x43, 0xF8, 0x3B, 0x49, 0x7E, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0xE7, 0xEB, 0x17, 0x45, 0x86, 0xC2, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x69, 0x57, 0x32, 0xE0, 0x9C, 0xD1, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x10, 0xB8, 0x4D, 0xB8, 0xF4, 0x0D, 0xE3 ), }; static const mbedtls_mpi_uint secp384r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x60, 0xDC, 0x9A, 0xB2, 0x79, 0x39, 0x27, 0x16 ), - BYTES_TO_T_UINT_8( 0x4F, 0x71, 0xE4, 0x3B, 0x4D, 0x60, 0x0C, 0xA3 ), - BYTES_TO_T_UINT_8( 0x55, 0xBD, 0x19, 0x40, 0xFA, 0x19, 0x2A, 0x5A ), - BYTES_TO_T_UINT_8( 0x4D, 0xF8, 0x1E, 0x43, 0xA1, 0x50, 0x8D, 0xEF ), - BYTES_TO_T_UINT_8( 0xA3, 0x18, 0x7C, 0x41, 0xFA, 0x7C, 0x1B, 0x58 ), - BYTES_TO_T_UINT_8( 0x00, 0x59, 0x24, 0xC4, 0xE9, 0xB7, 0xD3, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x60, 0xDC, 0x9A, 0xB2, 0x79, 0x39, 0x27, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x71, 0xE4, 0x3B, 0x4D, 0x60, 0x0C, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0xBD, 0x19, 0x40, 0xFA, 0x19, 0x2A, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xF8, 0x1E, 0x43, 0xA1, 0x50, 0x8D, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x18, 0x7C, 0x41, 0xFA, 0x7C, 0x1B, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x59, 0x24, 0xC4, 0xE9, 0xB7, 0xD3, 0xAD ), }; static const mbedtls_mpi_uint secp384r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xBB, 0x01, 0x3D, 0x63, 0x54, 0x45, 0x6F, 0xB7 ), - BYTES_TO_T_UINT_8( 0x7B, 0xB2, 0x19, 0xA3, 0x86, 0x1D, 0x42, 0x34 ), - BYTES_TO_T_UINT_8( 0x84, 0x02, 0x87, 0x18, 0x92, 0x52, 0x1A, 0x71 ), - BYTES_TO_T_UINT_8( 0x6C, 0x18, 0xB1, 0x5D, 0x18, 0x1B, 0x37, 0xFE ), - BYTES_TO_T_UINT_8( 0xF4, 0x74, 0x61, 0xBA, 0x18, 0xAF, 0x40, 0x30 ), - BYTES_TO_T_UINT_8( 0xDA, 0x7D, 0x3C, 0x52, 0x0F, 0x07, 0xB0, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x01, 0x3D, 0x63, 0x54, 0x45, 0x6F, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0xB2, 0x19, 0xA3, 0x86, 0x1D, 0x42, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x02, 0x87, 0x18, 0x92, 0x52, 0x1A, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x18, 0xB1, 0x5D, 0x18, 0x1B, 0x37, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x74, 0x61, 0xBA, 0x18, 0xAF, 0x40, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x7D, 0x3C, 0x52, 0x0F, 0x07, 0xB0, 0x6F ), }; static const mbedtls_mpi_uint secp384r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x09, 0x39, 0x13, 0xAA, 0x60, 0x15, 0x99, 0x30 ), - BYTES_TO_T_UINT_8( 0x17, 0x00, 0xCB, 0xC6, 0xB1, 0xDB, 0x97, 0x90 ), - BYTES_TO_T_UINT_8( 0xE6, 0xFA, 0x60, 0xB8, 0x24, 0xE4, 0x7D, 0xD3 ), - BYTES_TO_T_UINT_8( 0xDD, 0x75, 0xB3, 0x70, 0xB2, 0x83, 0xB1, 0x9B ), - BYTES_TO_T_UINT_8( 0xA3, 0xE3, 0x6C, 0xCD, 0x33, 0x62, 0x7A, 0x56 ), - BYTES_TO_T_UINT_8( 0x88, 0x30, 0xDC, 0x0F, 0x9F, 0xBB, 0xB8, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x39, 0x13, 0xAA, 0x60, 0x15, 0x99, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x00, 0xCB, 0xC6, 0xB1, 0xDB, 0x97, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xFA, 0x60, 0xB8, 0x24, 0xE4, 0x7D, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x75, 0xB3, 0x70, 0xB2, 0x83, 0xB1, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0xE3, 0x6C, 0xCD, 0x33, 0x62, 0x7A, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x30, 0xDC, 0x0F, 0x9F, 0xBB, 0xB8, 0xAA ), }; static const mbedtls_mpi_uint secp384r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0xA6, 0xD5, 0x0A, 0x60, 0x81, 0xB9, 0xC5, 0x16 ), - BYTES_TO_T_UINT_8( 0x44, 0xAA, 0x2F, 0xD6, 0xF2, 0x73, 0xDF, 0xEB ), - BYTES_TO_T_UINT_8( 0xF3, 0x7B, 0x74, 0xC9, 0xB3, 0x5B, 0x95, 0x6D ), - BYTES_TO_T_UINT_8( 0xAC, 0x04, 0xEB, 0x15, 0xC8, 0x5F, 0x00, 0xF6 ), - BYTES_TO_T_UINT_8( 0xB5, 0x50, 0x20, 0x28, 0xD1, 0x01, 0xAF, 0xF0 ), - BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x4F, 0x31, 0x81, 0x2F, 0x94, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xD5, 0x0A, 0x60, 0x81, 0xB9, 0xC5, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0xAA, 0x2F, 0xD6, 0xF2, 0x73, 0xDF, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x7B, 0x74, 0xC9, 0xB3, 0x5B, 0x95, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x04, 0xEB, 0x15, 0xC8, 0x5F, 0x00, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x50, 0x20, 0x28, 0xD1, 0x01, 0xAF, 0xF0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x4F, 0x31, 0x81, 0x2F, 0x94, 0x48 ), }; static const mbedtls_mpi_uint secp384r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x46, 0x2F, 0xD8, 0xB6, 0x63, 0x7C, 0xE9, 0x50 ), - BYTES_TO_T_UINT_8( 0xD9, 0x8C, 0xB9, 0x14, 0xD9, 0x37, 0x63, 0xDE ), - BYTES_TO_T_UINT_8( 0x10, 0x02, 0xB8, 0x46, 0xAD, 0xCE, 0x7B, 0x38 ), - BYTES_TO_T_UINT_8( 0x82, 0x47, 0x2D, 0x66, 0xA7, 0xE9, 0x33, 0x23 ), - BYTES_TO_T_UINT_8( 0x92, 0xF9, 0x93, 0x94, 0xA8, 0x48, 0xB3, 0x4F ), - BYTES_TO_T_UINT_8( 0xE9, 0x4A, 0xAC, 0x51, 0x08, 0x72, 0x2F, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x2F, 0xD8, 0xB6, 0x63, 0x7C, 0xE9, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x8C, 0xB9, 0x14, 0xD9, 0x37, 0x63, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x02, 0xB8, 0x46, 0xAD, 0xCE, 0x7B, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x47, 0x2D, 0x66, 0xA7, 0xE9, 0x33, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xF9, 0x93, 0x94, 0xA8, 0x48, 0xB3, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x4A, 0xAC, 0x51, 0x08, 0x72, 0x2F, 0x1A ), }; static const mbedtls_mpi_uint secp384r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xDA, 0xAD, 0xA0, 0xF9, 0x81, 0xE1, 0x78, 0x97 ), - BYTES_TO_T_UINT_8( 0x3A, 0x9A, 0x63, 0xD8, 0xBA, 0x79, 0x1A, 0x17 ), - BYTES_TO_T_UINT_8( 0x34, 0x31, 0x7B, 0x7A, 0x5A, 0x5D, 0x7D, 0x2D ), - BYTES_TO_T_UINT_8( 0x83, 0x96, 0x12, 0x4B, 0x19, 0x09, 0xE0, 0xB7 ), - BYTES_TO_T_UINT_8( 0x55, 0x8A, 0x57, 0xEE, 0x4E, 0x6E, 0x7E, 0xEC ), - BYTES_TO_T_UINT_8( 0x11, 0x9D, 0x69, 0xDC, 0xB3, 0xDA, 0xD8, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0xAD, 0xA0, 0xF9, 0x81, 0xE1, 0x78, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x9A, 0x63, 0xD8, 0xBA, 0x79, 0x1A, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x31, 0x7B, 0x7A, 0x5A, 0x5D, 0x7D, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x96, 0x12, 0x4B, 0x19, 0x09, 0xE0, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x8A, 0x57, 0xEE, 0x4E, 0x6E, 0x7E, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x9D, 0x69, 0xDC, 0xB3, 0xDA, 0xD8, 0x08 ), }; static const mbedtls_mpi_uint secp384r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x68, 0x49, 0x03, 0x03, 0x33, 0x6F, 0x28, 0x4A ), - BYTES_TO_T_UINT_8( 0x5D, 0xDB, 0xA7, 0x05, 0x8C, 0xF3, 0x4D, 0xFB ), - BYTES_TO_T_UINT_8( 0x8E, 0x92, 0xB1, 0xA8, 0xEC, 0x0D, 0x64, 0x3B ), - BYTES_TO_T_UINT_8( 0x4E, 0xFC, 0xFD, 0xD0, 0x4B, 0x88, 0x1B, 0x5D ), - BYTES_TO_T_UINT_8( 0x83, 0x9C, 0x51, 0x69, 0xCE, 0x71, 0x73, 0xF5 ), - BYTES_TO_T_UINT_8( 0xB8, 0x5A, 0x14, 0x23, 0x1A, 0x46, 0x63, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x49, 0x03, 0x03, 0x33, 0x6F, 0x28, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xDB, 0xA7, 0x05, 0x8C, 0xF3, 0x4D, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x92, 0xB1, 0xA8, 0xEC, 0x0D, 0x64, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0xFC, 0xFD, 0xD0, 0x4B, 0x88, 0x1B, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x9C, 0x51, 0x69, 0xCE, 0x71, 0x73, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x5A, 0x14, 0x23, 0x1A, 0x46, 0x63, 0x5F ), }; static const mbedtls_mpi_uint secp384r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xBC, 0x4C, 0x70, 0x44, 0x18, 0xCD, 0xEF, 0xED ), - BYTES_TO_T_UINT_8( 0xC2, 0x49, 0xDD, 0x64, 0x7E, 0x7E, 0x4D, 0x92 ), - BYTES_TO_T_UINT_8( 0xA2, 0x32, 0x7C, 0x09, 0xD0, 0x3F, 0xD6, 0x2C ), - BYTES_TO_T_UINT_8( 0x6D, 0xE0, 0x4F, 0x65, 0x0C, 0x7A, 0x54, 0x3E ), - BYTES_TO_T_UINT_8( 0x16, 0xFA, 0xFB, 0x4A, 0xB4, 0x79, 0x5A, 0x8C ), - BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x1B, 0x2B, 0xDA, 0xBC, 0x9A, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x4C, 0x70, 0x44, 0x18, 0xCD, 0xEF, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x49, 0xDD, 0x64, 0x7E, 0x7E, 0x4D, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA2, 0x32, 0x7C, 0x09, 0xD0, 0x3F, 0xD6, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE0, 0x4F, 0x65, 0x0C, 0x7A, 0x54, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xFA, 0xFB, 0x4A, 0xB4, 0x79, 0x5A, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x1B, 0x2B, 0xDA, 0xBC, 0x9A, 0x74 ), }; static const mbedtls_mpi_uint secp384r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0x51, 0xAC, 0x56, 0xF7, 0x5F, 0x51, 0x68, 0x0B ), - BYTES_TO_T_UINT_8( 0xC6, 0xE0, 0x1D, 0xBC, 0x13, 0x4E, 0xAC, 0x03 ), - BYTES_TO_T_UINT_8( 0xB7, 0xF5, 0xC5, 0xE6, 0xD2, 0x88, 0xBA, 0xCB ), - BYTES_TO_T_UINT_8( 0xFA, 0x0E, 0x28, 0x23, 0x58, 0x67, 0xFA, 0xEE ), - BYTES_TO_T_UINT_8( 0x9E, 0x80, 0x4B, 0xD8, 0xC4, 0xDF, 0x15, 0xE4 ), - BYTES_TO_T_UINT_8( 0xF1, 0x0E, 0x58, 0xE6, 0x2C, 0x59, 0xC2, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xAC, 0x56, 0xF7, 0x5F, 0x51, 0x68, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0xE0, 0x1D, 0xBC, 0x13, 0x4E, 0xAC, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xF5, 0xC5, 0xE6, 0xD2, 0x88, 0xBA, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x0E, 0x28, 0x23, 0x58, 0x67, 0xFA, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x80, 0x4B, 0xD8, 0xC4, 0xDF, 0x15, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x0E, 0x58, 0xE6, 0x2C, 0x59, 0xC2, 0x03 ), }; static const mbedtls_mpi_uint secp384r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x9B, 0x26, 0x27, 0x99, 0x16, 0x2B, 0x22, 0x0B ), - BYTES_TO_T_UINT_8( 0xBA, 0xF3, 0x8F, 0xC3, 0x2A, 0x9B, 0xFC, 0x38 ), - BYTES_TO_T_UINT_8( 0xFC, 0x2E, 0x83, 0x3D, 0xFE, 0x9E, 0x3C, 0x1B ), - BYTES_TO_T_UINT_8( 0x08, 0x57, 0xCD, 0x2D, 0xC1, 0x49, 0x38, 0xB5 ), - BYTES_TO_T_UINT_8( 0x95, 0x42, 0x8B, 0x33, 0x89, 0x1F, 0xEA, 0x01 ), - BYTES_TO_T_UINT_8( 0xAA, 0x1D, 0x13, 0xD7, 0x50, 0xBB, 0x3E, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x26, 0x27, 0x99, 0x16, 0x2B, 0x22, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xF3, 0x8F, 0xC3, 0x2A, 0x9B, 0xFC, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x2E, 0x83, 0x3D, 0xFE, 0x9E, 0x3C, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x57, 0xCD, 0x2D, 0xC1, 0x49, 0x38, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x42, 0x8B, 0x33, 0x89, 0x1F, 0xEA, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x1D, 0x13, 0xD7, 0x50, 0xBB, 0x3E, 0xEB ), }; static const mbedtls_mpi_uint secp384r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0xD2, 0x9A, 0x52, 0xD2, 0x54, 0x7C, 0x97, 0xF2 ), - BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x6E, 0xED, 0xD9, 0x87, 0x50, 0xC5 ), - BYTES_TO_T_UINT_8( 0x5A, 0x35, 0x7E, 0x16, 0x40, 0x15, 0x83, 0xB8 ), - BYTES_TO_T_UINT_8( 0x33, 0x2B, 0xA4, 0xAB, 0x03, 0x91, 0xEA, 0xFE ), - BYTES_TO_T_UINT_8( 0xC1, 0x47, 0x39, 0xEF, 0x05, 0x59, 0xD0, 0x90 ), - BYTES_TO_T_UINT_8( 0xBF, 0x24, 0x0D, 0x76, 0x11, 0x53, 0x08, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x9A, 0x52, 0xD2, 0x54, 0x7C, 0x97, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x33, 0x6E, 0xED, 0xD9, 0x87, 0x50, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x35, 0x7E, 0x16, 0x40, 0x15, 0x83, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x2B, 0xA4, 0xAB, 0x03, 0x91, 0xEA, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x47, 0x39, 0xEF, 0x05, 0x59, 0xD0, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x24, 0x0D, 0x76, 0x11, 0x53, 0x08, 0xAF ), }; static const mbedtls_mpi_uint secp384r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x1F, 0x2F, 0xDD, 0xBD, 0x50, 0x48, 0xB1, 0xE5 ), - BYTES_TO_T_UINT_8( 0x80, 0x1C, 0x84, 0x55, 0x78, 0x14, 0xEB, 0xF6 ), - BYTES_TO_T_UINT_8( 0xD9, 0x5E, 0x3E, 0xA6, 0xAF, 0xF6, 0xC7, 0x04 ), - BYTES_TO_T_UINT_8( 0xE7, 0x11, 0xE2, 0x65, 0xCA, 0x41, 0x95, 0x3B ), - BYTES_TO_T_UINT_8( 0xAE, 0x83, 0xD8, 0xE6, 0x4D, 0x22, 0x06, 0x2D ), - BYTES_TO_T_UINT_8( 0xFA, 0x7F, 0x25, 0x2A, 0xAA, 0x28, 0x46, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x2F, 0xDD, 0xBD, 0x50, 0x48, 0xB1, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x1C, 0x84, 0x55, 0x78, 0x14, 0xEB, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x5E, 0x3E, 0xA6, 0xAF, 0xF6, 0xC7, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x11, 0xE2, 0x65, 0xCA, 0x41, 0x95, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x83, 0xD8, 0xE6, 0x4D, 0x22, 0x06, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x7F, 0x25, 0x2A, 0xAA, 0x28, 0x46, 0x97 ), }; static const mbedtls_mpi_uint secp384r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x79, 0xDB, 0x15, 0x56, 0x84, 0xCB, 0xC0, 0x56 ), - BYTES_TO_T_UINT_8( 0x56, 0xDB, 0x0E, 0x08, 0xC9, 0xF5, 0xD4, 0x9E ), - BYTES_TO_T_UINT_8( 0xE6, 0x62, 0xD0, 0x1A, 0x7C, 0x13, 0xD5, 0x07 ), - BYTES_TO_T_UINT_8( 0x7D, 0xAD, 0x53, 0xE0, 0x32, 0x21, 0xA0, 0xC0 ), - BYTES_TO_T_UINT_8( 0xC5, 0x38, 0x81, 0x21, 0x23, 0x0E, 0xD2, 0xBB ), - BYTES_TO_T_UINT_8( 0x1C, 0x51, 0x05, 0xD0, 0x1E, 0x82, 0xA9, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0xDB, 0x15, 0x56, 0x84, 0xCB, 0xC0, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0xDB, 0x0E, 0x08, 0xC9, 0xF5, 0xD4, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x62, 0xD0, 0x1A, 0x7C, 0x13, 0xD5, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0xAD, 0x53, 0xE0, 0x32, 0x21, 0xA0, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x38, 0x81, 0x21, 0x23, 0x0E, 0xD2, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x51, 0x05, 0xD0, 0x1E, 0x82, 0xA9, 0x71 ), }; static const mbedtls_mpi_uint secp384r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xA7, 0xC3, 0x27, 0xBF, 0xC6, 0xAA, 0xB7, 0xB9 ), - BYTES_TO_T_UINT_8( 0xCB, 0x65, 0x45, 0xDF, 0xB9, 0x46, 0x17, 0x46 ), - BYTES_TO_T_UINT_8( 0xF5, 0x38, 0x3F, 0xB2, 0xB1, 0x5D, 0xCA, 0x1C ), - BYTES_TO_T_UINT_8( 0x88, 0x29, 0x6C, 0x63, 0xE9, 0xD7, 0x48, 0xB8 ), - BYTES_TO_T_UINT_8( 0xBC, 0xF1, 0xD7, 0x99, 0x8C, 0xC2, 0x05, 0x99 ), - BYTES_TO_T_UINT_8( 0x6D, 0xE6, 0x5E, 0x82, 0x6D, 0xE5, 0x7E, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0xC3, 0x27, 0xBF, 0xC6, 0xAA, 0xB7, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x65, 0x45, 0xDF, 0xB9, 0x46, 0x17, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x38, 0x3F, 0xB2, 0xB1, 0x5D, 0xCA, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x29, 0x6C, 0x63, 0xE9, 0xD7, 0x48, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xF1, 0xD7, 0x99, 0x8C, 0xC2, 0x05, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE6, 0x5E, 0x82, 0x6D, 0xE5, 0x7E, 0xD5 ), }; static const mbedtls_mpi_uint secp384r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x7B, 0x61, 0xFA, 0x7D, 0x01, 0xDB, 0xB6, 0x63 ), - BYTES_TO_T_UINT_8( 0x11, 0xC6, 0x58, 0x39, 0xF4, 0xC6, 0x82, 0x23 ), - BYTES_TO_T_UINT_8( 0x47, 0x5A, 0x7A, 0x80, 0x08, 0xCD, 0xAA, 0xD8 ), - BYTES_TO_T_UINT_8( 0xDA, 0x8C, 0xC6, 0x3F, 0x3C, 0xA5, 0x68, 0xF4 ), - BYTES_TO_T_UINT_8( 0xBB, 0xF5, 0xD5, 0x17, 0xAE, 0x36, 0xD8, 0x8A ), - BYTES_TO_T_UINT_8( 0xC7, 0xAD, 0x92, 0xC5, 0x57, 0x6C, 0xDA, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x61, 0xFA, 0x7D, 0x01, 0xDB, 0xB6, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xC6, 0x58, 0x39, 0xF4, 0xC6, 0x82, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x5A, 0x7A, 0x80, 0x08, 0xCD, 0xAA, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x8C, 0xC6, 0x3F, 0x3C, 0xA5, 0x68, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0xF5, 0xD5, 0x17, 0xAE, 0x36, 0xD8, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0xAD, 0x92, 0xC5, 0x57, 0x6C, 0xDA, 0x91 ), }; static const mbedtls_mpi_uint secp384r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0xE8, 0x67, 0x17, 0xC0, 0x40, 0x78, 0x8C, 0x84 ), - BYTES_TO_T_UINT_8( 0x7E, 0x9F, 0xF4, 0xAA, 0xDA, 0x5C, 0x7E, 0xB2 ), - BYTES_TO_T_UINT_8( 0x96, 0xDB, 0x42, 0x3E, 0x72, 0x64, 0xA0, 0x67 ), - BYTES_TO_T_UINT_8( 0x27, 0xF9, 0x41, 0x17, 0x43, 0xE3, 0xE8, 0xA8 ), - BYTES_TO_T_UINT_8( 0x66, 0xDD, 0xCC, 0x43, 0x7E, 0x16, 0x05, 0x03 ), - BYTES_TO_T_UINT_8( 0x36, 0x4B, 0xCF, 0x48, 0x8F, 0x41, 0x90, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x67, 0x17, 0xC0, 0x40, 0x78, 0x8C, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x9F, 0xF4, 0xAA, 0xDA, 0x5C, 0x7E, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xDB, 0x42, 0x3E, 0x72, 0x64, 0xA0, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0xF9, 0x41, 0x17, 0x43, 0xE3, 0xE8, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xDD, 0xCC, 0x43, 0x7E, 0x16, 0x05, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0x4B, 0xCF, 0x48, 0x8F, 0x41, 0x90, 0xE5 ), }; static const mbedtls_mpi_uint secp384r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0x98, 0x0C, 0x6B, 0x9D, 0x22, 0x04, 0xBC, 0x5C ), - BYTES_TO_T_UINT_8( 0x86, 0x63, 0x79, 0x2F, 0x6A, 0x0E, 0x8A, 0xDE ), - BYTES_TO_T_UINT_8( 0x29, 0x67, 0x3F, 0x02, 0xB8, 0x91, 0x7F, 0x74 ), - BYTES_TO_T_UINT_8( 0xFC, 0x14, 0x64, 0xA0, 0x33, 0xF4, 0x6B, 0x50 ), - BYTES_TO_T_UINT_8( 0x1C, 0x44, 0x71, 0x87, 0xB8, 0x88, 0x3F, 0x45 ), - BYTES_TO_T_UINT_8( 0x1B, 0x2B, 0x85, 0x05, 0xC5, 0x44, 0x53, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x0C, 0x6B, 0x9D, 0x22, 0x04, 0xBC, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x63, 0x79, 0x2F, 0x6A, 0x0E, 0x8A, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x67, 0x3F, 0x02, 0xB8, 0x91, 0x7F, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x14, 0x64, 0xA0, 0x33, 0xF4, 0x6B, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x44, 0x71, 0x87, 0xB8, 0x88, 0x3F, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x2B, 0x85, 0x05, 0xC5, 0x44, 0x53, 0x15 ), }; static const mbedtls_mpi_uint secp384r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x3E, 0x2B, 0xFE, 0xD1, 0x1C, 0x73, 0xE3, 0x2E ), - BYTES_TO_T_UINT_8( 0x66, 0x33, 0xA1, 0xD3, 0x69, 0x1C, 0x9D, 0xD2 ), - BYTES_TO_T_UINT_8( 0xE0, 0x5A, 0xBA, 0xB6, 0xAE, 0x1B, 0x94, 0x04 ), - BYTES_TO_T_UINT_8( 0xAF, 0x74, 0x90, 0x5C, 0x57, 0xB0, 0x3A, 0x45 ), - BYTES_TO_T_UINT_8( 0xDD, 0x2F, 0x93, 0x20, 0x24, 0x54, 0x1D, 0x8D ), - BYTES_TO_T_UINT_8( 0xFA, 0x78, 0x9D, 0x71, 0x67, 0x5D, 0x49, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x2B, 0xFE, 0xD1, 0x1C, 0x73, 0xE3, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0x33, 0xA1, 0xD3, 0x69, 0x1C, 0x9D, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x5A, 0xBA, 0xB6, 0xAE, 0x1B, 0x94, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0x74, 0x90, 0x5C, 0x57, 0xB0, 0x3A, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x2F, 0x93, 0x20, 0x24, 0x54, 0x1D, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x78, 0x9D, 0x71, 0x67, 0x5D, 0x49, 0x98 ), }; static const mbedtls_mpi_uint secp384r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x12, 0xC8, 0x0E, 0x11, 0x8D, 0xE0, 0x8F, 0x69 ), - BYTES_TO_T_UINT_8( 0x59, 0x7F, 0x79, 0x6C, 0x5F, 0xB7, 0xBC, 0xB1 ), - BYTES_TO_T_UINT_8( 0x88, 0xE1, 0x83, 0x3C, 0x12, 0xBB, 0xEE, 0x96 ), - BYTES_TO_T_UINT_8( 0x2A, 0xC2, 0xC4, 0x1B, 0x41, 0x71, 0xB9, 0x17 ), - BYTES_TO_T_UINT_8( 0xB0, 0xEE, 0xBB, 0x1D, 0x89, 0x50, 0x88, 0xF2 ), - BYTES_TO_T_UINT_8( 0xFC, 0x1C, 0x55, 0x74, 0xEB, 0xDE, 0x92, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0xC8, 0x0E, 0x11, 0x8D, 0xE0, 0x8F, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x7F, 0x79, 0x6C, 0x5F, 0xB7, 0xBC, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0xE1, 0x83, 0x3C, 0x12, 0xBB, 0xEE, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xC2, 0xC4, 0x1B, 0x41, 0x71, 0xB9, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0xEE, 0xBB, 0x1D, 0x89, 0x50, 0x88, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x1C, 0x55, 0x74, 0xEB, 0xDE, 0x92, 0x3F ), }; static const mbedtls_mpi_uint secp384r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x9C, 0x38, 0x92, 0x06, 0x19, 0xD0, 0xB3, 0xB2 ), - BYTES_TO_T_UINT_8( 0x2A, 0x99, 0x26, 0xA3, 0x5F, 0xE2, 0xC1, 0x81 ), - BYTES_TO_T_UINT_8( 0x75, 0xFC, 0xFD, 0xC3, 0xB6, 0x26, 0x24, 0x8F ), - BYTES_TO_T_UINT_8( 0xAF, 0xAD, 0xE7, 0x49, 0xB7, 0x64, 0x4B, 0x96 ), - BYTES_TO_T_UINT_8( 0x6C, 0x4E, 0x95, 0xAD, 0x07, 0xFE, 0xB6, 0x30 ), - BYTES_TO_T_UINT_8( 0x4F, 0x15, 0xE7, 0x2D, 0x19, 0xA9, 0x08, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x38, 0x92, 0x06, 0x19, 0xD0, 0xB3, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x99, 0x26, 0xA3, 0x5F, 0xE2, 0xC1, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0xFC, 0xFD, 0xC3, 0xB6, 0x26, 0x24, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xAD, 0xE7, 0x49, 0xB7, 0x64, 0x4B, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x4E, 0x95, 0xAD, 0x07, 0xFE, 0xB6, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x15, 0xE7, 0x2D, 0x19, 0xA9, 0x08, 0x10 ), }; static const mbedtls_mpi_uint secp384r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0xBE, 0xBD, 0xAC, 0x0A, 0x3F, 0x6B, 0xFF, 0xFA ), - BYTES_TO_T_UINT_8( 0xE0, 0xE4, 0x74, 0x14, 0xD9, 0x70, 0x1D, 0x71 ), - BYTES_TO_T_UINT_8( 0xF2, 0xB0, 0x71, 0xBB, 0xD8, 0x18, 0x96, 0x2B ), - BYTES_TO_T_UINT_8( 0xDA, 0xB8, 0x19, 0x90, 0x80, 0xB5, 0xEE, 0x01 ), - BYTES_TO_T_UINT_8( 0x91, 0x21, 0x20, 0xA6, 0x17, 0x48, 0x03, 0x6F ), - BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0xBB, 0x6D, 0x94, 0x20, 0x34, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xBD, 0xAC, 0x0A, 0x3F, 0x6B, 0xFF, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0xE4, 0x74, 0x14, 0xD9, 0x70, 0x1D, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0xB0, 0x71, 0xBB, 0xD8, 0x18, 0x96, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0xB8, 0x19, 0x90, 0x80, 0xB5, 0xEE, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x21, 0x20, 0xA6, 0x17, 0x48, 0x03, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0xBB, 0x6D, 0x94, 0x20, 0x34, 0xF1 ), }; static const mbedtls_mpi_uint secp384r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x59, 0x82, 0x67, 0x4B, 0x8E, 0x4E, 0xBE, 0xE2 ), - BYTES_TO_T_UINT_8( 0xBE, 0xDA, 0x77, 0xF8, 0x23, 0x55, 0x2B, 0x2D ), - BYTES_TO_T_UINT_8( 0x5C, 0x02, 0xDE, 0x25, 0x35, 0x2D, 0x74, 0x51 ), - BYTES_TO_T_UINT_8( 0xD0, 0x0C, 0xB8, 0x0B, 0x39, 0xBA, 0xAD, 0x04 ), - BYTES_TO_T_UINT_8( 0xA6, 0x0E, 0x28, 0x4D, 0xE1, 0x3D, 0xE4, 0x1B ), - BYTES_TO_T_UINT_8( 0x5D, 0xEC, 0x0A, 0xD4, 0xB8, 0xC4, 0x8D, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x82, 0x67, 0x4B, 0x8E, 0x4E, 0xBE, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xDA, 0x77, 0xF8, 0x23, 0x55, 0x2B, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x02, 0xDE, 0x25, 0x35, 0x2D, 0x74, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x0C, 0xB8, 0x0B, 0x39, 0xBA, 0xAD, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0x0E, 0x28, 0x4D, 0xE1, 0x3D, 0xE4, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xEC, 0x0A, 0xD4, 0xB8, 0xC4, 0x8D, 0xB0 ), }; static const mbedtls_mpi_uint secp384r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x3E, 0x68, 0xCE, 0xC2, 0x55, 0x4D, 0x0C, 0x6D ), - BYTES_TO_T_UINT_8( 0x9B, 0x20, 0x93, 0x32, 0x90, 0xD6, 0xAE, 0x47 ), - BYTES_TO_T_UINT_8( 0xDD, 0x78, 0xAB, 0x43, 0x9E, 0xEB, 0x73, 0xAE ), - BYTES_TO_T_UINT_8( 0xED, 0x97, 0xC3, 0x83, 0xA6, 0x3C, 0xF1, 0xBF ), - BYTES_TO_T_UINT_8( 0x0F, 0x25, 0x25, 0x66, 0x08, 0x26, 0xFA, 0x4B ), - BYTES_TO_T_UINT_8( 0x41, 0xFB, 0x44, 0x5D, 0x82, 0xEC, 0x3B, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x68, 0xCE, 0xC2, 0x55, 0x4D, 0x0C, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x20, 0x93, 0x32, 0x90, 0xD6, 0xAE, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x78, 0xAB, 0x43, 0x9E, 0xEB, 0x73, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x97, 0xC3, 0x83, 0xA6, 0x3C, 0xF1, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0x25, 0x25, 0x66, 0x08, 0x26, 0xFA, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xFB, 0x44, 0x5D, 0x82, 0xEC, 0x3B, 0xAC ), }; static const mbedtls_mpi_uint secp384r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x58, 0x90, 0xEA, 0xB5, 0x04, 0x99, 0xD0, 0x69 ), - BYTES_TO_T_UINT_8( 0x4A, 0xF2, 0x22, 0xA0, 0xEB, 0xFD, 0x45, 0x87 ), - BYTES_TO_T_UINT_8( 0x5D, 0xA4, 0x81, 0x32, 0xFC, 0xFA, 0xEE, 0x5B ), - BYTES_TO_T_UINT_8( 0x27, 0xBB, 0xA4, 0x6A, 0x77, 0x41, 0x5C, 0x1D ), - BYTES_TO_T_UINT_8( 0xA1, 0x1E, 0xAA, 0x4F, 0xF0, 0x10, 0xB3, 0x50 ), - BYTES_TO_T_UINT_8( 0x09, 0x74, 0x13, 0x14, 0x9E, 0x90, 0xD7, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x90, 0xEA, 0xB5, 0x04, 0x99, 0xD0, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0xF2, 0x22, 0xA0, 0xEB, 0xFD, 0x45, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xA4, 0x81, 0x32, 0xFC, 0xFA, 0xEE, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0xBB, 0xA4, 0x6A, 0x77, 0x41, 0x5C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x1E, 0xAA, 0x4F, 0xF0, 0x10, 0xB3, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x74, 0x13, 0x14, 0x9E, 0x90, 0xD7, 0xE6 ), }; static const mbedtls_mpi_uint secp384r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xDB, 0xBD, 0x70, 0x4F, 0xA8, 0xD1, 0x06, 0x2C ), - BYTES_TO_T_UINT_8( 0x19, 0x4E, 0x2E, 0x68, 0xFC, 0x35, 0xFA, 0x50 ), - BYTES_TO_T_UINT_8( 0x60, 0x53, 0x75, 0xED, 0xF2, 0x5F, 0xC2, 0xEB ), - BYTES_TO_T_UINT_8( 0x39, 0x87, 0x6B, 0x9F, 0x05, 0xE2, 0x22, 0x93 ), - BYTES_TO_T_UINT_8( 0x4F, 0x1A, 0xA8, 0xB7, 0x03, 0x9E, 0x6D, 0x7C ), - BYTES_TO_T_UINT_8( 0xCB, 0xD0, 0x69, 0x88, 0xA8, 0x39, 0x9E, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0xBD, 0x70, 0x4F, 0xA8, 0xD1, 0x06, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x4E, 0x2E, 0x68, 0xFC, 0x35, 0xFA, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x60, 0x53, 0x75, 0xED, 0xF2, 0x5F, 0xC2, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0x87, 0x6B, 0x9F, 0x05, 0xE2, 0x22, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x1A, 0xA8, 0xB7, 0x03, 0x9E, 0x6D, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0xD0, 0x69, 0x88, 0xA8, 0x39, 0x9E, 0x3A ), }; static const mbedtls_mpi_uint secp384r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xF8, 0xEF, 0x68, 0xFE, 0xEC, 0x24, 0x08, 0x15 ), - BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x4B, 0x92, 0x0D, 0xB7, 0x34, 0x74 ), - BYTES_TO_T_UINT_8( 0x3E, 0xF4, 0xDD, 0x1A, 0xA0, 0x4A, 0xE4, 0x45 ), - BYTES_TO_T_UINT_8( 0xC3, 0x63, 0x4F, 0x4F, 0xCE, 0xBB, 0xD6, 0xD3 ), - BYTES_TO_T_UINT_8( 0xCD, 0xEE, 0x8D, 0xDF, 0x3F, 0x73, 0xB7, 0xAC ), - BYTES_TO_T_UINT_8( 0xDF, 0x06, 0xB6, 0x80, 0x4D, 0x81, 0xD9, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0xEF, 0x68, 0xFE, 0xEC, 0x24, 0x08, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x4B, 0x92, 0x0D, 0xB7, 0x34, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xF4, 0xDD, 0x1A, 0xA0, 0x4A, 0xE4, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x63, 0x4F, 0x4F, 0xCE, 0xBB, 0xD6, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xEE, 0x8D, 0xDF, 0x3F, 0x73, 0xB7, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x06, 0xB6, 0x80, 0x4D, 0x81, 0xD9, 0x53 ), }; static const mbedtls_mpi_uint secp384r1_T_16_X[] = { - BYTES_TO_T_UINT_8( 0x15, 0xF5, 0x13, 0xDF, 0x13, 0x19, 0x97, 0x94 ), - BYTES_TO_T_UINT_8( 0x08, 0xF9, 0xB3, 0x33, 0x66, 0x82, 0x21, 0xFE ), - BYTES_TO_T_UINT_8( 0xF5, 0xFC, 0x39, 0x16, 0x23, 0x43, 0x76, 0x0E ), - BYTES_TO_T_UINT_8( 0x09, 0x48, 0x25, 0xA1, 0x64, 0x95, 0x1C, 0x2F ), - BYTES_TO_T_UINT_8( 0x43, 0xAC, 0x15, 0x57, 0xD9, 0xDE, 0xA0, 0x28 ), - BYTES_TO_T_UINT_8( 0x16, 0x5F, 0xB8, 0x3D, 0x48, 0x91, 0x24, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0xF5, 0x13, 0xDF, 0x13, 0x19, 0x97, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xF9, 0xB3, 0x33, 0x66, 0x82, 0x21, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xFC, 0x39, 0x16, 0x23, 0x43, 0x76, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x48, 0x25, 0xA1, 0x64, 0x95, 0x1C, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0xAC, 0x15, 0x57, 0xD9, 0xDE, 0xA0, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x5F, 0xB8, 0x3D, 0x48, 0x91, 0x24, 0xCC ), }; static const mbedtls_mpi_uint secp384r1_T_16_Y[] = { - BYTES_TO_T_UINT_8( 0x2D, 0xF2, 0xC8, 0x54, 0xD1, 0x32, 0xBD, 0xC4 ), - BYTES_TO_T_UINT_8( 0x8A, 0x3B, 0xF0, 0xAA, 0x9D, 0xD8, 0xF4, 0x20 ), - BYTES_TO_T_UINT_8( 0x4F, 0xC3, 0xBB, 0x6C, 0x66, 0xAC, 0x25, 0x2D ), - BYTES_TO_T_UINT_8( 0x6F, 0x25, 0x10, 0xB2, 0xE1, 0x41, 0xDE, 0x1D ), - BYTES_TO_T_UINT_8( 0x3C, 0xE8, 0x30, 0xB8, 0x37, 0xBC, 0x2A, 0x98 ), - BYTES_TO_T_UINT_8( 0xBA, 0x57, 0x01, 0x4A, 0x1E, 0x78, 0x9F, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0xF2, 0xC8, 0x54, 0xD1, 0x32, 0xBD, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x3B, 0xF0, 0xAA, 0x9D, 0xD8, 0xF4, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0xC3, 0xBB, 0x6C, 0x66, 0xAC, 0x25, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x25, 0x10, 0xB2, 0xE1, 0x41, 0xDE, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0xE8, 0x30, 0xB8, 0x37, 0xBC, 0x2A, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x57, 0x01, 0x4A, 0x1E, 0x78, 0x9F, 0x85 ), }; static const mbedtls_mpi_uint secp384r1_T_17_X[] = { - BYTES_TO_T_UINT_8( 0xBD, 0x19, 0xCD, 0x12, 0x0B, 0x51, 0x4F, 0x56 ), - BYTES_TO_T_UINT_8( 0x30, 0x4B, 0x3D, 0x24, 0xA4, 0x16, 0x59, 0x05 ), - BYTES_TO_T_UINT_8( 0xAC, 0xEB, 0xD3, 0x59, 0x2E, 0x75, 0x7C, 0x01 ), - BYTES_TO_T_UINT_8( 0x8C, 0xB9, 0xB4, 0xA5, 0xD9, 0x2E, 0x29, 0x4C ), - BYTES_TO_T_UINT_8( 0x86, 0x16, 0x05, 0x75, 0x02, 0xB3, 0x06, 0xEE ), - BYTES_TO_T_UINT_8( 0xAB, 0x7C, 0x9F, 0x79, 0x91, 0xF1, 0x4F, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0x19, 0xCD, 0x12, 0x0B, 0x51, 0x4F, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x4B, 0x3D, 0x24, 0xA4, 0x16, 0x59, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xEB, 0xD3, 0x59, 0x2E, 0x75, 0x7C, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0xB9, 0xB4, 0xA5, 0xD9, 0x2E, 0x29, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x16, 0x05, 0x75, 0x02, 0xB3, 0x06, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x7C, 0x9F, 0x79, 0x91, 0xF1, 0x4F, 0x23 ), }; static const mbedtls_mpi_uint secp384r1_T_17_Y[] = { - BYTES_TO_T_UINT_8( 0x65, 0x98, 0x7C, 0x84, 0xE1, 0xFF, 0x30, 0x77 ), - BYTES_TO_T_UINT_8( 0x71, 0xE2, 0xC2, 0x5F, 0x55, 0x40, 0xBD, 0xCD ), - BYTES_TO_T_UINT_8( 0x69, 0x65, 0x87, 0x3F, 0xC4, 0xC2, 0x24, 0x57 ), - BYTES_TO_T_UINT_8( 0x0E, 0x30, 0x0A, 0x60, 0x15, 0xD1, 0x24, 0x48 ), - BYTES_TO_T_UINT_8( 0x57, 0x99, 0xD9, 0xB6, 0xAE, 0xB1, 0xAF, 0x1D ), - BYTES_TO_T_UINT_8( 0x9B, 0x80, 0xEE, 0xA2, 0x0F, 0x74, 0xB9, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x98, 0x7C, 0x84, 0xE1, 0xFF, 0x30, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0xE2, 0xC2, 0x5F, 0x55, 0x40, 0xBD, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x65, 0x87, 0x3F, 0xC4, 0xC2, 0x24, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0x30, 0x0A, 0x60, 0x15, 0xD1, 0x24, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x99, 0xD9, 0xB6, 0xAE, 0xB1, 0xAF, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x80, 0xEE, 0xA2, 0x0F, 0x74, 0xB9, 0xF3 ), }; static const mbedtls_mpi_uint secp384r1_T_18_X[] = { - BYTES_TO_T_UINT_8( 0x03, 0xE6, 0x0F, 0x37, 0xC1, 0x10, 0x99, 0x1E ), - BYTES_TO_T_UINT_8( 0x61, 0xAD, 0x9D, 0x5D, 0x80, 0x01, 0xA6, 0xFE ), - BYTES_TO_T_UINT_8( 0xB0, 0x0F, 0x10, 0x2A, 0x9D, 0x20, 0x38, 0xEB ), - BYTES_TO_T_UINT_8( 0x6C, 0x60, 0xCB, 0xCE, 0x5A, 0xA0, 0xA7, 0x32 ), - BYTES_TO_T_UINT_8( 0xBA, 0xCF, 0x14, 0xDF, 0xBF, 0xE5, 0x74, 0x2D ), - BYTES_TO_T_UINT_8( 0xB5, 0x12, 0x1A, 0xDD, 0x59, 0x02, 0x5D, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0xE6, 0x0F, 0x37, 0xC1, 0x10, 0x99, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0xAD, 0x9D, 0x5D, 0x80, 0x01, 0xA6, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x0F, 0x10, 0x2A, 0x9D, 0x20, 0x38, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x60, 0xCB, 0xCE, 0x5A, 0xA0, 0xA7, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xCF, 0x14, 0xDF, 0xBF, 0xE5, 0x74, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x12, 0x1A, 0xDD, 0x59, 0x02, 0x5D, 0xC6 ), }; static const mbedtls_mpi_uint secp384r1_T_18_Y[] = { - BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0xF8, 0xF5, 0xB6, 0x13, 0x4D, 0x7B ), - BYTES_TO_T_UINT_8( 0xED, 0x45, 0xB1, 0x93, 0xB3, 0xA2, 0x79, 0xDC ), - BYTES_TO_T_UINT_8( 0x74, 0xF6, 0xCF, 0xF7, 0xE6, 0x29, 0x9C, 0xCC ), - BYTES_TO_T_UINT_8( 0x87, 0x50, 0x65, 0x80, 0xBC, 0x59, 0x0A, 0x59 ), - BYTES_TO_T_UINT_8( 0x0E, 0xF0, 0x24, 0x35, 0xA2, 0x46, 0xF0, 0x0C ), - BYTES_TO_T_UINT_8( 0xBD, 0x26, 0xC0, 0x9D, 0x61, 0x56, 0x62, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0xF8, 0xF5, 0xB6, 0x13, 0x4D, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x45, 0xB1, 0x93, 0xB3, 0xA2, 0x79, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xF6, 0xCF, 0xF7, 0xE6, 0x29, 0x9C, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x50, 0x65, 0x80, 0xBC, 0x59, 0x0A, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xF0, 0x24, 0x35, 0xA2, 0x46, 0xF0, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0x26, 0xC0, 0x9D, 0x61, 0x56, 0x62, 0x67 ), }; static const mbedtls_mpi_uint secp384r1_T_19_X[] = { - BYTES_TO_T_UINT_8( 0x10, 0xBB, 0xC2, 0x24, 0x43, 0x2E, 0x37, 0x54 ), - BYTES_TO_T_UINT_8( 0x8A, 0xF7, 0xCE, 0x35, 0xFC, 0x77, 0xF3, 0x3F ), - BYTES_TO_T_UINT_8( 0x75, 0x34, 0x96, 0xD5, 0x4A, 0x76, 0x9D, 0x6B ), - BYTES_TO_T_UINT_8( 0xB8, 0x3B, 0x0F, 0xEA, 0xA8, 0x12, 0x0B, 0x22 ), - BYTES_TO_T_UINT_8( 0x66, 0x3F, 0x5D, 0x2D, 0x1C, 0xD4, 0x9E, 0xFB ), - BYTES_TO_T_UINT_8( 0x7D, 0x2E, 0xDD, 0xC7, 0x6E, 0xAB, 0xAF, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xBB, 0xC2, 0x24, 0x43, 0x2E, 0x37, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0xF7, 0xCE, 0x35, 0xFC, 0x77, 0xF3, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x34, 0x96, 0xD5, 0x4A, 0x76, 0x9D, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x3B, 0x0F, 0xEA, 0xA8, 0x12, 0x0B, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0x3F, 0x5D, 0x2D, 0x1C, 0xD4, 0x9E, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x2E, 0xDD, 0xC7, 0x6E, 0xAB, 0xAF, 0xDC ), }; static const mbedtls_mpi_uint secp384r1_T_19_Y[] = { - BYTES_TO_T_UINT_8( 0x8C, 0xB2, 0x7B, 0x0C, 0x9A, 0x83, 0x8E, 0x59 ), - BYTES_TO_T_UINT_8( 0x30, 0x51, 0x90, 0x92, 0x79, 0x32, 0x19, 0xC3 ), - BYTES_TO_T_UINT_8( 0xEE, 0x89, 0xF9, 0xD0, 0xCF, 0x2C, 0xA5, 0x8F ), - BYTES_TO_T_UINT_8( 0x7B, 0x50, 0x21, 0xDE, 0x50, 0x41, 0x9D, 0x81 ), - BYTES_TO_T_UINT_8( 0xE0, 0x7D, 0x2B, 0x9E, 0x9D, 0x95, 0xA8, 0xE3 ), - BYTES_TO_T_UINT_8( 0xD8, 0xA5, 0x20, 0x87, 0x88, 0x97, 0x5F, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0xB2, 0x7B, 0x0C, 0x9A, 0x83, 0x8E, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x51, 0x90, 0x92, 0x79, 0x32, 0x19, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x89, 0xF9, 0xD0, 0xCF, 0x2C, 0xA5, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x50, 0x21, 0xDE, 0x50, 0x41, 0x9D, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x7D, 0x2B, 0x9E, 0x9D, 0x95, 0xA8, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xA5, 0x20, 0x87, 0x88, 0x97, 0x5F, 0xAA ), }; static const mbedtls_mpi_uint secp384r1_T_20_X[] = { - BYTES_TO_T_UINT_8( 0x64, 0x59, 0xB4, 0x66, 0x7E, 0xE8, 0x5A, 0x60 ), - BYTES_TO_T_UINT_8( 0xA5, 0x5C, 0x7E, 0xB2, 0xAD, 0xD9, 0xC9, 0xDA ), - BYTES_TO_T_UINT_8( 0x82, 0x97, 0x49, 0xA3, 0x13, 0x83, 0x07, 0x2E ), - BYTES_TO_T_UINT_8( 0x5A, 0x26, 0xC7, 0x13, 0x35, 0x0D, 0xB0, 0x6B ), - BYTES_TO_T_UINT_8( 0x1E, 0x60, 0xAB, 0xFA, 0x4B, 0x93, 0x18, 0x2C ), - BYTES_TO_T_UINT_8( 0x54, 0x2D, 0x1C, 0x31, 0x4C, 0xE4, 0x61, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x59, 0xB4, 0x66, 0x7E, 0xE8, 0x5A, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x5C, 0x7E, 0xB2, 0xAD, 0xD9, 0xC9, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x97, 0x49, 0xA3, 0x13, 0x83, 0x07, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x26, 0xC7, 0x13, 0x35, 0x0D, 0xB0, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x60, 0xAB, 0xFA, 0x4B, 0x93, 0x18, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x2D, 0x1C, 0x31, 0x4C, 0xE4, 0x61, 0xAE ), }; static const mbedtls_mpi_uint secp384r1_T_20_Y[] = { - BYTES_TO_T_UINT_8( 0xDE, 0x4D, 0x1E, 0x51, 0x59, 0x6E, 0x91, 0xC5 ), - BYTES_TO_T_UINT_8( 0x38, 0x54, 0x4D, 0x51, 0xED, 0x36, 0xCC, 0x60 ), - BYTES_TO_T_UINT_8( 0x18, 0xA8, 0x56, 0xC7, 0x78, 0x27, 0x33, 0xC5 ), - BYTES_TO_T_UINT_8( 0x42, 0xB7, 0x95, 0xC9, 0x8B, 0xC8, 0x6A, 0xBC ), - BYTES_TO_T_UINT_8( 0x5E, 0xE9, 0x13, 0x96, 0xB3, 0xE1, 0xF9, 0xEE ), - BYTES_TO_T_UINT_8( 0xF5, 0x46, 0xB0, 0x5E, 0xC3, 0x94, 0x03, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0x4D, 0x1E, 0x51, 0x59, 0x6E, 0x91, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x54, 0x4D, 0x51, 0xED, 0x36, 0xCC, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0xA8, 0x56, 0xC7, 0x78, 0x27, 0x33, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB7, 0x95, 0xC9, 0x8B, 0xC8, 0x6A, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0xE9, 0x13, 0x96, 0xB3, 0xE1, 0xF9, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x46, 0xB0, 0x5E, 0xC3, 0x94, 0x03, 0x05 ), }; static const mbedtls_mpi_uint secp384r1_T_21_X[] = { - BYTES_TO_T_UINT_8( 0x6D, 0x5B, 0x29, 0x30, 0x41, 0x1A, 0x9E, 0xB6 ), - BYTES_TO_T_UINT_8( 0x76, 0xCA, 0x83, 0x31, 0x5B, 0xA7, 0xCB, 0x42 ), - BYTES_TO_T_UINT_8( 0x21, 0x41, 0x50, 0x44, 0x4D, 0x64, 0x31, 0x89 ), - BYTES_TO_T_UINT_8( 0xCF, 0x84, 0xC2, 0x5D, 0x97, 0xA5, 0x3C, 0x18 ), - BYTES_TO_T_UINT_8( 0xF0, 0x0F, 0xA5, 0xFD, 0x8E, 0x5A, 0x47, 0x2C ), - BYTES_TO_T_UINT_8( 0x7C, 0x58, 0x02, 0x2D, 0x40, 0xB1, 0x0B, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x5B, 0x29, 0x30, 0x41, 0x1A, 0x9E, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0xCA, 0x83, 0x31, 0x5B, 0xA7, 0xCB, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x41, 0x50, 0x44, 0x4D, 0x64, 0x31, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0x84, 0xC2, 0x5D, 0x97, 0xA5, 0x3C, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x0F, 0xA5, 0xFD, 0x8E, 0x5A, 0x47, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x58, 0x02, 0x2D, 0x40, 0xB1, 0x0B, 0xBA ), }; static const mbedtls_mpi_uint secp384r1_T_21_Y[] = { - BYTES_TO_T_UINT_8( 0xDA, 0x33, 0x8C, 0x67, 0xCE, 0x23, 0x43, 0x99 ), - BYTES_TO_T_UINT_8( 0x84, 0x53, 0x47, 0x72, 0x44, 0x1F, 0x5B, 0x2A ), - BYTES_TO_T_UINT_8( 0xAE, 0xC1, 0xD9, 0xA4, 0x50, 0x88, 0x63, 0x18 ), - BYTES_TO_T_UINT_8( 0x7C, 0xF2, 0x75, 0x69, 0x73, 0x00, 0xC4, 0x31 ), - BYTES_TO_T_UINT_8( 0x4B, 0x90, 0x1D, 0xDF, 0x1A, 0x00, 0xD8, 0x69 ), - BYTES_TO_T_UINT_8( 0x05, 0xB1, 0x89, 0x48, 0xA8, 0x70, 0x62, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x33, 0x8C, 0x67, 0xCE, 0x23, 0x43, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x53, 0x47, 0x72, 0x44, 0x1F, 0x5B, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xC1, 0xD9, 0xA4, 0x50, 0x88, 0x63, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0xF2, 0x75, 0x69, 0x73, 0x00, 0xC4, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x90, 0x1D, 0xDF, 0x1A, 0x00, 0xD8, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0xB1, 0x89, 0x48, 0xA8, 0x70, 0x62, 0xEF ), }; static const mbedtls_mpi_uint secp384r1_T_22_X[] = { - BYTES_TO_T_UINT_8( 0x7E, 0x8A, 0x55, 0x50, 0x7B, 0xEF, 0x8A, 0x3C ), - BYTES_TO_T_UINT_8( 0xFE, 0x1B, 0x23, 0x48, 0x23, 0x63, 0x91, 0xB6 ), - BYTES_TO_T_UINT_8( 0x0D, 0x04, 0x54, 0x3C, 0x24, 0x9B, 0xC7, 0x9A ), - BYTES_TO_T_UINT_8( 0x25, 0x38, 0xC3, 0x84, 0xFB, 0xFF, 0x9F, 0x49 ), - BYTES_TO_T_UINT_8( 0x66, 0x2A, 0xE0, 0x6D, 0x68, 0x8A, 0x5C, 0xCB ), - BYTES_TO_T_UINT_8( 0xC4, 0x93, 0x53, 0x85, 0xA1, 0x0D, 0xAF, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x8A, 0x55, 0x50, 0x7B, 0xEF, 0x8A, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0x1B, 0x23, 0x48, 0x23, 0x63, 0x91, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x04, 0x54, 0x3C, 0x24, 0x9B, 0xC7, 0x9A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0x38, 0xC3, 0x84, 0xFB, 0xFF, 0x9F, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0x2A, 0xE0, 0x6D, 0x68, 0x8A, 0x5C, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x93, 0x53, 0x85, 0xA1, 0x0D, 0xAF, 0x63 ), }; static const mbedtls_mpi_uint secp384r1_T_22_Y[] = { - BYTES_TO_T_UINT_8( 0x1B, 0x88, 0x95, 0x4C, 0x0B, 0xD0, 0x06, 0x51 ), - BYTES_TO_T_UINT_8( 0x92, 0xAF, 0x8D, 0x49, 0xA2, 0xC8, 0xB4, 0xE0 ), - BYTES_TO_T_UINT_8( 0x75, 0x76, 0x53, 0x09, 0x88, 0x43, 0x87, 0xCA ), - BYTES_TO_T_UINT_8( 0x90, 0xA4, 0x77, 0x3F, 0x5E, 0x21, 0xB4, 0x0A ), - BYTES_TO_T_UINT_8( 0x35, 0x9E, 0x86, 0x64, 0xCC, 0x91, 0xC1, 0x77 ), - BYTES_TO_T_UINT_8( 0xC1, 0x17, 0x56, 0xCB, 0xC3, 0x7D, 0x5B, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x88, 0x95, 0x4C, 0x0B, 0xD0, 0x06, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xAF, 0x8D, 0x49, 0xA2, 0xC8, 0xB4, 0xE0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x76, 0x53, 0x09, 0x88, 0x43, 0x87, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xA4, 0x77, 0x3F, 0x5E, 0x21, 0xB4, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0x9E, 0x86, 0x64, 0xCC, 0x91, 0xC1, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x17, 0x56, 0xCB, 0xC3, 0x7D, 0x5B, 0xB1 ), }; static const mbedtls_mpi_uint secp384r1_T_23_X[] = { - BYTES_TO_T_UINT_8( 0x64, 0x74, 0x9F, 0xB5, 0x91, 0x21, 0xB1, 0x1C ), - BYTES_TO_T_UINT_8( 0x1E, 0xED, 0xE1, 0x11, 0xEF, 0x45, 0xAF, 0xC1 ), - BYTES_TO_T_UINT_8( 0xE0, 0x31, 0xBE, 0xB2, 0xBC, 0x72, 0x65, 0x1F ), - BYTES_TO_T_UINT_8( 0xB1, 0x4B, 0x8C, 0x77, 0xCE, 0x1E, 0x42, 0xB5 ), - BYTES_TO_T_UINT_8( 0xFF, 0xC9, 0xAA, 0xB9, 0xD9, 0x86, 0x99, 0x55 ), - BYTES_TO_T_UINT_8( 0x65, 0x23, 0x80, 0xC6, 0x4E, 0x35, 0x0B, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x74, 0x9F, 0xB5, 0x91, 0x21, 0xB1, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xED, 0xE1, 0x11, 0xEF, 0x45, 0xAF, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x31, 0xBE, 0xB2, 0xBC, 0x72, 0x65, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0x4B, 0x8C, 0x77, 0xCE, 0x1E, 0x42, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xC9, 0xAA, 0xB9, 0xD9, 0x86, 0x99, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x23, 0x80, 0xC6, 0x4E, 0x35, 0x0B, 0x6D ), }; static const mbedtls_mpi_uint secp384r1_T_23_Y[] = { - BYTES_TO_T_UINT_8( 0x47, 0xD8, 0xA2, 0x0A, 0x39, 0x32, 0x1D, 0x23 ), - BYTES_TO_T_UINT_8( 0x61, 0xC8, 0x86, 0xF1, 0x12, 0x9A, 0x4A, 0x05 ), - BYTES_TO_T_UINT_8( 0x8D, 0xF1, 0x7C, 0xAA, 0x70, 0x8E, 0xBC, 0x01 ), - BYTES_TO_T_UINT_8( 0x62, 0x01, 0x47, 0x8F, 0xDD, 0x8B, 0xA5, 0xC8 ), - BYTES_TO_T_UINT_8( 0xDB, 0x08, 0x21, 0xF4, 0xAB, 0xC7, 0xF5, 0x96 ), - BYTES_TO_T_UINT_8( 0x0A, 0x76, 0xA5, 0x95, 0xC4, 0x0F, 0x88, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0xD8, 0xA2, 0x0A, 0x39, 0x32, 0x1D, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0xC8, 0x86, 0xF1, 0x12, 0x9A, 0x4A, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xF1, 0x7C, 0xAA, 0x70, 0x8E, 0xBC, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x01, 0x47, 0x8F, 0xDD, 0x8B, 0xA5, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x08, 0x21, 0xF4, 0xAB, 0xC7, 0xF5, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x76, 0xA5, 0x95, 0xC4, 0x0F, 0x88, 0x1D ), }; static const mbedtls_mpi_uint secp384r1_T_24_X[] = { - BYTES_TO_T_UINT_8( 0x3F, 0x42, 0x2A, 0x52, 0xCD, 0x75, 0x51, 0x49 ), - BYTES_TO_T_UINT_8( 0x90, 0x36, 0xE5, 0x04, 0x2B, 0x44, 0xC6, 0xEF ), - BYTES_TO_T_UINT_8( 0x5C, 0xEE, 0x16, 0x13, 0x07, 0x83, 0xB5, 0x30 ), - BYTES_TO_T_UINT_8( 0x76, 0x59, 0xC6, 0xA2, 0x19, 0x05, 0xD3, 0xC6 ), - BYTES_TO_T_UINT_8( 0xB6, 0x8B, 0xA8, 0x16, 0x09, 0xB7, 0xEA, 0xD6 ), - BYTES_TO_T_UINT_8( 0x70, 0xEE, 0x14, 0xAF, 0xB5, 0xFD, 0xD0, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x42, 0x2A, 0x52, 0xCD, 0x75, 0x51, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0x36, 0xE5, 0x04, 0x2B, 0x44, 0xC6, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xEE, 0x16, 0x13, 0x07, 0x83, 0xB5, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x59, 0xC6, 0xA2, 0x19, 0x05, 0xD3, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x8B, 0xA8, 0x16, 0x09, 0xB7, 0xEA, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0xEE, 0x14, 0xAF, 0xB5, 0xFD, 0xD0, 0xEF ), }; static const mbedtls_mpi_uint secp384r1_T_24_Y[] = { - BYTES_TO_T_UINT_8( 0x18, 0x7C, 0xCA, 0x71, 0x3E, 0x6E, 0x66, 0x75 ), - BYTES_TO_T_UINT_8( 0xBE, 0x31, 0x0E, 0x3F, 0xE5, 0x91, 0xC4, 0x7F ), - BYTES_TO_T_UINT_8( 0x8E, 0x3D, 0xC2, 0x3E, 0x95, 0x37, 0x58, 0x2B ), - BYTES_TO_T_UINT_8( 0x01, 0x1F, 0x02, 0x03, 0xF3, 0xEF, 0xEE, 0x66 ), - BYTES_TO_T_UINT_8( 0x28, 0x5B, 0x1A, 0xFC, 0x38, 0xCD, 0xE8, 0x24 ), - BYTES_TO_T_UINT_8( 0x12, 0x57, 0x42, 0x85, 0xC6, 0x21, 0x68, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x7C, 0xCA, 0x71, 0x3E, 0x6E, 0x66, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x31, 0x0E, 0x3F, 0xE5, 0x91, 0xC4, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x3D, 0xC2, 0x3E, 0x95, 0x37, 0x58, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x1F, 0x02, 0x03, 0xF3, 0xEF, 0xEE, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x5B, 0x1A, 0xFC, 0x38, 0xCD, 0xE8, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x57, 0x42, 0x85, 0xC6, 0x21, 0x68, 0x71 ), }; static const mbedtls_mpi_uint secp384r1_T_25_X[] = { - BYTES_TO_T_UINT_8( 0x8D, 0xA2, 0x4A, 0x66, 0xB1, 0x0A, 0xE6, 0xC0 ), - BYTES_TO_T_UINT_8( 0x86, 0x0C, 0x94, 0x9D, 0x5E, 0x99, 0xB2, 0xCE ), - BYTES_TO_T_UINT_8( 0xAD, 0x03, 0x40, 0xCA, 0xB2, 0xB3, 0x30, 0x55 ), - BYTES_TO_T_UINT_8( 0x74, 0x78, 0x48, 0x27, 0x34, 0x1E, 0xE2, 0x42 ), - BYTES_TO_T_UINT_8( 0xAE, 0x72, 0x5B, 0xAC, 0xC1, 0x6D, 0xE3, 0x82 ), - BYTES_TO_T_UINT_8( 0x57, 0xAB, 0x46, 0xCB, 0xEA, 0x5E, 0x4B, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xA2, 0x4A, 0x66, 0xB1, 0x0A, 0xE6, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x0C, 0x94, 0x9D, 0x5E, 0x99, 0xB2, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x03, 0x40, 0xCA, 0xB2, 0xB3, 0x30, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x78, 0x48, 0x27, 0x34, 0x1E, 0xE2, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x72, 0x5B, 0xAC, 0xC1, 0x6D, 0xE3, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xAB, 0x46, 0xCB, 0xEA, 0x5E, 0x4B, 0x0B ), }; static const mbedtls_mpi_uint secp384r1_T_25_Y[] = { - BYTES_TO_T_UINT_8( 0xFC, 0x08, 0xAD, 0x4E, 0x51, 0x9F, 0x2A, 0x52 ), - BYTES_TO_T_UINT_8( 0x68, 0x5C, 0x7D, 0x4C, 0xD6, 0xCF, 0xDD, 0x02 ), - BYTES_TO_T_UINT_8( 0xD8, 0x76, 0x26, 0xE0, 0x8B, 0x10, 0xD9, 0x7C ), - BYTES_TO_T_UINT_8( 0x30, 0xA7, 0x23, 0x4E, 0x5F, 0xD2, 0x42, 0x17 ), - BYTES_TO_T_UINT_8( 0xD1, 0xE5, 0xA4, 0xEC, 0x77, 0x21, 0x34, 0x28 ), - BYTES_TO_T_UINT_8( 0x5C, 0x14, 0x65, 0xEA, 0x4A, 0x85, 0xC3, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x08, 0xAD, 0x4E, 0x51, 0x9F, 0x2A, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5C, 0x7D, 0x4C, 0xD6, 0xCF, 0xDD, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x76, 0x26, 0xE0, 0x8B, 0x10, 0xD9, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0xA7, 0x23, 0x4E, 0x5F, 0xD2, 0x42, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0xE5, 0xA4, 0xEC, 0x77, 0x21, 0x34, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x14, 0x65, 0xEA, 0x4A, 0x85, 0xC3, 0x2F ), }; static const mbedtls_mpi_uint secp384r1_T_26_X[] = { - BYTES_TO_T_UINT_8( 0x19, 0xD8, 0x40, 0x27, 0x73, 0x15, 0x7E, 0x65 ), - BYTES_TO_T_UINT_8( 0xF6, 0xBB, 0x53, 0x7E, 0x0F, 0x40, 0xC8, 0xD4 ), - BYTES_TO_T_UINT_8( 0xEA, 0x37, 0x19, 0x73, 0xEF, 0x5A, 0x5E, 0x04 ), - BYTES_TO_T_UINT_8( 0x9C, 0x73, 0x2B, 0x49, 0x7E, 0xAC, 0x97, 0x5C ), - BYTES_TO_T_UINT_8( 0x15, 0xB2, 0xC3, 0x1E, 0x0E, 0xE7, 0xD2, 0x21 ), - BYTES_TO_T_UINT_8( 0x8A, 0x08, 0xD6, 0xDD, 0xAC, 0x21, 0xD6, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0xD8, 0x40, 0x27, 0x73, 0x15, 0x7E, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xBB, 0x53, 0x7E, 0x0F, 0x40, 0xC8, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0x37, 0x19, 0x73, 0xEF, 0x5A, 0x5E, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x73, 0x2B, 0x49, 0x7E, 0xAC, 0x97, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0xB2, 0xC3, 0x1E, 0x0E, 0xE7, 0xD2, 0x21 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x08, 0xD6, 0xDD, 0xAC, 0x21, 0xD6, 0x3E ), }; static const mbedtls_mpi_uint secp384r1_T_26_Y[] = { - BYTES_TO_T_UINT_8( 0xA9, 0x26, 0xBE, 0x6D, 0x6D, 0xF2, 0x38, 0x3F ), - BYTES_TO_T_UINT_8( 0x08, 0x6C, 0x31, 0xA7, 0x49, 0x50, 0x3A, 0x89 ), - BYTES_TO_T_UINT_8( 0xC3, 0x99, 0xC6, 0xF5, 0xD2, 0xC2, 0x30, 0x5A ), - BYTES_TO_T_UINT_8( 0x2A, 0xE4, 0xF6, 0x8B, 0x8B, 0x97, 0xE9, 0xB2 ), - BYTES_TO_T_UINT_8( 0xDD, 0x21, 0xB7, 0x0D, 0xFC, 0x15, 0x54, 0x0B ), - BYTES_TO_T_UINT_8( 0x65, 0x83, 0x1C, 0xA4, 0xCD, 0x6B, 0x9D, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x26, 0xBE, 0x6D, 0x6D, 0xF2, 0x38, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x6C, 0x31, 0xA7, 0x49, 0x50, 0x3A, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x99, 0xC6, 0xF5, 0xD2, 0xC2, 0x30, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xE4, 0xF6, 0x8B, 0x8B, 0x97, 0xE9, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x21, 0xB7, 0x0D, 0xFC, 0x15, 0x54, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x83, 0x1C, 0xA4, 0xCD, 0x6B, 0x9D, 0xF2 ), }; static const mbedtls_mpi_uint secp384r1_T_27_X[] = { - BYTES_TO_T_UINT_8( 0xD6, 0xE8, 0x4C, 0x48, 0xE4, 0xAA, 0x69, 0x93 ), - BYTES_TO_T_UINT_8( 0x27, 0x7A, 0x27, 0xFC, 0x37, 0x96, 0x1A, 0x7B ), - BYTES_TO_T_UINT_8( 0x6F, 0xE7, 0x30, 0xA5, 0xCF, 0x13, 0x46, 0x5C ), - BYTES_TO_T_UINT_8( 0x8C, 0xD8, 0xAF, 0x74, 0x23, 0x4D, 0x56, 0x84 ), - BYTES_TO_T_UINT_8( 0x32, 0x3D, 0x44, 0x14, 0x1B, 0x97, 0x83, 0xF0 ), - BYTES_TO_T_UINT_8( 0xFA, 0x47, 0xD7, 0x5F, 0xFD, 0x98, 0x38, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xE8, 0x4C, 0x48, 0xE4, 0xAA, 0x69, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x7A, 0x27, 0xFC, 0x37, 0x96, 0x1A, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0xE7, 0x30, 0xA5, 0xCF, 0x13, 0x46, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0xD8, 0xAF, 0x74, 0x23, 0x4D, 0x56, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x3D, 0x44, 0x14, 0x1B, 0x97, 0x83, 0xF0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x47, 0xD7, 0x5F, 0xFD, 0x98, 0x38, 0xF7 ), }; static const mbedtls_mpi_uint secp384r1_T_27_Y[] = { - BYTES_TO_T_UINT_8( 0xA3, 0x73, 0x64, 0x36, 0xFD, 0x7B, 0xC1, 0x15 ), - BYTES_TO_T_UINT_8( 0xEA, 0x5D, 0x32, 0xD2, 0x47, 0x94, 0x89, 0x2D ), - BYTES_TO_T_UINT_8( 0x51, 0xE9, 0x30, 0xAC, 0x06, 0xC8, 0x65, 0x04 ), - BYTES_TO_T_UINT_8( 0xFA, 0x6C, 0xB9, 0x1B, 0xF7, 0x61, 0x49, 0x53 ), - BYTES_TO_T_UINT_8( 0xD7, 0xFF, 0x32, 0x43, 0x80, 0xDA, 0xA6, 0xB1 ), - BYTES_TO_T_UINT_8( 0xAC, 0xF8, 0x04, 0x01, 0x95, 0x35, 0xCE, 0x21 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x73, 0x64, 0x36, 0xFD, 0x7B, 0xC1, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0x5D, 0x32, 0xD2, 0x47, 0x94, 0x89, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xE9, 0x30, 0xAC, 0x06, 0xC8, 0x65, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x6C, 0xB9, 0x1B, 0xF7, 0x61, 0x49, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0xFF, 0x32, 0x43, 0x80, 0xDA, 0xA6, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xF8, 0x04, 0x01, 0x95, 0x35, 0xCE, 0x21 ), }; static const mbedtls_mpi_uint secp384r1_T_28_X[] = { - BYTES_TO_T_UINT_8( 0x6D, 0x06, 0x46, 0x0D, 0x51, 0xE2, 0xD8, 0xAC ), - BYTES_TO_T_UINT_8( 0x14, 0x57, 0x1D, 0x6F, 0x79, 0xA0, 0xCD, 0xA6 ), - BYTES_TO_T_UINT_8( 0xDF, 0xFB, 0x36, 0xCA, 0xAD, 0xF5, 0x9E, 0x41 ), - BYTES_TO_T_UINT_8( 0x6F, 0x7A, 0x1D, 0x9E, 0x1D, 0x95, 0x48, 0xDC ), - BYTES_TO_T_UINT_8( 0x81, 0x26, 0xA5, 0xB7, 0x15, 0x2C, 0xC2, 0xC6 ), - BYTES_TO_T_UINT_8( 0x86, 0x42, 0x72, 0xAA, 0x11, 0xDC, 0xC9, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x06, 0x46, 0x0D, 0x51, 0xE2, 0xD8, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0x57, 0x1D, 0x6F, 0x79, 0xA0, 0xCD, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0xFB, 0x36, 0xCA, 0xAD, 0xF5, 0x9E, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x7A, 0x1D, 0x9E, 0x1D, 0x95, 0x48, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x26, 0xA5, 0xB7, 0x15, 0x2C, 0xC2, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x42, 0x72, 0xAA, 0x11, 0xDC, 0xC9, 0xB6 ), }; static const mbedtls_mpi_uint secp384r1_T_28_Y[] = { - BYTES_TO_T_UINT_8( 0x3F, 0x6C, 0x64, 0xA7, 0x62, 0x3C, 0xAB, 0xD4 ), - BYTES_TO_T_UINT_8( 0x48, 0x6A, 0x44, 0xD8, 0x60, 0xC0, 0xA8, 0x80 ), - BYTES_TO_T_UINT_8( 0x82, 0x76, 0x58, 0x12, 0x57, 0x3C, 0x89, 0x46 ), - BYTES_TO_T_UINT_8( 0x82, 0x4F, 0x83, 0xCE, 0xCB, 0xB8, 0xD0, 0x2C ), - BYTES_TO_T_UINT_8( 0x9A, 0x84, 0x04, 0xB0, 0xAD, 0xEB, 0xFA, 0xDF ), - BYTES_TO_T_UINT_8( 0x34, 0xA4, 0xC3, 0x41, 0x44, 0x4E, 0x65, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x6C, 0x64, 0xA7, 0x62, 0x3C, 0xAB, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0x6A, 0x44, 0xD8, 0x60, 0xC0, 0xA8, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x76, 0x58, 0x12, 0x57, 0x3C, 0x89, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x4F, 0x83, 0xCE, 0xCB, 0xB8, 0xD0, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x84, 0x04, 0xB0, 0xAD, 0xEB, 0xFA, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xA4, 0xC3, 0x41, 0x44, 0x4E, 0x65, 0x3E ), }; static const mbedtls_mpi_uint secp384r1_T_29_X[] = { - BYTES_TO_T_UINT_8( 0xB6, 0x16, 0xA9, 0x1C, 0xE7, 0x65, 0x20, 0xC1 ), - BYTES_TO_T_UINT_8( 0x58, 0x53, 0x32, 0xF8, 0xC0, 0xA6, 0xBD, 0x2C ), - BYTES_TO_T_UINT_8( 0xB7, 0xF0, 0xE6, 0x57, 0x31, 0xCC, 0x26, 0x6F ), - BYTES_TO_T_UINT_8( 0x27, 0xE3, 0x54, 0x1C, 0x34, 0xD3, 0x17, 0xBC ), - BYTES_TO_T_UINT_8( 0xF5, 0xAE, 0xED, 0xFB, 0xCD, 0xE7, 0x1E, 0x9F ), - BYTES_TO_T_UINT_8( 0x5A, 0x16, 0x1C, 0x34, 0x40, 0x00, 0x1F, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x16, 0xA9, 0x1C, 0xE7, 0x65, 0x20, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x53, 0x32, 0xF8, 0xC0, 0xA6, 0xBD, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xF0, 0xE6, 0x57, 0x31, 0xCC, 0x26, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0xE3, 0x54, 0x1C, 0x34, 0xD3, 0x17, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xAE, 0xED, 0xFB, 0xCD, 0xE7, 0x1E, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x16, 0x1C, 0x34, 0x40, 0x00, 0x1F, 0xB6 ), }; static const mbedtls_mpi_uint secp384r1_T_29_Y[] = { - BYTES_TO_T_UINT_8( 0x6A, 0x32, 0x00, 0xC2, 0xD4, 0x3B, 0x1A, 0x09 ), - BYTES_TO_T_UINT_8( 0x34, 0xE0, 0x99, 0x8F, 0x0C, 0x4A, 0x16, 0x44 ), - BYTES_TO_T_UINT_8( 0x83, 0x73, 0x18, 0x1B, 0xD4, 0x94, 0x29, 0x62 ), - BYTES_TO_T_UINT_8( 0x29, 0xA4, 0x2D, 0xB1, 0x9D, 0x74, 0x32, 0x67 ), - BYTES_TO_T_UINT_8( 0xBF, 0xF4, 0xB1, 0x0C, 0x37, 0x62, 0x8B, 0x66 ), - BYTES_TO_T_UINT_8( 0xC9, 0xFF, 0xDA, 0xE2, 0x35, 0xA3, 0xB6, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x32, 0x00, 0xC2, 0xD4, 0x3B, 0x1A, 0x09 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xE0, 0x99, 0x8F, 0x0C, 0x4A, 0x16, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x73, 0x18, 0x1B, 0xD4, 0x94, 0x29, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xA4, 0x2D, 0xB1, 0x9D, 0x74, 0x32, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0xF4, 0xB1, 0x0C, 0x37, 0x62, 0x8B, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xFF, 0xDA, 0xE2, 0x35, 0xA3, 0xB6, 0x42 ), }; static const mbedtls_mpi_uint secp384r1_T_30_X[] = { - BYTES_TO_T_UINT_8( 0x91, 0x49, 0x99, 0x65, 0xC5, 0xED, 0x16, 0xEF ), - BYTES_TO_T_UINT_8( 0x79, 0x42, 0x9A, 0xF3, 0xA7, 0x4E, 0x6F, 0x2B ), - BYTES_TO_T_UINT_8( 0x7B, 0x0A, 0x7E, 0xC0, 0xD7, 0x4E, 0x07, 0x55 ), - BYTES_TO_T_UINT_8( 0xD6, 0x7A, 0x31, 0x69, 0xA6, 0xB9, 0x15, 0x34 ), - BYTES_TO_T_UINT_8( 0xA8, 0xE0, 0x72, 0xA4, 0x3F, 0xB9, 0xF8, 0x0C ), - BYTES_TO_T_UINT_8( 0x2B, 0x75, 0x32, 0x85, 0xA2, 0xDE, 0x37, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x49, 0x99, 0x65, 0xC5, 0xED, 0x16, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0x42, 0x9A, 0xF3, 0xA7, 0x4E, 0x6F, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x0A, 0x7E, 0xC0, 0xD7, 0x4E, 0x07, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x7A, 0x31, 0x69, 0xA6, 0xB9, 0x15, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0xE0, 0x72, 0xA4, 0x3F, 0xB9, 0xF8, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0x75, 0x32, 0x85, 0xA2, 0xDE, 0x37, 0x12 ), }; static const mbedtls_mpi_uint secp384r1_T_30_Y[] = { - BYTES_TO_T_UINT_8( 0xBC, 0xC0, 0x0D, 0xCF, 0x25, 0x41, 0xA4, 0xF4 ), - BYTES_TO_T_UINT_8( 0x9B, 0xFC, 0xB2, 0x48, 0xC3, 0x85, 0x83, 0x4B ), - BYTES_TO_T_UINT_8( 0x2B, 0xBE, 0x0B, 0x58, 0x2D, 0x7A, 0x9A, 0x62 ), - BYTES_TO_T_UINT_8( 0xC5, 0xF3, 0x81, 0x18, 0x1B, 0x74, 0x4F, 0x2C ), - BYTES_TO_T_UINT_8( 0xE2, 0x43, 0xA3, 0x0A, 0x16, 0x8B, 0xA3, 0x1E ), - BYTES_TO_T_UINT_8( 0x4A, 0x18, 0x81, 0x7B, 0x8D, 0xA2, 0x35, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xC0, 0x0D, 0xCF, 0x25, 0x41, 0xA4, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0xFC, 0xB2, 0x48, 0xC3, 0x85, 0x83, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0xBE, 0x0B, 0x58, 0x2D, 0x7A, 0x9A, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0xF3, 0x81, 0x18, 0x1B, 0x74, 0x4F, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0x43, 0xA3, 0x0A, 0x16, 0x8B, 0xA3, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x18, 0x81, 0x7B, 0x8D, 0xA2, 0x35, 0x77 ), }; static const mbedtls_mpi_uint secp384r1_T_31_X[] = { - BYTES_TO_T_UINT_8( 0x86, 0xC4, 0x3F, 0x2C, 0xE7, 0x5F, 0x99, 0x03 ), - BYTES_TO_T_UINT_8( 0xF0, 0x2B, 0xB7, 0xB6, 0xAD, 0x5A, 0x56, 0xFF ), - BYTES_TO_T_UINT_8( 0x04, 0x00, 0xA4, 0x48, 0xC8, 0xE8, 0xBA, 0xBF ), - BYTES_TO_T_UINT_8( 0xE8, 0xA1, 0xB5, 0x13, 0x5A, 0xCD, 0x99, 0x9C ), - BYTES_TO_T_UINT_8( 0xB0, 0x95, 0xAD, 0xFC, 0xE2, 0x7E, 0xE7, 0xFE ), - BYTES_TO_T_UINT_8( 0x96, 0x6B, 0xD1, 0x34, 0x99, 0x53, 0x63, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xC4, 0x3F, 0x2C, 0xE7, 0x5F, 0x99, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x2B, 0xB7, 0xB6, 0xAD, 0x5A, 0x56, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x00, 0xA4, 0x48, 0xC8, 0xE8, 0xBA, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0xA1, 0xB5, 0x13, 0x5A, 0xCD, 0x99, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x95, 0xAD, 0xFC, 0xE2, 0x7E, 0xE7, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x6B, 0xD1, 0x34, 0x99, 0x53, 0x63, 0x0B ), }; static const mbedtls_mpi_uint secp384r1_T_31_Y[] = { - BYTES_TO_T_UINT_8( 0x19, 0x8A, 0x77, 0x5D, 0x2B, 0xAB, 0x01, 0x28 ), - BYTES_TO_T_UINT_8( 0x4E, 0x85, 0xD0, 0xD5, 0x49, 0x83, 0x4D, 0x60 ), - BYTES_TO_T_UINT_8( 0x81, 0xC6, 0x91, 0x30, 0x3B, 0x00, 0xAF, 0x7A ), - BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x61, 0x07, 0xE1, 0xB6, 0xE2, 0xC9 ), - BYTES_TO_T_UINT_8( 0x95, 0x43, 0x41, 0xFE, 0x9B, 0xB6, 0xF0, 0xA5 ), - BYTES_TO_T_UINT_8( 0xB4, 0x97, 0xAE, 0xAD, 0x89, 0x88, 0x9E, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x8A, 0x77, 0x5D, 0x2B, 0xAB, 0x01, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x85, 0xD0, 0xD5, 0x49, 0x83, 0x4D, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0xC6, 0x91, 0x30, 0x3B, 0x00, 0xAF, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0xAE, 0x61, 0x07, 0xE1, 0xB6, 0xE2, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x43, 0x41, 0xFE, 0x9B, 0xB6, 0xF0, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x97, 0xAE, 0xAD, 0x89, 0x88, 0x9E, 0x41 ), }; static const mbedtls_ecp_point secp384r1_T[32] = { ECP_POINT_INIT_XY_Z1(secp384r1_T_0_X, secp384r1_T_0_Y), @@ -1390,764 +1390,764 @@ static const mbedtls_ecp_point secp384r1_T[32] = { */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) static const mbedtls_mpi_uint secp521r1_p[] = { - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), }; static const mbedtls_mpi_uint secp521r1_b[] = { - BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ), - BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ), - BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ), - BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ), - BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ), - BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ), - BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ), - BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ), - BYTES_TO_T_UINT_2( 0x51, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x51, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_gx[] = { - BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), - BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), - BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), - BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), - BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), - BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), - BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), - BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), - BYTES_TO_T_UINT_2( 0xC6, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0xC6, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_gy[] = { - BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), - BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), - BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), - BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), - BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), - BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), - BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), - BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), - BYTES_TO_T_UINT_2( 0x18, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x18, 0x01 ), }; static const mbedtls_mpi_uint secp521r1_n[] = { - BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ), - BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ), - BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ), - BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ), - BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp521r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), - BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), - BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), - BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), - BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), - BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), - BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), - BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), - BYTES_TO_T_UINT_8( 0xC6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), - BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), - BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), - BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), - BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), - BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), - BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), - BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), - BYTES_TO_T_UINT_8( 0x18, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x2F, 0xB1, 0x2D, 0xEB, 0x27, 0x2F, 0xE8, 0xDA ), - BYTES_TO_T_UINT_8( 0x98, 0x4B, 0x44, 0x25, 0xDB, 0x5C, 0x5F, 0x67 ), - BYTES_TO_T_UINT_8( 0x13, 0x85, 0x28, 0x78, 0x2E, 0x75, 0x34, 0x32 ), - BYTES_TO_T_UINT_8( 0x69, 0x57, 0x0F, 0x73, 0x78, 0x7A, 0xE3, 0x53 ), - BYTES_TO_T_UINT_8( 0x8D, 0xD8, 0xEC, 0xDC, 0xDA, 0x04, 0xAD, 0xAB ), - BYTES_TO_T_UINT_8( 0x34, 0x8A, 0x09, 0xF3, 0x58, 0x79, 0xD8, 0x29 ), - BYTES_TO_T_UINT_8( 0x63, 0x03, 0xCB, 0x50, 0x1A, 0x7F, 0x56, 0x00 ), - BYTES_TO_T_UINT_8( 0xF6, 0xA6, 0x78, 0x38, 0x85, 0x67, 0x0B, 0x40 ), - BYTES_TO_T_UINT_8( 0x83, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xB1, 0x2D, 0xEB, 0x27, 0x2F, 0xE8, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x4B, 0x44, 0x25, 0xDB, 0x5C, 0x5F, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x85, 0x28, 0x78, 0x2E, 0x75, 0x34, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x57, 0x0F, 0x73, 0x78, 0x7A, 0xE3, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD8, 0xEC, 0xDC, 0xDA, 0x04, 0xAD, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x8A, 0x09, 0xF3, 0x58, 0x79, 0xD8, 0x29 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x03, 0xCB, 0x50, 0x1A, 0x7F, 0x56, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xA6, 0x78, 0x38, 0x85, 0x67, 0x0B, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x8A, 0xD5, 0xD2, 0x22, 0xC4, 0x00, 0x3B, 0xBA ), - BYTES_TO_T_UINT_8( 0xD5, 0x93, 0x0E, 0x7B, 0x85, 0x51, 0xC3, 0x06 ), - BYTES_TO_T_UINT_8( 0x3D, 0xA6, 0x5F, 0x54, 0x49, 0x02, 0x81, 0x78 ), - BYTES_TO_T_UINT_8( 0x22, 0xE9, 0x6B, 0x3A, 0x92, 0xE7, 0x72, 0x1D ), - BYTES_TO_T_UINT_8( 0x6F, 0x5F, 0x28, 0x9E, 0x91, 0x27, 0x88, 0xE3 ), - BYTES_TO_T_UINT_8( 0xEF, 0x28, 0x31, 0xB3, 0x84, 0xCA, 0x12, 0x32 ), - BYTES_TO_T_UINT_8( 0x3D, 0xF9, 0xAC, 0x22, 0x10, 0x0A, 0x64, 0x41 ), - BYTES_TO_T_UINT_8( 0xE9, 0xC6, 0x33, 0x1F, 0x69, 0x19, 0x18, 0xBF ), - BYTES_TO_T_UINT_8( 0xBE, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0xD5, 0xD2, 0x22, 0xC4, 0x00, 0x3B, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x93, 0x0E, 0x7B, 0x85, 0x51, 0xC3, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xA6, 0x5F, 0x54, 0x49, 0x02, 0x81, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xE9, 0x6B, 0x3A, 0x92, 0xE7, 0x72, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x5F, 0x28, 0x9E, 0x91, 0x27, 0x88, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x28, 0x31, 0xB3, 0x84, 0xCA, 0x12, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xF9, 0xAC, 0x22, 0x10, 0x0A, 0x64, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0xC6, 0x33, 0x1F, 0x69, 0x19, 0x18, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0xA0, 0x48, 0xB8, 0xC7, 0x37, 0x5A, 0x00, 0x36 ), - BYTES_TO_T_UINT_8( 0x07, 0xCC, 0x32, 0xE0, 0xEE, 0x03, 0xC2, 0xBA ), - BYTES_TO_T_UINT_8( 0xC4, 0x29, 0xC2, 0xE4, 0x6E, 0x24, 0x20, 0x8D ), - BYTES_TO_T_UINT_8( 0x06, 0x6B, 0x7F, 0x7B, 0xF9, 0xB0, 0xB8, 0x13 ), - BYTES_TO_T_UINT_8( 0x1D, 0x7B, 0x3C, 0xE1, 0x19, 0xA1, 0x23, 0x02 ), - BYTES_TO_T_UINT_8( 0x2A, 0xE3, 0xC2, 0x53, 0xC0, 0x07, 0x13, 0xA9 ), - BYTES_TO_T_UINT_8( 0x07, 0xFE, 0x36, 0x35, 0x9F, 0x5E, 0x59, 0xCE ), - BYTES_TO_T_UINT_8( 0x1D, 0x55, 0x89, 0x84, 0xBC, 0xEF, 0xA2, 0xC2 ), - BYTES_TO_T_UINT_8( 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x48, 0xB8, 0xC7, 0x37, 0x5A, 0x00, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xCC, 0x32, 0xE0, 0xEE, 0x03, 0xC2, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x29, 0xC2, 0xE4, 0x6E, 0x24, 0x20, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x6B, 0x7F, 0x7B, 0xF9, 0xB0, 0xB8, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x7B, 0x3C, 0xE1, 0x19, 0xA1, 0x23, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xE3, 0xC2, 0x53, 0xC0, 0x07, 0x13, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFE, 0x36, 0x35, 0x9F, 0x5E, 0x59, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x55, 0x89, 0x84, 0xBC, 0xEF, 0xA2, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0xFD, 0x1A, 0x08, 0x67, 0xB4, 0xE7, 0x22, 0xED ), - BYTES_TO_T_UINT_8( 0x76, 0x26, 0xDF, 0x81, 0x3C, 0x5F, 0x1C, 0xDA ), - BYTES_TO_T_UINT_8( 0xE0, 0x4D, 0xD0, 0x0A, 0x48, 0x06, 0xF4, 0x48 ), - BYTES_TO_T_UINT_8( 0x73, 0x18, 0x39, 0xF7, 0xD1, 0x20, 0x77, 0x8D ), - BYTES_TO_T_UINT_8( 0x78, 0x8F, 0x44, 0x13, 0xCB, 0x78, 0x11, 0x11 ), - BYTES_TO_T_UINT_8( 0x33, 0xE2, 0x49, 0xEA, 0x43, 0x79, 0x08, 0x39 ), - BYTES_TO_T_UINT_8( 0x01, 0xD1, 0xD8, 0x73, 0x2C, 0x71, 0x2F, 0x69 ), - BYTES_TO_T_UINT_8( 0x21, 0xE5, 0xE7, 0xF4, 0x46, 0xAB, 0x20, 0xCA ), - BYTES_TO_T_UINT_8( 0x5A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x1A, 0x08, 0x67, 0xB4, 0xE7, 0x22, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x26, 0xDF, 0x81, 0x3C, 0x5F, 0x1C, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x4D, 0xD0, 0x0A, 0x48, 0x06, 0xF4, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x18, 0x39, 0xF7, 0xD1, 0x20, 0x77, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0x8F, 0x44, 0x13, 0xCB, 0x78, 0x11, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0xE2, 0x49, 0xEA, 0x43, 0x79, 0x08, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0xD1, 0xD8, 0x73, 0x2C, 0x71, 0x2F, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xE5, 0xE7, 0xF4, 0x46, 0xAB, 0x20, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x8C, 0x0B, 0xB9, 0x71, 0x1A, 0x27, 0xB7, 0xA7 ), - BYTES_TO_T_UINT_8( 0x2A, 0xA2, 0x2C, 0xD1, 0xDA, 0xBC, 0xC1, 0xBD ), - BYTES_TO_T_UINT_8( 0x10, 0xA3, 0x10, 0x1F, 0x90, 0xF2, 0xA5, 0x52 ), - BYTES_TO_T_UINT_8( 0x28, 0xFB, 0x20, 0xF4, 0xC0, 0x70, 0xC0, 0xF5 ), - BYTES_TO_T_UINT_8( 0x8F, 0xA7, 0x99, 0xF0, 0xA5, 0xD3, 0x09, 0xDD ), - BYTES_TO_T_UINT_8( 0x26, 0xE8, 0x14, 0x39, 0xBE, 0xCB, 0x60, 0xAF ), - BYTES_TO_T_UINT_8( 0x9F, 0xD6, 0x14, 0xA9, 0xC9, 0x20, 0xC3, 0xEA ), - BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x5B, 0xFD, 0x2D, 0x96, 0xBC, 0x78 ), - BYTES_TO_T_UINT_8( 0xC0, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0x0B, 0xB9, 0x71, 0x1A, 0x27, 0xB7, 0xA7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xA2, 0x2C, 0xD1, 0xDA, 0xBC, 0xC1, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xA3, 0x10, 0x1F, 0x90, 0xF2, 0xA5, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0xFB, 0x20, 0xF4, 0xC0, 0x70, 0xC0, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0xA7, 0x99, 0xF0, 0xA5, 0xD3, 0x09, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0xE8, 0x14, 0x39, 0xBE, 0xCB, 0x60, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0xD6, 0x14, 0xA9, 0xC9, 0x20, 0xC3, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x5B, 0xFD, 0x2D, 0x96, 0xBC, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0x9D, 0x04, 0x45, 0xBE, 0xCE, 0x75, 0x95, 0xF6 ), - BYTES_TO_T_UINT_8( 0xCC, 0xDA, 0x58, 0x49, 0x35, 0x09, 0x8D, 0x41 ), - BYTES_TO_T_UINT_8( 0x76, 0xF0, 0xC0, 0x36, 0xF2, 0xA6, 0x2D, 0x14 ), - BYTES_TO_T_UINT_8( 0xE7, 0xFC, 0x3D, 0xA8, 0xFB, 0x3C, 0xD2, 0x51 ), - BYTES_TO_T_UINT_8( 0x01, 0x4D, 0x71, 0x09, 0x18, 0x42, 0xF0, 0x2D ), - BYTES_TO_T_UINT_8( 0x8D, 0xC1, 0xCE, 0x9E, 0x6A, 0x49, 0x60, 0x12 ), - BYTES_TO_T_UINT_8( 0xAD, 0xB1, 0x00, 0xF7, 0xA1, 0x7A, 0x31, 0xB4 ), - BYTES_TO_T_UINT_8( 0x41, 0xC3, 0x86, 0xCD, 0x20, 0x4A, 0x17, 0x86 ), - BYTES_TO_T_UINT_8( 0x6C, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x04, 0x45, 0xBE, 0xCE, 0x75, 0x95, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0xDA, 0x58, 0x49, 0x35, 0x09, 0x8D, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0xF0, 0xC0, 0x36, 0xF2, 0xA6, 0x2D, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xFC, 0x3D, 0xA8, 0xFB, 0x3C, 0xD2, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x4D, 0x71, 0x09, 0x18, 0x42, 0xF0, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xC1, 0xCE, 0x9E, 0x6A, 0x49, 0x60, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xB1, 0x00, 0xF7, 0xA1, 0x7A, 0x31, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xC3, 0x86, 0xCD, 0x20, 0x4A, 0x17, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x98, 0xAB, 0x8B, 0x47, 0x8D, 0xAA, 0xA6, 0x5B ), - BYTES_TO_T_UINT_8( 0xC4, 0x97, 0xF0, 0xBC, 0x2D, 0xDC, 0x9D, 0x84 ), - BYTES_TO_T_UINT_8( 0x01, 0x86, 0xB0, 0x74, 0xB2, 0xF4, 0xF6, 0x67 ), - BYTES_TO_T_UINT_8( 0xAC, 0xBD, 0xAC, 0xE3, 0x8F, 0x43, 0x5C, 0xB1 ), - BYTES_TO_T_UINT_8( 0x37, 0xC3, 0xE2, 0x6E, 0x25, 0x49, 0xCD, 0x0B ), - BYTES_TO_T_UINT_8( 0x64, 0x5E, 0x08, 0xB3, 0xB9, 0xAC, 0x5F, 0xD1 ), - BYTES_TO_T_UINT_8( 0x08, 0xB7, 0xD1, 0xF4, 0xDC, 0x19, 0xE9, 0xC8 ), - BYTES_TO_T_UINT_8( 0x49, 0xE4, 0xFA, 0xE1, 0x36, 0x3E, 0xED, 0x6E ), - BYTES_TO_T_UINT_8( 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0xAB, 0x8B, 0x47, 0x8D, 0xAA, 0xA6, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x97, 0xF0, 0xBC, 0x2D, 0xDC, 0x9D, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x86, 0xB0, 0x74, 0xB2, 0xF4, 0xF6, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBD, 0xAC, 0xE3, 0x8F, 0x43, 0x5C, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xC3, 0xE2, 0x6E, 0x25, 0x49, 0xCD, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x5E, 0x08, 0xB3, 0xB9, 0xAC, 0x5F, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xB7, 0xD1, 0xF4, 0xDC, 0x19, 0xE9, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0xE4, 0xFA, 0xE1, 0x36, 0x3E, 0xED, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x00, 0x67, 0x92, 0x84, 0x6E, 0x48, 0x03, 0x51 ), - BYTES_TO_T_UINT_8( 0x9E, 0x95, 0xEF, 0x8F, 0xB2, 0x82, 0x6B, 0x1C ), - BYTES_TO_T_UINT_8( 0x8D, 0xFA, 0xB9, 0x55, 0x23, 0xFE, 0x09, 0xB3 ), - BYTES_TO_T_UINT_8( 0xEF, 0x79, 0x85, 0x4B, 0x0E, 0xD4, 0x35, 0xDB ), - BYTES_TO_T_UINT_8( 0x9A, 0x27, 0x45, 0x81, 0xE0, 0x88, 0x52, 0xAD ), - BYTES_TO_T_UINT_8( 0x17, 0x63, 0xA2, 0x4B, 0xBC, 0x5D, 0xB1, 0x92 ), - BYTES_TO_T_UINT_8( 0x28, 0x8C, 0x83, 0xD9, 0x3E, 0xD3, 0x42, 0xDA ), - BYTES_TO_T_UINT_8( 0x99, 0x03, 0x3A, 0x31, 0xBA, 0xE9, 0x3A, 0xD1 ), - BYTES_TO_T_UINT_8( 0x47, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x67, 0x92, 0x84, 0x6E, 0x48, 0x03, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x95, 0xEF, 0x8F, 0xB2, 0x82, 0x6B, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFA, 0xB9, 0x55, 0x23, 0xFE, 0x09, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x79, 0x85, 0x4B, 0x0E, 0xD4, 0x35, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x27, 0x45, 0x81, 0xE0, 0x88, 0x52, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x63, 0xA2, 0x4B, 0xBC, 0x5D, 0xB1, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x8C, 0x83, 0xD9, 0x3E, 0xD3, 0x42, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x03, 0x3A, 0x31, 0xBA, 0xE9, 0x3A, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x35, 0x10, 0xCD, 0x2D, 0x00, 0xFE, 0x32, 0xA7 ), - BYTES_TO_T_UINT_8( 0xE4, 0x6E, 0x1F, 0xDA, 0xF8, 0x6F, 0x4D, 0x03 ), - BYTES_TO_T_UINT_8( 0x09, 0x79, 0x7D, 0x09, 0xE5, 0xD3, 0x03, 0x21 ), - BYTES_TO_T_UINT_8( 0x58, 0xC3, 0xBE, 0xDF, 0x07, 0x65, 0x49, 0xCC ), - BYTES_TO_T_UINT_8( 0x08, 0x57, 0x33, 0xEF, 0xAE, 0x4F, 0x04, 0x27 ), - BYTES_TO_T_UINT_8( 0x9A, 0xE9, 0x9B, 0xFE, 0xBF, 0xE6, 0x85, 0xF6 ), - BYTES_TO_T_UINT_8( 0xBD, 0xBA, 0xAA, 0x06, 0xC4, 0xC6, 0xB8, 0x57 ), - BYTES_TO_T_UINT_8( 0x0C, 0x83, 0x01, 0xA9, 0xF6, 0x51, 0xE7, 0xB8 ), - BYTES_TO_T_UINT_8( 0x1B, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0x10, 0xCD, 0x2D, 0x00, 0xFE, 0x32, 0xA7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x6E, 0x1F, 0xDA, 0xF8, 0x6F, 0x4D, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x79, 0x7D, 0x09, 0xE5, 0xD3, 0x03, 0x21 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0xC3, 0xBE, 0xDF, 0x07, 0x65, 0x49, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x57, 0x33, 0xEF, 0xAE, 0x4F, 0x04, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0xE9, 0x9B, 0xFE, 0xBF, 0xE6, 0x85, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0xBA, 0xAA, 0x06, 0xC4, 0xC6, 0xB8, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x83, 0x01, 0xA9, 0xF6, 0x51, 0xE7, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xB9, 0xA6, 0x15, 0x8E, 0xAB, 0x1F, 0x10, 0x87 ), - BYTES_TO_T_UINT_8( 0x74, 0x08, 0x27, 0x1A, 0xA1, 0x21, 0xAD, 0xF5 ), - BYTES_TO_T_UINT_8( 0x02, 0x09, 0x90, 0x6E, 0x50, 0x90, 0x9A, 0x5D ), - BYTES_TO_T_UINT_8( 0x86, 0x9A, 0xFE, 0xD7, 0xA1, 0xF5, 0xA2, 0x15 ), - BYTES_TO_T_UINT_8( 0xE8, 0x7D, 0xE3, 0xDC, 0x21, 0xFB, 0xA4, 0x7B ), - BYTES_TO_T_UINT_8( 0xB9, 0xBF, 0x07, 0xFF, 0x45, 0xDF, 0x51, 0x77 ), - BYTES_TO_T_UINT_8( 0x0B, 0x5C, 0x34, 0x02, 0x62, 0x9B, 0x08, 0x12 ), - BYTES_TO_T_UINT_8( 0x86, 0xCE, 0x9A, 0x6A, 0xEC, 0x75, 0xF6, 0x46 ), - BYTES_TO_T_UINT_8( 0x6D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xA6, 0x15, 0x8E, 0xAB, 0x1F, 0x10, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x08, 0x27, 0x1A, 0xA1, 0x21, 0xAD, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x09, 0x90, 0x6E, 0x50, 0x90, 0x9A, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x9A, 0xFE, 0xD7, 0xA1, 0xF5, 0xA2, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x7D, 0xE3, 0xDC, 0x21, 0xFB, 0xA4, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xBF, 0x07, 0xFF, 0x45, 0xDF, 0x51, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x5C, 0x34, 0x02, 0x62, 0x9B, 0x08, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xCE, 0x9A, 0x6A, 0xEC, 0x75, 0xF6, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0xE6, 0x59, 0xF4, 0x78, 0x3C, 0x60, 0xB1, 0x4A ), - BYTES_TO_T_UINT_8( 0x3E, 0x37, 0x84, 0x6A, 0xDC, 0xF2, 0x9A, 0x7D ), - BYTES_TO_T_UINT_8( 0x40, 0x9A, 0x9A, 0x15, 0x36, 0xE0, 0x2B, 0x2D ), - BYTES_TO_T_UINT_8( 0xEC, 0x38, 0x9C, 0x50, 0x3D, 0x1E, 0x37, 0x82 ), - BYTES_TO_T_UINT_8( 0xB7, 0x79, 0xF0, 0x92, 0xF2, 0x8B, 0x18, 0x82 ), - BYTES_TO_T_UINT_8( 0x17, 0xE0, 0x82, 0x1E, 0x80, 0x82, 0x4B, 0xD7 ), - BYTES_TO_T_UINT_8( 0xFA, 0xBB, 0x59, 0x6B, 0x8A, 0x77, 0x41, 0x40 ), - BYTES_TO_T_UINT_8( 0xA7, 0xF9, 0xD4, 0xB8, 0x4A, 0x82, 0xCF, 0x40 ), - BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x59, 0xF4, 0x78, 0x3C, 0x60, 0xB1, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x37, 0x84, 0x6A, 0xDC, 0xF2, 0x9A, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x9A, 0x9A, 0x15, 0x36, 0xE0, 0x2B, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x38, 0x9C, 0x50, 0x3D, 0x1E, 0x37, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x79, 0xF0, 0x92, 0xF2, 0x8B, 0x18, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xE0, 0x82, 0x1E, 0x80, 0x82, 0x4B, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xBB, 0x59, 0x6B, 0x8A, 0x77, 0x41, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0xF9, 0xD4, 0xB8, 0x4A, 0x82, 0xCF, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0x1E, 0x8C, 0xC8, 0x9B, 0x72, 0x9E, 0xF7, 0xF9 ), - BYTES_TO_T_UINT_8( 0xB8, 0xCE, 0xE9, 0x77, 0x0A, 0x19, 0x59, 0x84 ), - BYTES_TO_T_UINT_8( 0x9D, 0xA1, 0x41, 0x6A, 0x72, 0x4B, 0xB4, 0xDC ), - BYTES_TO_T_UINT_8( 0x0B, 0x35, 0x43, 0xE2, 0x8C, 0xBE, 0x0D, 0xE3 ), - BYTES_TO_T_UINT_8( 0xC1, 0xEB, 0xAD, 0xF3, 0xA9, 0xA6, 0x68, 0xA1 ), - BYTES_TO_T_UINT_8( 0x81, 0x2F, 0xE2, 0x48, 0x0C, 0xDB, 0x1F, 0x42 ), - BYTES_TO_T_UINT_8( 0xD1, 0x1E, 0x60, 0x9B, 0x2A, 0xD2, 0xC1, 0x3C ), - BYTES_TO_T_UINT_8( 0xC0, 0x64, 0xB5, 0xD2, 0xF6, 0xF6, 0x6E, 0x22 ), - BYTES_TO_T_UINT_8( 0x70, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x8C, 0xC8, 0x9B, 0x72, 0x9E, 0xF7, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xCE, 0xE9, 0x77, 0x0A, 0x19, 0x59, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xA1, 0x41, 0x6A, 0x72, 0x4B, 0xB4, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x35, 0x43, 0xE2, 0x8C, 0xBE, 0x0D, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0xEB, 0xAD, 0xF3, 0xA9, 0xA6, 0x68, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x2F, 0xE2, 0x48, 0x0C, 0xDB, 0x1F, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x1E, 0x60, 0x9B, 0x2A, 0xD2, 0xC1, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x64, 0xB5, 0xD2, 0xF6, 0xF6, 0x6E, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xC6, 0x3D, 0x30, 0x78, 0x10, 0x18, 0x41, 0x51 ), - BYTES_TO_T_UINT_8( 0x96, 0x1D, 0x1C, 0xE0, 0x6D, 0x83, 0xD1, 0x93 ), - BYTES_TO_T_UINT_8( 0x7B, 0x03, 0x0B, 0xF5, 0x2F, 0x6C, 0x04, 0x98 ), - BYTES_TO_T_UINT_8( 0x6C, 0x3E, 0xD5, 0xFC, 0x31, 0x5B, 0x3A, 0xEB ), - BYTES_TO_T_UINT_8( 0x50, 0x82, 0x2F, 0xFB, 0xFE, 0xF8, 0x76, 0x39 ), - BYTES_TO_T_UINT_8( 0x85, 0x26, 0xDA, 0x9C, 0x36, 0xF5, 0x93, 0xD1 ), - BYTES_TO_T_UINT_8( 0x4C, 0xE7, 0x6E, 0xD2, 0x7D, 0x81, 0x09, 0xC6 ), - BYTES_TO_T_UINT_8( 0xD3, 0x03, 0xF9, 0x58, 0x48, 0x24, 0xA2, 0xEE ), - BYTES_TO_T_UINT_8( 0xE9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x3D, 0x30, 0x78, 0x10, 0x18, 0x41, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x1D, 0x1C, 0xE0, 0x6D, 0x83, 0xD1, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x03, 0x0B, 0xF5, 0x2F, 0x6C, 0x04, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x3E, 0xD5, 0xFC, 0x31, 0x5B, 0x3A, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x82, 0x2F, 0xFB, 0xFE, 0xF8, 0x76, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0x26, 0xDA, 0x9C, 0x36, 0xF5, 0x93, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4C, 0xE7, 0x6E, 0xD2, 0x7D, 0x81, 0x09, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x03, 0xF9, 0x58, 0x48, 0x24, 0xA2, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x1B, 0x79, 0x0C, 0x8E, 0x6B, 0x95, 0xF3, 0xC4 ), - BYTES_TO_T_UINT_8( 0xF4, 0x10, 0x5C, 0x87, 0x03, 0x39, 0xCF, 0x68 ), - BYTES_TO_T_UINT_8( 0xAD, 0xF0, 0xF7, 0xC1, 0x07, 0xA4, 0xF4, 0x3F ), - BYTES_TO_T_UINT_8( 0x32, 0xE8, 0x02, 0x89, 0x65, 0xC4, 0x72, 0x36 ), - BYTES_TO_T_UINT_8( 0xB4, 0x88, 0xEA, 0x96, 0x67, 0x0B, 0x5D, 0xDF ), - BYTES_TO_T_UINT_8( 0xA8, 0x75, 0x60, 0xA8, 0xBD, 0x74, 0xDF, 0x68 ), - BYTES_TO_T_UINT_8( 0x6E, 0xE5, 0x71, 0x50, 0x67, 0xD0, 0xD2, 0xE6 ), - BYTES_TO_T_UINT_8( 0xD5, 0xFC, 0xE5, 0xC7, 0x77, 0xB0, 0x7F, 0x8C ), - BYTES_TO_T_UINT_8( 0xF1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x79, 0x0C, 0x8E, 0x6B, 0x95, 0xF3, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x10, 0x5C, 0x87, 0x03, 0x39, 0xCF, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xF0, 0xF7, 0xC1, 0x07, 0xA4, 0xF4, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0xE8, 0x02, 0x89, 0x65, 0xC4, 0x72, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x88, 0xEA, 0x96, 0x67, 0x0B, 0x5D, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x75, 0x60, 0xA8, 0xBD, 0x74, 0xDF, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0xE5, 0x71, 0x50, 0x67, 0xD0, 0xD2, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xFC, 0xE5, 0xC7, 0x77, 0xB0, 0x7F, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x97, 0x86, 0x69, 0xCD, 0x0D, 0x9A, 0xBD, 0x66 ), - BYTES_TO_T_UINT_8( 0x58, 0x17, 0xBC, 0xBB, 0x59, 0x85, 0x7D, 0x0E ), - BYTES_TO_T_UINT_8( 0x8D, 0xA8, 0x76, 0xAC, 0x80, 0xA9, 0x72, 0xE0 ), - BYTES_TO_T_UINT_8( 0x74, 0x78, 0xC1, 0xE2, 0x4D, 0xAF, 0xF9, 0x3C ), - BYTES_TO_T_UINT_8( 0xAD, 0x97, 0x8E, 0x74, 0xC4, 0x4B, 0xB2, 0x85 ), - BYTES_TO_T_UINT_8( 0xEA, 0xD8, 0xF6, 0xF3, 0xAF, 0x2F, 0x52, 0xE5 ), - BYTES_TO_T_UINT_8( 0x95, 0x57, 0xF4, 0xCE, 0xEE, 0x43, 0xED, 0x60 ), - BYTES_TO_T_UINT_8( 0x7D, 0x46, 0x38, 0xDE, 0x20, 0xFD, 0x59, 0x18 ), - BYTES_TO_T_UINT_8( 0xD7, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x86, 0x69, 0xCD, 0x0D, 0x9A, 0xBD, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x17, 0xBC, 0xBB, 0x59, 0x85, 0x7D, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xA8, 0x76, 0xAC, 0x80, 0xA9, 0x72, 0xE0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x78, 0xC1, 0xE2, 0x4D, 0xAF, 0xF9, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x97, 0x8E, 0x74, 0xC4, 0x4B, 0xB2, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xD8, 0xF6, 0xF3, 0xAF, 0x2F, 0x52, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x57, 0xF4, 0xCE, 0xEE, 0x43, 0xED, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x46, 0x38, 0xDE, 0x20, 0xFD, 0x59, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x1C, 0x18, 0xE8, 0x58, 0xB9, 0x76, 0x2C, 0xE6 ), - BYTES_TO_T_UINT_8( 0xED, 0x54, 0xE4, 0xFE, 0xC7, 0xBC, 0x31, 0x37 ), - BYTES_TO_T_UINT_8( 0xF5, 0xF8, 0x89, 0xEE, 0x70, 0xB5, 0xB0, 0x2C ), - BYTES_TO_T_UINT_8( 0x83, 0x22, 0x26, 0x9A, 0x53, 0xB9, 0x38, 0x0A ), - BYTES_TO_T_UINT_8( 0x74, 0xA7, 0x19, 0x8C, 0x74, 0x7E, 0x88, 0x46 ), - BYTES_TO_T_UINT_8( 0xB4, 0xDA, 0x0A, 0xE8, 0xDA, 0xA5, 0xBE, 0x1D ), - BYTES_TO_T_UINT_8( 0x90, 0x5C, 0xF7, 0xB1, 0x0C, 0x72, 0xFB, 0x09 ), - BYTES_TO_T_UINT_8( 0x78, 0xE2, 0x23, 0xE7, 0x46, 0xB7, 0xE0, 0x91 ), - BYTES_TO_T_UINT_8( 0xC5, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x18, 0xE8, 0x58, 0xB9, 0x76, 0x2C, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x54, 0xE4, 0xFE, 0xC7, 0xBC, 0x31, 0x37 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xF8, 0x89, 0xEE, 0x70, 0xB5, 0xB0, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x22, 0x26, 0x9A, 0x53, 0xB9, 0x38, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xA7, 0x19, 0x8C, 0x74, 0x7E, 0x88, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xDA, 0x0A, 0xE8, 0xDA, 0xA5, 0xBE, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0x5C, 0xF7, 0xB1, 0x0C, 0x72, 0xFB, 0x09 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xE2, 0x23, 0xE7, 0x46, 0xB7, 0xE0, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x3A, 0x36, 0xBC, 0xBD, 0x48, 0x11, 0x8E, 0x72 ), - BYTES_TO_T_UINT_8( 0xAB, 0xBB, 0xA1, 0xF7, 0x0B, 0x9E, 0xBF, 0xDF ), - BYTES_TO_T_UINT_8( 0x68, 0x28, 0xE1, 0xA2, 0x8F, 0xFC, 0xFC, 0xD6 ), - BYTES_TO_T_UINT_8( 0x81, 0xFE, 0x19, 0x0A, 0xE5, 0xE7, 0x69, 0x39 ), - BYTES_TO_T_UINT_8( 0x5E, 0xCD, 0x12, 0xF5, 0xBE, 0xD3, 0x04, 0xF1 ), - BYTES_TO_T_UINT_8( 0xF5, 0xA8, 0x0D, 0x81, 0x59, 0xC4, 0x79, 0x98 ), - BYTES_TO_T_UINT_8( 0xA3, 0xF3, 0x4B, 0x92, 0x65, 0xC3, 0x31, 0xAD ), - BYTES_TO_T_UINT_8( 0x75, 0xB5, 0x4F, 0x4D, 0x91, 0xD4, 0xE2, 0xB2 ), - BYTES_TO_T_UINT_8( 0x51, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x36, 0xBC, 0xBD, 0x48, 0x11, 0x8E, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0xBB, 0xA1, 0xF7, 0x0B, 0x9E, 0xBF, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x28, 0xE1, 0xA2, 0x8F, 0xFC, 0xFC, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0xFE, 0x19, 0x0A, 0xE5, 0xE7, 0x69, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0xCD, 0x12, 0xF5, 0xBE, 0xD3, 0x04, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xA8, 0x0D, 0x81, 0x59, 0xC4, 0x79, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0xF3, 0x4B, 0x92, 0x65, 0xC3, 0x31, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0xB5, 0x4F, 0x4D, 0x91, 0xD4, 0xE2, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0x72, 0x09, 0x41, 0x79, 0x1D, 0x4D, 0x0D, 0x33 ), - BYTES_TO_T_UINT_8( 0xBB, 0x31, 0x18, 0xBA, 0xA0, 0xF2, 0x6E, 0x7E ), - BYTES_TO_T_UINT_8( 0x93, 0x5B, 0x4D, 0x4F, 0xAF, 0xC9, 0x8C, 0xA1 ), - BYTES_TO_T_UINT_8( 0x48, 0x99, 0x9C, 0x06, 0x68, 0xDE, 0xD8, 0x29 ), - BYTES_TO_T_UINT_8( 0xA0, 0x04, 0xE1, 0xB5, 0x9D, 0x00, 0xBC, 0xB8 ), - BYTES_TO_T_UINT_8( 0x61, 0x95, 0x92, 0x8D, 0x72, 0xD3, 0x37, 0x42 ), - BYTES_TO_T_UINT_8( 0xAB, 0x4B, 0x27, 0xA2, 0xE8, 0xA4, 0x26, 0xA1 ), - BYTES_TO_T_UINT_8( 0x4F, 0x45, 0x9C, 0xA9, 0xCB, 0x9F, 0xBA, 0x85 ), - BYTES_TO_T_UINT_8( 0xCB, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x09, 0x41, 0x79, 0x1D, 0x4D, 0x0D, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x31, 0x18, 0xBA, 0xA0, 0xF2, 0x6E, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x5B, 0x4D, 0x4F, 0xAF, 0xC9, 0x8C, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0x99, 0x9C, 0x06, 0x68, 0xDE, 0xD8, 0x29 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x04, 0xE1, 0xB5, 0x9D, 0x00, 0xBC, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x95, 0x92, 0x8D, 0x72, 0xD3, 0x37, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x4B, 0x27, 0xA2, 0xE8, 0xA4, 0x26, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x45, 0x9C, 0xA9, 0xCB, 0x9F, 0xBA, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x08, 0x7E, 0x1B, 0x64, 0xF4, 0xE8, 0xA5, 0x55 ), - BYTES_TO_T_UINT_8( 0xF7, 0x20, 0xA9, 0xCA, 0xF3, 0x89, 0xE5, 0xE1 ), - BYTES_TO_T_UINT_8( 0x83, 0xED, 0xFC, 0xAB, 0xD9, 0x0A, 0xB9, 0x07 ), - BYTES_TO_T_UINT_8( 0x08, 0x6F, 0x46, 0x7C, 0xCD, 0x78, 0xFF, 0x05 ), - BYTES_TO_T_UINT_8( 0x69, 0xAB, 0x71, 0x5A, 0x94, 0xAB, 0x20, 0x20 ), - BYTES_TO_T_UINT_8( 0xC2, 0x2E, 0xEE, 0x87, 0x57, 0x1F, 0xAD, 0xD3 ), - BYTES_TO_T_UINT_8( 0x91, 0x4C, 0x3D, 0xFB, 0x7E, 0xA1, 0x8B, 0x07 ), - BYTES_TO_T_UINT_8( 0x69, 0xCF, 0x07, 0x86, 0xBA, 0x53, 0x37, 0xCF ), - BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x7E, 0x1B, 0x64, 0xF4, 0xE8, 0xA5, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x20, 0xA9, 0xCA, 0xF3, 0x89, 0xE5, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0xED, 0xFC, 0xAB, 0xD9, 0x0A, 0xB9, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x6F, 0x46, 0x7C, 0xCD, 0x78, 0xFF, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0xAB, 0x71, 0x5A, 0x94, 0xAB, 0x20, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x2E, 0xEE, 0x87, 0x57, 0x1F, 0xAD, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x4C, 0x3D, 0xFB, 0x7E, 0xA1, 0x8B, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0xCF, 0x07, 0x86, 0xBA, 0x53, 0x37, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x00, 0x26, 0xB2, 0xB9, 0xE2, 0x91, 0xE3, 0xB5 ), - BYTES_TO_T_UINT_8( 0x79, 0xC9, 0x54, 0x84, 0x08, 0x3D, 0x0B, 0xD2 ), - BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x77, 0x2F, 0x64, 0x45, 0x99, 0x4C ), - BYTES_TO_T_UINT_8( 0x87, 0x96, 0x16, 0x1F, 0xDB, 0x96, 0x28, 0x97 ), - BYTES_TO_T_UINT_8( 0x83, 0x2B, 0x8D, 0xFF, 0xA2, 0x4F, 0x55, 0xD3 ), - BYTES_TO_T_UINT_8( 0x71, 0xE6, 0x48, 0xBD, 0x99, 0x3D, 0x12, 0x57 ), - BYTES_TO_T_UINT_8( 0x3F, 0x84, 0x59, 0xDA, 0xB9, 0xB6, 0x66, 0x12 ), - BYTES_TO_T_UINT_8( 0x6D, 0x78, 0x41, 0x92, 0xDF, 0xF4, 0x3F, 0x63 ), - BYTES_TO_T_UINT_8( 0x1F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x26, 0xB2, 0xB9, 0xE2, 0x91, 0xE3, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0xC9, 0x54, 0x84, 0x08, 0x3D, 0x0B, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xA8, 0x77, 0x2F, 0x64, 0x45, 0x99, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x96, 0x16, 0x1F, 0xDB, 0x96, 0x28, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x2B, 0x8D, 0xFF, 0xA2, 0x4F, 0x55, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0xE6, 0x48, 0xBD, 0x99, 0x3D, 0x12, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x84, 0x59, 0xDA, 0xB9, 0xB6, 0x66, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x78, 0x41, 0x92, 0xDF, 0xF4, 0x3F, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0x7E, 0x86, 0x6F, 0x4F, 0xBF, 0x67, 0xDF, 0x2F ), - BYTES_TO_T_UINT_8( 0xF2, 0x2B, 0x1E, 0x5F, 0x00, 0xEA, 0xF6, 0x56 ), - BYTES_TO_T_UINT_8( 0x90, 0xB9, 0x6A, 0x89, 0xD8, 0xC0, 0xD7, 0xA7 ), - BYTES_TO_T_UINT_8( 0xCB, 0x9A, 0x32, 0x23, 0xA0, 0x02, 0x91, 0x58 ), - BYTES_TO_T_UINT_8( 0x42, 0x7F, 0x6A, 0x15, 0x64, 0x6A, 0x8B, 0xBB ), - BYTES_TO_T_UINT_8( 0x8A, 0x57, 0x82, 0x58, 0xA9, 0x56, 0xB5, 0xFB ), - BYTES_TO_T_UINT_8( 0xDD, 0x50, 0x92, 0x60, 0xCC, 0x81, 0x24, 0xA8 ), - BYTES_TO_T_UINT_8( 0x36, 0x3D, 0xAD, 0xDA, 0xD9, 0x51, 0x3E, 0x57 ), - BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x86, 0x6F, 0x4F, 0xBF, 0x67, 0xDF, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x2B, 0x1E, 0x5F, 0x00, 0xEA, 0xF6, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xB9, 0x6A, 0x89, 0xD8, 0xC0, 0xD7, 0xA7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x9A, 0x32, 0x23, 0xA0, 0x02, 0x91, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x7F, 0x6A, 0x15, 0x64, 0x6A, 0x8B, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x57, 0x82, 0x58, 0xA9, 0x56, 0xB5, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x50, 0x92, 0x60, 0xCC, 0x81, 0x24, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0x3D, 0xAD, 0xDA, 0xD9, 0x51, 0x3E, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0xEC, 0xFE, 0x8F, 0xB0, 0x0B, 0xDE, 0x2E, 0x7E ), - BYTES_TO_T_UINT_8( 0x79, 0xD2, 0xBE, 0xEF, 0xAC, 0x76, 0x71, 0xA3 ), - BYTES_TO_T_UINT_8( 0x55, 0xE8, 0x72, 0x0B, 0xAC, 0xFE, 0xCA, 0x5A ), - BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0xC7, 0xFC, 0xE3, 0x3C, 0x7C, 0x4C ), - BYTES_TO_T_UINT_8( 0xA1, 0x04, 0xA7, 0xB9, 0x9B, 0x93, 0xC0, 0x2F ), - BYTES_TO_T_UINT_8( 0x41, 0x48, 0x4B, 0x8E, 0x32, 0xC5, 0xF0, 0x6B ), - BYTES_TO_T_UINT_8( 0xB0, 0x42, 0x07, 0xC1, 0xF2, 0xF1, 0x72, 0x5B ), - BYTES_TO_T_UINT_8( 0x1E, 0x37, 0x54, 0x9C, 0x88, 0xD2, 0x62, 0xAA ), - BYTES_TO_T_UINT_8( 0xC1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0xFE, 0x8F, 0xB0, 0x0B, 0xDE, 0x2E, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0xD2, 0xBE, 0xEF, 0xAC, 0x76, 0x71, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0xE8, 0x72, 0x0B, 0xAC, 0xFE, 0xCA, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0xC7, 0xFC, 0xE3, 0x3C, 0x7C, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x04, 0xA7, 0xB9, 0x9B, 0x93, 0xC0, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x48, 0x4B, 0x8E, 0x32, 0xC5, 0xF0, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x42, 0x07, 0xC1, 0xF2, 0xF1, 0x72, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x37, 0x54, 0x9C, 0x88, 0xD2, 0x62, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0xC2, 0x19, 0x8A, 0x89, 0x58, 0xA2, 0x0F, 0xDB ), - BYTES_TO_T_UINT_8( 0x01, 0xCC, 0x4C, 0x97, 0x30, 0x66, 0x34, 0x26 ), - BYTES_TO_T_UINT_8( 0x83, 0x6A, 0x1E, 0x1F, 0xDB, 0xC9, 0x5E, 0x13 ), - BYTES_TO_T_UINT_8( 0x1B, 0x4D, 0x49, 0xFF, 0x9B, 0x9C, 0xAC, 0x9B ), - BYTES_TO_T_UINT_8( 0xD7, 0xE4, 0x4B, 0xF2, 0xD4, 0x1A, 0xD2, 0x78 ), - BYTES_TO_T_UINT_8( 0xCD, 0xDA, 0xE8, 0x61, 0x9F, 0xC8, 0x49, 0x32 ), - BYTES_TO_T_UINT_8( 0x51, 0xCB, 0xF2, 0x2D, 0x85, 0xF6, 0x8D, 0x52 ), - BYTES_TO_T_UINT_8( 0xB7, 0xC5, 0xCD, 0x2C, 0x79, 0xC6, 0x0E, 0x4F ), - BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x19, 0x8A, 0x89, 0x58, 0xA2, 0x0F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0xCC, 0x4C, 0x97, 0x30, 0x66, 0x34, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x6A, 0x1E, 0x1F, 0xDB, 0xC9, 0x5E, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x4D, 0x49, 0xFF, 0x9B, 0x9C, 0xAC, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0xE4, 0x4B, 0xF2, 0xD4, 0x1A, 0xD2, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xDA, 0xE8, 0x61, 0x9F, 0xC8, 0x49, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xCB, 0xF2, 0x2D, 0x85, 0xF6, 0x8D, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xC5, 0xCD, 0x2C, 0x79, 0xC6, 0x0E, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x73, 0x1D, 0x55, 0x0F, 0xF8, 0x22, 0x9F, 0x78 ), - BYTES_TO_T_UINT_8( 0x76, 0x56, 0xBA, 0xE7, 0x57, 0x32, 0xEC, 0x42 ), - BYTES_TO_T_UINT_8( 0x65, 0x9A, 0xC6, 0x4C, 0x09, 0xC4, 0x52, 0x3F ), - BYTES_TO_T_UINT_8( 0xB6, 0x1E, 0x6F, 0xF4, 0x7D, 0x27, 0xDD, 0xAF ), - BYTES_TO_T_UINT_8( 0x94, 0x11, 0x16, 0xEC, 0x79, 0x83, 0xAD, 0xAE ), - BYTES_TO_T_UINT_8( 0x46, 0x4E, 0x92, 0x1F, 0x19, 0x7D, 0x65, 0xDC ), - BYTES_TO_T_UINT_8( 0x09, 0xFF, 0x78, 0x15, 0x45, 0x63, 0x32, 0xE4 ), - BYTES_TO_T_UINT_8( 0xBF, 0x91, 0xD0, 0x78, 0x58, 0xDA, 0x50, 0x47 ), - BYTES_TO_T_UINT_8( 0x73, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x1D, 0x55, 0x0F, 0xF8, 0x22, 0x9F, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x56, 0xBA, 0xE7, 0x57, 0x32, 0xEC, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x9A, 0xC6, 0x4C, 0x09, 0xC4, 0x52, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x1E, 0x6F, 0xF4, 0x7D, 0x27, 0xDD, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x11, 0x16, 0xEC, 0x79, 0x83, 0xAD, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x4E, 0x92, 0x1F, 0x19, 0x7D, 0x65, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0xFF, 0x78, 0x15, 0x45, 0x63, 0x32, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x91, 0xD0, 0x78, 0x58, 0xDA, 0x50, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x23, 0xDE, 0x40, 0xF6, 0x41, 0xB4, 0x3B, 0x95 ), - BYTES_TO_T_UINT_8( 0xC6, 0x8D, 0xE0, 0xE1, 0xA9, 0xF0, 0x35, 0x5D ), - BYTES_TO_T_UINT_8( 0xE6, 0xD4, 0xBA, 0x7B, 0xCC, 0x1B, 0x3A, 0x32 ), - BYTES_TO_T_UINT_8( 0xD0, 0x5A, 0x2E, 0x74, 0x47, 0x14, 0xC3, 0x4D ), - BYTES_TO_T_UINT_8( 0x7D, 0xF0, 0x8B, 0x06, 0x15, 0x8E, 0x0E, 0xCA ), - BYTES_TO_T_UINT_8( 0xB5, 0xD2, 0xEB, 0x97, 0x50, 0x7D, 0x31, 0xFC ), - BYTES_TO_T_UINT_8( 0x42, 0x93, 0x4C, 0xDB, 0x97, 0x79, 0x44, 0xF5 ), - BYTES_TO_T_UINT_8( 0x9C, 0xA2, 0xA0, 0x0B, 0xC8, 0x3A, 0x8A, 0xF9 ), - BYTES_TO_T_UINT_8( 0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0xDE, 0x40, 0xF6, 0x41, 0xB4, 0x3B, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x8D, 0xE0, 0xE1, 0xA9, 0xF0, 0x35, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xD4, 0xBA, 0x7B, 0xCC, 0x1B, 0x3A, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x5A, 0x2E, 0x74, 0x47, 0x14, 0xC3, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0xF0, 0x8B, 0x06, 0x15, 0x8E, 0x0E, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0xD2, 0xEB, 0x97, 0x50, 0x7D, 0x31, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x93, 0x4C, 0xDB, 0x97, 0x79, 0x44, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0xA2, 0xA0, 0x0B, 0xC8, 0x3A, 0x8A, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x79, 0x50, 0x92, 0x9E, 0x24, 0x1F, 0xCB, 0x4C ), - BYTES_TO_T_UINT_8( 0xD3, 0x16, 0xC9, 0xC5, 0x3D, 0x5A, 0xAF, 0x97 ), - BYTES_TO_T_UINT_8( 0x18, 0xE3, 0x97, 0xE4, 0xA8, 0x50, 0xF6, 0x7E ), - BYTES_TO_T_UINT_8( 0x45, 0x57, 0x97, 0x42, 0x78, 0x92, 0x49, 0x0D ), - BYTES_TO_T_UINT_8( 0xA5, 0xEB, 0x62, 0x24, 0xFB, 0x8F, 0x32, 0xCF ), - BYTES_TO_T_UINT_8( 0xF3, 0x0C, 0x36, 0x6E, 0x8F, 0xE8, 0xE8, 0x8E ), - BYTES_TO_T_UINT_8( 0xC2, 0xD3, 0x7C, 0xC7, 0x8D, 0x3F, 0x5C, 0xE1 ), - BYTES_TO_T_UINT_8( 0x6A, 0x64, 0x6A, 0x73, 0x10, 0x79, 0xB8, 0x5A ), - BYTES_TO_T_UINT_8( 0xCB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0x50, 0x92, 0x9E, 0x24, 0x1F, 0xCB, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x16, 0xC9, 0xC5, 0x3D, 0x5A, 0xAF, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0xE3, 0x97, 0xE4, 0xA8, 0x50, 0xF6, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x57, 0x97, 0x42, 0x78, 0x92, 0x49, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0xEB, 0x62, 0x24, 0xFB, 0x8F, 0x32, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x0C, 0x36, 0x6E, 0x8F, 0xE8, 0xE8, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0xD3, 0x7C, 0xC7, 0x8D, 0x3F, 0x5C, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x64, 0x6A, 0x73, 0x10, 0x79, 0xB8, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x51, 0xF9, 0xEF, 0xA5, 0x20, 0x4A, 0x5C, 0xA1 ), - BYTES_TO_T_UINT_8( 0x2F, 0xF3, 0xF4, 0x49, 0x5B, 0x73, 0xAA, 0x1B ), - BYTES_TO_T_UINT_8( 0xC6, 0xF2, 0xEA, 0x0F, 0x00, 0xAD, 0x53, 0xAB ), - BYTES_TO_T_UINT_8( 0x03, 0xB8, 0x66, 0xED, 0xC4, 0x2B, 0x4C, 0x35 ), - BYTES_TO_T_UINT_8( 0x3A, 0x2F, 0xC1, 0x9A, 0x37, 0xD2, 0x7F, 0x58 ), - BYTES_TO_T_UINT_8( 0x29, 0xA7, 0x81, 0x38, 0x64, 0xC9, 0x37, 0x38 ), - BYTES_TO_T_UINT_8( 0xBE, 0x3B, 0x6C, 0x9F, 0x5B, 0xD9, 0x8B, 0x1D ), - BYTES_TO_T_UINT_8( 0xB6, 0x14, 0xD9, 0x08, 0xD8, 0xD2, 0x7E, 0x23 ), - BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xF9, 0xEF, 0xA5, 0x20, 0x4A, 0x5C, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xF3, 0xF4, 0x49, 0x5B, 0x73, 0xAA, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0xF2, 0xEA, 0x0F, 0x00, 0xAD, 0x53, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0xB8, 0x66, 0xED, 0xC4, 0x2B, 0x4C, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x2F, 0xC1, 0x9A, 0x37, 0xD2, 0x7F, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xA7, 0x81, 0x38, 0x64, 0xC9, 0x37, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x3B, 0x6C, 0x9F, 0x5B, 0xD9, 0x8B, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x14, 0xD9, 0x08, 0xD8, 0xD2, 0x7E, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x15, 0x71, 0xE6, 0x3D, 0xD1, 0xB0, 0xE7, 0xCD ), - BYTES_TO_T_UINT_8( 0x5B, 0x81, 0x23, 0xEC, 0x2D, 0x42, 0x45, 0xE6 ), - BYTES_TO_T_UINT_8( 0x51, 0x5B, 0x44, 0x6B, 0x89, 0x03, 0x67, 0x28 ), - BYTES_TO_T_UINT_8( 0x84, 0x27, 0xAE, 0x80, 0x5A, 0x33, 0xBE, 0x11 ), - BYTES_TO_T_UINT_8( 0xE3, 0xB6, 0x64, 0x1A, 0xDF, 0xD3, 0x85, 0x91 ), - BYTES_TO_T_UINT_8( 0x67, 0x8C, 0x22, 0xBA, 0xD0, 0xBD, 0xCC, 0xA0 ), - BYTES_TO_T_UINT_8( 0xF7, 0x3C, 0x01, 0x3A, 0xFF, 0x9D, 0xC7, 0x6B ), - BYTES_TO_T_UINT_8( 0x0C, 0xC7, 0x64, 0xB4, 0x59, 0x4E, 0x9F, 0x22 ), - BYTES_TO_T_UINT_8( 0x85, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x71, 0xE6, 0x3D, 0xD1, 0xB0, 0xE7, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x81, 0x23, 0xEC, 0x2D, 0x42, 0x45, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x5B, 0x44, 0x6B, 0x89, 0x03, 0x67, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x27, 0xAE, 0x80, 0x5A, 0x33, 0xBE, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0xB6, 0x64, 0x1A, 0xDF, 0xD3, 0x85, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x8C, 0x22, 0xBA, 0xD0, 0xBD, 0xCC, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x3C, 0x01, 0x3A, 0xFF, 0x9D, 0xC7, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0xC7, 0x64, 0xB4, 0x59, 0x4E, 0x9F, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xA1, 0x34, 0x0A, 0x41, 0x94, 0xA8, 0xF2, 0xB7 ), - BYTES_TO_T_UINT_8( 0xF6, 0xD4, 0xE4, 0xF0, 0x97, 0x45, 0x6D, 0xCA ), - BYTES_TO_T_UINT_8( 0x8F, 0x1F, 0x4D, 0x6D, 0xFE, 0xA0, 0xC4, 0x84 ), - BYTES_TO_T_UINT_8( 0x1D, 0x28, 0x5C, 0x40, 0xBB, 0x65, 0xD4, 0x42 ), - BYTES_TO_T_UINT_8( 0x98, 0xA8, 0x87, 0x35, 0x20, 0x3A, 0x89, 0x44 ), - BYTES_TO_T_UINT_8( 0xD6, 0xFD, 0x4F, 0xAB, 0x2D, 0xD1, 0xD0, 0xC0 ), - BYTES_TO_T_UINT_8( 0x86, 0xE8, 0x00, 0xFC, 0x69, 0x52, 0xF8, 0xD5 ), - BYTES_TO_T_UINT_8( 0xE1, 0x9A, 0x99, 0xE1, 0xDC, 0x9C, 0x3F, 0xD9 ), - BYTES_TO_T_UINT_8( 0x99, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x34, 0x0A, 0x41, 0x94, 0xA8, 0xF2, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xD4, 0xE4, 0xF0, 0x97, 0x45, 0x6D, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0x1F, 0x4D, 0x6D, 0xFE, 0xA0, 0xC4, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x28, 0x5C, 0x40, 0xBB, 0x65, 0xD4, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0xA8, 0x87, 0x35, 0x20, 0x3A, 0x89, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFD, 0x4F, 0xAB, 0x2D, 0xD1, 0xD0, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xE8, 0x00, 0xFC, 0x69, 0x52, 0xF8, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x9A, 0x99, 0xE1, 0xDC, 0x9C, 0x3F, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0x12, 0x08, 0x98, 0xD9, 0xCA, 0x73, 0xD5, 0xA9 ), - BYTES_TO_T_UINT_8( 0xB9, 0x2C, 0xE0, 0xA7, 0x3E, 0x91, 0xD7, 0x87 ), - BYTES_TO_T_UINT_8( 0x68, 0x04, 0xB0, 0x54, 0x09, 0xF4, 0x72, 0xB7 ), - BYTES_TO_T_UINT_8( 0xC8, 0xEE, 0x28, 0xCC, 0xE8, 0x50, 0x78, 0x20 ), - BYTES_TO_T_UINT_8( 0x0D, 0x91, 0x03, 0x76, 0xDB, 0x68, 0x24, 0x77 ), - BYTES_TO_T_UINT_8( 0x7A, 0xE0, 0x56, 0xB2, 0x5D, 0x12, 0xD3, 0xB5 ), - BYTES_TO_T_UINT_8( 0x0D, 0x42, 0x59, 0x8B, 0xDF, 0x67, 0xB5, 0xBE ), - BYTES_TO_T_UINT_8( 0xD1, 0xCC, 0xE5, 0x31, 0x53, 0x7A, 0x46, 0xB3 ), - BYTES_TO_T_UINT_8( 0xDA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x08, 0x98, 0xD9, 0xCA, 0x73, 0xD5, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x2C, 0xE0, 0xA7, 0x3E, 0x91, 0xD7, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x04, 0xB0, 0x54, 0x09, 0xF4, 0x72, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xEE, 0x28, 0xCC, 0xE8, 0x50, 0x78, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x91, 0x03, 0x76, 0xDB, 0x68, 0x24, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xE0, 0x56, 0xB2, 0x5D, 0x12, 0xD3, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x42, 0x59, 0x8B, 0xDF, 0x67, 0xB5, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0xCC, 0xE5, 0x31, 0x53, 0x7A, 0x46, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_16_X[] = { - BYTES_TO_T_UINT_8( 0xCC, 0x8D, 0x59, 0xB5, 0x1B, 0x0F, 0xF4, 0xAF ), - BYTES_TO_T_UINT_8( 0xD9, 0x2F, 0xD1, 0x2C, 0xE0, 0xD8, 0x04, 0xEF ), - BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0xD7, 0xBA, 0xB0, 0xA3, 0x7E, 0xC9 ), - BYTES_TO_T_UINT_8( 0xCD, 0x08, 0x51, 0x56, 0xA6, 0x76, 0x67, 0x33 ), - BYTES_TO_T_UINT_8( 0x8C, 0x17, 0x63, 0xFE, 0x56, 0xD0, 0xD9, 0x71 ), - BYTES_TO_T_UINT_8( 0xAA, 0xF6, 0xC3, 0x14, 0x47, 0xC5, 0xA7, 0x31 ), - BYTES_TO_T_UINT_8( 0x72, 0x4C, 0x80, 0xF6, 0xA2, 0x57, 0xA7, 0x5D ), - BYTES_TO_T_UINT_8( 0x11, 0xB3, 0x7B, 0xF8, 0x2F, 0xE1, 0x3E, 0x7B ), - BYTES_TO_T_UINT_8( 0xFA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x8D, 0x59, 0xB5, 0x1B, 0x0F, 0xF4, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x2F, 0xD1, 0x2C, 0xE0, 0xD8, 0x04, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0xD7, 0xBA, 0xB0, 0xA3, 0x7E, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x08, 0x51, 0x56, 0xA6, 0x76, 0x67, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0x17, 0x63, 0xFE, 0x56, 0xD0, 0xD9, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0xF6, 0xC3, 0x14, 0x47, 0xC5, 0xA7, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x4C, 0x80, 0xF6, 0xA2, 0x57, 0xA7, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xB3, 0x7B, 0xF8, 0x2F, 0xE1, 0x3E, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_16_Y[] = { - BYTES_TO_T_UINT_8( 0x26, 0xF4, 0xF9, 0x6B, 0x7B, 0x90, 0xDF, 0x30 ), - BYTES_TO_T_UINT_8( 0x1F, 0x82, 0xEF, 0x62, 0xA1, 0x4C, 0x53, 0xCA ), - BYTES_TO_T_UINT_8( 0xE6, 0x99, 0x76, 0x01, 0xBA, 0x8D, 0x0F, 0x54 ), - BYTES_TO_T_UINT_8( 0xAF, 0xF4, 0x58, 0x73, 0x56, 0xFE, 0xDD, 0x7C ), - BYTES_TO_T_UINT_8( 0xF6, 0xCE, 0xF9, 0xE8, 0xA1, 0x34, 0xC3, 0x5B ), - BYTES_TO_T_UINT_8( 0x09, 0x5F, 0xDC, 0x6A, 0x3D, 0xD8, 0x7F, 0x42 ), - BYTES_TO_T_UINT_8( 0xC2, 0xF4, 0x51, 0xB8, 0xB8, 0xC1, 0xD7, 0x2F ), - BYTES_TO_T_UINT_8( 0xAE, 0x7D, 0x58, 0xD1, 0xD4, 0x1B, 0x4D, 0x23 ), - BYTES_TO_T_UINT_8( 0xD3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0xF4, 0xF9, 0x6B, 0x7B, 0x90, 0xDF, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x82, 0xEF, 0x62, 0xA1, 0x4C, 0x53, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x99, 0x76, 0x01, 0xBA, 0x8D, 0x0F, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xF4, 0x58, 0x73, 0x56, 0xFE, 0xDD, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xCE, 0xF9, 0xE8, 0xA1, 0x34, 0xC3, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x5F, 0xDC, 0x6A, 0x3D, 0xD8, 0x7F, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0xF4, 0x51, 0xB8, 0xB8, 0xC1, 0xD7, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x7D, 0x58, 0xD1, 0xD4, 0x1B, 0x4D, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_17_X[] = { - BYTES_TO_T_UINT_8( 0xB9, 0x95, 0xDF, 0x00, 0xD8, 0x21, 0xDE, 0x94 ), - BYTES_TO_T_UINT_8( 0xF7, 0x47, 0x3C, 0xC3, 0xB2, 0x01, 0x53, 0x5D ), - BYTES_TO_T_UINT_8( 0x1E, 0x17, 0x43, 0x23, 0xBD, 0xCA, 0x71, 0xF2 ), - BYTES_TO_T_UINT_8( 0x70, 0xBA, 0x0F, 0x4F, 0xDC, 0x41, 0x54, 0xBE ), - BYTES_TO_T_UINT_8( 0xD6, 0x39, 0x26, 0x70, 0x53, 0x32, 0x18, 0x11 ), - BYTES_TO_T_UINT_8( 0x32, 0x46, 0x07, 0x97, 0x3A, 0x57, 0xE0, 0x01 ), - BYTES_TO_T_UINT_8( 0xD6, 0x92, 0x4F, 0xCE, 0xDF, 0x25, 0x80, 0x26 ), - BYTES_TO_T_UINT_8( 0x5B, 0x6F, 0x9A, 0x03, 0x05, 0x4B, 0xD1, 0x47 ), - BYTES_TO_T_UINT_8( 0x5D, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x95, 0xDF, 0x00, 0xD8, 0x21, 0xDE, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x47, 0x3C, 0xC3, 0xB2, 0x01, 0x53, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x17, 0x43, 0x23, 0xBD, 0xCA, 0x71, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0xBA, 0x0F, 0x4F, 0xDC, 0x41, 0x54, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x39, 0x26, 0x70, 0x53, 0x32, 0x18, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x46, 0x07, 0x97, 0x3A, 0x57, 0xE0, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x92, 0x4F, 0xCE, 0xDF, 0x25, 0x80, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x6F, 0x9A, 0x03, 0x05, 0x4B, 0xD1, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_17_Y[] = { - BYTES_TO_T_UINT_8( 0x25, 0x01, 0x72, 0x30, 0x90, 0x17, 0x51, 0x20 ), - BYTES_TO_T_UINT_8( 0x74, 0xFB, 0x41, 0x65, 0x5C, 0xB4, 0x2D, 0xEE ), - BYTES_TO_T_UINT_8( 0x66, 0xCD, 0xCD, 0xAA, 0x41, 0xCC, 0xBB, 0x07 ), - BYTES_TO_T_UINT_8( 0xD4, 0xCE, 0x08, 0x0A, 0x63, 0xE9, 0xA2, 0xFF ), - BYTES_TO_T_UINT_8( 0x3D, 0xA8, 0x21, 0x7F, 0x7A, 0x5B, 0x9B, 0x81 ), - BYTES_TO_T_UINT_8( 0x10, 0x6B, 0x89, 0x44, 0x0A, 0x7F, 0x85, 0x5F ), - BYTES_TO_T_UINT_8( 0x7D, 0xDE, 0x7C, 0x19, 0x5C, 0x65, 0x26, 0x61 ), - BYTES_TO_T_UINT_8( 0xD7, 0xAC, 0x62, 0x29, 0x4A, 0xF1, 0xD0, 0x81 ), - BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0x01, 0x72, 0x30, 0x90, 0x17, 0x51, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xFB, 0x41, 0x65, 0x5C, 0xB4, 0x2D, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xCD, 0xCD, 0xAA, 0x41, 0xCC, 0xBB, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0xCE, 0x08, 0x0A, 0x63, 0xE9, 0xA2, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xA8, 0x21, 0x7F, 0x7A, 0x5B, 0x9B, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x6B, 0x89, 0x44, 0x0A, 0x7F, 0x85, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0xDE, 0x7C, 0x19, 0x5C, 0x65, 0x26, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0xAC, 0x62, 0x29, 0x4A, 0xF1, 0xD0, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_18_X[] = { - BYTES_TO_T_UINT_8( 0x32, 0x00, 0x40, 0x87, 0xEB, 0xA9, 0x58, 0x56 ), - BYTES_TO_T_UINT_8( 0xAF, 0x51, 0x0B, 0xFF, 0x56, 0x35, 0x51, 0xB3 ), - BYTES_TO_T_UINT_8( 0x7B, 0xAC, 0x08, 0x94, 0x71, 0xDA, 0xEC, 0x99 ), - BYTES_TO_T_UINT_8( 0x5F, 0x4D, 0xC5, 0x7B, 0x31, 0x8B, 0x8D, 0x5E ), - BYTES_TO_T_UINT_8( 0x15, 0x05, 0xF1, 0x3E, 0x9E, 0x8F, 0x17, 0x8F ), - BYTES_TO_T_UINT_8( 0xF0, 0x9C, 0x4B, 0x62, 0x94, 0xAD, 0x49, 0xFC ), - BYTES_TO_T_UINT_8( 0x0F, 0xC9, 0xC6, 0x8F, 0xFD, 0x33, 0x44, 0x34 ), - BYTES_TO_T_UINT_8( 0x5F, 0x96, 0x17, 0x7F, 0x42, 0xBE, 0xF7, 0x0D ), - BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x00, 0x40, 0x87, 0xEB, 0xA9, 0x58, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0x51, 0x0B, 0xFF, 0x56, 0x35, 0x51, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0xAC, 0x08, 0x94, 0x71, 0xDA, 0xEC, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x4D, 0xC5, 0x7B, 0x31, 0x8B, 0x8D, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x05, 0xF1, 0x3E, 0x9E, 0x8F, 0x17, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x9C, 0x4B, 0x62, 0x94, 0xAD, 0x49, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xC9, 0xC6, 0x8F, 0xFD, 0x33, 0x44, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x96, 0x17, 0x7F, 0x42, 0xBE, 0xF7, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_18_Y[] = { - BYTES_TO_T_UINT_8( 0xFB, 0x29, 0x39, 0x13, 0x08, 0x8D, 0x91, 0x47 ), - BYTES_TO_T_UINT_8( 0xF6, 0x79, 0xF9, 0x2F, 0xA9, 0x0A, 0xCF, 0xD6 ), - BYTES_TO_T_UINT_8( 0xAB, 0x87, 0x7A, 0xA3, 0x19, 0xAB, 0x55, 0xAD ), - BYTES_TO_T_UINT_8( 0xE8, 0x0B, 0x01, 0xC5, 0x56, 0x19, 0x9D, 0x9E ), - BYTES_TO_T_UINT_8( 0x19, 0xDE, 0x82, 0x3B, 0xEA, 0xD3, 0x0B, 0x8C ), - BYTES_TO_T_UINT_8( 0x65, 0x6B, 0xC7, 0xF3, 0x0F, 0x82, 0x87, 0x6C ), - BYTES_TO_T_UINT_8( 0xD8, 0x2E, 0x23, 0xF2, 0x39, 0x9D, 0x49, 0x70 ), - BYTES_TO_T_UINT_8( 0x31, 0xDE, 0xAF, 0x7A, 0xEE, 0xB0, 0xDA, 0x70 ), - BYTES_TO_T_UINT_8( 0x63, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0x29, 0x39, 0x13, 0x08, 0x8D, 0x91, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x79, 0xF9, 0x2F, 0xA9, 0x0A, 0xCF, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x87, 0x7A, 0xA3, 0x19, 0xAB, 0x55, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x0B, 0x01, 0xC5, 0x56, 0x19, 0x9D, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0xDE, 0x82, 0x3B, 0xEA, 0xD3, 0x0B, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x6B, 0xC7, 0xF3, 0x0F, 0x82, 0x87, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x2E, 0x23, 0xF2, 0x39, 0x9D, 0x49, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0xDE, 0xAF, 0x7A, 0xEE, 0xB0, 0xDA, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_19_X[] = { - BYTES_TO_T_UINT_8( 0x76, 0x4E, 0x2A, 0x50, 0xFD, 0x8E, 0xC0, 0xEB ), - BYTES_TO_T_UINT_8( 0x52, 0x0F, 0x7C, 0x76, 0x63, 0xD8, 0x89, 0x45 ), - BYTES_TO_T_UINT_8( 0xEC, 0x2D, 0xB9, 0x4E, 0xF4, 0xEE, 0x85, 0xCF ), - BYTES_TO_T_UINT_8( 0xC1, 0x95, 0x5C, 0x96, 0x5D, 0xAA, 0x59, 0x0B ), - BYTES_TO_T_UINT_8( 0xCA, 0xDB, 0xD2, 0x68, 0x8E, 0x5A, 0x94, 0x60 ), - BYTES_TO_T_UINT_8( 0xD9, 0x02, 0xBF, 0x77, 0x9F, 0xB9, 0x4C, 0xC9 ), - BYTES_TO_T_UINT_8( 0x2D, 0xDC, 0xC0, 0xCF, 0x81, 0x1E, 0xC4, 0x6C ), - BYTES_TO_T_UINT_8( 0x2B, 0xCC, 0x37, 0x86, 0xDC, 0xE2, 0x64, 0x72 ), - BYTES_TO_T_UINT_8( 0xD5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x4E, 0x2A, 0x50, 0xFD, 0x8E, 0xC0, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0x0F, 0x7C, 0x76, 0x63, 0xD8, 0x89, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x2D, 0xB9, 0x4E, 0xF4, 0xEE, 0x85, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x95, 0x5C, 0x96, 0x5D, 0xAA, 0x59, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0xDB, 0xD2, 0x68, 0x8E, 0x5A, 0x94, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x02, 0xBF, 0x77, 0x9F, 0xB9, 0x4C, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0xDC, 0xC0, 0xCF, 0x81, 0x1E, 0xC4, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0xCC, 0x37, 0x86, 0xDC, 0xE2, 0x64, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_19_Y[] = { - BYTES_TO_T_UINT_8( 0x2C, 0x30, 0xB1, 0x59, 0x20, 0x9D, 0x98, 0x28 ), - BYTES_TO_T_UINT_8( 0x77, 0x0C, 0x9D, 0xF8, 0x20, 0xDC, 0x90, 0xBA ), - BYTES_TO_T_UINT_8( 0xB1, 0xA0, 0xF4, 0xE7, 0x3E, 0x9C, 0x9E, 0xA2 ), - BYTES_TO_T_UINT_8( 0xB5, 0x25, 0xA2, 0xB0, 0x54, 0xCD, 0x2E, 0x33 ), - BYTES_TO_T_UINT_8( 0xEA, 0xD9, 0x42, 0xB0, 0x80, 0xB0, 0xA3, 0x38 ), - BYTES_TO_T_UINT_8( 0x9F, 0xFE, 0x9D, 0x8D, 0x40, 0xFF, 0x27, 0x6D ), - BYTES_TO_T_UINT_8( 0x3A, 0x9D, 0xA6, 0x88, 0x3A, 0x8B, 0x6F, 0x14 ), - BYTES_TO_T_UINT_8( 0xB6, 0x39, 0xEE, 0x1F, 0x3F, 0xB1, 0x4F, 0x63 ), - BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x30, 0xB1, 0x59, 0x20, 0x9D, 0x98, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x0C, 0x9D, 0xF8, 0x20, 0xDC, 0x90, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xA0, 0xF4, 0xE7, 0x3E, 0x9C, 0x9E, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x25, 0xA2, 0xB0, 0x54, 0xCD, 0x2E, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xD9, 0x42, 0xB0, 0x80, 0xB0, 0xA3, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0xFE, 0x9D, 0x8D, 0x40, 0xFF, 0x27, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x9D, 0xA6, 0x88, 0x3A, 0x8B, 0x6F, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x39, 0xEE, 0x1F, 0x3F, 0xB1, 0x4F, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_20_X[] = { - BYTES_TO_T_UINT_8( 0x6D, 0xD7, 0x9E, 0xFF, 0xD2, 0x35, 0x67, 0x03 ), - BYTES_TO_T_UINT_8( 0xCA, 0x4F, 0x15, 0x5D, 0xE3, 0xE8, 0x53, 0x86 ), - BYTES_TO_T_UINT_8( 0x92, 0xF7, 0x24, 0x98, 0xA2, 0xCB, 0x11, 0x68 ), - BYTES_TO_T_UINT_8( 0x06, 0x2E, 0x25, 0xE1, 0x94, 0xC5, 0xA3, 0x96 ), - BYTES_TO_T_UINT_8( 0xE0, 0x82, 0x6E, 0xBA, 0xE7, 0x43, 0x25, 0xB0 ), - BYTES_TO_T_UINT_8( 0x18, 0x65, 0xB4, 0x49, 0x73, 0x18, 0x35, 0x54 ), - BYTES_TO_T_UINT_8( 0x59, 0x5B, 0xBC, 0x62, 0x86, 0x4C, 0xC1, 0xB7 ), - BYTES_TO_T_UINT_8( 0x9B, 0xF2, 0x95, 0xA2, 0xBB, 0xA2, 0x35, 0x65 ), - BYTES_TO_T_UINT_8( 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xD7, 0x9E, 0xFF, 0xD2, 0x35, 0x67, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x4F, 0x15, 0x5D, 0xE3, 0xE8, 0x53, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xF7, 0x24, 0x98, 0xA2, 0xCB, 0x11, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x2E, 0x25, 0xE1, 0x94, 0xC5, 0xA3, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x82, 0x6E, 0xBA, 0xE7, 0x43, 0x25, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x65, 0xB4, 0x49, 0x73, 0x18, 0x35, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0x5B, 0xBC, 0x62, 0x86, 0x4C, 0xC1, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0xF2, 0x95, 0xA2, 0xBB, 0xA2, 0x35, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_20_Y[] = { - BYTES_TO_T_UINT_8( 0x72, 0x59, 0x62, 0xB0, 0x4B, 0x1E, 0xB4, 0xD8 ), - BYTES_TO_T_UINT_8( 0x0D, 0x55, 0xCE, 0xB0, 0x69, 0xBA, 0x63, 0x10 ), - BYTES_TO_T_UINT_8( 0x6E, 0x69, 0x86, 0xDB, 0x34, 0x7D, 0x68, 0x64 ), - BYTES_TO_T_UINT_8( 0xDA, 0x06, 0xCA, 0x55, 0x44, 0x36, 0x2B, 0xBA ), - BYTES_TO_T_UINT_8( 0x6C, 0xD4, 0xC4, 0x3D, 0xCD, 0x9E, 0x69, 0xA4 ), - BYTES_TO_T_UINT_8( 0x3F, 0x44, 0xE4, 0xBF, 0x31, 0xE6, 0x40, 0x9F ), - BYTES_TO_T_UINT_8( 0x7E, 0x4F, 0xFA, 0x75, 0xE3, 0xFB, 0x97, 0x0E ), - BYTES_TO_T_UINT_8( 0x08, 0xC0, 0xBD, 0x1C, 0x48, 0xB0, 0x26, 0xD0 ), - BYTES_TO_T_UINT_8( 0xD2, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x59, 0x62, 0xB0, 0x4B, 0x1E, 0xB4, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x55, 0xCE, 0xB0, 0x69, 0xBA, 0x63, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0x69, 0x86, 0xDB, 0x34, 0x7D, 0x68, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x06, 0xCA, 0x55, 0x44, 0x36, 0x2B, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0xD4, 0xC4, 0x3D, 0xCD, 0x9E, 0x69, 0xA4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x44, 0xE4, 0xBF, 0x31, 0xE6, 0x40, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x4F, 0xFA, 0x75, 0xE3, 0xFB, 0x97, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xC0, 0xBD, 0x1C, 0x48, 0xB0, 0x26, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_21_X[] = { - BYTES_TO_T_UINT_8( 0x1C, 0x7B, 0x32, 0xFA, 0xF2, 0x6D, 0x84, 0x8E ), - BYTES_TO_T_UINT_8( 0xA0, 0x21, 0x03, 0x1D, 0x0D, 0x22, 0x55, 0x67 ), - BYTES_TO_T_UINT_8( 0x18, 0xF9, 0x42, 0x03, 0x9C, 0xC2, 0xCB, 0xBA ), - BYTES_TO_T_UINT_8( 0xF8, 0xA1, 0x96, 0xD9, 0x9D, 0x11, 0x6F, 0xBE ), - BYTES_TO_T_UINT_8( 0xFF, 0x40, 0x57, 0xEB, 0x40, 0x2D, 0xC0, 0x11 ), - BYTES_TO_T_UINT_8( 0x2F, 0x96, 0xBB, 0x4F, 0x2F, 0x23, 0xA8, 0x28 ), - BYTES_TO_T_UINT_8( 0x3A, 0x29, 0x85, 0x21, 0xA5, 0x50, 0x62, 0x06 ), - BYTES_TO_T_UINT_8( 0xC9, 0x7D, 0x92, 0xCF, 0x87, 0x0C, 0x22, 0xF9 ), - BYTES_TO_T_UINT_8( 0xC9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x7B, 0x32, 0xFA, 0xF2, 0x6D, 0x84, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x21, 0x03, 0x1D, 0x0D, 0x22, 0x55, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0xF9, 0x42, 0x03, 0x9C, 0xC2, 0xCB, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0xA1, 0x96, 0xD9, 0x9D, 0x11, 0x6F, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x40, 0x57, 0xEB, 0x40, 0x2D, 0xC0, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x96, 0xBB, 0x4F, 0x2F, 0x23, 0xA8, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x29, 0x85, 0x21, 0xA5, 0x50, 0x62, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x7D, 0x92, 0xCF, 0x87, 0x0C, 0x22, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_21_Y[] = { - BYTES_TO_T_UINT_8( 0x5A, 0x0E, 0xA5, 0x32, 0x5B, 0xDF, 0x9C, 0xD5 ), - BYTES_TO_T_UINT_8( 0x27, 0x96, 0x37, 0x2C, 0x88, 0x35, 0x30, 0xA1 ), - BYTES_TO_T_UINT_8( 0x40, 0xB4, 0x69, 0xFF, 0xEB, 0xC6, 0x94, 0x08 ), - BYTES_TO_T_UINT_8( 0xC9, 0x55, 0x60, 0xAD, 0xAA, 0x58, 0x14, 0x88 ), - BYTES_TO_T_UINT_8( 0x3C, 0xFF, 0xF2, 0xB2, 0xD5, 0xA7, 0xD9, 0x27 ), - BYTES_TO_T_UINT_8( 0x2D, 0xAE, 0x54, 0xD2, 0x60, 0x31, 0xF3, 0x15 ), - BYTES_TO_T_UINT_8( 0xBB, 0x92, 0x83, 0xE3, 0xF1, 0x42, 0x83, 0x6E ), - BYTES_TO_T_UINT_8( 0x49, 0xD2, 0xC8, 0xB7, 0x76, 0x45, 0x7F, 0x7D ), - BYTES_TO_T_UINT_8( 0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x0E, 0xA5, 0x32, 0x5B, 0xDF, 0x9C, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x96, 0x37, 0x2C, 0x88, 0x35, 0x30, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xB4, 0x69, 0xFF, 0xEB, 0xC6, 0x94, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x55, 0x60, 0xAD, 0xAA, 0x58, 0x14, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0xFF, 0xF2, 0xB2, 0xD5, 0xA7, 0xD9, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0xAE, 0x54, 0xD2, 0x60, 0x31, 0xF3, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x92, 0x83, 0xE3, 0xF1, 0x42, 0x83, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0xD2, 0xC8, 0xB7, 0x76, 0x45, 0x7F, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_22_X[] = { - BYTES_TO_T_UINT_8( 0x4A, 0x11, 0xA4, 0xFB, 0x7A, 0x01, 0xBC, 0xC8 ), - BYTES_TO_T_UINT_8( 0xCD, 0x27, 0x73, 0x8D, 0x02, 0x91, 0x27, 0x8E ), - BYTES_TO_T_UINT_8( 0xA4, 0x62, 0xF6, 0xDD, 0x6B, 0xFA, 0x5B, 0xB9 ), - BYTES_TO_T_UINT_8( 0xEF, 0xCA, 0xA2, 0x44, 0x2C, 0xF0, 0x28, 0xD8 ), - BYTES_TO_T_UINT_8( 0x3C, 0xF1, 0x7A, 0xA2, 0x42, 0x4C, 0x50, 0xC6 ), - BYTES_TO_T_UINT_8( 0x2D, 0x83, 0x3E, 0x50, 0xAB, 0x9C, 0xF7, 0x67 ), - BYTES_TO_T_UINT_8( 0x1D, 0xED, 0x78, 0xCB, 0x76, 0x69, 0xDA, 0x42 ), - BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x1E, 0x43, 0x27, 0x47, 0x6E, 0xDA ), - BYTES_TO_T_UINT_8( 0x94, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x11, 0xA4, 0xFB, 0x7A, 0x01, 0xBC, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x27, 0x73, 0x8D, 0x02, 0x91, 0x27, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x62, 0xF6, 0xDD, 0x6B, 0xFA, 0x5B, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0xCA, 0xA2, 0x44, 0x2C, 0xF0, 0x28, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0xF1, 0x7A, 0xA2, 0x42, 0x4C, 0x50, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0x83, 0x3E, 0x50, 0xAB, 0x9C, 0xF7, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0xED, 0x78, 0xCB, 0x76, 0x69, 0xDA, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x01, 0x1E, 0x43, 0x27, 0x47, 0x6E, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_22_Y[] = { - BYTES_TO_T_UINT_8( 0xD3, 0x4F, 0x54, 0xB9, 0x3E, 0xBD, 0xD5, 0x44 ), - BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x40, 0x69, 0x7F, 0x74, 0x9D, 0x32 ), - BYTES_TO_T_UINT_8( 0x5A, 0x06, 0x6F, 0x67, 0x68, 0x2B, 0x4D, 0x10 ), - BYTES_TO_T_UINT_8( 0xC6, 0x65, 0x41, 0xFC, 0x7C, 0x1E, 0xE8, 0xC8 ), - BYTES_TO_T_UINT_8( 0xF2, 0x79, 0x37, 0xAF, 0xFD, 0xD2, 0xDA, 0x4C ), - BYTES_TO_T_UINT_8( 0x33, 0xA8, 0x69, 0x56, 0x62, 0xA4, 0xE4, 0xA3 ), - BYTES_TO_T_UINT_8( 0x42, 0x71, 0x73, 0x21, 0x8A, 0x17, 0x81, 0xA2 ), - BYTES_TO_T_UINT_8( 0x14, 0x55, 0x8F, 0x7B, 0xB8, 0xAF, 0xF7, 0x86 ), - BYTES_TO_T_UINT_8( 0xAA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x4F, 0x54, 0xB9, 0x3E, 0xBD, 0xD5, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x40, 0x69, 0x7F, 0x74, 0x9D, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x06, 0x6F, 0x67, 0x68, 0x2B, 0x4D, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x65, 0x41, 0xFC, 0x7C, 0x1E, 0xE8, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x79, 0x37, 0xAF, 0xFD, 0xD2, 0xDA, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0xA8, 0x69, 0x56, 0x62, 0xA4, 0xE4, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x71, 0x73, 0x21, 0x8A, 0x17, 0x81, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0x55, 0x8F, 0x7B, 0xB8, 0xAF, 0xF7, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_23_X[] = { - BYTES_TO_T_UINT_8( 0x4B, 0xD1, 0xBD, 0xBE, 0x8C, 0xBC, 0x60, 0x6E ), - BYTES_TO_T_UINT_8( 0x62, 0xA6, 0x57, 0x8C, 0xAE, 0x5C, 0x19, 0xFE ), - BYTES_TO_T_UINT_8( 0x7A, 0x43, 0xE4, 0xD9, 0xD8, 0x7B, 0xE7, 0x41 ), - BYTES_TO_T_UINT_8( 0xED, 0xB9, 0xE4, 0x85, 0x7C, 0x2E, 0xFC, 0x20 ), - BYTES_TO_T_UINT_8( 0x02, 0x2E, 0x01, 0x2A, 0x6D, 0x56, 0xBE, 0x97 ), - BYTES_TO_T_UINT_8( 0x6A, 0x0C, 0x25, 0x9B, 0xAE, 0x86, 0x37, 0x43 ), - BYTES_TO_T_UINT_8( 0x4A, 0x22, 0xB3, 0xCB, 0x99, 0x66, 0xB7, 0x9E ), - BYTES_TO_T_UINT_8( 0x56, 0xF7, 0x90, 0xF0, 0x1B, 0x09, 0x27, 0xF7 ), - BYTES_TO_T_UINT_8( 0xC8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0xD1, 0xBD, 0xBE, 0x8C, 0xBC, 0x60, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0xA6, 0x57, 0x8C, 0xAE, 0x5C, 0x19, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0x43, 0xE4, 0xD9, 0xD8, 0x7B, 0xE7, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0xB9, 0xE4, 0x85, 0x7C, 0x2E, 0xFC, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x2E, 0x01, 0x2A, 0x6D, 0x56, 0xBE, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x0C, 0x25, 0x9B, 0xAE, 0x86, 0x37, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x22, 0xB3, 0xCB, 0x99, 0x66, 0xB7, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0xF7, 0x90, 0xF0, 0x1B, 0x09, 0x27, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_23_Y[] = { - BYTES_TO_T_UINT_8( 0x1C, 0x16, 0x08, 0xEF, 0x39, 0x64, 0x49, 0x31 ), - BYTES_TO_T_UINT_8( 0x08, 0xA0, 0xE3, 0x97, 0xA9, 0x07, 0x54, 0x26 ), - BYTES_TO_T_UINT_8( 0xCD, 0xFF, 0xE2, 0x00, 0x07, 0x21, 0x88, 0x20 ), - BYTES_TO_T_UINT_8( 0x16, 0xFD, 0x59, 0x53, 0x05, 0x6C, 0x42, 0x27 ), - BYTES_TO_T_UINT_8( 0x8F, 0xF7, 0x39, 0x5C, 0x82, 0x36, 0xE8, 0x03 ), - BYTES_TO_T_UINT_8( 0x2E, 0x83, 0xA8, 0xE2, 0xA8, 0x43, 0x07, 0x38 ), - BYTES_TO_T_UINT_8( 0xE6, 0xAF, 0x2B, 0x79, 0xED, 0xD8, 0x39, 0x87 ), - BYTES_TO_T_UINT_8( 0x15, 0x20, 0x91, 0x7A, 0xC4, 0x07, 0xEF, 0x6C ), - BYTES_TO_T_UINT_8( 0x28, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x16, 0x08, 0xEF, 0x39, 0x64, 0x49, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xA0, 0xE3, 0x97, 0xA9, 0x07, 0x54, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xFF, 0xE2, 0x00, 0x07, 0x21, 0x88, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xFD, 0x59, 0x53, 0x05, 0x6C, 0x42, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0xF7, 0x39, 0x5C, 0x82, 0x36, 0xE8, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2E, 0x83, 0xA8, 0xE2, 0xA8, 0x43, 0x07, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xAF, 0x2B, 0x79, 0xED, 0xD8, 0x39, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x20, 0x91, 0x7A, 0xC4, 0x07, 0xEF, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_24_X[] = { - BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x2F, 0xAA, 0x0C, 0x94, 0x0E, 0x5A ), - BYTES_TO_T_UINT_8( 0xB7, 0x81, 0x87, 0x41, 0x23, 0xEB, 0x55, 0x7C ), - BYTES_TO_T_UINT_8( 0xB8, 0x53, 0xCC, 0x79, 0xB6, 0xEB, 0x6C, 0xCC ), - BYTES_TO_T_UINT_8( 0xF4, 0x77, 0x73, 0x9D, 0xFC, 0x64, 0x6F, 0x7F ), - BYTES_TO_T_UINT_8( 0x3C, 0x40, 0xE3, 0x6D, 0x1C, 0x16, 0x71, 0x15 ), - BYTES_TO_T_UINT_8( 0x5A, 0xF4, 0x1B, 0xFF, 0x1C, 0x2F, 0xA5, 0xD7 ), - BYTES_TO_T_UINT_8( 0x06, 0x0E, 0x0B, 0x11, 0xF4, 0x8D, 0x93, 0xAF ), - BYTES_TO_T_UINT_8( 0x58, 0xC5, 0x64, 0x6F, 0x24, 0x19, 0xF2, 0x9B ), - BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x10, 0x2F, 0xAA, 0x0C, 0x94, 0x0E, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x81, 0x87, 0x41, 0x23, 0xEB, 0x55, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x53, 0xCC, 0x79, 0xB6, 0xEB, 0x6C, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x77, 0x73, 0x9D, 0xFC, 0x64, 0x6F, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x40, 0xE3, 0x6D, 0x1C, 0x16, 0x71, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0xF4, 0x1B, 0xFF, 0x1C, 0x2F, 0xA5, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x0E, 0x0B, 0x11, 0xF4, 0x8D, 0x93, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0xC5, 0x64, 0x6F, 0x24, 0x19, 0xF2, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_24_Y[] = { - BYTES_TO_T_UINT_8( 0x52, 0xB3, 0xAF, 0xA5, 0x0E, 0x4F, 0x5E, 0xE1 ), - BYTES_TO_T_UINT_8( 0x0F, 0x77, 0xCA, 0xF2, 0x6D, 0xC5, 0xF6, 0x9F ), - BYTES_TO_T_UINT_8( 0x90, 0x18, 0x8E, 0x33, 0x68, 0x6C, 0xE8, 0xE0 ), - BYTES_TO_T_UINT_8( 0xFC, 0x8B, 0x80, 0x90, 0x19, 0x7F, 0x90, 0x96 ), - BYTES_TO_T_UINT_8( 0x5B, 0x80, 0x6B, 0x68, 0xE2, 0x7D, 0xD4, 0xD0 ), - BYTES_TO_T_UINT_8( 0x2A, 0xC1, 0x67, 0xB3, 0x72, 0xCB, 0xBF, 0x2F ), - BYTES_TO_T_UINT_8( 0x4F, 0xD5, 0xD3, 0x1D, 0x14, 0x58, 0x0A, 0x80 ), - BYTES_TO_T_UINT_8( 0x79, 0x7A, 0x65, 0x98, 0xB3, 0x07, 0x4B, 0x2F ), - BYTES_TO_T_UINT_8( 0xF3, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xB3, 0xAF, 0xA5, 0x0E, 0x4F, 0x5E, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0x77, 0xCA, 0xF2, 0x6D, 0xC5, 0xF6, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0x18, 0x8E, 0x33, 0x68, 0x6C, 0xE8, 0xE0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x8B, 0x80, 0x90, 0x19, 0x7F, 0x90, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x80, 0x6B, 0x68, 0xE2, 0x7D, 0xD4, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xC1, 0x67, 0xB3, 0x72, 0xCB, 0xBF, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0xD5, 0xD3, 0x1D, 0x14, 0x58, 0x0A, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0x7A, 0x65, 0x98, 0xB3, 0x07, 0x4B, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_25_X[] = { - BYTES_TO_T_UINT_8( 0x2A, 0x87, 0x0F, 0x5F, 0xCF, 0xA2, 0x01, 0x08 ), - BYTES_TO_T_UINT_8( 0x0C, 0xC9, 0xC8, 0x6E, 0x35, 0x87, 0xA5, 0x67 ), - BYTES_TO_T_UINT_8( 0x94, 0x3E, 0x91, 0xA0, 0xAB, 0x24, 0x1E, 0xF2 ), - BYTES_TO_T_UINT_8( 0xB9, 0xBC, 0x02, 0x35, 0x70, 0xC1, 0x5F, 0x98 ), - BYTES_TO_T_UINT_8( 0x26, 0x59, 0xA0, 0x50, 0x04, 0x80, 0x52, 0x85 ), - BYTES_TO_T_UINT_8( 0xF8, 0x56, 0x6E, 0x42, 0x8F, 0x8C, 0x91, 0x65 ), - BYTES_TO_T_UINT_8( 0xAC, 0xA2, 0xCB, 0xA5, 0xDE, 0x14, 0x24, 0x38 ), - BYTES_TO_T_UINT_8( 0x00, 0xCB, 0x74, 0x28, 0xE6, 0xA7, 0xE7, 0xC3 ), - BYTES_TO_T_UINT_8( 0x5F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x87, 0x0F, 0x5F, 0xCF, 0xA2, 0x01, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0xC9, 0xC8, 0x6E, 0x35, 0x87, 0xA5, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x3E, 0x91, 0xA0, 0xAB, 0x24, 0x1E, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xBC, 0x02, 0x35, 0x70, 0xC1, 0x5F, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x59, 0xA0, 0x50, 0x04, 0x80, 0x52, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x56, 0x6E, 0x42, 0x8F, 0x8C, 0x91, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xA2, 0xCB, 0xA5, 0xDE, 0x14, 0x24, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0xCB, 0x74, 0x28, 0xE6, 0xA7, 0xE7, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_25_Y[] = { - BYTES_TO_T_UINT_8( 0x35, 0x73, 0xA8, 0x8F, 0x9E, 0x0E, 0x63, 0x96 ), - BYTES_TO_T_UINT_8( 0xC8, 0x1B, 0x77, 0xC7, 0xC1, 0x38, 0xF9, 0xDC ), - BYTES_TO_T_UINT_8( 0xD8, 0x3C, 0xCF, 0xA8, 0x7A, 0xD7, 0xF3, 0xC4 ), - BYTES_TO_T_UINT_8( 0xDD, 0x5F, 0x9A, 0xC9, 0xAD, 0xE9, 0x1A, 0x93 ), - BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0x2B, 0x5E, 0xD5, 0x81, 0x95, 0xA8 ), - BYTES_TO_T_UINT_8( 0x19, 0x88, 0x75, 0x29, 0x1F, 0xC7, 0xC7, 0xD0 ), - BYTES_TO_T_UINT_8( 0xD8, 0xA9, 0x5A, 0x4D, 0x63, 0x95, 0xF9, 0x4E ), - BYTES_TO_T_UINT_8( 0xEB, 0xCD, 0x04, 0x8F, 0xCD, 0x91, 0xDE, 0xC6 ), - BYTES_TO_T_UINT_8( 0x71, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0x73, 0xA8, 0x8F, 0x9E, 0x0E, 0x63, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x1B, 0x77, 0xC7, 0xC1, 0x38, 0xF9, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x3C, 0xCF, 0xA8, 0x7A, 0xD7, 0xF3, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x5F, 0x9A, 0xC9, 0xAD, 0xE9, 0x1A, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0x2B, 0x5E, 0xD5, 0x81, 0x95, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x88, 0x75, 0x29, 0x1F, 0xC7, 0xC7, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xA9, 0x5A, 0x4D, 0x63, 0x95, 0xF9, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xCD, 0x04, 0x8F, 0xCD, 0x91, 0xDE, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_26_X[] = { - BYTES_TO_T_UINT_8( 0x88, 0xD4, 0xFD, 0x25, 0x11, 0x99, 0x6E, 0xEA ), - BYTES_TO_T_UINT_8( 0xB0, 0x83, 0x01, 0x3D, 0xFB, 0x56, 0xA5, 0x4E ), - BYTES_TO_T_UINT_8( 0xC2, 0x3A, 0xDC, 0x74, 0xC2, 0xD7, 0xCF, 0xE8 ), - BYTES_TO_T_UINT_8( 0x8F, 0xBD, 0xF1, 0xDD, 0xA3, 0x07, 0x03, 0xE2 ), - BYTES_TO_T_UINT_8( 0x7B, 0xBE, 0xE9, 0x2E, 0x58, 0x84, 0x66, 0xFC ), - BYTES_TO_T_UINT_8( 0x71, 0x20, 0x78, 0x37, 0x79, 0x0B, 0xA6, 0x64 ), - BYTES_TO_T_UINT_8( 0xE3, 0xF2, 0xAC, 0x65, 0xC8, 0xC9, 0x2F, 0x61 ), - BYTES_TO_T_UINT_8( 0x26, 0x93, 0xE5, 0x0D, 0x0C, 0xC6, 0xB8, 0xCB ), - BYTES_TO_T_UINT_8( 0x9C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0xD4, 0xFD, 0x25, 0x11, 0x99, 0x6E, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x83, 0x01, 0x3D, 0xFB, 0x56, 0xA5, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x3A, 0xDC, 0x74, 0xC2, 0xD7, 0xCF, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0xBD, 0xF1, 0xDD, 0xA3, 0x07, 0x03, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0xBE, 0xE9, 0x2E, 0x58, 0x84, 0x66, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x20, 0x78, 0x37, 0x79, 0x0B, 0xA6, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0xF2, 0xAC, 0x65, 0xC8, 0xC9, 0x2F, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x93, 0xE5, 0x0D, 0x0C, 0xC6, 0xB8, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_26_Y[] = { - BYTES_TO_T_UINT_8( 0x69, 0xAD, 0x5C, 0x19, 0x12, 0x61, 0x0E, 0x25 ), - BYTES_TO_T_UINT_8( 0x39, 0x4F, 0x0B, 0x1F, 0x49, 0x7E, 0xCD, 0x81 ), - BYTES_TO_T_UINT_8( 0x46, 0x2E, 0x30, 0x61, 0xDB, 0x08, 0x68, 0x9B ), - BYTES_TO_T_UINT_8( 0x41, 0x78, 0xAF, 0xB3, 0x08, 0xC1, 0x69, 0xE5 ), - BYTES_TO_T_UINT_8( 0xC4, 0x5F, 0x5D, 0xC1, 0x57, 0x6F, 0xD8, 0x34 ), - BYTES_TO_T_UINT_8( 0x38, 0xD3, 0x6A, 0xF7, 0xFD, 0x86, 0xE5, 0xB3 ), - BYTES_TO_T_UINT_8( 0xA8, 0x63, 0xBD, 0x70, 0x7B, 0x47, 0xE8, 0x6D ), - BYTES_TO_T_UINT_8( 0x18, 0x62, 0xC8, 0x7E, 0x9D, 0x11, 0x2B, 0xA5 ), - BYTES_TO_T_UINT_8( 0xB6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0xAD, 0x5C, 0x19, 0x12, 0x61, 0x0E, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0x4F, 0x0B, 0x1F, 0x49, 0x7E, 0xCD, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x2E, 0x30, 0x61, 0xDB, 0x08, 0x68, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x78, 0xAF, 0xB3, 0x08, 0xC1, 0x69, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x5F, 0x5D, 0xC1, 0x57, 0x6F, 0xD8, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0xD3, 0x6A, 0xF7, 0xFD, 0x86, 0xE5, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x63, 0xBD, 0x70, 0x7B, 0x47, 0xE8, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x62, 0xC8, 0x7E, 0x9D, 0x11, 0x2B, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_27_X[] = { - BYTES_TO_T_UINT_8( 0xE2, 0x84, 0xFD, 0xD5, 0x9A, 0x56, 0x7F, 0x5C ), - BYTES_TO_T_UINT_8( 0x7C, 0xBB, 0xA4, 0x6F, 0x12, 0x6E, 0x4D, 0xF8 ), - BYTES_TO_T_UINT_8( 0x1D, 0x08, 0xA1, 0x82, 0x9C, 0x62, 0x74, 0x7B ), - BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x22, 0x05, 0x1D, 0x15, 0x35, 0x79 ), - BYTES_TO_T_UINT_8( 0x9A, 0x88, 0xCF, 0x5C, 0x05, 0x78, 0xFB, 0x94 ), - BYTES_TO_T_UINT_8( 0xAC, 0x6B, 0x2F, 0x79, 0x09, 0x73, 0x67, 0xEC ), - BYTES_TO_T_UINT_8( 0xD8, 0xA0, 0x80, 0xD8, 0xE8, 0xEC, 0xFB, 0x42 ), - BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0B, 0xB7, 0x81, 0x48, 0x7B, 0xD9 ), - BYTES_TO_T_UINT_8( 0xE3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0x84, 0xFD, 0xD5, 0x9A, 0x56, 0x7F, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0xBB, 0xA4, 0x6F, 0x12, 0x6E, 0x4D, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x08, 0xA1, 0x82, 0x9C, 0x62, 0x74, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x22, 0x05, 0x1D, 0x15, 0x35, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x88, 0xCF, 0x5C, 0x05, 0x78, 0xFB, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x6B, 0x2F, 0x79, 0x09, 0x73, 0x67, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xA0, 0x80, 0xD8, 0xE8, 0xEC, 0xFB, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xE7, 0x0B, 0xB7, 0x81, 0x48, 0x7B, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_27_Y[] = { - BYTES_TO_T_UINT_8( 0xE8, 0x53, 0xA9, 0xED, 0x61, 0x92, 0xD7, 0x85 ), - BYTES_TO_T_UINT_8( 0x26, 0x49, 0xD9, 0x5D, 0x9B, 0x4E, 0x89, 0x35 ), - BYTES_TO_T_UINT_8( 0xB8, 0x12, 0xEB, 0x9A, 0xC9, 0xCB, 0xC1, 0x95 ), - BYTES_TO_T_UINT_8( 0x35, 0xDC, 0x95, 0x16, 0xFE, 0x29, 0x70, 0x01 ), - BYTES_TO_T_UINT_8( 0x64, 0x33, 0xB1, 0xD6, 0x78, 0xB9, 0xE2, 0x36 ), - BYTES_TO_T_UINT_8( 0x34, 0xCE, 0x88, 0xC3, 0xFD, 0x7A, 0x6B, 0xB8 ), - BYTES_TO_T_UINT_8( 0x40, 0x1E, 0x50, 0x1E, 0xAF, 0xB1, 0x25, 0x2D ), - BYTES_TO_T_UINT_8( 0xC1, 0xE7, 0xD7, 0xD5, 0xBD, 0x7A, 0x12, 0xF9 ), - BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x53, 0xA9, 0xED, 0x61, 0x92, 0xD7, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x49, 0xD9, 0x5D, 0x9B, 0x4E, 0x89, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x12, 0xEB, 0x9A, 0xC9, 0xCB, 0xC1, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0xDC, 0x95, 0x16, 0xFE, 0x29, 0x70, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x33, 0xB1, 0xD6, 0x78, 0xB9, 0xE2, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xCE, 0x88, 0xC3, 0xFD, 0x7A, 0x6B, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x1E, 0x50, 0x1E, 0xAF, 0xB1, 0x25, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0xE7, 0xD7, 0xD5, 0xBD, 0x7A, 0x12, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_28_X[] = { - BYTES_TO_T_UINT_8( 0x22, 0xAA, 0xA2, 0x80, 0x5D, 0x8F, 0xCD, 0xC8 ), - BYTES_TO_T_UINT_8( 0x48, 0x39, 0x79, 0x64, 0xA1, 0x67, 0x3C, 0xB7 ), - BYTES_TO_T_UINT_8( 0x3D, 0xC7, 0x49, 0xFF, 0x7F, 0xAC, 0xAB, 0x55 ), - BYTES_TO_T_UINT_8( 0x81, 0x54, 0x3E, 0x83, 0xF0, 0x3D, 0xBC, 0xB5 ), - BYTES_TO_T_UINT_8( 0x87, 0x92, 0x4A, 0x38, 0x42, 0x8A, 0xAB, 0xF6 ), - BYTES_TO_T_UINT_8( 0xE7, 0x0B, 0x4F, 0xEE, 0x9E, 0x92, 0xA5, 0xBE ), - BYTES_TO_T_UINT_8( 0xBA, 0xDD, 0x19, 0x96, 0xF2, 0xF0, 0x6B, 0x2E ), - BYTES_TO_T_UINT_8( 0xBE, 0xFC, 0xDD, 0xB2, 0x8A, 0xE5, 0x4C, 0x22 ), - BYTES_TO_T_UINT_8( 0xD4, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xAA, 0xA2, 0x80, 0x5D, 0x8F, 0xCD, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0x39, 0x79, 0x64, 0xA1, 0x67, 0x3C, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xC7, 0x49, 0xFF, 0x7F, 0xAC, 0xAB, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x54, 0x3E, 0x83, 0xF0, 0x3D, 0xBC, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x92, 0x4A, 0x38, 0x42, 0x8A, 0xAB, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x0B, 0x4F, 0xEE, 0x9E, 0x92, 0xA5, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xDD, 0x19, 0x96, 0xF2, 0xF0, 0x6B, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xFC, 0xDD, 0xB2, 0x8A, 0xE5, 0x4C, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_28_Y[] = { - BYTES_TO_T_UINT_8( 0xB7, 0x06, 0x49, 0xAC, 0x99, 0x7E, 0xF8, 0x12 ), - BYTES_TO_T_UINT_8( 0x76, 0xC8, 0x01, 0x51, 0xEA, 0xF6, 0x52, 0xE7 ), - BYTES_TO_T_UINT_8( 0x43, 0x89, 0x66, 0x2B, 0x1F, 0x9B, 0x2A, 0xA3 ), - BYTES_TO_T_UINT_8( 0xDF, 0x0F, 0x95, 0x07, 0x2B, 0x6C, 0x6E, 0x9E ), - BYTES_TO_T_UINT_8( 0x24, 0xC3, 0xB4, 0xBB, 0x91, 0x1F, 0xA3, 0x72 ), - BYTES_TO_T_UINT_8( 0x5F, 0x6E, 0x54, 0x28, 0x7B, 0x9C, 0x79, 0x2E ), - BYTES_TO_T_UINT_8( 0x03, 0x45, 0xFF, 0xA6, 0xDA, 0xA2, 0x83, 0x71 ), - BYTES_TO_T_UINT_8( 0xEB, 0xDE, 0x8F, 0x17, 0x37, 0x82, 0xCB, 0xE2 ), - BYTES_TO_T_UINT_8( 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x06, 0x49, 0xAC, 0x99, 0x7E, 0xF8, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0xC8, 0x01, 0x51, 0xEA, 0xF6, 0x52, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x89, 0x66, 0x2B, 0x1F, 0x9B, 0x2A, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x0F, 0x95, 0x07, 0x2B, 0x6C, 0x6E, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0xC3, 0xB4, 0xBB, 0x91, 0x1F, 0xA3, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x6E, 0x54, 0x28, 0x7B, 0x9C, 0x79, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0x45, 0xFF, 0xA6, 0xDA, 0xA2, 0x83, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xDE, 0x8F, 0x17, 0x37, 0x82, 0xCB, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_29_X[] = { - BYTES_TO_T_UINT_8( 0xD8, 0x94, 0x3F, 0x26, 0xC9, 0x1D, 0xD9, 0xAE ), - BYTES_TO_T_UINT_8( 0x09, 0x97, 0x28, 0x20, 0xCD, 0xC1, 0xF3, 0x40 ), - BYTES_TO_T_UINT_8( 0x95, 0xC9, 0xB5, 0x60, 0x9B, 0x1E, 0xDC, 0x74 ), - BYTES_TO_T_UINT_8( 0x5B, 0xB9, 0x5B, 0x7D, 0xA0, 0xB2, 0x8C, 0xF0 ), - BYTES_TO_T_UINT_8( 0x33, 0xD1, 0x42, 0xE6, 0x39, 0x33, 0x6D, 0xBB ), - BYTES_TO_T_UINT_8( 0x5D, 0xC0, 0xFC, 0xD2, 0x14, 0x5D, 0x3E, 0x3C ), - BYTES_TO_T_UINT_8( 0x78, 0x4A, 0x3E, 0x40, 0x16, 0x93, 0x15, 0xCF ), - BYTES_TO_T_UINT_8( 0xFA, 0x24, 0xC1, 0x27, 0x27, 0xE5, 0x4B, 0xD8 ), - BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x94, 0x3F, 0x26, 0xC9, 0x1D, 0xD9, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x97, 0x28, 0x20, 0xCD, 0xC1, 0xF3, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0xC9, 0xB5, 0x60, 0x9B, 0x1E, 0xDC, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0xB9, 0x5B, 0x7D, 0xA0, 0xB2, 0x8C, 0xF0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0xD1, 0x42, 0xE6, 0x39, 0x33, 0x6D, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xC0, 0xFC, 0xD2, 0x14, 0x5D, 0x3E, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0x4A, 0x3E, 0x40, 0x16, 0x93, 0x15, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x24, 0xC1, 0x27, 0x27, 0xE5, 0x4B, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_29_Y[] = { - BYTES_TO_T_UINT_8( 0x1D, 0x50, 0xD8, 0xBC, 0xC1, 0x46, 0x22, 0xBB ), - BYTES_TO_T_UINT_8( 0xAD, 0x0E, 0x60, 0xA1, 0xB3, 0x50, 0xD4, 0x86 ), - BYTES_TO_T_UINT_8( 0x80, 0xB1, 0x26, 0xB6, 0x6D, 0x47, 0x5A, 0x6F ), - BYTES_TO_T_UINT_8( 0x45, 0xAC, 0x11, 0x35, 0x3E, 0xB9, 0xF4, 0x01 ), - BYTES_TO_T_UINT_8( 0x58, 0x97, 0xFA, 0xBB, 0x6B, 0x39, 0x13, 0xD8 ), - BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x34, 0x12, 0x75, 0x8E, 0x9B, 0xC6 ), - BYTES_TO_T_UINT_8( 0x2C, 0x9E, 0xCD, 0x29, 0xB6, 0xEF, 0x8D, 0x10 ), - BYTES_TO_T_UINT_8( 0x47, 0xAC, 0xE9, 0x25, 0x27, 0xBB, 0x78, 0x47 ), - BYTES_TO_T_UINT_8( 0x2F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x50, 0xD8, 0xBC, 0xC1, 0x46, 0x22, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x0E, 0x60, 0xA1, 0xB3, 0x50, 0xD4, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0xB1, 0x26, 0xB6, 0x6D, 0x47, 0x5A, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0xAC, 0x11, 0x35, 0x3E, 0xB9, 0xF4, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x97, 0xFA, 0xBB, 0x6B, 0x39, 0x13, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x34, 0x12, 0x75, 0x8E, 0x9B, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x9E, 0xCD, 0x29, 0xB6, 0xEF, 0x8D, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0xAC, 0xE9, 0x25, 0x27, 0xBB, 0x78, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_30_X[] = { - BYTES_TO_T_UINT_8( 0x30, 0x7A, 0xA8, 0xD3, 0xE3, 0x66, 0xE5, 0x66 ), - BYTES_TO_T_UINT_8( 0x2F, 0x4C, 0xC4, 0x2C, 0x76, 0x81, 0x50, 0x32 ), - BYTES_TO_T_UINT_8( 0xEE, 0x71, 0x08, 0xB8, 0x52, 0x7C, 0xAF, 0xDC ), - BYTES_TO_T_UINT_8( 0x45, 0x59, 0x24, 0xDD, 0xFB, 0x2F, 0xD0, 0xDA ), - BYTES_TO_T_UINT_8( 0xB7, 0xCD, 0x56, 0xE9, 0xAC, 0x91, 0xE6, 0xB9 ), - BYTES_TO_T_UINT_8( 0xE5, 0x64, 0x20, 0xC6, 0x9F, 0xE4, 0xEF, 0xDF ), - BYTES_TO_T_UINT_8( 0x6D, 0x2C, 0x8F, 0x8C, 0x97, 0xF6, 0x22, 0xC3 ), - BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0x88, 0xAA, 0xA8, 0xD7, 0xA5, 0x68 ), - BYTES_TO_T_UINT_8( 0xDE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x7A, 0xA8, 0xD3, 0xE3, 0x66, 0xE5, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x4C, 0xC4, 0x2C, 0x76, 0x81, 0x50, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x71, 0x08, 0xB8, 0x52, 0x7C, 0xAF, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x59, 0x24, 0xDD, 0xFB, 0x2F, 0xD0, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xCD, 0x56, 0xE9, 0xAC, 0x91, 0xE6, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x64, 0x20, 0xC6, 0x9F, 0xE4, 0xEF, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x2C, 0x8F, 0x8C, 0x97, 0xF6, 0x22, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xF4, 0x88, 0xAA, 0xA8, 0xD7, 0xA5, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_30_Y[] = { - BYTES_TO_T_UINT_8( 0x21, 0x6C, 0xAE, 0x83, 0xB1, 0x55, 0x55, 0xEE ), - BYTES_TO_T_UINT_8( 0xB0, 0x67, 0x84, 0x47, 0x7C, 0x83, 0x5C, 0x89 ), - BYTES_TO_T_UINT_8( 0x5B, 0x10, 0x4D, 0xDD, 0x30, 0x60, 0xB0, 0xE6 ), - BYTES_TO_T_UINT_8( 0x59, 0xA7, 0x36, 0x76, 0x24, 0x32, 0x9F, 0x9D ), - BYTES_TO_T_UINT_8( 0xDD, 0x42, 0x81, 0xFB, 0xA4, 0x2E, 0x13, 0x68 ), - BYTES_TO_T_UINT_8( 0x87, 0x94, 0x91, 0xFF, 0x99, 0xA0, 0x09, 0x61 ), - BYTES_TO_T_UINT_8( 0x5D, 0x83, 0xA1, 0x76, 0xAF, 0x37, 0x5C, 0x77 ), - BYTES_TO_T_UINT_8( 0x1E, 0xA8, 0x04, 0x86, 0xC4, 0xA9, 0x79, 0x42 ), - BYTES_TO_T_UINT_8( 0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x6C, 0xAE, 0x83, 0xB1, 0x55, 0x55, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x67, 0x84, 0x47, 0x7C, 0x83, 0x5C, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x10, 0x4D, 0xDD, 0x30, 0x60, 0xB0, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xA7, 0x36, 0x76, 0x24, 0x32, 0x9F, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x42, 0x81, 0xFB, 0xA4, 0x2E, 0x13, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x94, 0x91, 0xFF, 0x99, 0xA0, 0x09, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x83, 0xA1, 0x76, 0xAF, 0x37, 0x5C, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xA8, 0x04, 0x86, 0xC4, 0xA9, 0x79, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_31_X[] = { - BYTES_TO_T_UINT_8( 0xB6, 0x8C, 0xC2, 0x34, 0xFB, 0x83, 0x28, 0x27 ), - BYTES_TO_T_UINT_8( 0xA4, 0x03, 0x7D, 0x5E, 0x9E, 0x0E, 0xB0, 0x22 ), - BYTES_TO_T_UINT_8( 0xA2, 0x02, 0x46, 0x7F, 0xB9, 0xAC, 0xBB, 0x23 ), - BYTES_TO_T_UINT_8( 0x06, 0xED, 0x48, 0xC2, 0x96, 0x4D, 0x56, 0x27 ), - BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xC5, 0xD1, 0xE6, 0x1C, 0x7E, 0x9B ), - BYTES_TO_T_UINT_8( 0x92, 0x2E, 0x18, 0x71, 0x2D, 0x7B, 0xD7, 0xB3 ), - BYTES_TO_T_UINT_8( 0xAB, 0x46, 0x9D, 0xDE, 0xAA, 0x78, 0x8E, 0xB1 ), - BYTES_TO_T_UINT_8( 0x4D, 0xD7, 0x69, 0x2E, 0xE1, 0xD9, 0x48, 0xDE ), - BYTES_TO_T_UINT_8( 0xFB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x8C, 0xC2, 0x34, 0xFB, 0x83, 0x28, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x03, 0x7D, 0x5E, 0x9E, 0x0E, 0xB0, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA2, 0x02, 0x46, 0x7F, 0xB9, 0xAC, 0xBB, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0xED, 0x48, 0xC2, 0x96, 0x4D, 0x56, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xC5, 0xD1, 0xE6, 0x1C, 0x7E, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x2E, 0x18, 0x71, 0x2D, 0x7B, 0xD7, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x46, 0x9D, 0xDE, 0xAA, 0x78, 0x8E, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xD7, 0x69, 0x2E, 0xE1, 0xD9, 0x48, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp521r1_T_31_Y[] = { - BYTES_TO_T_UINT_8( 0xAF, 0xFF, 0x9E, 0x09, 0x22, 0x22, 0xE6, 0x8D ), - BYTES_TO_T_UINT_8( 0x6C, 0x14, 0x28, 0x13, 0x1B, 0x62, 0x12, 0x22 ), - BYTES_TO_T_UINT_8( 0xCC, 0x7F, 0x67, 0x03, 0xB0, 0xC0, 0xF3, 0x05 ), - BYTES_TO_T_UINT_8( 0xC0, 0xC3, 0x0F, 0xFB, 0x25, 0x48, 0x3E, 0xF4 ), - BYTES_TO_T_UINT_8( 0x0B, 0x6E, 0x53, 0x98, 0x36, 0xB3, 0xD3, 0x94 ), - BYTES_TO_T_UINT_8( 0xEB, 0x81, 0x54, 0x22, 0xA4, 0xCC, 0xC1, 0x22 ), - BYTES_TO_T_UINT_8( 0xF5, 0xBA, 0xFC, 0xA9, 0xDF, 0x68, 0x86, 0x2B ), - BYTES_TO_T_UINT_8( 0x71, 0x92, 0x0E, 0xC3, 0xF2, 0x58, 0xE8, 0x51 ), - BYTES_TO_T_UINT_8( 0xE9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xFF, 0x9E, 0x09, 0x22, 0x22, 0xE6, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x14, 0x28, 0x13, 0x1B, 0x62, 0x12, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x7F, 0x67, 0x03, 0xB0, 0xC0, 0xF3, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xC3, 0x0F, 0xFB, 0x25, 0x48, 0x3E, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x6E, 0x53, 0x98, 0x36, 0xB3, 0xD3, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x81, 0x54, 0x22, 0xA4, 0xCC, 0xC1, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xBA, 0xFC, 0xA9, 0xDF, 0x68, 0x86, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x92, 0x0E, 0xC3, 0xF2, 0x58, 0xE8, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_ecp_point secp521r1_T[32] = { ECP_POINT_INIT_XY_Z1(secp521r1_T_0_X, secp521r1_T_0_Y), @@ -2190,192 +2190,192 @@ static const mbedtls_ecp_point secp521r1_T[32] = { #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) static const mbedtls_mpi_uint secp192k1_p[] = { - BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp192k1_a[] = { - BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp192k1_b[] = { - BYTES_TO_T_UINT_2( 0x03, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x03, 0x00 ), }; static const mbedtls_mpi_uint secp192k1_gx[] = { - BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), - BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), - BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), }; static const mbedtls_mpi_uint secp192k1_gy[] = { - BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), - BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), - BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), }; static const mbedtls_mpi_uint secp192k1_n[] = { - BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ), - BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp192k1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), - BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), - BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), }; static const mbedtls_mpi_uint secp192k1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), - BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), - BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), }; static const mbedtls_mpi_uint secp192k1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x6F, 0x77, 0x3D, 0x0D, 0x85, 0x48, 0xA8, 0xA9 ), - BYTES_TO_T_UINT_8( 0x62, 0x07, 0xDF, 0x1D, 0xB3, 0xB3, 0x01, 0x54 ), - BYTES_TO_T_UINT_8( 0x05, 0x86, 0xF6, 0xAF, 0x19, 0x2A, 0x88, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x77, 0x3D, 0x0D, 0x85, 0x48, 0xA8, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x07, 0xDF, 0x1D, 0xB3, 0xB3, 0x01, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x86, 0xF6, 0xAF, 0x19, 0x2A, 0x88, 0x2E ), }; static const mbedtls_mpi_uint secp192k1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x33, 0x90, 0xB6, 0x2F, 0x48, 0x36, 0x4C, 0x5B ), - BYTES_TO_T_UINT_8( 0xDB, 0x11, 0x14, 0xA6, 0xCB, 0xBA, 0x15, 0xD9 ), - BYTES_TO_T_UINT_8( 0x7E, 0xB0, 0xF2, 0xD4, 0xC9, 0xDA, 0xBA, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x90, 0xB6, 0x2F, 0x48, 0x36, 0x4C, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x11, 0x14, 0xA6, 0xCB, 0xBA, 0x15, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0xB0, 0xF2, 0xD4, 0xC9, 0xDA, 0xBA, 0xD7 ), }; static const mbedtls_mpi_uint secp192k1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0xE4, 0xC1, 0x9C, 0xE6, 0xBB, 0xFB, 0xCF, 0x23 ), - BYTES_TO_T_UINT_8( 0x93, 0x19, 0xAC, 0x5A, 0xC9, 0x8A, 0x1C, 0x75 ), - BYTES_TO_T_UINT_8( 0xC1, 0xF6, 0x76, 0x86, 0x89, 0x27, 0x8D, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xC1, 0x9C, 0xE6, 0xBB, 0xFB, 0xCF, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x19, 0xAC, 0x5A, 0xC9, 0x8A, 0x1C, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0xF6, 0x76, 0x86, 0x89, 0x27, 0x8D, 0x28 ), }; static const mbedtls_mpi_uint secp192k1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x4B, 0xE0, 0x6F, 0x34, 0xBA, 0x5E, 0xD3, 0x96 ), - BYTES_TO_T_UINT_8( 0x6A, 0xDC, 0xA6, 0x87, 0xC9, 0x9D, 0xC0, 0x82 ), - BYTES_TO_T_UINT_8( 0x09, 0x11, 0x7E, 0xD6, 0xF7, 0x33, 0xFC, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0xE0, 0x6F, 0x34, 0xBA, 0x5E, 0xD3, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0xDC, 0xA6, 0x87, 0xC9, 0x9D, 0xC0, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x11, 0x7E, 0xD6, 0xF7, 0x33, 0xFC, 0xE4 ), }; static const mbedtls_mpi_uint secp192k1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0xC2, 0x37, 0x3E, 0xC0, 0x7F, 0x62, 0xE7, 0x54 ), - BYTES_TO_T_UINT_8( 0xA5, 0x3B, 0x69, 0x9D, 0x44, 0xBC, 0x82, 0x99 ), - BYTES_TO_T_UINT_8( 0xD4, 0x84, 0xB3, 0x5F, 0x2B, 0xA5, 0x9E, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x37, 0x3E, 0xC0, 0x7F, 0x62, 0xE7, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x3B, 0x69, 0x9D, 0x44, 0xBC, 0x82, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x84, 0xB3, 0x5F, 0x2B, 0xA5, 0x9E, 0x2C ), }; static const mbedtls_mpi_uint secp192k1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0x1D, 0x95, 0xEB, 0x4C, 0x04, 0xB4, 0xF4, 0x75 ), - BYTES_TO_T_UINT_8( 0x55, 0xAD, 0x4B, 0xD5, 0x9A, 0xEB, 0xC4, 0x4E ), - BYTES_TO_T_UINT_8( 0xC9, 0xB1, 0xC5, 0x59, 0xE3, 0xD5, 0x16, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x95, 0xEB, 0x4C, 0x04, 0xB4, 0xF4, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0xAD, 0x4B, 0xD5, 0x9A, 0xEB, 0xC4, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xB1, 0xC5, 0x59, 0xE3, 0xD5, 0x16, 0x2A ), }; static const mbedtls_mpi_uint secp192k1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x48, 0x2A, 0xCC, 0xAC, 0xD0, 0xEE, 0x50, 0xEC ), - BYTES_TO_T_UINT_8( 0x99, 0x83, 0xE0, 0x5B, 0x14, 0x44, 0x52, 0x20 ), - BYTES_TO_T_UINT_8( 0xD6, 0x15, 0x2D, 0x78, 0xF6, 0x51, 0x32, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0x2A, 0xCC, 0xAC, 0xD0, 0xEE, 0x50, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x83, 0xE0, 0x5B, 0x14, 0x44, 0x52, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x15, 0x2D, 0x78, 0xF6, 0x51, 0x32, 0xCF ), }; static const mbedtls_mpi_uint secp192k1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x86, 0x36, 0x9B, 0xDD, 0xF8, 0xDD, 0xEF, 0xB2 ), - BYTES_TO_T_UINT_8( 0x0B, 0xB1, 0x6A, 0x2B, 0xAF, 0xEB, 0x2B, 0xB1 ), - BYTES_TO_T_UINT_8( 0xC9, 0x87, 0x7A, 0x66, 0x5D, 0x5B, 0xDF, 0x8F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x36, 0x9B, 0xDD, 0xF8, 0xDD, 0xEF, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0xB1, 0x6A, 0x2B, 0xAF, 0xEB, 0x2B, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x87, 0x7A, 0x66, 0x5D, 0x5B, 0xDF, 0x8F ), }; static const mbedtls_mpi_uint secp192k1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x62, 0x45, 0xE5, 0x81, 0x9B, 0xEB, 0x37, 0x23 ), - BYTES_TO_T_UINT_8( 0xB3, 0x29, 0xE2, 0x20, 0x64, 0x23, 0x6B, 0x6E ), - BYTES_TO_T_UINT_8( 0xFE, 0x1D, 0x41, 0xE1, 0x9B, 0x61, 0x7B, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x45, 0xE5, 0x81, 0x9B, 0xEB, 0x37, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x29, 0xE2, 0x20, 0x64, 0x23, 0x6B, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0x1D, 0x41, 0xE1, 0x9B, 0x61, 0x7B, 0xD9 ), }; static const mbedtls_mpi_uint secp192k1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0x75, 0x57, 0xA3, 0x0A, 0x13, 0xE4, 0x59, 0x15 ), - BYTES_TO_T_UINT_8( 0x79, 0x6E, 0x4A, 0x48, 0x84, 0x90, 0xAC, 0xC7 ), - BYTES_TO_T_UINT_8( 0x9C, 0xB8, 0xF5, 0xF3, 0xDE, 0xA0, 0xA1, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x57, 0xA3, 0x0A, 0x13, 0xE4, 0x59, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0x6E, 0x4A, 0x48, 0x84, 0x90, 0xAC, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0xB8, 0xF5, 0xF3, 0xDE, 0xA0, 0xA1, 0x1D ), }; static const mbedtls_mpi_uint secp192k1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0xA3, 0x32, 0x81, 0xA9, 0x91, 0x5A, 0x4E, 0x33 ), - BYTES_TO_T_UINT_8( 0xCB, 0xA8, 0x90, 0xBE, 0x0F, 0xEC, 0xC0, 0x85 ), - BYTES_TO_T_UINT_8( 0x80, 0x30, 0xD7, 0x08, 0xAE, 0xC4, 0x3A, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x32, 0x81, 0xA9, 0x91, 0x5A, 0x4E, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0xA8, 0x90, 0xBE, 0x0F, 0xEC, 0xC0, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x30, 0xD7, 0x08, 0xAE, 0xC4, 0x3A, 0xA5 ), }; static const mbedtls_mpi_uint secp192k1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xBC, 0x55, 0xE3, 0x76, 0xB3, 0x64, 0x74, 0x9F ), - BYTES_TO_T_UINT_8( 0x3F, 0x75, 0xD4, 0xDB, 0x98, 0xD7, 0x39, 0xAE ), - BYTES_TO_T_UINT_8( 0xD4, 0xEB, 0x8A, 0xAB, 0x16, 0xD9, 0xD4, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x55, 0xE3, 0x76, 0xB3, 0x64, 0x74, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x75, 0xD4, 0xDB, 0x98, 0xD7, 0x39, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0xEB, 0x8A, 0xAB, 0x16, 0xD9, 0xD4, 0x0B ), }; static const mbedtls_mpi_uint secp192k1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0x41, 0xBE, 0xF9, 0xC7, 0xC7, 0xBA, 0xF3, 0xA1 ), - BYTES_TO_T_UINT_8( 0xC2, 0x85, 0x59, 0xF3, 0x60, 0x41, 0x02, 0xD2 ), - BYTES_TO_T_UINT_8( 0x46, 0x1C, 0x4A, 0xA4, 0xC7, 0xED, 0x66, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xBE, 0xF9, 0xC7, 0xC7, 0xBA, 0xF3, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x85, 0x59, 0xF3, 0x60, 0x41, 0x02, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x1C, 0x4A, 0xA4, 0xC7, 0xED, 0x66, 0xBC ), }; static const mbedtls_mpi_uint secp192k1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x2E, 0x46, 0x52, 0x18, 0x87, 0x14 ), - BYTES_TO_T_UINT_8( 0xFF, 0x35, 0x5A, 0x75, 0xAC, 0x4D, 0x75, 0x91 ), - BYTES_TO_T_UINT_8( 0xCE, 0x2F, 0xAC, 0xFC, 0xBC, 0xE6, 0x93, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x2E, 0x46, 0x52, 0x18, 0x87, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x35, 0x5A, 0x75, 0xAC, 0x4D, 0x75, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x2F, 0xAC, 0xFC, 0xBC, 0xE6, 0x93, 0x5E ), }; static const mbedtls_mpi_uint secp192k1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x87, 0x4D, 0xC9, 0x18, 0xE9, 0x00, 0xEB, 0x33 ), - BYTES_TO_T_UINT_8( 0x1A, 0x69, 0x72, 0x07, 0x5A, 0x59, 0xA8, 0x26 ), - BYTES_TO_T_UINT_8( 0xB6, 0x65, 0x83, 0x20, 0x10, 0xF9, 0x69, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x4D, 0xC9, 0x18, 0xE9, 0x00, 0xEB, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x69, 0x72, 0x07, 0x5A, 0x59, 0xA8, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x65, 0x83, 0x20, 0x10, 0xF9, 0x69, 0x82 ), }; static const mbedtls_mpi_uint secp192k1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x8B, 0x56, 0x7F, 0x9F, 0xBF, 0x46, 0x0C, 0x7E ), - BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0xF0, 0xDC, 0xDF, 0x2D, 0xE6, 0xE5 ), - BYTES_TO_T_UINT_8( 0x09, 0xF0, 0x72, 0x3A, 0x7A, 0x03, 0xE5, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0x56, 0x7F, 0x9F, 0xBF, 0x46, 0x0C, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0xCF, 0xF0, 0xDC, 0xDF, 0x2D, 0xE6, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0xF0, 0x72, 0x3A, 0x7A, 0x03, 0xE5, 0x22 ), }; static const mbedtls_mpi_uint secp192k1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x3E, 0xAA, 0x57, 0x13, 0x37, 0xA7, 0x2C, 0xD4 ), - BYTES_TO_T_UINT_8( 0xA3, 0xAC, 0xA2, 0x23, 0xF9, 0x84, 0x60, 0xD3 ), - BYTES_TO_T_UINT_8( 0x32, 0xEB, 0x51, 0x70, 0x64, 0x78, 0xCA, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xAA, 0x57, 0x13, 0x37, 0xA7, 0x2C, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0xAC, 0xA2, 0x23, 0xF9, 0x84, 0x60, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0xEB, 0x51, 0x70, 0x64, 0x78, 0xCA, 0x05 ), }; static const mbedtls_mpi_uint secp192k1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0x91, 0xCC, 0x30, 0x62, 0x93, 0x46, 0x13, 0xE9 ), - BYTES_TO_T_UINT_8( 0x21, 0x26, 0xCC, 0x6C, 0x3D, 0x5C, 0xDA, 0x2C ), - BYTES_TO_T_UINT_8( 0xD5, 0xAA, 0xB8, 0x03, 0xA4, 0x1A, 0x00, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xCC, 0x30, 0x62, 0x93, 0x46, 0x13, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x26, 0xCC, 0x6C, 0x3D, 0x5C, 0xDA, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xAA, 0xB8, 0x03, 0xA4, 0x1A, 0x00, 0x96 ), }; static const mbedtls_mpi_uint secp192k1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0xF9, 0x9D, 0xE6, 0xCC, 0x4E, 0x2E, 0xC2, 0xD5 ), - BYTES_TO_T_UINT_8( 0xB4, 0xC3, 0x8A, 0xAE, 0x6F, 0x40, 0x05, 0xEB ), - BYTES_TO_T_UINT_8( 0x9D, 0x8F, 0x4A, 0x4D, 0x35, 0xD3, 0x50, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x9D, 0xE6, 0xCC, 0x4E, 0x2E, 0xC2, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xC3, 0x8A, 0xAE, 0x6F, 0x40, 0x05, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x8F, 0x4A, 0x4D, 0x35, 0xD3, 0x50, 0x9D ), }; static const mbedtls_mpi_uint secp192k1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x1F, 0xFD, 0x98, 0xAB, 0xC7, 0x03, 0xB4, 0x55 ), - BYTES_TO_T_UINT_8( 0x40, 0x40, 0xD2, 0x9F, 0xCA, 0xD0, 0x53, 0x00 ), - BYTES_TO_T_UINT_8( 0x1A, 0x84, 0x00, 0x6F, 0xC8, 0xAD, 0xED, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0xFD, 0x98, 0xAB, 0xC7, 0x03, 0xB4, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x40, 0xD2, 0x9F, 0xCA, 0xD0, 0x53, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x84, 0x00, 0x6F, 0xC8, 0xAD, 0xED, 0x8D ), }; static const mbedtls_mpi_uint secp192k1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xCE, 0xD3, 0x57, 0xD7, 0xC3, 0x07, 0xBD, 0xD7 ), - BYTES_TO_T_UINT_8( 0x67, 0xBA, 0x47, 0x1D, 0x3D, 0xEF, 0x98, 0x6C ), - BYTES_TO_T_UINT_8( 0x6D, 0xC0, 0x6C, 0x7F, 0x12, 0xEE, 0x9F, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xD3, 0x57, 0xD7, 0xC3, 0x07, 0xBD, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0xBA, 0x47, 0x1D, 0x3D, 0xEF, 0x98, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xC0, 0x6C, 0x7F, 0x12, 0xEE, 0x9F, 0x67 ), }; static const mbedtls_mpi_uint secp192k1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0xCA, 0x02, 0xDA, 0x79, 0xAA, 0xC9, 0x27, 0xC4 ), - BYTES_TO_T_UINT_8( 0x21, 0x79, 0xC7, 0x71, 0x84, 0xCB, 0xE5, 0x5A ), - BYTES_TO_T_UINT_8( 0x15, 0x37, 0x06, 0xBA, 0xB5, 0xD5, 0x18, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x02, 0xDA, 0x79, 0xAA, 0xC9, 0x27, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x79, 0xC7, 0x71, 0x84, 0xCB, 0xE5, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x37, 0x06, 0xBA, 0xB5, 0xD5, 0x18, 0x4C ), }; static const mbedtls_mpi_uint secp192k1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0xA1, 0x65, 0x72, 0x6C, 0xF2, 0x63, 0x27, 0x6A ), - BYTES_TO_T_UINT_8( 0x69, 0xBC, 0x71, 0xDF, 0x75, 0xF8, 0x98, 0x4D ), - BYTES_TO_T_UINT_8( 0x70, 0x70, 0x9B, 0xDC, 0xE7, 0x18, 0x71, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x65, 0x72, 0x6C, 0xF2, 0x63, 0x27, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0xBC, 0x71, 0xDF, 0x75, 0xF8, 0x98, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x70, 0x9B, 0xDC, 0xE7, 0x18, 0x71, 0xFF ), }; static const mbedtls_mpi_uint secp192k1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x15, 0x5B, 0x9F, 0x00, 0x5A, 0xB6, 0x80, 0x7A ), - BYTES_TO_T_UINT_8( 0xB7, 0xE0, 0xBB, 0xFC, 0x5E, 0x78, 0x9C, 0x89 ), - BYTES_TO_T_UINT_8( 0x60, 0x03, 0x68, 0x83, 0x3D, 0x2E, 0x4C, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x5B, 0x9F, 0x00, 0x5A, 0xB6, 0x80, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xE0, 0xBB, 0xFC, 0x5E, 0x78, 0x9C, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x60, 0x03, 0x68, 0x83, 0x3D, 0x2E, 0x4C, 0xDD ), }; static const mbedtls_mpi_uint secp192k1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x3B, 0x49, 0x23, 0xA8, 0xCB, 0x3B, 0x1A, 0xF6 ), - BYTES_TO_T_UINT_8( 0x8B, 0x3D, 0xA7, 0x46, 0xCF, 0x75, 0xB6, 0x2C ), - BYTES_TO_T_UINT_8( 0x92, 0xFD, 0x30, 0x01, 0xB6, 0xEF, 0xF9, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0x49, 0x23, 0xA8, 0xCB, 0x3B, 0x1A, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0x3D, 0xA7, 0x46, 0xCF, 0x75, 0xB6, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0xFD, 0x30, 0x01, 0xB6, 0xEF, 0xF9, 0xE8 ), }; static const mbedtls_mpi_uint secp192k1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0xDC, 0xFA, 0xDA, 0xB8, 0x29, 0x42, 0xC9, 0xC7 ), - BYTES_TO_T_UINT_8( 0x06, 0xD7, 0xA0, 0xE6, 0x6B, 0x86, 0x61, 0x39 ), - BYTES_TO_T_UINT_8( 0xDB, 0xE9, 0xD3, 0x37, 0xD8, 0xE7, 0x35, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0xFA, 0xDA, 0xB8, 0x29, 0x42, 0xC9, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0xD7, 0xA0, 0xE6, 0x6B, 0x86, 0x61, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0xE9, 0xD3, 0x37, 0xD8, 0xE7, 0x35, 0xA9 ), }; static const mbedtls_mpi_uint secp192k1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0xFD, 0xC8, 0x8E, 0xB1, 0xCB, 0xB1, 0xB5, 0x4D ), - BYTES_TO_T_UINT_8( 0x16, 0xD7, 0x46, 0x7D, 0xAF, 0xE2, 0xDC, 0xBB ), - BYTES_TO_T_UINT_8( 0xD0, 0x46, 0xE7, 0xD8, 0x76, 0x31, 0x90, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC8, 0x8E, 0xB1, 0xCB, 0xB1, 0xB5, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xD7, 0x46, 0x7D, 0xAF, 0xE2, 0xDC, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x46, 0xE7, 0xD8, 0x76, 0x31, 0x90, 0x76 ), }; static const mbedtls_mpi_uint secp192k1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0xEB, 0xD3, 0xF4, 0x74, 0xE1, 0x67, 0xD8, 0x66 ), - BYTES_TO_T_UINT_8( 0xE7, 0x70, 0x3C, 0xC8, 0xAF, 0x5F, 0xF4, 0x58 ), - BYTES_TO_T_UINT_8( 0x24, 0x4E, 0xED, 0x5C, 0x43, 0xB3, 0x16, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xD3, 0xF4, 0x74, 0xE1, 0x67, 0xD8, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x70, 0x3C, 0xC8, 0xAF, 0x5F, 0xF4, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x4E, 0xED, 0x5C, 0x43, 0xB3, 0x16, 0x35 ), }; static const mbedtls_mpi_uint secp192k1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0x57, 0xAE, 0xD1, 0xDD, 0x31, 0x14, 0xD3, 0xF0 ), - BYTES_TO_T_UINT_8( 0xE8, 0x14, 0x06, 0x13, 0x12, 0x1C, 0x81, 0xF5 ), - BYTES_TO_T_UINT_8( 0xA6, 0xF9, 0x0C, 0x91, 0xF7, 0x67, 0x59, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xAE, 0xD1, 0xDD, 0x31, 0x14, 0xD3, 0xF0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x14, 0x06, 0x13, 0x12, 0x1C, 0x81, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xF9, 0x0C, 0x91, 0xF7, 0x67, 0x59, 0x63 ), }; static const mbedtls_mpi_uint secp192k1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xAB, 0x91, 0xE2, 0xF4, 0x9D, 0xEB, 0x88, 0x87 ), - BYTES_TO_T_UINT_8( 0xDB, 0x82, 0x30, 0x9C, 0xAE, 0x18, 0x4D, 0xB7 ), - BYTES_TO_T_UINT_8( 0x3C, 0x79, 0xCF, 0x17, 0xA5, 0x1E, 0xE8, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x91, 0xE2, 0xF4, 0x9D, 0xEB, 0x88, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x82, 0x30, 0x9C, 0xAE, 0x18, 0x4D, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x79, 0xCF, 0x17, 0xA5, 0x1E, 0xE8, 0xC8 ), }; static const mbedtls_ecp_point secp192k1_T[16] = { ECP_POINT_INIT_XY_Z1(secp192k1_T_0_X, secp192k1_T_0_Y), @@ -2403,228 +2403,228 @@ static const mbedtls_ecp_point secp192k1_T[16] = { #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) static const mbedtls_mpi_uint secp224k1_p[] = { - BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp224k1_a[] = { - BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_b[] = { - BYTES_TO_T_UINT_2( 0x05, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x05, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_gx[] = { - BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), - BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), - BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), - BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ), }; static const mbedtls_mpi_uint secp224k1_gy[] = { - BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), - BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), - BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), - BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ), }; static const mbedtls_mpi_uint secp224k1_n[] = { - BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ), - BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp224k1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), - BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), - BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), - BYTES_TO_T_UINT_8( 0x33, 0x5B, 0x45, 0xA1, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x5B, 0x45, 0xA1, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), - BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), - BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), - BYTES_TO_T_UINT_8( 0xED, 0x9F, 0x08, 0x7E, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x9F, 0x08, 0x7E, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x99, 0x6C, 0x22, 0x22, 0x40, 0x89, 0xAE, 0x7A ), - BYTES_TO_T_UINT_8( 0x2F, 0x92, 0xE1, 0x87, 0x56, 0x35, 0xAF, 0x9B ), - BYTES_TO_T_UINT_8( 0x88, 0xAF, 0x08, 0x35, 0x27, 0xEA, 0x04, 0xED ), - BYTES_TO_T_UINT_8( 0xF0, 0x53, 0xFD, 0xCF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x6C, 0x22, 0x22, 0x40, 0x89, 0xAE, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x92, 0xE1, 0x87, 0x56, 0x35, 0xAF, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0xAF, 0x08, 0x35, 0x27, 0xEA, 0x04, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x53, 0xFD, 0xCF, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0xC1, 0xD0, 0x9F, 0x8D, 0xF3, 0x63, 0x54, 0x30 ), - BYTES_TO_T_UINT_8( 0x39, 0xDB, 0x0F, 0x61, 0x54, 0x26, 0xD1, 0x98 ), - BYTES_TO_T_UINT_8( 0xF5, 0x21, 0xF7, 0x1B, 0xB5, 0x1D, 0xF6, 0x7E ), - BYTES_TO_T_UINT_8( 0xFF, 0x05, 0xDA, 0x8F, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0xD0, 0x9F, 0x8D, 0xF3, 0x63, 0x54, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0xDB, 0x0F, 0x61, 0x54, 0x26, 0xD1, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x21, 0xF7, 0x1B, 0xB5, 0x1D, 0xF6, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x05, 0xDA, 0x8F, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x10, 0x26, 0x73, 0xBC, 0xE4, 0x29, 0x62, 0x56 ), - BYTES_TO_T_UINT_8( 0x37, 0x95, 0x17, 0x8B, 0xC3, 0x9B, 0xAC, 0xCC ), - BYTES_TO_T_UINT_8( 0xB1, 0xDB, 0x77, 0xDF, 0xDD, 0x13, 0x04, 0x98 ), - BYTES_TO_T_UINT_8( 0x02, 0xFC, 0x22, 0x93, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x26, 0x73, 0xBC, 0xE4, 0x29, 0x62, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x95, 0x17, 0x8B, 0xC3, 0x9B, 0xAC, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xDB, 0x77, 0xDF, 0xDD, 0x13, 0x04, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0xFC, 0x22, 0x93, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0xAC, 0x65, 0xF1, 0x5A, 0x37, 0xEF, 0x79, 0xAD ), - BYTES_TO_T_UINT_8( 0x99, 0x01, 0x37, 0xAC, 0x9A, 0x5B, 0x51, 0x65 ), - BYTES_TO_T_UINT_8( 0xFA, 0x75, 0x13, 0xA9, 0x4A, 0xAD, 0xFE, 0x9B ), - BYTES_TO_T_UINT_8( 0x32, 0x82, 0x6F, 0x66, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x65, 0xF1, 0x5A, 0x37, 0xEF, 0x79, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x01, 0x37, 0xAC, 0x9A, 0x5B, 0x51, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x75, 0x13, 0xA9, 0x4A, 0xAD, 0xFE, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x82, 0x6F, 0x66, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x4D, 0x5E, 0xF0, 0x40, 0xC3, 0xA6, 0xE2, 0x1E ), - BYTES_TO_T_UINT_8( 0x34, 0x9A, 0x6F, 0xCF, 0x11, 0x26, 0x66, 0x85 ), - BYTES_TO_T_UINT_8( 0x79, 0x73, 0xA8, 0xCF, 0x2B, 0x12, 0x36, 0x37 ), - BYTES_TO_T_UINT_8( 0xB9, 0xB3, 0x0A, 0x58, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0x5E, 0xF0, 0x40, 0xC3, 0xA6, 0xE2, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x9A, 0x6F, 0xCF, 0x11, 0x26, 0x66, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0x73, 0xA8, 0xCF, 0x2B, 0x12, 0x36, 0x37 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xB3, 0x0A, 0x58, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xD3, 0x79, 0x00, 0x55, 0x04, 0x34, 0x90, 0x1A ), - BYTES_TO_T_UINT_8( 0x0A, 0x54, 0x1C, 0xC2, 0x45, 0x0C, 0x1B, 0x23 ), - BYTES_TO_T_UINT_8( 0x86, 0x19, 0xAB, 0xA8, 0xFC, 0x73, 0xDC, 0xEE ), - BYTES_TO_T_UINT_8( 0x72, 0xFB, 0x93, 0xCE, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x79, 0x00, 0x55, 0x04, 0x34, 0x90, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x54, 0x1C, 0xC2, 0x45, 0x0C, 0x1B, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x19, 0xAB, 0xA8, 0xFC, 0x73, 0xDC, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0xFB, 0x93, 0xCE, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0xF8, 0x75, 0xD0, 0x66, 0x95, 0x86, 0xCA, 0x66 ), - BYTES_TO_T_UINT_8( 0x17, 0xEA, 0x29, 0x16, 0x6A, 0x38, 0xDF, 0x41 ), - BYTES_TO_T_UINT_8( 0xD8, 0xA2, 0x36, 0x2F, 0xDC, 0xBB, 0x5E, 0xF7 ), - BYTES_TO_T_UINT_8( 0xD4, 0x89, 0x59, 0x49, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x75, 0xD0, 0x66, 0x95, 0x86, 0xCA, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xEA, 0x29, 0x16, 0x6A, 0x38, 0xDF, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xA2, 0x36, 0x2F, 0xDC, 0xBB, 0x5E, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x89, 0x59, 0x49, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0xCA, 0xA3, 0x99, 0x9D, 0xB8, 0x77, 0x9D, 0x1D ), - BYTES_TO_T_UINT_8( 0x0A, 0x93, 0x43, 0x47, 0xC6, 0x5C, 0xF9, 0xFD ), - BYTES_TO_T_UINT_8( 0xAA, 0x00, 0x79, 0x42, 0x64, 0xB8, 0x25, 0x3E ), - BYTES_TO_T_UINT_8( 0x29, 0x54, 0xB4, 0x33, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0xA3, 0x99, 0x9D, 0xB8, 0x77, 0x9D, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x93, 0x43, 0x47, 0xC6, 0x5C, 0xF9, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x00, 0x79, 0x42, 0x64, 0xB8, 0x25, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x54, 0xB4, 0x33, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0xD9, 0x0C, 0x42, 0x90, 0x83, 0x0B, 0x31, 0x5F ), - BYTES_TO_T_UINT_8( 0x54, 0x2E, 0xAE, 0xC8, 0xC7, 0x5F, 0xD2, 0x70 ), - BYTES_TO_T_UINT_8( 0xA9, 0xBC, 0xAD, 0x41, 0xE7, 0x32, 0x3A, 0x81 ), - BYTES_TO_T_UINT_8( 0x8A, 0x97, 0x52, 0x83, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x0C, 0x42, 0x90, 0x83, 0x0B, 0x31, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x2E, 0xAE, 0xC8, 0xC7, 0x5F, 0xD2, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0xBC, 0xAD, 0x41, 0xE7, 0x32, 0x3A, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x97, 0x52, 0x83, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0x1A, 0x13, 0x7A, 0xBD, 0xAE, 0x94, 0x60, 0xFD ), - BYTES_TO_T_UINT_8( 0x92, 0x9B, 0x95, 0xB4, 0x6E, 0x68, 0xB2, 0x1F ), - BYTES_TO_T_UINT_8( 0x15, 0x49, 0xBE, 0x51, 0xFE, 0x66, 0x15, 0x74 ), - BYTES_TO_T_UINT_8( 0xE6, 0x37, 0xE4, 0xFE, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x13, 0x7A, 0xBD, 0xAE, 0x94, 0x60, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x9B, 0x95, 0xB4, 0x6E, 0x68, 0xB2, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x49, 0xBE, 0x51, 0xFE, 0x66, 0x15, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x37, 0xE4, 0xFE, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0xF6, 0x9B, 0xEE, 0x64, 0xC9, 0x1B, 0xBD, 0x77 ), - BYTES_TO_T_UINT_8( 0xDA, 0x5F, 0x34, 0xA9, 0x0B, 0xB7, 0x25, 0x52 ), - BYTES_TO_T_UINT_8( 0x90, 0x13, 0xB1, 0x38, 0xFB, 0x9D, 0x78, 0xED ), - BYTES_TO_T_UINT_8( 0x39, 0xE7, 0x1B, 0xFA, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x9B, 0xEE, 0x64, 0xC9, 0x1B, 0xBD, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x5F, 0x34, 0xA9, 0x0B, 0xB7, 0x25, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0x13, 0xB1, 0x38, 0xFB, 0x9D, 0x78, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0xE7, 0x1B, 0xFA, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xFB, 0xB3, 0xB7, 0x44, 0x92, 0x6B, 0x00, 0x82 ), - BYTES_TO_T_UINT_8( 0x97, 0x82, 0x44, 0x3E, 0x18, 0x1A, 0x58, 0x6A ), - BYTES_TO_T_UINT_8( 0x15, 0xF8, 0xC0, 0xE4, 0xEE, 0xC1, 0xBF, 0x44 ), - BYTES_TO_T_UINT_8( 0x7E, 0x32, 0x27, 0xB2, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xB3, 0xB7, 0x44, 0x92, 0x6B, 0x00, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x82, 0x44, 0x3E, 0x18, 0x1A, 0x58, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0xF8, 0xC0, 0xE4, 0xEE, 0xC1, 0xBF, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x32, 0x27, 0xB2, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xF4, 0x9A, 0x42, 0x62, 0x8B, 0x26, 0x54, 0x21 ), - BYTES_TO_T_UINT_8( 0x24, 0x85, 0x74, 0xA0, 0x79, 0xA8, 0xEE, 0xBE ), - BYTES_TO_T_UINT_8( 0x80, 0x36, 0x60, 0xB3, 0x28, 0x4D, 0x55, 0xBE ), - BYTES_TO_T_UINT_8( 0x32, 0x27, 0x82, 0x29, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x9A, 0x42, 0x62, 0x8B, 0x26, 0x54, 0x21 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x85, 0x74, 0xA0, 0x79, 0xA8, 0xEE, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x36, 0x60, 0xB3, 0x28, 0x4D, 0x55, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x27, 0x82, 0x29, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x0D, 0xFC, 0x73, 0x77, 0xAF, 0x5C, 0xAC, 0x78 ), - BYTES_TO_T_UINT_8( 0xCC, 0xED, 0xE5, 0xF6, 0x1D, 0xA8, 0x67, 0x43 ), - BYTES_TO_T_UINT_8( 0xF8, 0xDE, 0x33, 0x1C, 0xF1, 0x80, 0x73, 0xF8 ), - BYTES_TO_T_UINT_8( 0x2A, 0xE2, 0xDE, 0x3C, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0xFC, 0x73, 0x77, 0xAF, 0x5C, 0xAC, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0xED, 0xE5, 0xF6, 0x1D, 0xA8, 0x67, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0xDE, 0x33, 0x1C, 0xF1, 0x80, 0x73, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xE2, 0xDE, 0x3C, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x57, 0x3E, 0x6B, 0xFE, 0xF0, 0x04, 0x28, 0x01 ), - BYTES_TO_T_UINT_8( 0xBB, 0xB2, 0x14, 0x9D, 0x18, 0x11, 0x7D, 0x9D ), - BYTES_TO_T_UINT_8( 0x96, 0xC4, 0xD6, 0x2E, 0x6E, 0x57, 0x4D, 0xE1 ), - BYTES_TO_T_UINT_8( 0xEA, 0x55, 0x1B, 0xDE, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x3E, 0x6B, 0xFE, 0xF0, 0x04, 0x28, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0xB2, 0x14, 0x9D, 0x18, 0x11, 0x7D, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC4, 0xD6, 0x2E, 0x6E, 0x57, 0x4D, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0x55, 0x1B, 0xDE, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x07, 0xF7, 0x17, 0xBC, 0x45, 0xAB, 0x16, 0xAB ), - BYTES_TO_T_UINT_8( 0xCD, 0xB0, 0xEF, 0x61, 0xE3, 0x20, 0x7C, 0xF8 ), - BYTES_TO_T_UINT_8( 0x6C, 0x85, 0x41, 0x4D, 0xF1, 0x7E, 0x4D, 0x41 ), - BYTES_TO_T_UINT_8( 0x99, 0xC2, 0x9B, 0x5E, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xF7, 0x17, 0xBC, 0x45, 0xAB, 0x16, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xB0, 0xEF, 0x61, 0xE3, 0x20, 0x7C, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x85, 0x41, 0x4D, 0xF1, 0x7E, 0x4D, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xC2, 0x9B, 0x5E, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x70, 0x2E, 0x49, 0x3D, 0x3E, 0x4B, 0xD3, 0x32 ), - BYTES_TO_T_UINT_8( 0xC8, 0x2B, 0x9D, 0xD5, 0x27, 0xFA, 0xCA, 0xE0 ), - BYTES_TO_T_UINT_8( 0xB3, 0xB3, 0x6A, 0xE0, 0x79, 0x14, 0x28, 0x0F ), - BYTES_TO_T_UINT_8( 0x6C, 0x1E, 0xDC, 0xF5, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x2E, 0x49, 0x3D, 0x3E, 0x4B, 0xD3, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x2B, 0x9D, 0xD5, 0x27, 0xFA, 0xCA, 0xE0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0xB3, 0x6A, 0xE0, 0x79, 0x14, 0x28, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x1E, 0xDC, 0xF5, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xCA, 0x44, 0x56, 0xCD, 0xFC, 0x9F, 0x09, 0xFF ), - BYTES_TO_T_UINT_8( 0x5C, 0x8C, 0x59, 0xA4, 0x64, 0x2A, 0x3A, 0xED ), - BYTES_TO_T_UINT_8( 0x40, 0xA0, 0xB5, 0x86, 0x4E, 0x69, 0xDA, 0x06 ), - BYTES_TO_T_UINT_8( 0x08, 0x8B, 0x11, 0x38, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x44, 0x56, 0xCD, 0xFC, 0x9F, 0x09, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x8C, 0x59, 0xA4, 0x64, 0x2A, 0x3A, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xA0, 0xB5, 0x86, 0x4E, 0x69, 0xDA, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x8B, 0x11, 0x38, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0xA0, 0x17, 0x16, 0x12, 0x17, 0xDC, 0x00, 0x7E ), - BYTES_TO_T_UINT_8( 0xE7, 0x76, 0x24, 0x6C, 0x97, 0x2C, 0xB5, 0xF9 ), - BYTES_TO_T_UINT_8( 0x82, 0x71, 0xE3, 0xB0, 0xBB, 0x4E, 0x50, 0x52 ), - BYTES_TO_T_UINT_8( 0x6E, 0x48, 0x26, 0xD5, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x17, 0x16, 0x12, 0x17, 0xDC, 0x00, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x76, 0x24, 0x6C, 0x97, 0x2C, 0xB5, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x71, 0xE3, 0xB0, 0xBB, 0x4E, 0x50, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0x48, 0x26, 0xD5, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x06, 0x5F, 0x28, 0xF6, 0x01, 0x5A, 0x60, 0x41 ), - BYTES_TO_T_UINT_8( 0xAE, 0x95, 0xFE, 0xD0, 0xAD, 0x15, 0xD4, 0xD9 ), - BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0x7A, 0xFD, 0x80, 0xF7, 0x9F, 0x64 ), - BYTES_TO_T_UINT_8( 0x32, 0xBC, 0x1B, 0xDF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x5F, 0x28, 0xF6, 0x01, 0x5A, 0x60, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x95, 0xFE, 0xD0, 0xAD, 0x15, 0xD4, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x5B, 0x7A, 0xFD, 0x80, 0xF7, 0x9F, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0xBC, 0x1B, 0xDF, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xBB, 0xE6, 0xDF, 0x14, 0x29, 0xF4, 0xD4, 0x14 ), - BYTES_TO_T_UINT_8( 0xE5, 0x12, 0xDD, 0xEC, 0x5B, 0x8A, 0x59, 0xE5 ), - BYTES_TO_T_UINT_8( 0x26, 0x92, 0x3E, 0x35, 0x08, 0xE9, 0xCF, 0x0E ), - BYTES_TO_T_UINT_8( 0xE0, 0x35, 0x29, 0x97, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0xE6, 0xDF, 0x14, 0x29, 0xF4, 0xD4, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x12, 0xDD, 0xEC, 0x5B, 0x8A, 0x59, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x92, 0x3E, 0x35, 0x08, 0xE9, 0xCF, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0x35, 0x29, 0x97, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x11, 0xDB, 0xD6, 0x6A, 0xC5, 0x43, 0xA4, 0xA1 ), - BYTES_TO_T_UINT_8( 0x61, 0x33, 0x50, 0x61, 0x70, 0xA1, 0xE9, 0xCE ), - BYTES_TO_T_UINT_8( 0x15, 0x15, 0x6E, 0x5F, 0x01, 0x0C, 0x8C, 0xFA ), - BYTES_TO_T_UINT_8( 0x85, 0xA1, 0x9A, 0x9D, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xDB, 0xD6, 0x6A, 0xC5, 0x43, 0xA4, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x33, 0x50, 0x61, 0x70, 0xA1, 0xE9, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x15, 0x6E, 0x5F, 0x01, 0x0C, 0x8C, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0xA1, 0x9A, 0x9D, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x6E, 0xC6, 0xF7, 0xE2, 0x4A, 0xCD, 0x9B, 0x61 ), - BYTES_TO_T_UINT_8( 0x34, 0x4D, 0x5A, 0xB8, 0xE2, 0x6D, 0xA6, 0x50 ), - BYTES_TO_T_UINT_8( 0x32, 0x3F, 0xB6, 0x17, 0xE3, 0x2C, 0x6F, 0x65 ), - BYTES_TO_T_UINT_8( 0x1E, 0xA4, 0x59, 0x51, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0xC6, 0xF7, 0xE2, 0x4A, 0xCD, 0x9B, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x4D, 0x5A, 0xB8, 0xE2, 0x6D, 0xA6, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x3F, 0xB6, 0x17, 0xE3, 0x2C, 0x6F, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xA4, 0x59, 0x51, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x77, 0x4F, 0x7C, 0x49, 0xCD, 0x6E, 0xEB, 0x3C ), - BYTES_TO_T_UINT_8( 0x05, 0xC9, 0x1F, 0xB7, 0x4D, 0x98, 0xC7, 0x67 ), - BYTES_TO_T_UINT_8( 0x4C, 0xFD, 0x98, 0x20, 0x95, 0xBB, 0x20, 0x3A ), - BYTES_TO_T_UINT_8( 0xE0, 0xF2, 0x73, 0x92, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x4F, 0x7C, 0x49, 0xCD, 0x6E, 0xEB, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0xC9, 0x1F, 0xB7, 0x4D, 0x98, 0xC7, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4C, 0xFD, 0x98, 0x20, 0x95, 0xBB, 0x20, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0xF2, 0x73, 0x92, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0xE2, 0xEF, 0xFB, 0x30, 0xFA, 0x12, 0x1A, 0xB0 ), - BYTES_TO_T_UINT_8( 0x7A, 0x4C, 0x24, 0xB4, 0x5B, 0xC9, 0x4C, 0x0F ), - BYTES_TO_T_UINT_8( 0x7A, 0xDD, 0x5E, 0x84, 0x95, 0x4D, 0x26, 0xED ), - BYTES_TO_T_UINT_8( 0xE3, 0xFA, 0xF9, 0x3A, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0xEF, 0xFB, 0x30, 0xFA, 0x12, 0x1A, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0x4C, 0x24, 0xB4, 0x5B, 0xC9, 0x4C, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xDD, 0x5E, 0x84, 0x95, 0x4D, 0x26, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0xFA, 0xF9, 0x3A, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x6A, 0xA3, 0x2E, 0x7A, 0xDC, 0xA7, 0x53, 0xA9 ), - BYTES_TO_T_UINT_8( 0x7C, 0x9F, 0x81, 0x84, 0xB2, 0x0D, 0xFE, 0x31 ), - BYTES_TO_T_UINT_8( 0x61, 0x89, 0x1B, 0x77, 0x0C, 0x89, 0x71, 0xEC ), - BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0x7F, 0xB2, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0xA3, 0x2E, 0x7A, 0xDC, 0xA7, 0x53, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x9F, 0x81, 0x84, 0xB2, 0x0D, 0xFE, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x89, 0x1B, 0x77, 0x0C, 0x89, 0x71, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0x7F, 0xB2, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x28, 0xE9, 0x2C, 0x79, 0xA6, 0x3C, 0xAD, 0x93 ), - BYTES_TO_T_UINT_8( 0xD6, 0xE0, 0x23, 0x02, 0x86, 0x0F, 0x77, 0x2A ), - BYTES_TO_T_UINT_8( 0x13, 0x93, 0x6D, 0xE9, 0xF9, 0x3C, 0xBE, 0xB9 ), - BYTES_TO_T_UINT_8( 0x04, 0xE7, 0x24, 0x92, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0xE9, 0x2C, 0x79, 0xA6, 0x3C, 0xAD, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xE0, 0x23, 0x02, 0x86, 0x0F, 0x77, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x93, 0x6D, 0xE9, 0xF9, 0x3C, 0xBE, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xE7, 0x24, 0x92, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0xBB, 0x3C, 0x5B, 0x4B, 0x1B, 0x25, 0x37, 0xD6 ), - BYTES_TO_T_UINT_8( 0xC9, 0xE8, 0x38, 0x1B, 0xA1, 0x5A, 0x2E, 0x68 ), - BYTES_TO_T_UINT_8( 0x03, 0x19, 0xFD, 0xF4, 0x78, 0x01, 0x6B, 0x44 ), - BYTES_TO_T_UINT_8( 0x0F, 0x69, 0x37, 0x4F, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x3C, 0x5B, 0x4B, 0x1B, 0x25, 0x37, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xE8, 0x38, 0x1B, 0xA1, 0x5A, 0x2E, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0x19, 0xFD, 0xF4, 0x78, 0x01, 0x6B, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0x69, 0x37, 0x4F, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0x1A, 0xE2, 0xBF, 0xD3, 0xEC, 0x95, 0x9C, 0x03 ), - BYTES_TO_T_UINT_8( 0xC2, 0x7B, 0xFC, 0xD5, 0xD3, 0x25, 0x5E, 0x0F ), - BYTES_TO_T_UINT_8( 0x39, 0x55, 0x09, 0xA2, 0x58, 0x6A, 0xC9, 0xFF ), - BYTES_TO_T_UINT_8( 0x80, 0xCC, 0x3B, 0xD9, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0xE2, 0xBF, 0xD3, 0xEC, 0x95, 0x9C, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x7B, 0xFC, 0xD5, 0xD3, 0x25, 0x5E, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0x55, 0x09, 0xA2, 0x58, 0x6A, 0xC9, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0xCC, 0x3B, 0xD9, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp224k1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0x8F, 0x08, 0x65, 0x5E, 0xCB, 0xAB, 0x48, 0xC8 ), - BYTES_TO_T_UINT_8( 0xEE, 0x79, 0x8B, 0xC0, 0x11, 0xC0, 0x69, 0x38 ), - BYTES_TO_T_UINT_8( 0xE6, 0xE8, 0x8C, 0x4C, 0xC5, 0x28, 0xE4, 0xAE ), - BYTES_TO_T_UINT_8( 0xA5, 0x1F, 0x34, 0x5C, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0x08, 0x65, 0x5E, 0xCB, 0xAB, 0x48, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x79, 0x8B, 0xC0, 0x11, 0xC0, 0x69, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xE8, 0x8C, 0x4C, 0xC5, 0x28, 0xE4, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x1F, 0x34, 0x5C, 0x00, 0x00, 0x00, 0x00 ), }; static const mbedtls_ecp_point secp224k1_T[16] = { ECP_POINT_INIT_XY_Z1(secp224k1_T_0_X, secp224k1_T_0_Y), @@ -2651,228 +2651,228 @@ static const mbedtls_ecp_point secp224k1_T[16] = { #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) static const mbedtls_mpi_uint secp256k1_p[] = { - BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; static const mbedtls_mpi_uint secp256k1_a[] = { - BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; static const mbedtls_mpi_uint secp256k1_b[] = { - BYTES_TO_T_UINT_2( 0x07, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2( 0x07, 0x00 ), }; static const mbedtls_mpi_uint secp256k1_gx[] = { - BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), - BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), - BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), - BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), }; static const mbedtls_mpi_uint secp256k1_gy[] = { - BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), - BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), - BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), - BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), }; static const mbedtls_mpi_uint secp256k1_n[] = { - BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ), - BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ), - BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint secp256k1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), - BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), - BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), - BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), }; static const mbedtls_mpi_uint secp256k1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), - BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), - BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), - BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), }; static const mbedtls_mpi_uint secp256k1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0xE7, 0xEE, 0xD7, 0x1E, 0x67, 0x86, 0x32, 0x74 ), - BYTES_TO_T_UINT_8( 0x23, 0x73, 0xB1, 0xA9, 0xD5, 0xCC, 0x27, 0x78 ), - BYTES_TO_T_UINT_8( 0x1F, 0x0E, 0x11, 0x01, 0x71, 0xFE, 0x92, 0x73 ), - BYTES_TO_T_UINT_8( 0xC6, 0x28, 0x63, 0x6D, 0x72, 0x09, 0xA6, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xEE, 0xD7, 0x1E, 0x67, 0x86, 0x32, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x73, 0xB1, 0xA9, 0xD5, 0xCC, 0x27, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x0E, 0x11, 0x01, 0x71, 0xFE, 0x92, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x28, 0x63, 0x6D, 0x72, 0x09, 0xA6, 0xC0 ), }; static const mbedtls_mpi_uint secp256k1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0x69, 0xDC, 0x3E, 0x2C, 0x75, 0xC3 ), - BYTES_TO_T_UINT_8( 0xE5, 0xB7, 0x3F, 0x30, 0x26, 0x3C, 0xDF, 0x8E ), - BYTES_TO_T_UINT_8( 0x3D, 0xBE, 0xB9, 0x5D, 0x0E, 0xE8, 0x5E, 0x14 ), - BYTES_TO_T_UINT_8( 0x01, 0xC3, 0x05, 0xD6, 0xB7, 0xD5, 0x24, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0x69, 0xDC, 0x3E, 0x2C, 0x75, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0xB7, 0x3F, 0x30, 0x26, 0x3C, 0xDF, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xBE, 0xB9, 0x5D, 0x0E, 0xE8, 0x5E, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0xC3, 0x05, 0xD6, 0xB7, 0xD5, 0x24, 0xFC ), }; static const mbedtls_mpi_uint secp256k1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x13, 0xCF, 0x7B, 0xDC, 0xCD, 0xC3, 0x39, 0x9D ), - BYTES_TO_T_UINT_8( 0x42, 0xDA, 0xB9, 0xE5, 0x64, 0xA7, 0x47, 0x91 ), - BYTES_TO_T_UINT_8( 0x76, 0x46, 0xA8, 0x61, 0xF6, 0x23, 0xEB, 0x58 ), - BYTES_TO_T_UINT_8( 0x5C, 0xC1, 0xFF, 0xE4, 0x55, 0xD5, 0xC2, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0xCF, 0x7B, 0xDC, 0xCD, 0xC3, 0x39, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xDA, 0xB9, 0xE5, 0x64, 0xA7, 0x47, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0x46, 0xA8, 0x61, 0xF6, 0x23, 0xEB, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xC1, 0xFF, 0xE4, 0x55, 0xD5, 0xC2, 0xBF ), }; static const mbedtls_mpi_uint secp256k1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0xC9, 0xBE, 0xB9, 0x59, 0x24, 0x13, 0x4A, 0x2A ), - BYTES_TO_T_UINT_8( 0x64, 0x45, 0x12, 0xDE, 0xBA, 0x4F, 0xEF, 0x56 ), - BYTES_TO_T_UINT_8( 0xBE, 0x08, 0xBF, 0xC1, 0x66, 0xAA, 0x0A, 0xBC ), - BYTES_TO_T_UINT_8( 0x36, 0xFE, 0x30, 0x55, 0x31, 0x86, 0xA7, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xBE, 0xB9, 0x59, 0x24, 0x13, 0x4A, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x45, 0x12, 0xDE, 0xBA, 0x4F, 0xEF, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x08, 0xBF, 0xC1, 0x66, 0xAA, 0x0A, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xFE, 0x30, 0x55, 0x31, 0x86, 0xA7, 0xB4 ), }; static const mbedtls_mpi_uint secp256k1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x1D, 0xBF, 0x18, 0x81, 0x67, 0x27, 0x42, 0xBD ), - BYTES_TO_T_UINT_8( 0x08, 0x05, 0x83, 0xA4, 0xDD, 0x57, 0xD3, 0x50 ), - BYTES_TO_T_UINT_8( 0x20, 0x63, 0xAB, 0xE4, 0x90, 0x70, 0xD0, 0x7C ), - BYTES_TO_T_UINT_8( 0x71, 0x5D, 0xFD, 0xA0, 0xEF, 0xCF, 0x1C, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0xBF, 0x18, 0x81, 0x67, 0x27, 0x42, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x05, 0x83, 0xA4, 0xDD, 0x57, 0xD3, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0x63, 0xAB, 0xE4, 0x90, 0x70, 0xD0, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x5D, 0xFD, 0xA0, 0xEF, 0xCF, 0x1C, 0x54 ), }; static const mbedtls_mpi_uint secp256k1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0x13, 0x80, 0xE4, 0xF6, 0x09, 0xBC, 0x57, 0x90 ), - BYTES_TO_T_UINT_8( 0x21, 0x9F, 0x6E, 0x88, 0x54, 0x6E, 0x51, 0xF2 ), - BYTES_TO_T_UINT_8( 0xF5, 0x5F, 0x85, 0xFB, 0x84, 0x3E, 0x4A, 0xAA ), - BYTES_TO_T_UINT_8( 0xA8, 0x19, 0xF5, 0x55, 0xC9, 0x07, 0xD8, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x80, 0xE4, 0xF6, 0x09, 0xBC, 0x57, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x9F, 0x6E, 0x88, 0x54, 0x6E, 0x51, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x5F, 0x85, 0xFB, 0x84, 0x3E, 0x4A, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x19, 0xF5, 0x55, 0xC9, 0x07, 0xD8, 0xCE ), }; static const mbedtls_mpi_uint secp256k1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0x1A, 0xB4, 0xC3, 0xD9, 0x5C, 0xA0, 0xD4, 0x90 ), - BYTES_TO_T_UINT_8( 0x0D, 0x30, 0xAF, 0x59, 0x9B, 0xF8, 0x04, 0x85 ), - BYTES_TO_T_UINT_8( 0x4D, 0xA6, 0xFD, 0x66, 0x7B, 0xC3, 0x39, 0x85 ), - BYTES_TO_T_UINT_8( 0xE0, 0xBF, 0xF0, 0xC2, 0xE9, 0x71, 0xA4, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0xB4, 0xC3, 0xD9, 0x5C, 0xA0, 0xD4, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x30, 0xAF, 0x59, 0x9B, 0xF8, 0x04, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xA6, 0xFD, 0x66, 0x7B, 0xC3, 0x39, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE0, 0xBF, 0xF0, 0xC2, 0xE9, 0x71, 0xA4, 0x9E ), }; static const mbedtls_mpi_uint secp256k1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x14, 0x2D, 0xB9, 0x88, 0x28, 0xF1, 0xBE, 0x78 ), - BYTES_TO_T_UINT_8( 0x14, 0xF3, 0x1A, 0x0E, 0xB9, 0x01, 0x66, 0x34 ), - BYTES_TO_T_UINT_8( 0x77, 0xA7, 0xA4, 0xF4, 0x05, 0xD0, 0xAA, 0x53 ), - BYTES_TO_T_UINT_8( 0x00, 0x39, 0x1E, 0x47, 0xE5, 0x68, 0xC8, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0x2D, 0xB9, 0x88, 0x28, 0xF1, 0xBE, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0xF3, 0x1A, 0x0E, 0xB9, 0x01, 0x66, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0xA7, 0xA4, 0xF4, 0x05, 0xD0, 0xAA, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x39, 0x1E, 0x47, 0xE5, 0x68, 0xC8, 0xC0 ), }; static const mbedtls_mpi_uint secp256k1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0xDD, 0xB9, 0xFC, 0xE0, 0x33, 0x8A, 0x7D, 0x96 ), - BYTES_TO_T_UINT_8( 0x4F, 0x93, 0xA5, 0x53, 0x55, 0x16, 0xB4, 0x6E ), - BYTES_TO_T_UINT_8( 0xE9, 0x5F, 0xEA, 0x9B, 0x29, 0x52, 0x71, 0xDA ), - BYTES_TO_T_UINT_8( 0xB2, 0xF0, 0x24, 0xB8, 0x7D, 0xB7, 0xA0, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xB9, 0xFC, 0xE0, 0x33, 0x8A, 0x7D, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x93, 0xA5, 0x53, 0x55, 0x16, 0xB4, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x5F, 0xEA, 0x9B, 0x29, 0x52, 0x71, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0xF0, 0x24, 0xB8, 0x7D, 0xB7, 0xA0, 0x9B ), }; static const mbedtls_mpi_uint secp256k1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xC2, 0x00, 0x27, 0xB2, 0xDF, 0x73, 0xA2, 0xE0 ), - BYTES_TO_T_UINT_8( 0x1D, 0x2E, 0x4D, 0x7C, 0xDE, 0x7A, 0x23, 0x32 ), - BYTES_TO_T_UINT_8( 0xAC, 0x65, 0x60, 0xC7, 0x97, 0x1E, 0xA4, 0x22 ), - BYTES_TO_T_UINT_8( 0xCD, 0x13, 0x5B, 0x77, 0x59, 0xCB, 0x36, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x00, 0x27, 0xB2, 0xDF, 0x73, 0xA2, 0xE0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x2E, 0x4D, 0x7C, 0xDE, 0x7A, 0x23, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x65, 0x60, 0xC7, 0x97, 0x1E, 0xA4, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x13, 0x5B, 0x77, 0x59, 0xCB, 0x36, 0xE1 ), }; static const mbedtls_mpi_uint secp256k1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x99, 0xBC, 0x9F, 0x9E, 0x2D, 0x53, 0x2A, 0xA8 ), - BYTES_TO_T_UINT_8( 0x87, 0x5F, 0x64, 0x9F, 0x1A, 0x19, 0xE6, 0x77 ), - BYTES_TO_T_UINT_8( 0x9E, 0x7B, 0x39, 0xD2, 0xDB, 0x85, 0x84, 0xD5 ), - BYTES_TO_T_UINT_8( 0x83, 0xC7, 0x0D, 0x58, 0x6E, 0x3F, 0x52, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xBC, 0x9F, 0x9E, 0x2D, 0x53, 0x2A, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x5F, 0x64, 0x9F, 0x1A, 0x19, 0xE6, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x7B, 0x39, 0xD2, 0xDB, 0x85, 0x84, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0xC7, 0x0D, 0x58, 0x6E, 0x3F, 0x52, 0x15 ), }; static const mbedtls_mpi_uint secp256k1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0x21, 0x68, 0x19, 0x0B, 0x68, 0xC9, 0x1E, 0xFB ), - BYTES_TO_T_UINT_8( 0xD2, 0x4E, 0x21, 0x49, 0x3D, 0x55, 0xCC, 0x25 ), - BYTES_TO_T_UINT_8( 0xF5, 0xF9, 0x25, 0x45, 0x54, 0x45, 0xB1, 0x0F ), - BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xF7, 0xCD, 0x80, 0xA4, 0x04, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x68, 0x19, 0x0B, 0x68, 0xC9, 0x1E, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x4E, 0x21, 0x49, 0x3D, 0x55, 0xCC, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xF9, 0x25, 0x45, 0x54, 0x45, 0xB1, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xF7, 0xCD, 0x80, 0xA4, 0x04, 0x05 ), }; static const mbedtls_mpi_uint secp256k1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xD4, 0x1E, 0x88, 0xC4, 0xAA, 0x18, 0x7E, 0x45 ), - BYTES_TO_T_UINT_8( 0x4B, 0xAC, 0xD9, 0xB2, 0xA1, 0xC0, 0x71, 0x5D ), - BYTES_TO_T_UINT_8( 0xA9, 0xA2, 0xF1, 0x15, 0xA6, 0x5F, 0x6C, 0x86 ), - BYTES_TO_T_UINT_8( 0x4F, 0x5B, 0x05, 0xBC, 0xB7, 0xC6, 0x4E, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x1E, 0x88, 0xC4, 0xAA, 0x18, 0x7E, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0xAC, 0xD9, 0xB2, 0xA1, 0xC0, 0x71, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0xA2, 0xF1, 0x15, 0xA6, 0x5F, 0x6C, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x5B, 0x05, 0xBC, 0xB7, 0xC6, 0x4E, 0x72 ), }; static const mbedtls_mpi_uint secp256k1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x1D, 0x80, 0xF8, 0x5C, 0x20, 0x2A, 0xE1, 0xE2 ), - BYTES_TO_T_UINT_8( 0x7C, 0x48, 0x2E, 0x68, 0x82, 0x7F, 0xEB, 0x5F ), - BYTES_TO_T_UINT_8( 0xA2, 0x3B, 0x25, 0xDB, 0x32, 0x4D, 0x88, 0x42 ), - BYTES_TO_T_UINT_8( 0xEE, 0x6E, 0xA6, 0xB6, 0x6D, 0x62, 0x78, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x80, 0xF8, 0x5C, 0x20, 0x2A, 0xE1, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x48, 0x2E, 0x68, 0x82, 0x7F, 0xEB, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA2, 0x3B, 0x25, 0xDB, 0x32, 0x4D, 0x88, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x6E, 0xA6, 0xB6, 0x6D, 0x62, 0x78, 0x22 ), }; static const mbedtls_mpi_uint secp256k1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x1F, 0x4D, 0x3E, 0x86, 0x58, 0xC3, 0xEB, 0xBA ), - BYTES_TO_T_UINT_8( 0x1A, 0x89, 0x33, 0x18, 0x21, 0x1D, 0x9B, 0xE7 ), - BYTES_TO_T_UINT_8( 0x0B, 0x9D, 0xFF, 0xC3, 0x79, 0xC1, 0x88, 0xF8 ), - BYTES_TO_T_UINT_8( 0x28, 0xD4, 0x48, 0x53, 0xE8, 0xAD, 0x21, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x4D, 0x3E, 0x86, 0x58, 0xC3, 0xEB, 0xBA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x89, 0x33, 0x18, 0x21, 0x1D, 0x9B, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x9D, 0xFF, 0xC3, 0x79, 0xC1, 0x88, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0xD4, 0x48, 0x53, 0xE8, 0xAD, 0x21, 0x16 ), }; static const mbedtls_mpi_uint secp256k1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0xF5, 0x7B, 0xDE, 0xCB, 0xD8, 0x39, 0x17, 0x7C ), - BYTES_TO_T_UINT_8( 0xD3, 0xF3, 0x03, 0xF2, 0x5C, 0xBC, 0xC8, 0x8A ), - BYTES_TO_T_UINT_8( 0x27, 0xAE, 0x4C, 0xB0, 0x16, 0xA4, 0x93, 0x86 ), - BYTES_TO_T_UINT_8( 0x71, 0x8B, 0x6B, 0xDC, 0xD7, 0x9A, 0x3E, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x7B, 0xDE, 0xCB, 0xD8, 0x39, 0x17, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0xF3, 0x03, 0xF2, 0x5C, 0xBC, 0xC8, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0xAE, 0x4C, 0xB0, 0x16, 0xA4, 0x93, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x8B, 0x6B, 0xDC, 0xD7, 0x9A, 0x3E, 0x7E ), }; static const mbedtls_mpi_uint secp256k1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0xD6, 0x2D, 0x7A, 0xD2, 0x59, 0x05, 0xA2, 0x82 ), - BYTES_TO_T_UINT_8( 0x57, 0x56, 0x09, 0x32, 0xF1, 0xE8, 0xE3, 0x72 ), - BYTES_TO_T_UINT_8( 0x03, 0xCA, 0xE5, 0x2E, 0xF0, 0xFB, 0x18, 0x19 ), - BYTES_TO_T_UINT_8( 0xBA, 0x85, 0xA9, 0x23, 0x15, 0x31, 0x1F, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x2D, 0x7A, 0xD2, 0x59, 0x05, 0xA2, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x56, 0x09, 0x32, 0xF1, 0xE8, 0xE3, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0xCA, 0xE5, 0x2E, 0xF0, 0xFB, 0x18, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x85, 0xA9, 0x23, 0x15, 0x31, 0x1F, 0x0E ), }; static const mbedtls_mpi_uint secp256k1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0x76, 0xE5, 0xB1, 0x86, 0xB9, 0x6E, 0x8D, 0xD3 ), - BYTES_TO_T_UINT_8( 0x6C, 0x77, 0xFC, 0xC9, 0xA3, 0x3F, 0x89, 0xD2 ), - BYTES_TO_T_UINT_8( 0xDB, 0x6A, 0xDC, 0x25, 0xB0, 0xC7, 0x41, 0x54 ), - BYTES_TO_T_UINT_8( 0x02, 0x11, 0x6B, 0xA6, 0x11, 0x62, 0xD4, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0xE5, 0xB1, 0x86, 0xB9, 0x6E, 0x8D, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x77, 0xFC, 0xC9, 0xA3, 0x3F, 0x89, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x6A, 0xDC, 0x25, 0xB0, 0xC7, 0x41, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x11, 0x6B, 0xA6, 0x11, 0x62, 0xD4, 0x2D ), }; static const mbedtls_mpi_uint secp256k1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x19, 0x7D, 0x34, 0xB3, 0x20, 0x7F, 0x37, 0xAA ), - BYTES_TO_T_UINT_8( 0xBD, 0xD4, 0x45, 0xE8, 0xC2, 0xE9, 0xC5, 0xEA ), - BYTES_TO_T_UINT_8( 0x5A, 0x32, 0x3B, 0x25, 0x7E, 0x79, 0xAF, 0xE7 ), - BYTES_TO_T_UINT_8( 0x3F, 0xE4, 0x54, 0x71, 0xBE, 0x35, 0x4E, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x7D, 0x34, 0xB3, 0x20, 0x7F, 0x37, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0xD4, 0x45, 0xE8, 0xC2, 0xE9, 0xC5, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x32, 0x3B, 0x25, 0x7E, 0x79, 0xAF, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0xE4, 0x54, 0x71, 0xBE, 0x35, 0x4E, 0xD0 ), }; static const mbedtls_mpi_uint secp256k1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0xB0, 0x94, 0xDD, 0x8F, 0xB5, 0xC2, 0xDD, 0x75 ), - BYTES_TO_T_UINT_8( 0x07, 0x49, 0xE9, 0x1C, 0x2F, 0x08, 0x49, 0xC6 ), - BYTES_TO_T_UINT_8( 0x77, 0xB6, 0x03, 0x88, 0x6F, 0xB8, 0x15, 0x67 ), - BYTES_TO_T_UINT_8( 0xA4, 0xD3, 0x1C, 0xF3, 0xA5, 0xEB, 0x79, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x94, 0xDD, 0x8F, 0xB5, 0xC2, 0xDD, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x49, 0xE9, 0x1C, 0x2F, 0x08, 0x49, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0xB6, 0x03, 0x88, 0x6F, 0xB8, 0x15, 0x67 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xD3, 0x1C, 0xF3, 0xA5, 0xEB, 0x79, 0x01 ), }; static const mbedtls_mpi_uint secp256k1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0x25, 0xF9, 0x43, 0x88, 0x89, 0x0D, 0x06, 0xEA ), - BYTES_TO_T_UINT_8( 0x02, 0x2D, 0xF5, 0x98, 0x32, 0xF6, 0xB1, 0x05 ), - BYTES_TO_T_UINT_8( 0x23, 0x73, 0x8F, 0x2B, 0x50, 0x27, 0x0A, 0xE7 ), - BYTES_TO_T_UINT_8( 0xA7, 0xE3, 0xBD, 0x16, 0x05, 0xC8, 0x93, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0xF9, 0x43, 0x88, 0x89, 0x0D, 0x06, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x2D, 0xF5, 0x98, 0x32, 0xF6, 0xB1, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x73, 0x8F, 0x2B, 0x50, 0x27, 0x0A, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0xE3, 0xBD, 0x16, 0x05, 0xC8, 0x93, 0x12 ), }; static const mbedtls_mpi_uint secp256k1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x0A, 0x6A, 0xF7, 0xE3, 0x3D, 0xDE, 0x5F, 0x2F ), - BYTES_TO_T_UINT_8( 0x47, 0xA3, 0x9C, 0x22, 0x3C, 0x33, 0x36, 0x5D ), - BYTES_TO_T_UINT_8( 0x20, 0x24, 0x4C, 0x69, 0x45, 0x78, 0x14, 0xAE ), - BYTES_TO_T_UINT_8( 0x59, 0xF8, 0xD4, 0xBF, 0xB8, 0xC0, 0xA1, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0x6A, 0xF7, 0xE3, 0x3D, 0xDE, 0x5F, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0xA3, 0x9C, 0x22, 0x3C, 0x33, 0x36, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0x24, 0x4C, 0x69, 0x45, 0x78, 0x14, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xF8, 0xD4, 0xBF, 0xB8, 0xC0, 0xA1, 0x25 ), }; static const mbedtls_mpi_uint secp256k1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x7E, 0x88, 0xE1, 0x91, 0x03, 0xEB, 0xB3, 0x2B ), - BYTES_TO_T_UINT_8( 0x5C, 0x11, 0xA1, 0xEF, 0x14, 0x0D, 0xC4, 0x7D ), - BYTES_TO_T_UINT_8( 0xFE, 0xD4, 0x0D, 0x1D, 0x96, 0x33, 0x5C, 0x19 ), - BYTES_TO_T_UINT_8( 0x70, 0x45, 0x2A, 0x1A, 0xE6, 0x57, 0x04, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x88, 0xE1, 0x91, 0x03, 0xEB, 0xB3, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x11, 0xA1, 0xEF, 0x14, 0x0D, 0xC4, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xD4, 0x0D, 0x1D, 0x96, 0x33, 0x5C, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x45, 0x2A, 0x1A, 0xE6, 0x57, 0x04, 0x9B ), }; static const mbedtls_mpi_uint secp256k1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x70, 0xB5, 0xA7, 0x80, 0xE9, 0x93, 0x97, 0x8D ), - BYTES_TO_T_UINT_8( 0x5D, 0xB9, 0x7C, 0xA0, 0xC9, 0x57, 0x26, 0x43 ), - BYTES_TO_T_UINT_8( 0x9E, 0xEF, 0x56, 0xDA, 0x66, 0xF6, 0x1B, 0x9A ), - BYTES_TO_T_UINT_8( 0x1F, 0x89, 0x6B, 0x91, 0xE0, 0xA9, 0x65, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0xB5, 0xA7, 0x80, 0xE9, 0x93, 0x97, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0xB9, 0x7C, 0xA0, 0xC9, 0x57, 0x26, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0xEF, 0x56, 0xDA, 0x66, 0xF6, 0x1B, 0x9A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x89, 0x6B, 0x91, 0xE0, 0xA9, 0x65, 0x2B ), }; static const mbedtls_mpi_uint secp256k1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x91, 0x98, 0x96, 0x9B, 0x06, 0x7D, 0x5E, 0x5A ), - BYTES_TO_T_UINT_8( 0x0A, 0xFA, 0xC1, 0x5F, 0x19, 0x37, 0x94, 0x9D ), - BYTES_TO_T_UINT_8( 0xCF, 0xBE, 0x6B, 0x1A, 0x05, 0xE4, 0xBF, 0x9F ), - BYTES_TO_T_UINT_8( 0x84, 0xCD, 0x5D, 0x35, 0xB4, 0x51, 0xF7, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x98, 0x96, 0x9B, 0x06, 0x7D, 0x5E, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0xFA, 0xC1, 0x5F, 0x19, 0x37, 0x94, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0xBE, 0x6B, 0x1A, 0x05, 0xE4, 0xBF, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0xCD, 0x5D, 0x35, 0xB4, 0x51, 0xF7, 0x64 ), }; static const mbedtls_mpi_uint secp256k1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x6C, 0xEF, 0x96, 0xDB, 0xF2, 0x61, 0x63, 0x59 ), - BYTES_TO_T_UINT_8( 0xCB, 0x04, 0x88, 0xC9, 0x9F, 0x1B, 0x94, 0xB9 ), - BYTES_TO_T_UINT_8( 0xDB, 0x30, 0x79, 0x7E, 0x24, 0xE7, 0x5F, 0xB8 ), - BYTES_TO_T_UINT_8( 0x3F, 0xB8, 0x90, 0xB7, 0x94, 0x25, 0xBB, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0xEF, 0x96, 0xDB, 0xF2, 0x61, 0x63, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x04, 0x88, 0xC9, 0x9F, 0x1B, 0x94, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x30, 0x79, 0x7E, 0x24, 0xE7, 0x5F, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0xB8, 0x90, 0xB7, 0x94, 0x25, 0xBB, 0x0F ), }; static const mbedtls_mpi_uint secp256k1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x62, 0x79, 0xEA, 0xAD, 0xC0, 0x6D, 0x18, 0x57 ), - BYTES_TO_T_UINT_8( 0xE9, 0xA4, 0x58, 0x2A, 0x8D, 0x95, 0xB3, 0xE6 ), - BYTES_TO_T_UINT_8( 0xC8, 0xC4, 0xC2, 0x12, 0x0D, 0x79, 0xE2, 0x2B ), - BYTES_TO_T_UINT_8( 0x02, 0x6F, 0xBE, 0x97, 0x4D, 0xA4, 0x20, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x79, 0xEA, 0xAD, 0xC0, 0x6D, 0x18, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0xA4, 0x58, 0x2A, 0x8D, 0x95, 0xB3, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xC4, 0xC2, 0x12, 0x0D, 0x79, 0xE2, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x6F, 0xBE, 0x97, 0x4D, 0xA4, 0x20, 0x07 ), }; static const mbedtls_mpi_uint secp256k1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0xCA, 0x31, 0x71, 0xC6, 0xA6, 0x91, 0xEB, 0x1F ), - BYTES_TO_T_UINT_8( 0xB4, 0x9B, 0xA8, 0x4A, 0xE7, 0x77, 0xE1, 0xAA ), - BYTES_TO_T_UINT_8( 0xA9, 0x06, 0xD3, 0x3D, 0x94, 0x30, 0xEF, 0x8C ), - BYTES_TO_T_UINT_8( 0xE7, 0xDF, 0xCA, 0xFA, 0xF5, 0x28, 0xF8, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x31, 0x71, 0xC6, 0xA6, 0x91, 0xEB, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x9B, 0xA8, 0x4A, 0xE7, 0x77, 0xE1, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x06, 0xD3, 0x3D, 0x94, 0x30, 0xEF, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xDF, 0xCA, 0xFA, 0xF5, 0x28, 0xF8, 0xC9 ), }; static const mbedtls_mpi_uint secp256k1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xCC, 0xE1, 0x32, 0xFD, 0x3E, 0x81, 0xF8, 0x11 ), - BYTES_TO_T_UINT_8( 0xCD, 0xF2, 0x4B, 0x1D, 0x19, 0xC9, 0x0F, 0xCC ), - BYTES_TO_T_UINT_8( 0x59, 0xB1, 0x8A, 0x22, 0x8B, 0x05, 0x6B, 0x56 ), - BYTES_TO_T_UINT_8( 0x35, 0x21, 0xEF, 0x30, 0xEC, 0x09, 0x2A, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0xE1, 0x32, 0xFD, 0x3E, 0x81, 0xF8, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xF2, 0x4B, 0x1D, 0x19, 0xC9, 0x0F, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xB1, 0x8A, 0x22, 0x8B, 0x05, 0x6B, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0x21, 0xEF, 0x30, 0xEC, 0x09, 0x2A, 0x89 ), }; static const mbedtls_mpi_uint secp256k1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0x15, 0x84, 0x4A, 0x46, 0x07, 0x6C, 0x3C, 0x4C ), - BYTES_TO_T_UINT_8( 0xDD, 0x18, 0x3A, 0xF4, 0xCC, 0xF5, 0xB2, 0xF2 ), - BYTES_TO_T_UINT_8( 0x4F, 0x8F, 0xCD, 0x0A, 0x9C, 0xF4, 0xBD, 0x95 ), - BYTES_TO_T_UINT_8( 0x37, 0x89, 0x7F, 0x8A, 0xB1, 0x52, 0x3A, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x84, 0x4A, 0x46, 0x07, 0x6C, 0x3C, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x18, 0x3A, 0xF4, 0xCC, 0xF5, 0xB2, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0x8F, 0xCD, 0x0A, 0x9C, 0xF4, 0xBD, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x89, 0x7F, 0x8A, 0xB1, 0x52, 0x3A, 0xAB ), }; static const mbedtls_ecp_point secp256k1_T[16] = { ECP_POINT_INIT_XY_Z1(secp256k1_T_0_X, secp256k1_T_0_Y), @@ -2902,234 +2902,234 @@ static const mbedtls_ecp_point secp256k1_T[16] = { */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) static const mbedtls_mpi_uint brainpoolP256r1_p[] = { - BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ), - BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ), - BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), }; static const mbedtls_mpi_uint brainpoolP256r1_a[] = { - BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ), - BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ), - BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ), - BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ), }; static const mbedtls_mpi_uint brainpoolP256r1_b[] = { - BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ), - BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ), - BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ), - BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ), }; static const mbedtls_mpi_uint brainpoolP256r1_gx[] = { - BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), - BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), - BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), - BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), }; static const mbedtls_mpi_uint brainpoolP256r1_gy[] = { - BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), - BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), - BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), - BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP256r1_n[] = { - BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ), - BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ), - BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint brainpoolP256r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), - BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), - BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), - BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), - BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), - BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), - BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x3C, 0xA2, 0xED, 0x52, 0xC9, 0x8C, 0xE3, 0xA5 ), - BYTES_TO_T_UINT_8( 0x72, 0xC9, 0xC4, 0x87, 0x3F, 0x93, 0x7A, 0xD1 ), - BYTES_TO_T_UINT_8( 0x96, 0x12, 0x53, 0x61, 0x3E, 0x76, 0x08, 0xCB ), - BYTES_TO_T_UINT_8( 0x09, 0x8C, 0x74, 0xF4, 0x08, 0xC3, 0x76, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0xA2, 0xED, 0x52, 0xC9, 0x8C, 0xE3, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0xC9, 0xC4, 0x87, 0x3F, 0x93, 0x7A, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x12, 0x53, 0x61, 0x3E, 0x76, 0x08, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x8C, 0x74, 0xF4, 0x08, 0xC3, 0x76, 0x80 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x05, 0xDD, 0x09, 0xA6, 0xED, 0xEE, 0xC4, 0x38 ), - BYTES_TO_T_UINT_8( 0x74, 0xD9, 0xBE, 0x4B, 0xA5, 0xB7, 0x2B, 0x6E ), - BYTES_TO_T_UINT_8( 0x42, 0x20, 0x12, 0xCA, 0x0A, 0x38, 0x24, 0xAB ), - BYTES_TO_T_UINT_8( 0x00, 0x72, 0x71, 0x90, 0x7A, 0x2E, 0xB7, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0xDD, 0x09, 0xA6, 0xED, 0xEE, 0xC4, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xD9, 0xBE, 0x4B, 0xA5, 0xB7, 0x2B, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x20, 0x12, 0xCA, 0x0A, 0x38, 0x24, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x72, 0x71, 0x90, 0x7A, 0x2E, 0xB7, 0x23 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x2C, 0x66, 0xA1, 0x93, 0x10, 0x2A, 0x51, 0x17 ), - BYTES_TO_T_UINT_8( 0x88, 0x10, 0x11, 0x12, 0xBC, 0xB0, 0xB6, 0x93 ), - BYTES_TO_T_UINT_8( 0x3C, 0x58, 0xD7, 0x0A, 0x84, 0x05, 0xA3, 0x9C ), - BYTES_TO_T_UINT_8( 0xF7, 0x8E, 0x95, 0x61, 0xD3, 0x0B, 0xDF, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0xA1, 0x93, 0x10, 0x2A, 0x51, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0x10, 0x11, 0x12, 0xBC, 0xB0, 0xB6, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x58, 0xD7, 0x0A, 0x84, 0x05, 0xA3, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x8E, 0x95, 0x61, 0xD3, 0x0B, 0xDF, 0x36 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0xF9, 0x92, 0x12, 0x0F, 0x5E, 0x87, 0x70, 0x1B ), - BYTES_TO_T_UINT_8( 0x38, 0xE9, 0x9B, 0xEB, 0x3A, 0xFB, 0xCF, 0xC4 ), - BYTES_TO_T_UINT_8( 0xDC, 0x92, 0xB9, 0xF7, 0x45, 0xD3, 0x06, 0xB6 ), - BYTES_TO_T_UINT_8( 0x82, 0x28, 0x65, 0xE1, 0xC5, 0x6C, 0x57, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x92, 0x12, 0x0F, 0x5E, 0x87, 0x70, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0xE9, 0x9B, 0xEB, 0x3A, 0xFB, 0xCF, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0x92, 0xB9, 0xF7, 0x45, 0xD3, 0x06, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x28, 0x65, 0xE1, 0xC5, 0x6C, 0x57, 0x18 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x28, 0x0E, 0x77, 0x01, 0x81, 0x9E, 0x38, 0x5C ), - BYTES_TO_T_UINT_8( 0x71, 0xF0, 0xD5, 0xA5, 0x91, 0x2B, 0xDF, 0xC0 ), - BYTES_TO_T_UINT_8( 0xD8, 0xEE, 0xB6, 0x25, 0xD6, 0x98, 0xDE, 0x2D ), - BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0x55, 0x63, 0x39, 0xEB, 0xB5, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x0E, 0x77, 0x01, 0x81, 0x9E, 0x38, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0xF0, 0xD5, 0xA5, 0x91, 0x2B, 0xDF, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xEE, 0xB6, 0x25, 0xD6, 0x98, 0xDE, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0xA1, 0x55, 0x63, 0x39, 0xEB, 0xB5, 0x47 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xB6, 0xD6, 0xB8, 0xE3, 0x13, 0xED, 0x7F, 0xA3 ), - BYTES_TO_T_UINT_8( 0x6C, 0xE8, 0xAE, 0x36, 0xB8, 0xCD, 0x19, 0x02 ), - BYTES_TO_T_UINT_8( 0xF9, 0x82, 0x83, 0x7A, 0x7B, 0x46, 0x56, 0xE8 ), - BYTES_TO_T_UINT_8( 0x4E, 0x60, 0x46, 0x15, 0x5A, 0xAC, 0x99, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0xD6, 0xB8, 0xE3, 0x13, 0xED, 0x7F, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0xE8, 0xAE, 0x36, 0xB8, 0xCD, 0x19, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x82, 0x83, 0x7A, 0x7B, 0x46, 0x56, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x60, 0x46, 0x15, 0x5A, 0xAC, 0x99, 0x30 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0xBF, 0x61, 0x50, 0xC6, 0xFF, 0x10, 0x7D, 0x04 ), - BYTES_TO_T_UINT_8( 0x92, 0x51, 0xDF, 0xA9, 0x7D, 0x78, 0x26, 0x74 ), - BYTES_TO_T_UINT_8( 0x56, 0x15, 0x9A, 0xF7, 0x01, 0xC1, 0xBB, 0x40 ), - BYTES_TO_T_UINT_8( 0x26, 0x0F, 0xE6, 0x2A, 0xBD, 0x4A, 0x9E, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x61, 0x50, 0xC6, 0xFF, 0x10, 0x7D, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x51, 0xDF, 0xA9, 0x7D, 0x78, 0x26, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0x15, 0x9A, 0xF7, 0x01, 0xC1, 0xBB, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x0F, 0xE6, 0x2A, 0xBD, 0x4A, 0x9E, 0x87 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x57, 0xF8, 0xD1, 0x77, 0xD2, 0x49, 0xB3, 0xDD ), - BYTES_TO_T_UINT_8( 0x36, 0x86, 0xFB, 0x9E, 0x1F, 0x5A, 0x60, 0x47 ), - BYTES_TO_T_UINT_8( 0x98, 0xC4, 0x8D, 0xCD, 0x86, 0x61, 0x2F, 0xF9 ), - BYTES_TO_T_UINT_8( 0x41, 0xF6, 0xB9, 0xAC, 0x37, 0x9D, 0xE9, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xF8, 0xD1, 0x77, 0xD2, 0x49, 0xB3, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0x86, 0xFB, 0x9E, 0x1F, 0x5A, 0x60, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0xC4, 0x8D, 0xCD, 0x86, 0x61, 0x2F, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xF6, 0xB9, 0xAC, 0x37, 0x9D, 0xE9, 0x28 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0xFA, 0x77, 0xAA, 0x97, 0x9C, 0x0B, 0x04, 0x20 ), - BYTES_TO_T_UINT_8( 0x80, 0xA6, 0x60, 0x81, 0xCE, 0x25, 0x13, 0x3E ), - BYTES_TO_T_UINT_8( 0x24, 0x00, 0xF3, 0xBB, 0x82, 0x99, 0x95, 0xB7 ), - BYTES_TO_T_UINT_8( 0x47, 0x5A, 0xCE, 0x90, 0x71, 0x38, 0x2F, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x77, 0xAA, 0x97, 0x9C, 0x0B, 0x04, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0xA6, 0x60, 0x81, 0xCE, 0x25, 0x13, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x00, 0xF3, 0xBB, 0x82, 0x99, 0x95, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x5A, 0xCE, 0x90, 0x71, 0x38, 0x2F, 0x10 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xA7, 0x1A, 0xC0, 0x84, 0x27, 0xD6, 0x9D, 0xB7 ), - BYTES_TO_T_UINT_8( 0x34, 0x37, 0x52, 0x16, 0x13, 0x0E, 0xCE, 0x92 ), - BYTES_TO_T_UINT_8( 0x1E, 0xBF, 0x5A, 0xDB, 0xDB, 0x6E, 0x1E, 0x69 ), - BYTES_TO_T_UINT_8( 0x3E, 0xB7, 0x5E, 0xF9, 0x86, 0xDD, 0x8A, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x1A, 0xC0, 0x84, 0x27, 0xD6, 0x9D, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x37, 0x52, 0x16, 0x13, 0x0E, 0xCE, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xBF, 0x5A, 0xDB, 0xDB, 0x6E, 0x1E, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xB7, 0x5E, 0xF9, 0x86, 0xDD, 0x8A, 0x5C ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x3D, 0xAB, 0x5C, 0x8D, 0x1D, 0xF2, 0x2D, 0x1E ), - BYTES_TO_T_UINT_8( 0x65, 0xC5, 0xF8, 0xF7, 0x1D, 0x96, 0x0B, 0x4D ), - BYTES_TO_T_UINT_8( 0xAC, 0x4C, 0xA7, 0x45, 0x20, 0x6A, 0x1E, 0x5B ), - BYTES_TO_T_UINT_8( 0x21, 0x5D, 0xEF, 0xDE, 0xEE, 0x39, 0x44, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xAB, 0x5C, 0x8D, 0x1D, 0xF2, 0x2D, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC5, 0xF8, 0xF7, 0x1D, 0x96, 0x0B, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x4C, 0xA7, 0x45, 0x20, 0x6A, 0x1E, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x5D, 0xEF, 0xDE, 0xEE, 0x39, 0x44, 0x19 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0x4B, 0x2F, 0x6D, 0x52, 0xC9, 0x58, 0x60, 0xE8 ), - BYTES_TO_T_UINT_8( 0xC3, 0xC9, 0x62, 0xCB, 0x38, 0x3C, 0x55, 0xCA ), - BYTES_TO_T_UINT_8( 0xFF, 0xA5, 0x09, 0x10, 0x88, 0xDB, 0xE3, 0xBD ), - BYTES_TO_T_UINT_8( 0x52, 0xE0, 0x3C, 0xCE, 0x06, 0x0B, 0x4B, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x2F, 0x6D, 0x52, 0xC9, 0x58, 0x60, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0xC9, 0x62, 0xCB, 0x38, 0x3C, 0x55, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xA5, 0x09, 0x10, 0x88, 0xDB, 0xE3, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xE0, 0x3C, 0xCE, 0x06, 0x0B, 0x4B, 0x5D ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xB1, 0x1D, 0xB4, 0x10, 0x76, 0x8F, 0xBA, 0x09 ), - BYTES_TO_T_UINT_8( 0x57, 0x70, 0x5A, 0x07, 0xF5, 0x1A, 0x74, 0xC7 ), - BYTES_TO_T_UINT_8( 0x0B, 0xE9, 0x94, 0xA8, 0xC0, 0xD5, 0x4A, 0x4A ), - BYTES_TO_T_UINT_8( 0x3E, 0x6D, 0xD4, 0xE8, 0x9B, 0xE9, 0x6D, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0x1D, 0xB4, 0x10, 0x76, 0x8F, 0xBA, 0x09 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x70, 0x5A, 0x07, 0xF5, 0x1A, 0x74, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0xE9, 0x94, 0xA8, 0xC0, 0xD5, 0x4A, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x6D, 0xD4, 0xE8, 0x9B, 0xE9, 0x6D, 0x0E ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x65, 0x00, 0x32, 0x41, 0x57, 0x84, 0x89, 0x52 ), - BYTES_TO_T_UINT_8( 0xEE, 0xC7, 0x14, 0xEC, 0xE9, 0x27, 0xFF, 0xF3 ), - BYTES_TO_T_UINT_8( 0x9A, 0x67, 0x9E, 0xFB, 0xB6, 0xB8, 0x96, 0xF3 ), - BYTES_TO_T_UINT_8( 0xE5, 0x4A, 0xE3, 0x97, 0x4B, 0x58, 0xDE, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x00, 0x32, 0x41, 0x57, 0x84, 0x89, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0xC7, 0x14, 0xEC, 0xE9, 0x27, 0xFF, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x67, 0x9E, 0xFB, 0xB6, 0xB8, 0x96, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0x4A, 0xE3, 0x97, 0x4B, 0x58, 0xDE, 0x30 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0xA6, 0x1E, 0x5C, 0xF5, 0x7F, 0xD5, 0xD4, 0xAA ), - BYTES_TO_T_UINT_8( 0x5D, 0x08, 0x7A, 0xF1, 0xBD, 0x89, 0xC7, 0x1E ), - BYTES_TO_T_UINT_8( 0x3A, 0xF9, 0x11, 0x1B, 0xF5, 0x3C, 0x6D, 0x8C ), - BYTES_TO_T_UINT_8( 0x19, 0x50, 0xE5, 0x69, 0x1D, 0x59, 0xFC, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0x1E, 0x5C, 0xF5, 0x7F, 0xD5, 0xD4, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x08, 0x7A, 0xF1, 0xBD, 0x89, 0xC7, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0xF9, 0x11, 0x1B, 0xF5, 0x3C, 0x6D, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x50, 0xE5, 0x69, 0x1D, 0x59, 0xFC, 0x0C ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0xF1, 0x2F, 0xF8, 0x3F, 0xEC, 0x55, 0x99, 0x57 ), - BYTES_TO_T_UINT_8( 0x41, 0xA7, 0x29, 0x90, 0x43, 0x81, 0x31, 0x4C ), - BYTES_TO_T_UINT_8( 0xC3, 0x18, 0x44, 0x50, 0x5D, 0x76, 0xCB, 0xDD ), - BYTES_TO_T_UINT_8( 0xF0, 0xC5, 0x5B, 0x9A, 0x03, 0xE6, 0x17, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x2F, 0xF8, 0x3F, 0xEC, 0x55, 0x99, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0xA7, 0x29, 0x90, 0x43, 0x81, 0x31, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x18, 0x44, 0x50, 0x5D, 0x76, 0xCB, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0xC5, 0x5B, 0x9A, 0x03, 0xE6, 0x17, 0x39 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0x21, 0x89, 0xFC, 0x55, 0x94, 0x91, 0x6A, 0xA2 ), - BYTES_TO_T_UINT_8( 0x74, 0x46, 0x35, 0xF2, 0x3A, 0x42, 0x08, 0x2F ), - BYTES_TO_T_UINT_8( 0xD3, 0xD2, 0x76, 0x49, 0x42, 0x87, 0xD3, 0x7F ), - BYTES_TO_T_UINT_8( 0x90, 0xEA, 0xA0, 0x52, 0xF1, 0x6A, 0x30, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x89, 0xFC, 0x55, 0x94, 0x91, 0x6A, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x46, 0x35, 0xF2, 0x3A, 0x42, 0x08, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0xD2, 0x76, 0x49, 0x42, 0x87, 0xD3, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xEA, 0xA0, 0x52, 0xF1, 0x6A, 0x30, 0x57 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0x00, 0xB2, 0x57, 0xA3, 0x8A, 0x4D, 0x1B, 0x3C ), - BYTES_TO_T_UINT_8( 0xFC, 0xA3, 0x99, 0x94, 0xB5, 0x3D, 0x64, 0x09 ), - BYTES_TO_T_UINT_8( 0x35, 0xC3, 0xD7, 0x53, 0xF6, 0x49, 0x1C, 0x60 ), - BYTES_TO_T_UINT_8( 0x27, 0x23, 0x41, 0x4D, 0xFB, 0x7A, 0x5C, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0xB2, 0x57, 0xA3, 0x8A, 0x4D, 0x1B, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0xA3, 0x99, 0x94, 0xB5, 0x3D, 0x64, 0x09 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0xC3, 0xD7, 0x53, 0xF6, 0x49, 0x1C, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x23, 0x41, 0x4D, 0xFB, 0x7A, 0x5C, 0x53 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0xCA, 0xB8, 0x15, 0x65, 0x5C, 0x85, 0x94, 0xD7 ), - BYTES_TO_T_UINT_8( 0xAC, 0x37, 0xC7, 0xF8, 0x7E, 0xAE, 0x6C, 0x10 ), - BYTES_TO_T_UINT_8( 0x53, 0xD8, 0x11, 0x54, 0x98, 0x44, 0xE3, 0xF1 ), - BYTES_TO_T_UINT_8( 0xE4, 0x4D, 0xA6, 0x4B, 0x28, 0xF2, 0x57, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0xB8, 0x15, 0x65, 0x5C, 0x85, 0x94, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x37, 0xC7, 0xF8, 0x7E, 0xAE, 0x6C, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xD8, 0x11, 0x54, 0x98, 0x44, 0xE3, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x4D, 0xA6, 0x4B, 0x28, 0xF2, 0x57, 0x9E ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0xF6, 0xD0, 0xEB, 0x1E, 0xAA, 0x30, 0xD3, 0x6A ), - BYTES_TO_T_UINT_8( 0x58, 0x9B, 0x4D, 0xA7, 0x73, 0x6E, 0xB6, 0x45 ), - BYTES_TO_T_UINT_8( 0x5D, 0x47, 0xF6, 0xED, 0x37, 0xEF, 0x71, 0x4D ), - BYTES_TO_T_UINT_8( 0xA8, 0xB5, 0x49, 0x61, 0x5E, 0x45, 0xF6, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xD0, 0xEB, 0x1E, 0xAA, 0x30, 0xD3, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x9B, 0x4D, 0xA7, 0x73, 0x6E, 0xB6, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x47, 0xF6, 0xED, 0x37, 0xEF, 0x71, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0xB5, 0x49, 0x61, 0x5E, 0x45, 0xF6, 0x4A ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xEF, 0x0E, 0xB3, 0x84, 0x3A, 0x63, 0x72, 0x84 ), - BYTES_TO_T_UINT_8( 0x6D, 0x53, 0x5C, 0xA7, 0xC6, 0x2E, 0xAB, 0x9E ), - BYTES_TO_T_UINT_8( 0xEB, 0x0F, 0x8F, 0x87, 0x50, 0x28, 0xB4, 0xAE ), - BYTES_TO_T_UINT_8( 0x5C, 0x98, 0x4A, 0x98, 0x31, 0x86, 0xCA, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x0E, 0xB3, 0x84, 0x3A, 0x63, 0x72, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x53, 0x5C, 0xA7, 0xC6, 0x2E, 0xAB, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x0F, 0x8F, 0x87, 0x50, 0x28, 0xB4, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x98, 0x4A, 0x98, 0x31, 0x86, 0xCA, 0x51 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0xBE, 0xC9, 0xE2, 0xFD, 0x5D, 0x1F, 0xE8, 0xC2 ), - BYTES_TO_T_UINT_8( 0xD5, 0x90, 0x91, 0xC4, 0x84, 0xF0, 0xBA, 0xC5 ), - BYTES_TO_T_UINT_8( 0x6C, 0x5A, 0xB3, 0x4E, 0xFB, 0xE0, 0x57, 0xE8 ), - BYTES_TO_T_UINT_8( 0x6B, 0x0B, 0x90, 0xA6, 0xFD, 0x9D, 0x8E, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xC9, 0xE2, 0xFD, 0x5D, 0x1F, 0xE8, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x90, 0x91, 0xC4, 0x84, 0xF0, 0xBA, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x5A, 0xB3, 0x4E, 0xFB, 0xE0, 0x57, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x0B, 0x90, 0xA6, 0xFD, 0x9D, 0x8E, 0x02 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0xF8, 0x41, 0x8F, 0x31, 0xFA, 0x5A, 0xF6, 0x33 ), - BYTES_TO_T_UINT_8( 0xAC, 0xE9, 0xE3, 0xF6, 0xE0, 0x4A, 0xE7, 0xD2 ), - BYTES_TO_T_UINT_8( 0x84, 0x4E, 0xCD, 0xA2, 0x22, 0x14, 0xD4, 0x12 ), - BYTES_TO_T_UINT_8( 0x7C, 0xED, 0x21, 0xB7, 0x0F, 0x53, 0x10, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x41, 0x8F, 0x31, 0xFA, 0x5A, 0xF6, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xE9, 0xE3, 0xF6, 0xE0, 0x4A, 0xE7, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x4E, 0xCD, 0xA2, 0x22, 0x14, 0xD4, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0xED, 0x21, 0xB7, 0x0F, 0x53, 0x10, 0x17 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x05, 0x06, 0x24, 0x2C, 0x4E, 0xD1, 0x1E, 0x9F ), - BYTES_TO_T_UINT_8( 0xD7, 0x3F, 0xC1, 0x9F, 0xAB, 0xF0, 0x37, 0x95 ), - BYTES_TO_T_UINT_8( 0x03, 0x5E, 0x12, 0xCE, 0x83, 0x1B, 0x2A, 0x18 ), - BYTES_TO_T_UINT_8( 0x61, 0x65, 0xCF, 0xE8, 0x5C, 0xA5, 0xA2, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x06, 0x24, 0x2C, 0x4E, 0xD1, 0x1E, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0x3F, 0xC1, 0x9F, 0xAB, 0xF0, 0x37, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x03, 0x5E, 0x12, 0xCE, 0x83, 0x1B, 0x2A, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x65, 0xCF, 0xE8, 0x5C, 0xA5, 0xA2, 0x70 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0xB8, 0x86, 0x76, 0x3A, 0x94, 0xF6, 0x1D, 0xC1 ), - BYTES_TO_T_UINT_8( 0x1D, 0xDA, 0xC9, 0xA6, 0x29, 0x93, 0x15, 0x10 ), - BYTES_TO_T_UINT_8( 0x6D, 0x61, 0x6A, 0x7D, 0xC7, 0xA9, 0xF3, 0x76 ), - BYTES_TO_T_UINT_8( 0x4A, 0x03, 0x71, 0xA2, 0x15, 0xCE, 0x50, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x86, 0x76, 0x3A, 0x94, 0xF6, 0x1D, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0xDA, 0xC9, 0xA6, 0x29, 0x93, 0x15, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x61, 0x6A, 0x7D, 0xC7, 0xA9, 0xF3, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x03, 0x71, 0xA2, 0x15, 0xCE, 0x50, 0x72 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0xB6, 0xD0, 0xA8, 0x1E, 0x91, 0xC4, 0x4F, 0x24 ), - BYTES_TO_T_UINT_8( 0x2D, 0x4B, 0x7E, 0xD7, 0x71, 0x58, 0x7E, 0x1E ), - BYTES_TO_T_UINT_8( 0x93, 0x45, 0xAF, 0x2A, 0x18, 0x93, 0x95, 0x3B ), - BYTES_TO_T_UINT_8( 0x1B, 0x8F, 0xC7, 0xFA, 0x4C, 0x7A, 0x86, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0xD0, 0xA8, 0x1E, 0x91, 0xC4, 0x4F, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0x4B, 0x7E, 0xD7, 0x71, 0x58, 0x7E, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x45, 0xAF, 0x2A, 0x18, 0x93, 0x95, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x8F, 0xC7, 0xFA, 0x4C, 0x7A, 0x86, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0x97, 0xAF, 0x68, 0x3A, 0x23, 0xC1, 0x2E, 0xBF ), - BYTES_TO_T_UINT_8( 0x89, 0x50, 0x11, 0x67, 0x39, 0xB9, 0xAF, 0x48 ), - BYTES_TO_T_UINT_8( 0x19, 0x86, 0xAA, 0x1E, 0x88, 0x21, 0x29, 0x8B ), - BYTES_TO_T_UINT_8( 0xCD, 0x28, 0xA4, 0x9D, 0x89, 0xA9, 0x9A, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0xAF, 0x68, 0x3A, 0x23, 0xC1, 0x2E, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x50, 0x11, 0x67, 0x39, 0xB9, 0xAF, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x86, 0xAA, 0x1E, 0x88, 0x21, 0x29, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x28, 0xA4, 0x9D, 0x89, 0xA9, 0x9A, 0x10 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x91, 0xBA, 0x04, 0x67, 0xB7, 0x01, 0x40, 0x38 ), - BYTES_TO_T_UINT_8( 0x08, 0xE9, 0x09, 0xA3, 0xCA, 0xA6, 0x37, 0xF6 ), - BYTES_TO_T_UINT_8( 0x6C, 0x97, 0xA8, 0xB6, 0x3C, 0xEE, 0x90, 0x3D ), - BYTES_TO_T_UINT_8( 0xDC, 0xED, 0xC4, 0xF7, 0xC3, 0x95, 0xEC, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xBA, 0x04, 0x67, 0xB7, 0x01, 0x40, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xE9, 0x09, 0xA3, 0xCA, 0xA6, 0x37, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x97, 0xA8, 0xB6, 0x3C, 0xEE, 0x90, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0xED, 0xC4, 0xF7, 0xC3, 0x95, 0xEC, 0x85 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xF5, 0x84, 0xBD, 0xEB, 0xD5, 0x64, 0xBB, 0x9D ), - BYTES_TO_T_UINT_8( 0xDB, 0x9B, 0xE2, 0x28, 0x50, 0xC2, 0x72, 0x40 ), - BYTES_TO_T_UINT_8( 0x39, 0xF2, 0x74, 0xD1, 0x26, 0xBF, 0x32, 0x68 ), - BYTES_TO_T_UINT_8( 0x36, 0xCB, 0xAF, 0x72, 0xDB, 0x6D, 0x30, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x84, 0xBD, 0xEB, 0xD5, 0x64, 0xBB, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x9B, 0xE2, 0x28, 0x50, 0xC2, 0x72, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0xF2, 0x74, 0xD1, 0x26, 0xBF, 0x32, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xCB, 0xAF, 0x72, 0xDB, 0x6D, 0x30, 0x98 ), }; static const mbedtls_mpi_uint brainpoolP256r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xB3, 0x50, 0x85, 0xF4, 0x2B, 0x48, 0xC1, 0xAD ), - BYTES_TO_T_UINT_8( 0xC0, 0x28, 0xBB, 0x11, 0xBA, 0x5B, 0x22, 0x6C ), - BYTES_TO_T_UINT_8( 0xAD, 0xA1, 0xE5, 0x5C, 0xC9, 0x1D, 0x44, 0x45 ), - BYTES_TO_T_UINT_8( 0xD4, 0xE8, 0xE6, 0x6F, 0xBB, 0xC1, 0x81, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x50, 0x85, 0xF4, 0x2B, 0x48, 0xC1, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x28, 0xBB, 0x11, 0xBA, 0x5B, 0x22, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xA1, 0xE5, 0x5C, 0xC9, 0x1D, 0x44, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0xE8, 0xE6, 0x6F, 0xBB, 0xC1, 0x81, 0x7F ), }; static const mbedtls_ecp_point brainpoolP256r1_T[16] = { ECP_POINT_INIT_XY_Z1(brainpoolP256r1_T_0_X, brainpoolP256r1_T_0_Y), @@ -3160,566 +3160,566 @@ static const mbedtls_ecp_point brainpoolP256r1_T[16] = { */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) static const mbedtls_mpi_uint brainpoolP384r1_p[] = { - BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ), - BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ), - BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ), - BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), }; static const mbedtls_mpi_uint brainpoolP384r1_a[] = { - BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), - BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ), - BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ), - BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ), - BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ), - BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ), }; static const mbedtls_mpi_uint brainpoolP384r1_b[] = { - BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ), - BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ), - BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ), - BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ), - BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ), - BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), }; static const mbedtls_mpi_uint brainpoolP384r1_gx[] = { - BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), - BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), - BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), - BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), - BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), - BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), }; static const mbedtls_mpi_uint brainpoolP384r1_gy[] = { - BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), - BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), - BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), - BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), - BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), - BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), }; static const mbedtls_mpi_uint brainpoolP384r1_n[] = { - BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ), - BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ), - BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ), - BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint brainpoolP384r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), - BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), - BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), - BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), - BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), - BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), - BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), - BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), - BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), - BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), - BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0x93, 0xD8, 0x8A, 0x54, 0x41, 0xD6, 0x6B, 0x1D ), - BYTES_TO_T_UINT_8( 0xE2, 0x3B, 0xF1, 0x22, 0xFD, 0x2D, 0x4B, 0x03 ), - BYTES_TO_T_UINT_8( 0x01, 0x55, 0xE3, 0x33, 0xF0, 0x73, 0x52, 0x5A ), - BYTES_TO_T_UINT_8( 0xC1, 0x3F, 0x30, 0x26, 0xCA, 0x7F, 0x52, 0xA3 ), - BYTES_TO_T_UINT_8( 0xD3, 0x6E, 0x17, 0x9B, 0xD5, 0x2A, 0x4A, 0x31 ), - BYTES_TO_T_UINT_8( 0x86, 0xDA, 0x6B, 0xE5, 0x03, 0x07, 0x1D, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0xD8, 0x8A, 0x54, 0x41, 0xD6, 0x6B, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0x3B, 0xF1, 0x22, 0xFD, 0x2D, 0x4B, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x55, 0xE3, 0x33, 0xF0, 0x73, 0x52, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x3F, 0x30, 0x26, 0xCA, 0x7F, 0x52, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD3, 0x6E, 0x17, 0x9B, 0xD5, 0x2A, 0x4A, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xDA, 0x6B, 0xE5, 0x03, 0x07, 0x1D, 0x2E ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x51, 0x7A, 0xAF, 0x98, 0xE3, 0xA4, 0xF6, 0x19 ), - BYTES_TO_T_UINT_8( 0xEC, 0x7D, 0xFE, 0x51, 0x40, 0x3B, 0x47, 0xD2 ), - BYTES_TO_T_UINT_8( 0xFC, 0x88, 0xEC, 0xC4, 0xE2, 0x8F, 0xCB, 0xA4 ), - BYTES_TO_T_UINT_8( 0x30, 0xE2, 0x88, 0x2D, 0x4E, 0x50, 0xEB, 0x9A ), - BYTES_TO_T_UINT_8( 0x13, 0x54, 0x94, 0x5E, 0xF4, 0x7F, 0x3A, 0x04 ), - BYTES_TO_T_UINT_8( 0xCD, 0x07, 0x1C, 0xE1, 0xBD, 0x0F, 0xF8, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x7A, 0xAF, 0x98, 0xE3, 0xA4, 0xF6, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x7D, 0xFE, 0x51, 0x40, 0x3B, 0x47, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x88, 0xEC, 0xC4, 0xE2, 0x8F, 0xCB, 0xA4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0xE2, 0x88, 0x2D, 0x4E, 0x50, 0xEB, 0x9A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x54, 0x94, 0x5E, 0xF4, 0x7F, 0x3A, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x07, 0x1C, 0xE1, 0xBD, 0x0F, 0xF8, 0x63 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x94, 0x92, 0x28, 0x2E, 0x32, 0x04, 0xB1, 0x4D ), - BYTES_TO_T_UINT_8( 0x25, 0x82, 0x44, 0x43, 0x76, 0x0D, 0x55, 0xBF ), - BYTES_TO_T_UINT_8( 0x5B, 0xE3, 0xFF, 0x89, 0x46, 0xDE, 0x4E, 0xFE ), - BYTES_TO_T_UINT_8( 0x5B, 0x22, 0xBB, 0x67, 0x1A, 0x81, 0xEE, 0x27 ), - BYTES_TO_T_UINT_8( 0xC8, 0x54, 0xE2, 0x7A, 0xAE, 0xDA, 0x2C, 0xD0 ), - BYTES_TO_T_UINT_8( 0x74, 0x9A, 0x90, 0xAA, 0x6E, 0x8B, 0xCC, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x92, 0x28, 0x2E, 0x32, 0x04, 0xB1, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0x82, 0x44, 0x43, 0x76, 0x0D, 0x55, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0xE3, 0xFF, 0x89, 0x46, 0xDE, 0x4E, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0x22, 0xBB, 0x67, 0x1A, 0x81, 0xEE, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x54, 0xE2, 0x7A, 0xAE, 0xDA, 0x2C, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x9A, 0x90, 0xAA, 0x6E, 0x8B, 0xCC, 0x5F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x16, 0x40, 0xAC, 0xED, 0x7D, 0x37, 0x87, 0xAC ), - BYTES_TO_T_UINT_8( 0x98, 0xF8, 0xB1, 0x80, 0x4C, 0x8C, 0x04, 0x42 ), - BYTES_TO_T_UINT_8( 0xC2, 0x98, 0x2C, 0xAD, 0x30, 0x69, 0x35, 0xC0 ), - BYTES_TO_T_UINT_8( 0x32, 0x2E, 0x00, 0x2F, 0x44, 0x8C, 0xF0, 0xC0 ), - BYTES_TO_T_UINT_8( 0x16, 0x58, 0x07, 0xD7, 0xCD, 0x60, 0xA1, 0x5B ), - BYTES_TO_T_UINT_8( 0xAF, 0xFB, 0x7B, 0x03, 0x05, 0x5E, 0x79, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x40, 0xAC, 0xED, 0x7D, 0x37, 0x87, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0xF8, 0xB1, 0x80, 0x4C, 0x8C, 0x04, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x98, 0x2C, 0xAD, 0x30, 0x69, 0x35, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x2E, 0x00, 0x2F, 0x44, 0x8C, 0xF0, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x58, 0x07, 0xD7, 0xCD, 0x60, 0xA1, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xFB, 0x7B, 0x03, 0x05, 0x5E, 0x79, 0x73 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0xC8, 0x17, 0xCE, 0x38, 0x4B, 0x5E, 0x5B, 0xC8 ), - BYTES_TO_T_UINT_8( 0x60, 0x0E, 0x0A, 0x61, 0x9D, 0x7C, 0x62, 0x08 ), - BYTES_TO_T_UINT_8( 0x25, 0xF0, 0x98, 0x71, 0x7F, 0x17, 0x26, 0xD7 ), - BYTES_TO_T_UINT_8( 0x83, 0xD3, 0xFA, 0x3C, 0xF0, 0x70, 0x07, 0x82 ), - BYTES_TO_T_UINT_8( 0x29, 0x47, 0x5C, 0x09, 0x43, 0xB7, 0x65, 0x15 ), - BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xA7, 0x3E, 0xFA, 0xF3, 0xEC, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x17, 0xCE, 0x38, 0x4B, 0x5E, 0x5B, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x60, 0x0E, 0x0A, 0x61, 0x9D, 0x7C, 0x62, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0xF0, 0x98, 0x71, 0x7F, 0x17, 0x26, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0xD3, 0xFA, 0x3C, 0xF0, 0x70, 0x07, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x47, 0x5C, 0x09, 0x43, 0xB7, 0x65, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xA7, 0x3E, 0xFA, 0xF3, 0xEC, 0x22 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xDA, 0x78, 0x22, 0x2B, 0x58, 0x71, 0xFA, 0xAA ), - BYTES_TO_T_UINT_8( 0x00, 0x30, 0xCE, 0x6A, 0xB3, 0xB0, 0x4F, 0x83 ), - BYTES_TO_T_UINT_8( 0xCF, 0x95, 0x20, 0xA9, 0x23, 0xC2, 0x65, 0xE7 ), - BYTES_TO_T_UINT_8( 0x55, 0xCF, 0x03, 0x5B, 0x8A, 0x80, 0x44, 0xBB ), - BYTES_TO_T_UINT_8( 0x5C, 0xF8, 0x91, 0xF7, 0xD5, 0xED, 0xEA, 0x81 ), - BYTES_TO_T_UINT_8( 0x40, 0x5B, 0x16, 0x10, 0x25, 0xAC, 0x2A, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x78, 0x22, 0x2B, 0x58, 0x71, 0xFA, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x30, 0xCE, 0x6A, 0xB3, 0xB0, 0x4F, 0x83 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0x95, 0x20, 0xA9, 0x23, 0xC2, 0x65, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0xCF, 0x03, 0x5B, 0x8A, 0x80, 0x44, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xF8, 0x91, 0xF7, 0xD5, 0xED, 0xEA, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x5B, 0x16, 0x10, 0x25, 0xAC, 0x2A, 0x17 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0xF2, 0xEC, 0xDC, 0xC4, 0x7B, 0x8C, 0x6B, 0xE9 ), - BYTES_TO_T_UINT_8( 0x2B, 0xBB, 0x1C, 0xD3, 0x5A, 0xEE, 0xD9, 0x97 ), - BYTES_TO_T_UINT_8( 0x64, 0x5D, 0x30, 0x5E, 0xF7, 0xB2, 0x41, 0x9D ), - BYTES_TO_T_UINT_8( 0xED, 0xCE, 0x0F, 0x1A, 0xC6, 0x41, 0x64, 0x62 ), - BYTES_TO_T_UINT_8( 0xF2, 0x18, 0xE1, 0xE3, 0x82, 0x15, 0x66, 0x4B ), - BYTES_TO_T_UINT_8( 0x9B, 0xE2, 0x24, 0x04, 0x72, 0x39, 0xA0, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0xEC, 0xDC, 0xC4, 0x7B, 0x8C, 0x6B, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0xBB, 0x1C, 0xD3, 0x5A, 0xEE, 0xD9, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x5D, 0x30, 0x5E, 0xF7, 0xB2, 0x41, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0xCE, 0x0F, 0x1A, 0xC6, 0x41, 0x64, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x18, 0xE1, 0xE3, 0x82, 0x15, 0x66, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0xE2, 0x24, 0x04, 0x72, 0x39, 0xA0, 0x7C ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0x2B, 0x51, 0xA2, 0x58, 0x88, 0x62, 0xE1, 0x02 ), - BYTES_TO_T_UINT_8( 0x58, 0xD2, 0x65, 0x14, 0xE9, 0x4C, 0x82, 0x30 ), - BYTES_TO_T_UINT_8( 0xDC, 0xE1, 0xAC, 0x87, 0xAE, 0x31, 0x1A, 0x7A ), - BYTES_TO_T_UINT_8( 0x85, 0x4F, 0x96, 0x1E, 0x85, 0x7A, 0xC3, 0x2B ), - BYTES_TO_T_UINT_8( 0xF0, 0x86, 0xBB, 0xF0, 0xC0, 0x9D, 0x08, 0x7B ), - BYTES_TO_T_UINT_8( 0xBD, 0x53, 0x03, 0x09, 0x80, 0x91, 0xEF, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0x51, 0xA2, 0x58, 0x88, 0x62, 0xE1, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0xD2, 0x65, 0x14, 0xE9, 0x4C, 0x82, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0xE1, 0xAC, 0x87, 0xAE, 0x31, 0x1A, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0x4F, 0x96, 0x1E, 0x85, 0x7A, 0xC3, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x86, 0xBB, 0xF0, 0xC0, 0x9D, 0x08, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0x53, 0x03, 0x09, 0x80, 0x91, 0xEF, 0x68 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x2D, 0xD7, 0xAF, 0x6F, 0x69, 0x7B, 0x88, 0xA1 ), - BYTES_TO_T_UINT_8( 0xAF, 0x13, 0xE4, 0x30, 0xA2, 0x47, 0xB5, 0xC1 ), - BYTES_TO_T_UINT_8( 0x0F, 0xD2, 0xC0, 0xDD, 0x8A, 0x1C, 0x3C, 0xF2 ), - BYTES_TO_T_UINT_8( 0xF9, 0x8C, 0xB3, 0x4C, 0xBA, 0x8B, 0x6D, 0xCF ), - BYTES_TO_T_UINT_8( 0x6B, 0xC7, 0xA1, 0xA8, 0x6E, 0x3C, 0x4F, 0xF1 ), - BYTES_TO_T_UINT_8( 0x94, 0x4A, 0x97, 0xC8, 0x03, 0x6F, 0x01, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0xD7, 0xAF, 0x6F, 0x69, 0x7B, 0x88, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0x13, 0xE4, 0x30, 0xA2, 0x47, 0xB5, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xD2, 0xC0, 0xDD, 0x8A, 0x1C, 0x3C, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x8C, 0xB3, 0x4C, 0xBA, 0x8B, 0x6D, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0xC7, 0xA1, 0xA8, 0x6E, 0x3C, 0x4F, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x4A, 0x97, 0xC8, 0x03, 0x6F, 0x01, 0x82 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0x74, 0x18, 0x12, 0xA9, 0x39, 0xD5, 0x22, 0x26 ), - BYTES_TO_T_UINT_8( 0x47, 0xA7, 0xC0, 0xBD, 0x9D, 0x8D, 0x78, 0x38 ), - BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xD0, 0x7F, 0xDF, 0xD0, 0x30, 0xDE ), - BYTES_TO_T_UINT_8( 0x37, 0x25, 0x73, 0x96, 0xEC, 0xA8, 0x1D, 0x7C ), - BYTES_TO_T_UINT_8( 0x91, 0xD1, 0x65, 0x66, 0xDC, 0xD9, 0xCF, 0xDF ), - BYTES_TO_T_UINT_8( 0x95, 0xED, 0x7B, 0x37, 0xAD, 0xE2, 0xBE, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x18, 0x12, 0xA9, 0x39, 0xD5, 0x22, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0xA7, 0xC0, 0xBD, 0x9D, 0x8D, 0x78, 0x38 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0xB3, 0xD0, 0x7F, 0xDF, 0xD0, 0x30, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x25, 0x73, 0x96, 0xEC, 0xA8, 0x1D, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xD1, 0x65, 0x66, 0xDC, 0xD9, 0xCF, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0xED, 0x7B, 0x37, 0xAD, 0xE2, 0xBE, 0x2D ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x50, 0x79, 0x42, 0x6A, 0x07, 0x66, 0xB1, 0xBD ), - BYTES_TO_T_UINT_8( 0x45, 0x53, 0x62, 0x65, 0x92, 0x09, 0x4C, 0xA1 ), - BYTES_TO_T_UINT_8( 0x06, 0xAF, 0xC3, 0x03, 0xF6, 0xF4, 0x2D, 0x9B ), - BYTES_TO_T_UINT_8( 0xE8, 0xCA, 0x41, 0xD9, 0xA2, 0x69, 0x9B, 0xC9 ), - BYTES_TO_T_UINT_8( 0x4B, 0xB2, 0xA6, 0x8D, 0xE1, 0xAA, 0x61, 0x76 ), - BYTES_TO_T_UINT_8( 0x11, 0xBA, 0x4D, 0x12, 0xB6, 0xBE, 0xF3, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x79, 0x42, 0x6A, 0x07, 0x66, 0xB1, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x53, 0x62, 0x65, 0x92, 0x09, 0x4C, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0xAF, 0xC3, 0x03, 0xF6, 0xF4, 0x2D, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0xCA, 0x41, 0xD9, 0xA2, 0x69, 0x9B, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0xB2, 0xA6, 0x8D, 0xE1, 0xAA, 0x61, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xBA, 0x4D, 0x12, 0xB6, 0xBE, 0xF3, 0x7E ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x92, 0x22, 0x07, 0xCE, 0xC9, 0x26 ), - BYTES_TO_T_UINT_8( 0x62, 0xA1, 0x7C, 0x91, 0xDB, 0x32, 0xF7, 0xE5 ), - BYTES_TO_T_UINT_8( 0x6D, 0x49, 0x4B, 0x6D, 0xFB, 0xD9, 0x70, 0x3B ), - BYTES_TO_T_UINT_8( 0x1C, 0xFB, 0x4E, 0x4C, 0x5E, 0x66, 0x81, 0x1D ), - BYTES_TO_T_UINT_8( 0xA5, 0xB3, 0xE1, 0x00, 0xB7, 0xD9, 0xCC, 0x58 ), - BYTES_TO_T_UINT_8( 0xF3, 0x36, 0x8B, 0xC4, 0x39, 0x20, 0xFD, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x92, 0x22, 0x07, 0xCE, 0xC9, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0xA1, 0x7C, 0x91, 0xDB, 0x32, 0xF7, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x49, 0x4B, 0x6D, 0xFB, 0xD9, 0x70, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0xFB, 0x4E, 0x4C, 0x5E, 0x66, 0x81, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0xB3, 0xE1, 0x00, 0xB7, 0xD9, 0xCC, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x36, 0x8B, 0xC4, 0x39, 0x20, 0xFD, 0x30 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0x94, 0x1F, 0x60, 0x03, 0xBB, 0xD7, 0x60, 0x57 ), - BYTES_TO_T_UINT_8( 0x72, 0x3C, 0x62, 0xDD, 0x71, 0x95, 0xE9, 0x61 ), - BYTES_TO_T_UINT_8( 0xB0, 0x5B, 0x7A, 0x5F, 0x68, 0x81, 0xC5, 0x90 ), - BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xB5, 0xB9, 0x98, 0x42, 0x28, 0xA5 ), - BYTES_TO_T_UINT_8( 0x0C, 0x29, 0x8E, 0x11, 0x49, 0xB4, 0xD7, 0x20 ), - BYTES_TO_T_UINT_8( 0x9B, 0x3E, 0xD2, 0x30, 0xA1, 0xBA, 0xCA, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x1F, 0x60, 0x03, 0xBB, 0xD7, 0x60, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x3C, 0x62, 0xDD, 0x71, 0x95, 0xE9, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x5B, 0x7A, 0x5F, 0x68, 0x81, 0xC5, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xB5, 0xB9, 0x98, 0x42, 0x28, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x29, 0x8E, 0x11, 0x49, 0xB4, 0xD7, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x3E, 0xD2, 0x30, 0xA1, 0xBA, 0xCA, 0x03 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0x29, 0x37, 0x64, 0x44, 0x2F, 0x03, 0xE5, 0x41 ), - BYTES_TO_T_UINT_8( 0x4A, 0x42, 0xBC, 0xFF, 0xA2, 0x1A, 0x5F, 0x06 ), - BYTES_TO_T_UINT_8( 0x1D, 0x04, 0xAB, 0x04, 0xE0, 0x24, 0xAD, 0x2A ), - BYTES_TO_T_UINT_8( 0x3D, 0x45, 0x17, 0x67, 0x1F, 0x3E, 0x53, 0xF8 ), - BYTES_TO_T_UINT_8( 0xED, 0x0F, 0xB3, 0x1B, 0x57, 0x54, 0xC2, 0x03 ), - BYTES_TO_T_UINT_8( 0x59, 0xD3, 0xF8, 0xC4, 0x1B, 0x9B, 0xFA, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x37, 0x64, 0x44, 0x2F, 0x03, 0xE5, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x42, 0xBC, 0xFF, 0xA2, 0x1A, 0x5F, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0x04, 0xAB, 0x04, 0xE0, 0x24, 0xAD, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x45, 0x17, 0x67, 0x1F, 0x3E, 0x53, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x0F, 0xB3, 0x1B, 0x57, 0x54, 0xC2, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xD3, 0xF8, 0xC4, 0x1B, 0x9B, 0xFA, 0x30 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x37, 0x90, 0xFD, 0xFB, 0xCA, 0x49, 0x38, 0x4E ), - BYTES_TO_T_UINT_8( 0xC3, 0xCF, 0xC6, 0xDD, 0xF0, 0xFF, 0x8C, 0x11 ), - BYTES_TO_T_UINT_8( 0xD7, 0x69, 0x9D, 0xBD, 0x5F, 0x33, 0xE9, 0xB4 ), - BYTES_TO_T_UINT_8( 0x47, 0x19, 0x82, 0x3D, 0xAC, 0x1C, 0x40, 0x23 ), - BYTES_TO_T_UINT_8( 0x40, 0xC7, 0x02, 0x46, 0x14, 0x77, 0x00, 0xBE ), - BYTES_TO_T_UINT_8( 0xC9, 0x05, 0xF2, 0x77, 0x3A, 0x66, 0x5C, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x90, 0xFD, 0xFB, 0xCA, 0x49, 0x38, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0xCF, 0xC6, 0xDD, 0xF0, 0xFF, 0x8C, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0x69, 0x9D, 0xBD, 0x5F, 0x33, 0xE9, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x19, 0x82, 0x3D, 0xAC, 0x1C, 0x40, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC7, 0x02, 0x46, 0x14, 0x77, 0x00, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x05, 0xF2, 0x77, 0x3A, 0x66, 0x5C, 0x39 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x1E, 0xE6, 0x17, 0xDE, 0xB2, 0xA1, 0xE5, 0xB8 ), - BYTES_TO_T_UINT_8( 0xC7, 0x71, 0xEC, 0x9D, 0xD8, 0xF5, 0xD4, 0x66 ), - BYTES_TO_T_UINT_8( 0xAA, 0xC6, 0x42, 0x5E, 0xE7, 0x18, 0xBA, 0xD0 ), - BYTES_TO_T_UINT_8( 0xC5, 0x21, 0x68, 0x5A, 0x26, 0xFB, 0xD7, 0x17 ), - BYTES_TO_T_UINT_8( 0x26, 0x00, 0x5C, 0xBA, 0x8A, 0x34, 0xEC, 0x75 ), - BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x3C, 0xAF, 0x53, 0xE8, 0x65, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xE6, 0x17, 0xDE, 0xB2, 0xA1, 0xE5, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0x71, 0xEC, 0x9D, 0xD8, 0xF5, 0xD4, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0xC6, 0x42, 0x5E, 0xE7, 0x18, 0xBA, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x21, 0x68, 0x5A, 0x26, 0xFB, 0xD7, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x00, 0x5C, 0xBA, 0x8A, 0x34, 0xEC, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0x9C, 0x3C, 0xAF, 0x53, 0xE8, 0x65, 0x35 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0xBE, 0xEF, 0x28, 0xDC, 0x67, 0x05, 0xC8, 0xDF ), - BYTES_TO_T_UINT_8( 0x0B, 0x78, 0xC3, 0x85, 0x49, 0xA0, 0xBC, 0x0F ), - BYTES_TO_T_UINT_8( 0x10, 0x3E, 0x2D, 0xA0, 0xCF, 0xD4, 0x7A, 0xF5 ), - BYTES_TO_T_UINT_8( 0x36, 0x93, 0xFE, 0x60, 0xB3, 0x6E, 0x99, 0xE2 ), - BYTES_TO_T_UINT_8( 0x62, 0xAD, 0x04, 0xE7, 0x49, 0xAF, 0x5E, 0xE3 ), - BYTES_TO_T_UINT_8( 0x54, 0x7A, 0xED, 0xA6, 0x9E, 0x18, 0x09, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xEF, 0x28, 0xDC, 0x67, 0x05, 0xC8, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x78, 0xC3, 0x85, 0x49, 0xA0, 0xBC, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x3E, 0x2D, 0xA0, 0xCF, 0xD4, 0x7A, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0x93, 0xFE, 0x60, 0xB3, 0x6E, 0x99, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0xAD, 0x04, 0xE7, 0x49, 0xAF, 0x5E, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x7A, 0xED, 0xA6, 0x9E, 0x18, 0x09, 0x31 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xE8, 0x05, 0x94, 0x44, 0xDC, 0xB8, 0x85, 0x94 ), - BYTES_TO_T_UINT_8( 0x14, 0xB7, 0x37, 0xC2, 0x50, 0x75, 0x15, 0xDA ), - BYTES_TO_T_UINT_8( 0xD6, 0xC6, 0x0F, 0xB2, 0xA9, 0x91, 0x3E, 0xE8 ), - BYTES_TO_T_UINT_8( 0xB9, 0x81, 0xAD, 0x25, 0xA1, 0x26, 0x73, 0x15 ), - BYTES_TO_T_UINT_8( 0xFD, 0xF1, 0xD1, 0x61, 0x7C, 0x76, 0x8F, 0x13 ), - BYTES_TO_T_UINT_8( 0x06, 0xDB, 0x4A, 0xFF, 0x14, 0xA7, 0x48, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x05, 0x94, 0x44, 0xDC, 0xB8, 0x85, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0xB7, 0x37, 0xC2, 0x50, 0x75, 0x15, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xC6, 0x0F, 0xB2, 0xA9, 0x91, 0x3E, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x81, 0xAD, 0x25, 0xA1, 0x26, 0x73, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xF1, 0xD1, 0x61, 0x7C, 0x76, 0x8F, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0xDB, 0x4A, 0xFF, 0x14, 0xA7, 0x48, 0x0B ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0x2A, 0x73, 0xC6, 0xC2, 0xCC, 0xF1, 0x57, 0x04 ), - BYTES_TO_T_UINT_8( 0xB6, 0xED, 0x73, 0x27, 0x70, 0x82, 0xB6, 0x5E ), - BYTES_TO_T_UINT_8( 0x0B, 0xBA, 0xAC, 0x3A, 0xCF, 0xF4, 0xEA, 0xA6 ), - BYTES_TO_T_UINT_8( 0x99, 0xD6, 0xB1, 0x8F, 0x0E, 0x08, 0x2C, 0x5E ), - BYTES_TO_T_UINT_8( 0x17, 0xE3, 0x8F, 0x2F, 0x0E, 0xA1, 0xF3, 0x07 ), - BYTES_TO_T_UINT_8( 0x1A, 0xF5, 0x7C, 0x9B, 0x29, 0x0A, 0xF6, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x73, 0xC6, 0xC2, 0xCC, 0xF1, 0x57, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0xED, 0x73, 0x27, 0x70, 0x82, 0xB6, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0xBA, 0xAC, 0x3A, 0xCF, 0xF4, 0xEA, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xD6, 0xB1, 0x8F, 0x0E, 0x08, 0x2C, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xE3, 0x8F, 0x2F, 0x0E, 0xA1, 0xF3, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0xF5, 0x7C, 0x9B, 0x29, 0x0A, 0xF6, 0x28 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0xBD, 0xEE, 0x17, 0x47, 0x34, 0x15, 0xA3, 0xAF ), - BYTES_TO_T_UINT_8( 0xFB, 0xBE, 0x88, 0x48, 0xE7, 0xA2, 0xBB, 0xDE ), - BYTES_TO_T_UINT_8( 0xC5, 0xAD, 0xDC, 0x65, 0x61, 0x37, 0x0F, 0xC1 ), - BYTES_TO_T_UINT_8( 0xFA, 0x67, 0xAD, 0xA2, 0x3A, 0x1C, 0x91, 0x78 ), - BYTES_TO_T_UINT_8( 0x55, 0x07, 0x0C, 0x3A, 0x41, 0x6E, 0x13, 0x28 ), - BYTES_TO_T_UINT_8( 0x73, 0xBD, 0x7E, 0xED, 0xAA, 0x14, 0xDD, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0xEE, 0x17, 0x47, 0x34, 0x15, 0xA3, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xBE, 0x88, 0x48, 0xE7, 0xA2, 0xBB, 0xDE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0xAD, 0xDC, 0x65, 0x61, 0x37, 0x0F, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x67, 0xAD, 0xA2, 0x3A, 0x1C, 0x91, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x07, 0x0C, 0x3A, 0x41, 0x6E, 0x13, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0xBD, 0x7E, 0xED, 0xAA, 0x14, 0xDD, 0x61 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xC3, 0xDC, 0x20, 0x01, 0x72, 0x11, 0x48, 0x55 ), - BYTES_TO_T_UINT_8( 0x1E, 0xC4, 0x7B, 0xF8, 0x62, 0x3D, 0xF0, 0x9F ), - BYTES_TO_T_UINT_8( 0xE8, 0xC2, 0x3D, 0x2E, 0x52, 0xA3, 0x4A, 0x89 ), - BYTES_TO_T_UINT_8( 0xCE, 0xE2, 0x53, 0x46, 0x5E, 0x21, 0xF8, 0xCE ), - BYTES_TO_T_UINT_8( 0xC2, 0xC7, 0x8F, 0xA9, 0x26, 0x42, 0x32, 0x3A ), - BYTES_TO_T_UINT_8( 0xFB, 0xA6, 0xA0, 0x8D, 0x4B, 0x9A, 0x19, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC3, 0xDC, 0x20, 0x01, 0x72, 0x11, 0x48, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xC4, 0x7B, 0xF8, 0x62, 0x3D, 0xF0, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0xC2, 0x3D, 0x2E, 0x52, 0xA3, 0x4A, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE2, 0x53, 0x46, 0x5E, 0x21, 0xF8, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0xC7, 0x8F, 0xA9, 0x26, 0x42, 0x32, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xA6, 0xA0, 0x8D, 0x4B, 0x9A, 0x19, 0x03 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0xEA, 0xAB, 0x6D, 0x1E, 0xFB, 0xEE, 0x60, 0x0C ), - BYTES_TO_T_UINT_8( 0xB6, 0x56, 0x3C, 0xC5, 0x5D, 0x10, 0x79, 0x1C ), - BYTES_TO_T_UINT_8( 0x25, 0xBC, 0x41, 0x9F, 0x71, 0xEF, 0x02, 0xF9 ), - BYTES_TO_T_UINT_8( 0xA2, 0x36, 0xC4, 0xD0, 0x88, 0x9B, 0x32, 0xFC ), - BYTES_TO_T_UINT_8( 0x9C, 0xD4, 0x5D, 0x17, 0x39, 0xE6, 0x22, 0x2C ), - BYTES_TO_T_UINT_8( 0x7B, 0x26, 0x01, 0xCE, 0xBE, 0x4A, 0x9C, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xAB, 0x6D, 0x1E, 0xFB, 0xEE, 0x60, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x56, 0x3C, 0xC5, 0x5D, 0x10, 0x79, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0xBC, 0x41, 0x9F, 0x71, 0xEF, 0x02, 0xF9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA2, 0x36, 0xC4, 0xD0, 0x88, 0x9B, 0x32, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0xD4, 0x5D, 0x17, 0x39, 0xE6, 0x22, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x26, 0x01, 0xCE, 0xBE, 0x4A, 0x9C, 0x27 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0xEF, 0x6D, 0x11, 0xCA, 0x6C, 0x5A, 0x93, 0x0C ), - BYTES_TO_T_UINT_8( 0xEB, 0x96, 0x26, 0xAF, 0x2F, 0xE4, 0x30, 0x98 ), - BYTES_TO_T_UINT_8( 0x35, 0xC1, 0x4C, 0xC6, 0x30, 0x1F, 0x5C, 0x04 ), - BYTES_TO_T_UINT_8( 0x59, 0xB3, 0xE8, 0xFC, 0x35, 0xEB, 0x63, 0x6C ), - BYTES_TO_T_UINT_8( 0x9C, 0x1D, 0xCA, 0xFC, 0x50, 0x36, 0x4B, 0x96 ), - BYTES_TO_T_UINT_8( 0xE4, 0x0E, 0x23, 0x5B, 0xAF, 0xEB, 0x2D, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x6D, 0x11, 0xCA, 0x6C, 0x5A, 0x93, 0x0C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x96, 0x26, 0xAF, 0x2F, 0xE4, 0x30, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0xC1, 0x4C, 0xC6, 0x30, 0x1F, 0x5C, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xB3, 0xE8, 0xFC, 0x35, 0xEB, 0x63, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x1D, 0xCA, 0xFC, 0x50, 0x36, 0x4B, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x0E, 0x23, 0x5B, 0xAF, 0xEB, 0x2D, 0x31 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0xC6, 0x88, 0xB6, 0xD7, 0x74, 0x4A, 0x23, 0xB6 ), - BYTES_TO_T_UINT_8( 0xEF, 0x66, 0xE2, 0xBB, 0x29, 0xA6, 0x4F, 0x55 ), - BYTES_TO_T_UINT_8( 0xE9, 0x6F, 0x7E, 0x68, 0x6E, 0xA0, 0x14, 0x94 ), - BYTES_TO_T_UINT_8( 0x3B, 0x73, 0xD4, 0xE8, 0xAB, 0x5B, 0xF6, 0x0D ), - BYTES_TO_T_UINT_8( 0x46, 0xE0, 0x3C, 0x24, 0x00, 0x95, 0xE9, 0xAD ), - BYTES_TO_T_UINT_8( 0x37, 0x0D, 0x4F, 0x81, 0xD0, 0xF2, 0x3F, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0x88, 0xB6, 0xD7, 0x74, 0x4A, 0x23, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x66, 0xE2, 0xBB, 0x29, 0xA6, 0x4F, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0x6F, 0x7E, 0x68, 0x6E, 0xA0, 0x14, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0x73, 0xD4, 0xE8, 0xAB, 0x5B, 0xF6, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0xE0, 0x3C, 0x24, 0x00, 0x95, 0xE9, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x0D, 0x4F, 0x81, 0xD0, 0xF2, 0x3F, 0x00 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x99, 0x1D, 0xCD, 0x78, 0x39, 0xC4, 0x6B, 0xD9 ), - BYTES_TO_T_UINT_8( 0x81, 0x45, 0xC7, 0xB8, 0x2F, 0xAA, 0x5D, 0xE3 ), - BYTES_TO_T_UINT_8( 0x33, 0x8C, 0x6E, 0xA3, 0x24, 0xB2, 0xDB, 0x4B ), - BYTES_TO_T_UINT_8( 0x69, 0x2D, 0xD9, 0xF1, 0xC7, 0x9B, 0x8A, 0xAF ), - BYTES_TO_T_UINT_8( 0x67, 0xE1, 0x2C, 0xB9, 0x40, 0x37, 0x91, 0x75 ), - BYTES_TO_T_UINT_8( 0x81, 0x2C, 0xB5, 0x23, 0x03, 0x2B, 0xAF, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0x1D, 0xCD, 0x78, 0x39, 0xC4, 0x6B, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x45, 0xC7, 0xB8, 0x2F, 0xAA, 0x5D, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0x8C, 0x6E, 0xA3, 0x24, 0xB2, 0xDB, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x2D, 0xD9, 0xF1, 0xC7, 0x9B, 0x8A, 0xAF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0xE1, 0x2C, 0xB9, 0x40, 0x37, 0x91, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x2C, 0xB5, 0x23, 0x03, 0x2B, 0xAF, 0x2F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x2F, 0x9D, 0x5A, 0x20, 0x10, 0xA9, 0x84, 0xDA ), - BYTES_TO_T_UINT_8( 0x61, 0x30, 0x89, 0x20, 0x13, 0xE9, 0xB2, 0xCA ), - BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x52, 0xEB, 0x03, 0x18, 0x1F, 0xA6 ), - BYTES_TO_T_UINT_8( 0x6C, 0x9E, 0x1C, 0x35, 0x87, 0x92, 0x69, 0xC7 ), - BYTES_TO_T_UINT_8( 0xA1, 0xC9, 0x88, 0xAF, 0xC6, 0x6C, 0x83, 0x72 ), - BYTES_TO_T_UINT_8( 0xCB, 0xD5, 0x7A, 0x54, 0x34, 0x99, 0xB6, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0x9D, 0x5A, 0x20, 0x10, 0xA9, 0x84, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x30, 0x89, 0x20, 0x13, 0xE9, 0xB2, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x6E, 0x52, 0xEB, 0x03, 0x18, 0x1F, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x9E, 0x1C, 0x35, 0x87, 0x92, 0x69, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0xC9, 0x88, 0xAF, 0xC6, 0x6C, 0x83, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0xD5, 0x7A, 0x54, 0x34, 0x99, 0xB6, 0x6F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0xDF, 0xAD, 0x45, 0x9B, 0x4B, 0x41, 0x4D, 0x50 ), - BYTES_TO_T_UINT_8( 0x1B, 0x5D, 0xAB, 0x7F, 0x35, 0x34, 0xE9, 0x29 ), - BYTES_TO_T_UINT_8( 0x73, 0xBE, 0x78, 0x34, 0x44, 0xF3, 0x4A, 0x87 ), - BYTES_TO_T_UINT_8( 0xFB, 0xDE, 0xE3, 0xC4, 0xEE, 0x0B, 0xF9, 0xEB ), - BYTES_TO_T_UINT_8( 0x5E, 0x86, 0x16, 0x48, 0x32, 0xB8, 0x74, 0x41 ), - BYTES_TO_T_UINT_8( 0xF2, 0xEE, 0x7C, 0xBA, 0xBD, 0x81, 0xE3, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0xAD, 0x45, 0x9B, 0x4B, 0x41, 0x4D, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0x5D, 0xAB, 0x7F, 0x35, 0x34, 0xE9, 0x29 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0xBE, 0x78, 0x34, 0x44, 0xF3, 0x4A, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xDE, 0xE3, 0xC4, 0xEE, 0x0B, 0xF9, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x86, 0x16, 0x48, 0x32, 0xB8, 0x74, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0xEE, 0x7C, 0xBA, 0xBD, 0x81, 0xE3, 0x55 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0xF8, 0x6A, 0xFA, 0x84, 0xDA, 0xB8, 0xD5, 0x14 ), - BYTES_TO_T_UINT_8( 0xB2, 0x9F, 0x8A, 0xD5, 0x1B, 0x2E, 0x1A, 0x0B ), - BYTES_TO_T_UINT_8( 0x5F, 0x0C, 0x61, 0xE2, 0xFF, 0x5B, 0xE6, 0xD5 ), - BYTES_TO_T_UINT_8( 0x0E, 0x62, 0xC1, 0x87, 0x53, 0x1B, 0x92, 0xA3 ), - BYTES_TO_T_UINT_8( 0x54, 0x90, 0x00, 0xD1, 0x6A, 0x0C, 0x0E, 0x28 ), - BYTES_TO_T_UINT_8( 0x8B, 0x2E, 0xB5, 0x3B, 0x44, 0xB5, 0xA0, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x6A, 0xFA, 0x84, 0xDA, 0xB8, 0xD5, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0x9F, 0x8A, 0xD5, 0x1B, 0x2E, 0x1A, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0C, 0x61, 0xE2, 0xFF, 0x5B, 0xE6, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0x62, 0xC1, 0x87, 0x53, 0x1B, 0x92, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x90, 0x00, 0xD1, 0x6A, 0x0C, 0x0E, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0x2E, 0xB5, 0x3B, 0x44, 0xB5, 0xA0, 0x78 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xB8, 0x5D, 0x02, 0x58, 0xB5, 0xBE, 0x45, 0x14 ), - BYTES_TO_T_UINT_8( 0xAD, 0xEF, 0x8E, 0x90, 0x4D, 0x2A, 0x32, 0xAC ), - BYTES_TO_T_UINT_8( 0x48, 0x99, 0x75, 0x5C, 0x0A, 0x33, 0x8F, 0x36 ), - BYTES_TO_T_UINT_8( 0xC8, 0x6C, 0x95, 0xD4, 0x1F, 0xF3, 0xEB, 0xDA ), - BYTES_TO_T_UINT_8( 0xC2, 0xE4, 0x4C, 0x91, 0x20, 0xF3, 0x25, 0xEB ), - BYTES_TO_T_UINT_8( 0xF1, 0x95, 0xEB, 0x29, 0x6F, 0x20, 0x34, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x5D, 0x02, 0x58, 0xB5, 0xBE, 0x45, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xEF, 0x8E, 0x90, 0x4D, 0x2A, 0x32, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0x99, 0x75, 0x5C, 0x0A, 0x33, 0x8F, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x6C, 0x95, 0xD4, 0x1F, 0xF3, 0xEB, 0xDA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0xE4, 0x4C, 0x91, 0x20, 0xF3, 0x25, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x95, 0xEB, 0x29, 0x6F, 0x20, 0x34, 0x81 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0x2D, 0x15, 0xE5, 0x13, 0x7E, 0x64, 0x8B, 0xAD ), - BYTES_TO_T_UINT_8( 0xA7, 0xBC, 0x0D, 0x18, 0x7E, 0x37, 0x9E, 0xFA ), - BYTES_TO_T_UINT_8( 0xE8, 0x82, 0x20, 0xF7, 0x2D, 0x7A, 0x77, 0x52 ), - BYTES_TO_T_UINT_8( 0xCB, 0x29, 0xA2, 0xDB, 0x7A, 0xE6, 0x6F, 0xA5 ), - BYTES_TO_T_UINT_8( 0xA0, 0xC6, 0x50, 0x5C, 0xBC, 0xE6, 0x4F, 0xBD ), - BYTES_TO_T_UINT_8( 0x1E, 0x9F, 0xD5, 0xE8, 0xC5, 0x3D, 0xB7, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0x15, 0xE5, 0x13, 0x7E, 0x64, 0x8B, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0xBC, 0x0D, 0x18, 0x7E, 0x37, 0x9E, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x82, 0x20, 0xF7, 0x2D, 0x7A, 0x77, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x29, 0xA2, 0xDB, 0x7A, 0xE6, 0x6F, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xC6, 0x50, 0x5C, 0xBC, 0xE6, 0x4F, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x9F, 0xD5, 0xE8, 0xC5, 0x3D, 0xB7, 0x30 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_16_X[] = { - BYTES_TO_T_UINT_8( 0x45, 0x03, 0x55, 0x10, 0xDB, 0xA6, 0x8B, 0x22 ), - BYTES_TO_T_UINT_8( 0x4E, 0x17, 0xAE, 0x78, 0xC9, 0x1D, 0x43, 0xCA ), - BYTES_TO_T_UINT_8( 0x4E, 0x35, 0x49, 0xD4, 0x47, 0x84, 0x8D, 0x20 ), - BYTES_TO_T_UINT_8( 0xF3, 0x95, 0x2F, 0xEA, 0xBC, 0xB4, 0x18, 0xB3 ), - BYTES_TO_T_UINT_8( 0xD4, 0x48, 0xAE, 0x89, 0xF5, 0x65, 0x3D, 0x89 ), - BYTES_TO_T_UINT_8( 0x86, 0xF2, 0x2B, 0x20, 0xD1, 0x75, 0x50, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x03, 0x55, 0x10, 0xDB, 0xA6, 0x8B, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x17, 0xAE, 0x78, 0xC9, 0x1D, 0x43, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x35, 0x49, 0xD4, 0x47, 0x84, 0x8D, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x95, 0x2F, 0xEA, 0xBC, 0xB4, 0x18, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x48, 0xAE, 0x89, 0xF5, 0x65, 0x3D, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xF2, 0x2B, 0x20, 0xD1, 0x75, 0x50, 0x63 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_16_Y[] = { - BYTES_TO_T_UINT_8( 0xAD, 0xE6, 0x5C, 0x2C, 0xE0, 0x7D, 0xDF, 0x2D ), - BYTES_TO_T_UINT_8( 0x3E, 0x07, 0x3E, 0xCE, 0x9F, 0x18, 0xB6, 0x05 ), - BYTES_TO_T_UINT_8( 0x9A, 0xF8, 0xF0, 0xD5, 0xFA, 0x42, 0x1D, 0x6D ), - BYTES_TO_T_UINT_8( 0x41, 0x6C, 0x1D, 0x03, 0xC9, 0x0E, 0x2B, 0x2F ), - BYTES_TO_T_UINT_8( 0x43, 0x18, 0x52, 0xA5, 0xB4, 0x63, 0xE1, 0x06 ), - BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0xD9, 0xC4, 0xFD, 0x16, 0x60, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0xE6, 0x5C, 0x2C, 0xE0, 0x7D, 0xDF, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x07, 0x3E, 0xCE, 0x9F, 0x18, 0xB6, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0xF8, 0xF0, 0xD5, 0xFA, 0x42, 0x1D, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x6C, 0x1D, 0x03, 0xC9, 0x0E, 0x2B, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x18, 0x52, 0xA5, 0xB4, 0x63, 0xE1, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0xD9, 0xC4, 0xFD, 0x16, 0x60, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_17_X[] = { - BYTES_TO_T_UINT_8( 0x43, 0x7D, 0xDE, 0xDF, 0x4B, 0x4A, 0xB0, 0xCB ), - BYTES_TO_T_UINT_8( 0xB0, 0x4E, 0x8C, 0x94, 0xC1, 0xE2, 0x85, 0xDF ), - BYTES_TO_T_UINT_8( 0x4F, 0xF0, 0xEA, 0xB5, 0x9B, 0x70, 0xEF, 0x10 ), - BYTES_TO_T_UINT_8( 0x56, 0xC2, 0x39, 0x5D, 0xF3, 0x2C, 0xD9, 0x2C ), - BYTES_TO_T_UINT_8( 0x0D, 0x1C, 0x2E, 0xCC, 0x2F, 0x54, 0x87, 0x80 ), - BYTES_TO_T_UINT_8( 0xB0, 0x72, 0xC7, 0xB5, 0x50, 0xA3, 0x84, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x7D, 0xDE, 0xDF, 0x4B, 0x4A, 0xB0, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x4E, 0x8C, 0x94, 0xC1, 0xE2, 0x85, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4F, 0xF0, 0xEA, 0xB5, 0x9B, 0x70, 0xEF, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0xC2, 0x39, 0x5D, 0xF3, 0x2C, 0xD9, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0x1C, 0x2E, 0xCC, 0x2F, 0x54, 0x87, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB0, 0x72, 0xC7, 0xB5, 0x50, 0xA3, 0x84, 0x77 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_17_Y[] = { - BYTES_TO_T_UINT_8( 0xB7, 0xD1, 0xAF, 0xA9, 0xB4, 0x8B, 0x5D, 0xFA ), - BYTES_TO_T_UINT_8( 0xC8, 0xF6, 0x52, 0x8A, 0xC3, 0x56, 0xA5, 0x5E ), - BYTES_TO_T_UINT_8( 0x3B, 0x52, 0xFF, 0xEA, 0x05, 0x42, 0x77, 0x83 ), - BYTES_TO_T_UINT_8( 0x29, 0x08, 0x90, 0x72, 0x86, 0xC4, 0xC3, 0xB8 ), - BYTES_TO_T_UINT_8( 0x4D, 0x15, 0xF8, 0xF1, 0x16, 0x67, 0xC6, 0xD5 ), - BYTES_TO_T_UINT_8( 0x75, 0x87, 0xAC, 0x8F, 0x71, 0xEC, 0x83, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xD1, 0xAF, 0xA9, 0xB4, 0x8B, 0x5D, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xF6, 0x52, 0x8A, 0xC3, 0x56, 0xA5, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0x52, 0xFF, 0xEA, 0x05, 0x42, 0x77, 0x83 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x08, 0x90, 0x72, 0x86, 0xC4, 0xC3, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0x15, 0xF8, 0xF1, 0x16, 0x67, 0xC6, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x87, 0xAC, 0x8F, 0x71, 0xEC, 0x83, 0x81 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_18_X[] = { - BYTES_TO_T_UINT_8( 0x91, 0xE1, 0xE6, 0x2D, 0x0E, 0x11, 0xA1, 0x62 ), - BYTES_TO_T_UINT_8( 0x74, 0xE2, 0xA8, 0x32, 0xE6, 0xE3, 0x83, 0xD1 ), - BYTES_TO_T_UINT_8( 0x50, 0x56, 0xE5, 0xCD, 0xB7, 0x2B, 0x67, 0x6F ), - BYTES_TO_T_UINT_8( 0xE5, 0xED, 0xC9, 0x65, 0x6D, 0x87, 0xE1, 0x8E ), - BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xFD, 0x9A, 0x53, 0x0E, 0xFA, 0xA3 ), - BYTES_TO_T_UINT_8( 0x49, 0x4C, 0x4A, 0xE2, 0x23, 0x84, 0xFA, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0xE1, 0xE6, 0x2D, 0x0E, 0x11, 0xA1, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xE2, 0xA8, 0x32, 0xE6, 0xE3, 0x83, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x56, 0xE5, 0xCD, 0xB7, 0x2B, 0x67, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0xED, 0xC9, 0x65, 0x6D, 0x87, 0xE1, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xFD, 0x9A, 0x53, 0x0E, 0xFA, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x4C, 0x4A, 0xE2, 0x23, 0x84, 0xFA, 0x01 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_18_Y[] = { - BYTES_TO_T_UINT_8( 0xB4, 0xFE, 0x49, 0x81, 0xD1, 0x3E, 0xF4, 0x7C ), - BYTES_TO_T_UINT_8( 0x45, 0x72, 0xE0, 0xEF, 0x0D, 0xB8, 0x3E, 0x6F ), - BYTES_TO_T_UINT_8( 0x3C, 0x00, 0x0F, 0x5F, 0xCE, 0x60, 0x72, 0x2C ), - BYTES_TO_T_UINT_8( 0xB7, 0xCC, 0xD8, 0x03, 0x07, 0x6E, 0x5A, 0xCD ), - BYTES_TO_T_UINT_8( 0x27, 0x3A, 0x35, 0x50, 0x4E, 0x1F, 0xCA, 0x5F ), - BYTES_TO_T_UINT_8( 0x58, 0xEA, 0x88, 0x55, 0xBD, 0x6E, 0x05, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xFE, 0x49, 0x81, 0xD1, 0x3E, 0xF4, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x72, 0xE0, 0xEF, 0x0D, 0xB8, 0x3E, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x00, 0x0F, 0x5F, 0xCE, 0x60, 0x72, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xCC, 0xD8, 0x03, 0x07, 0x6E, 0x5A, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x3A, 0x35, 0x50, 0x4E, 0x1F, 0xCA, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0xEA, 0x88, 0x55, 0xBD, 0x6E, 0x05, 0x7F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_19_X[] = { - BYTES_TO_T_UINT_8( 0xB1, 0x6D, 0xF1, 0x97, 0xA6, 0x69, 0x39, 0x24 ), - BYTES_TO_T_UINT_8( 0x0B, 0x41, 0x99, 0xFF, 0x3B, 0xA1, 0x26, 0xEC ), - BYTES_TO_T_UINT_8( 0x95, 0x2F, 0x95, 0x80, 0x12, 0x4A, 0x1B, 0xCB ), - BYTES_TO_T_UINT_8( 0xEA, 0xBF, 0x51, 0xAA, 0xAE, 0x2D, 0xDA, 0xCF ), - BYTES_TO_T_UINT_8( 0x0C, 0x1C, 0xB3, 0x52, 0x36, 0x49, 0xD4, 0x86 ), - BYTES_TO_T_UINT_8( 0x99, 0xC1, 0x1F, 0x3A, 0xD3, 0x3E, 0x5C, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0x6D, 0xF1, 0x97, 0xA6, 0x69, 0x39, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0x41, 0x99, 0xFF, 0x3B, 0xA1, 0x26, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x2F, 0x95, 0x80, 0x12, 0x4A, 0x1B, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xBF, 0x51, 0xAA, 0xAE, 0x2D, 0xDA, 0xCF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x1C, 0xB3, 0x52, 0x36, 0x49, 0xD4, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xC1, 0x1F, 0x3A, 0xD3, 0x3E, 0x5C, 0x1A ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_19_Y[] = { - BYTES_TO_T_UINT_8( 0x73, 0x51, 0xF7, 0x2B, 0xC8, 0xA9, 0xA7, 0x15 ), - BYTES_TO_T_UINT_8( 0x12, 0x4E, 0x7F, 0x98, 0x41, 0x66, 0xB0, 0x03 ), - BYTES_TO_T_UINT_8( 0x91, 0x1D, 0xC0, 0x42, 0xCD, 0xF8, 0xC3, 0x2B ), - BYTES_TO_T_UINT_8( 0xCC, 0x41, 0x91, 0x7D, 0xCC, 0x8B, 0xCC, 0x41 ), - BYTES_TO_T_UINT_8( 0x2A, 0xAE, 0x76, 0xED, 0x56, 0x18, 0xC5, 0xAB ), - BYTES_TO_T_UINT_8( 0xAB, 0x6A, 0x06, 0xA3, 0x7F, 0x65, 0x10, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x51, 0xF7, 0x2B, 0xC8, 0xA9, 0xA7, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x4E, 0x7F, 0x98, 0x41, 0x66, 0xB0, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x1D, 0xC0, 0x42, 0xCD, 0xF8, 0xC3, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x41, 0x91, 0x7D, 0xCC, 0x8B, 0xCC, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xAE, 0x76, 0xED, 0x56, 0x18, 0xC5, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x6A, 0x06, 0xA3, 0x7F, 0x65, 0x10, 0x1F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_20_X[] = { - BYTES_TO_T_UINT_8( 0x0C, 0xEC, 0x3C, 0x05, 0x05, 0xCA, 0xF6, 0xED ), - BYTES_TO_T_UINT_8( 0x48, 0xCD, 0x02, 0x51, 0x12, 0x16, 0x3C, 0x63 ), - BYTES_TO_T_UINT_8( 0xA8, 0xEB, 0xB3, 0x43, 0x7B, 0xDD, 0xB2, 0x7C ), - BYTES_TO_T_UINT_8( 0x00, 0x59, 0x90, 0x41, 0xDB, 0xE4, 0xF5, 0x91 ), - BYTES_TO_T_UINT_8( 0xD0, 0x0E, 0x18, 0x2A, 0x5A, 0x83, 0x7C, 0x2F ), - BYTES_TO_T_UINT_8( 0xE1, 0x37, 0xA1, 0x0D, 0xF1, 0x2F, 0x63, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0xEC, 0x3C, 0x05, 0x05, 0xCA, 0xF6, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x48, 0xCD, 0x02, 0x51, 0x12, 0x16, 0x3C, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0xEB, 0xB3, 0x43, 0x7B, 0xDD, 0xB2, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x59, 0x90, 0x41, 0xDB, 0xE4, 0xF5, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x0E, 0x18, 0x2A, 0x5A, 0x83, 0x7C, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x37, 0xA1, 0x0D, 0xF1, 0x2F, 0x63, 0x79 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_20_Y[] = { - BYTES_TO_T_UINT_8( 0x21, 0xC0, 0xFA, 0x6F, 0x1F, 0x67, 0xCF, 0xEC ), - BYTES_TO_T_UINT_8( 0x98, 0x34, 0x45, 0xBB, 0xF4, 0xF9, 0x9B, 0x89 ), - BYTES_TO_T_UINT_8( 0xF5, 0x69, 0xFE, 0x67, 0x1D, 0x64, 0x8F, 0xB9 ), - BYTES_TO_T_UINT_8( 0xDB, 0x39, 0xBF, 0xD8, 0xB3, 0xC7, 0xAD, 0x8A ), - BYTES_TO_T_UINT_8( 0x8C, 0x93, 0xFF, 0xF3, 0x28, 0xFA, 0x39, 0xF6 ), - BYTES_TO_T_UINT_8( 0xFA, 0xF9, 0xC3, 0x85, 0x26, 0x7A, 0x88, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xC0, 0xFA, 0x6F, 0x1F, 0x67, 0xCF, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x34, 0x45, 0xBB, 0xF4, 0xF9, 0x9B, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x69, 0xFE, 0x67, 0x1D, 0x64, 0x8F, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x39, 0xBF, 0xD8, 0xB3, 0xC7, 0xAD, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0x93, 0xFF, 0xF3, 0x28, 0xFA, 0x39, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xF9, 0xC3, 0x85, 0x26, 0x7A, 0x88, 0x89 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_21_X[] = { - BYTES_TO_T_UINT_8( 0x4D, 0xD5, 0x79, 0xD8, 0x11, 0xDE, 0xEB, 0x4E ), - BYTES_TO_T_UINT_8( 0x1C, 0x46, 0xA4, 0x6A, 0xDA, 0x74, 0x34, 0xA8 ), - BYTES_TO_T_UINT_8( 0x1E, 0xBD, 0xD3, 0xF5, 0x14, 0xEE, 0xFE, 0xAE ), - BYTES_TO_T_UINT_8( 0x19, 0x4C, 0xA3, 0x71, 0x43, 0x65, 0xF8, 0x94 ), - BYTES_TO_T_UINT_8( 0x72, 0x6C, 0x35, 0xFA, 0x90, 0x25, 0xD8, 0xE2 ), - BYTES_TO_T_UINT_8( 0xBB, 0x34, 0x84, 0x96, 0xA1, 0x43, 0x03, 0x4D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xD5, 0x79, 0xD8, 0x11, 0xDE, 0xEB, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x46, 0xA4, 0x6A, 0xDA, 0x74, 0x34, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xBD, 0xD3, 0xF5, 0x14, 0xEE, 0xFE, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x4C, 0xA3, 0x71, 0x43, 0x65, 0xF8, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x6C, 0x35, 0xFA, 0x90, 0x25, 0xD8, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x34, 0x84, 0x96, 0xA1, 0x43, 0x03, 0x4D ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_21_Y[] = { - BYTES_TO_T_UINT_8( 0xF1, 0x3B, 0x3B, 0x2F, 0xCA, 0x59, 0xF2, 0x42 ), - BYTES_TO_T_UINT_8( 0xCD, 0x48, 0x24, 0x74, 0xD8, 0x72, 0x90, 0xA3 ), - BYTES_TO_T_UINT_8( 0x83, 0x42, 0x74, 0x8C, 0x6F, 0x52, 0x19, 0x3D ), - BYTES_TO_T_UINT_8( 0x40, 0x9E, 0x41, 0x63, 0x68, 0x78, 0x4C, 0x2F ), - BYTES_TO_T_UINT_8( 0x53, 0x94, 0xB6, 0x6B, 0x38, 0x52, 0xA8, 0x9F ), - BYTES_TO_T_UINT_8( 0x81, 0x30, 0x25, 0x93, 0xA1, 0x6F, 0x6E, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x3B, 0x3B, 0x2F, 0xCA, 0x59, 0xF2, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0x48, 0x24, 0x74, 0xD8, 0x72, 0x90, 0xA3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x42, 0x74, 0x8C, 0x6F, 0x52, 0x19, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x9E, 0x41, 0x63, 0x68, 0x78, 0x4C, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0x94, 0xB6, 0x6B, 0x38, 0x52, 0xA8, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x30, 0x25, 0x93, 0xA1, 0x6F, 0x6E, 0x68 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_22_X[] = { - BYTES_TO_T_UINT_8( 0xFC, 0x2F, 0x4B, 0x64, 0x79, 0x50, 0xFF, 0x01 ), - BYTES_TO_T_UINT_8( 0xD4, 0x36, 0xED, 0x57, 0x39, 0x3B, 0xE7, 0xF3 ), - BYTES_TO_T_UINT_8( 0xF1, 0x85, 0xEA, 0x35, 0xD6, 0xC0, 0xA0, 0x52 ), - BYTES_TO_T_UINT_8( 0xBA, 0x89, 0x3A, 0xCC, 0x22, 0x1C, 0x46, 0x02 ), - BYTES_TO_T_UINT_8( 0x6C, 0x7A, 0xB0, 0xA1, 0x1B, 0x69, 0x62, 0x55 ), - BYTES_TO_T_UINT_8( 0x57, 0xB8, 0x8A, 0x6C, 0x18, 0x85, 0x0D, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x2F, 0x4B, 0x64, 0x79, 0x50, 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0x36, 0xED, 0x57, 0x39, 0x3B, 0xE7, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x85, 0xEA, 0x35, 0xD6, 0xC0, 0xA0, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x89, 0x3A, 0xCC, 0x22, 0x1C, 0x46, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x7A, 0xB0, 0xA1, 0x1B, 0x69, 0x62, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xB8, 0x8A, 0x6C, 0x18, 0x85, 0x0D, 0x88 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_22_Y[] = { - BYTES_TO_T_UINT_8( 0xFD, 0xB6, 0x50, 0xE9, 0x4E, 0x7F, 0xE8, 0x07 ), - BYTES_TO_T_UINT_8( 0x92, 0x5B, 0x5C, 0xD1, 0x4B, 0x11, 0x9A, 0xD8 ), - BYTES_TO_T_UINT_8( 0x96, 0x25, 0x56, 0x74, 0x51, 0x9C, 0xEC, 0x9C ), - BYTES_TO_T_UINT_8( 0x55, 0x7F, 0xB6, 0x8A, 0xCB, 0x3A, 0x10, 0x6A ), - BYTES_TO_T_UINT_8( 0x60, 0x33, 0x07, 0x01, 0xE9, 0x49, 0x59, 0xE6 ), - BYTES_TO_T_UINT_8( 0xC6, 0xA5, 0x2E, 0xF2, 0xBA, 0x32, 0x63, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xB6, 0x50, 0xE9, 0x4E, 0x7F, 0xE8, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x5B, 0x5C, 0xD1, 0x4B, 0x11, 0x9A, 0xD8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x25, 0x56, 0x74, 0x51, 0x9C, 0xEC, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x7F, 0xB6, 0x8A, 0xCB, 0x3A, 0x10, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x60, 0x33, 0x07, 0x01, 0xE9, 0x49, 0x59, 0xE6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0xA5, 0x2E, 0xF2, 0xBA, 0x32, 0x63, 0x44 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_23_X[] = { - BYTES_TO_T_UINT_8( 0xF8, 0x06, 0x0B, 0xA5, 0x44, 0x27, 0x7F, 0x22 ), - BYTES_TO_T_UINT_8( 0x30, 0x74, 0xAC, 0x0F, 0xCC, 0x4F, 0x13, 0x61 ), - BYTES_TO_T_UINT_8( 0xFD, 0xB1, 0xBF, 0x97, 0x49, 0xA5, 0x1C, 0x1D ), - BYTES_TO_T_UINT_8( 0x8A, 0x64, 0x68, 0x7B, 0x0F, 0xCC, 0x77, 0xF8 ), - BYTES_TO_T_UINT_8( 0xBB, 0x39, 0xF9, 0x4E, 0x84, 0x9C, 0xF6, 0x96 ), - BYTES_TO_T_UINT_8( 0xBC, 0xCF, 0x6D, 0xE2, 0xA1, 0x2D, 0xF9, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x06, 0x0B, 0xA5, 0x44, 0x27, 0x7F, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x74, 0xAC, 0x0F, 0xCC, 0x4F, 0x13, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xB1, 0xBF, 0x97, 0x49, 0xA5, 0x1C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x64, 0x68, 0x7B, 0x0F, 0xCC, 0x77, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x39, 0xF9, 0x4E, 0x84, 0x9C, 0xF6, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xCF, 0x6D, 0xE2, 0xA1, 0x2D, 0xF9, 0x2B ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_23_Y[] = { - BYTES_TO_T_UINT_8( 0x95, 0xC4, 0x90, 0x57, 0x31, 0x01, 0x05, 0x5E ), - BYTES_TO_T_UINT_8( 0xCC, 0x1E, 0xBB, 0xBF, 0x98, 0xA4, 0x7C, 0xE3 ), - BYTES_TO_T_UINT_8( 0x89, 0xE3, 0xA0, 0xB2, 0xCD, 0x39, 0x9A, 0x3F ), - BYTES_TO_T_UINT_8( 0x92, 0x34, 0x60, 0x7A, 0x89, 0x98, 0xB5, 0x52 ), - BYTES_TO_T_UINT_8( 0x8D, 0x20, 0x3D, 0x3A, 0x04, 0x8F, 0x5A, 0xAC ), - BYTES_TO_T_UINT_8( 0xA3, 0x26, 0xB6, 0x49, 0x09, 0x9C, 0x0F, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0xC4, 0x90, 0x57, 0x31, 0x01, 0x05, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x1E, 0xBB, 0xBF, 0x98, 0xA4, 0x7C, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0xE3, 0xA0, 0xB2, 0xCD, 0x39, 0x9A, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x34, 0x60, 0x7A, 0x89, 0x98, 0xB5, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0x20, 0x3D, 0x3A, 0x04, 0x8F, 0x5A, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x26, 0xB6, 0x49, 0x09, 0x9C, 0x0F, 0x59 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_24_X[] = { - BYTES_TO_T_UINT_8( 0x72, 0x66, 0xD2, 0x38, 0x2A, 0x62, 0x81, 0xCA ), - BYTES_TO_T_UINT_8( 0xC5, 0xC8, 0x20, 0x5E, 0x28, 0xA3, 0x81, 0xA7 ), - BYTES_TO_T_UINT_8( 0x20, 0x31, 0xA4, 0xF1, 0xEA, 0x7D, 0x87, 0x45 ), - BYTES_TO_T_UINT_8( 0x8F, 0x2C, 0x99, 0x09, 0x6F, 0x63, 0xEB, 0x2F ), - BYTES_TO_T_UINT_8( 0x73, 0x76, 0xDA, 0x1A, 0x06, 0xBE, 0xDE, 0xA2 ), - BYTES_TO_T_UINT_8( 0x29, 0x09, 0x2E, 0x75, 0x39, 0x30, 0x2D, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x66, 0xD2, 0x38, 0x2A, 0x62, 0x81, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0xC8, 0x20, 0x5E, 0x28, 0xA3, 0x81, 0xA7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0x31, 0xA4, 0xF1, 0xEA, 0x7D, 0x87, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8F, 0x2C, 0x99, 0x09, 0x6F, 0x63, 0xEB, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x76, 0xDA, 0x1A, 0x06, 0xBE, 0xDE, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x09, 0x2E, 0x75, 0x39, 0x30, 0x2D, 0x42 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_24_Y[] = { - BYTES_TO_T_UINT_8( 0x41, 0x9B, 0xC1, 0x5A, 0x17, 0xC3, 0x8C, 0x31 ), - BYTES_TO_T_UINT_8( 0x58, 0x8D, 0x94, 0x4D, 0x3D, 0xAB, 0x60, 0xD4 ), - BYTES_TO_T_UINT_8( 0xFF, 0xFD, 0x1E, 0x0F, 0x43, 0xAE, 0x9D, 0x62 ), - BYTES_TO_T_UINT_8( 0x8E, 0xF2, 0xF3, 0x20, 0x1B, 0xAA, 0xB7, 0x41 ), - BYTES_TO_T_UINT_8( 0x9D, 0x5B, 0xA4, 0xF4, 0x90, 0x3B, 0xE3, 0x71 ), - BYTES_TO_T_UINT_8( 0xF7, 0x78, 0x72, 0xBD, 0x65, 0x09, 0x0B, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x9B, 0xC1, 0x5A, 0x17, 0xC3, 0x8C, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x58, 0x8D, 0x94, 0x4D, 0x3D, 0xAB, 0x60, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFD, 0x1E, 0x0F, 0x43, 0xAE, 0x9D, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0xF2, 0xF3, 0x20, 0x1B, 0xAA, 0xB7, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x5B, 0xA4, 0xF4, 0x90, 0x3B, 0xE3, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x78, 0x72, 0xBD, 0x65, 0x09, 0x0B, 0x01 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_25_X[] = { - BYTES_TO_T_UINT_8( 0xCA, 0x37, 0x2A, 0x6C, 0x16, 0x4F, 0x64, 0x59 ), - BYTES_TO_T_UINT_8( 0x5A, 0xCE, 0xA3, 0x90, 0xB4, 0x9A, 0xBC, 0xF7 ), - BYTES_TO_T_UINT_8( 0x27, 0x38, 0x55, 0x63, 0x1D, 0x3A, 0x6E, 0x18 ), - BYTES_TO_T_UINT_8( 0x37, 0xB4, 0xAA, 0x99, 0x22, 0x45, 0x89, 0x2C ), - BYTES_TO_T_UINT_8( 0xB7, 0x7C, 0x8C, 0xA6, 0x3D, 0xA7, 0x3E, 0xE8 ), - BYTES_TO_T_UINT_8( 0x70, 0x06, 0x42, 0xDC, 0xA6, 0xE3, 0xC6, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x37, 0x2A, 0x6C, 0x16, 0x4F, 0x64, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0xCE, 0xA3, 0x90, 0xB4, 0x9A, 0xBC, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x38, 0x55, 0x63, 0x1D, 0x3A, 0x6E, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xB4, 0xAA, 0x99, 0x22, 0x45, 0x89, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x7C, 0x8C, 0xA6, 0x3D, 0xA7, 0x3E, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x06, 0x42, 0xDC, 0xA6, 0xE3, 0xC6, 0x12 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_25_Y[] = { - BYTES_TO_T_UINT_8( 0x55, 0x8C, 0x3D, 0x5D, 0x47, 0x31, 0x7C, 0xEB ), - BYTES_TO_T_UINT_8( 0x46, 0x85, 0xEE, 0x46, 0x7E, 0x13, 0x04, 0x41 ), - BYTES_TO_T_UINT_8( 0x9E, 0x3C, 0x8B, 0x43, 0x2E, 0x74, 0xF5, 0xF6 ), - BYTES_TO_T_UINT_8( 0xBA, 0x88, 0x8E, 0x07, 0x29, 0x08, 0x03, 0x26 ), - BYTES_TO_T_UINT_8( 0xEA, 0x9B, 0x89, 0xEB, 0x08, 0xE8, 0x43, 0xB5 ), - BYTES_TO_T_UINT_8( 0x17, 0x07, 0x67, 0xFD, 0xD9, 0x73, 0x6F, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x8C, 0x3D, 0x5D, 0x47, 0x31, 0x7C, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x85, 0xEE, 0x46, 0x7E, 0x13, 0x04, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x3C, 0x8B, 0x43, 0x2E, 0x74, 0xF5, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x88, 0x8E, 0x07, 0x29, 0x08, 0x03, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0x9B, 0x89, 0xEB, 0x08, 0xE8, 0x43, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x07, 0x67, 0xFD, 0xD9, 0x73, 0x6F, 0x18 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_26_X[] = { - BYTES_TO_T_UINT_8( 0x29, 0xEB, 0x21, 0x8D, 0x98, 0x43, 0x74, 0x98 ), - BYTES_TO_T_UINT_8( 0x88, 0xCC, 0x14, 0xD8, 0x08, 0xBB, 0xA6, 0xE3 ), - BYTES_TO_T_UINT_8( 0xC4, 0x98, 0xF2, 0x6A, 0x18, 0xC3, 0xDD, 0x9E ), - BYTES_TO_T_UINT_8( 0xC7, 0x38, 0x91, 0xA0, 0x03, 0xF2, 0x04, 0x62 ), - BYTES_TO_T_UINT_8( 0x7A, 0xAF, 0xE8, 0xFD, 0xFB, 0x13, 0x70, 0x74 ), - BYTES_TO_T_UINT_8( 0xD0, 0x93, 0x87, 0x98, 0x4A, 0xE0, 0x00, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xEB, 0x21, 0x8D, 0x98, 0x43, 0x74, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x88, 0xCC, 0x14, 0xD8, 0x08, 0xBB, 0xA6, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x98, 0xF2, 0x6A, 0x18, 0xC3, 0xDD, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0x38, 0x91, 0xA0, 0x03, 0xF2, 0x04, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xAF, 0xE8, 0xFD, 0xFB, 0x13, 0x70, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x93, 0x87, 0x98, 0x4A, 0xE0, 0x00, 0x12 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_26_Y[] = { - BYTES_TO_T_UINT_8( 0x97, 0x2E, 0x69, 0x9C, 0xA2, 0x2D, 0x03, 0x3F ), - BYTES_TO_T_UINT_8( 0x79, 0xFE, 0xF3, 0xB9, 0xC1, 0x85, 0x2A, 0xEE ), - BYTES_TO_T_UINT_8( 0xCE, 0xFD, 0x86, 0xB1, 0xCD, 0xBF, 0x41, 0xB7 ), - BYTES_TO_T_UINT_8( 0xA0, 0xD8, 0x9A, 0x21, 0xF3, 0xFE, 0xCB, 0xF1 ), - BYTES_TO_T_UINT_8( 0x95, 0x78, 0x04, 0x60, 0xB7, 0xA9, 0xA2, 0x84 ), - BYTES_TO_T_UINT_8( 0xE8, 0x1E, 0x66, 0x2A, 0x54, 0x51, 0xBD, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x2E, 0x69, 0x9C, 0xA2, 0x2D, 0x03, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0xFE, 0xF3, 0xB9, 0xC1, 0x85, 0x2A, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xFD, 0x86, 0xB1, 0xCD, 0xBF, 0x41, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xD8, 0x9A, 0x21, 0xF3, 0xFE, 0xCB, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x78, 0x04, 0x60, 0xB7, 0xA9, 0xA2, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x1E, 0x66, 0x2A, 0x54, 0x51, 0xBD, 0x8B ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_27_X[] = { - BYTES_TO_T_UINT_8( 0x8E, 0x16, 0x36, 0xEF, 0x61, 0x2D, 0xEE, 0x3B ), - BYTES_TO_T_UINT_8( 0x45, 0x5F, 0x88, 0xA0, 0x13, 0x12, 0xF7, 0x23 ), - BYTES_TO_T_UINT_8( 0xA9, 0xC6, 0xAD, 0x4A, 0x4A, 0x07, 0x01, 0x5B ), - BYTES_TO_T_UINT_8( 0xB8, 0x74, 0xB1, 0x4F, 0xEB, 0xBD, 0xD5, 0x6B ), - BYTES_TO_T_UINT_8( 0x57, 0xF9, 0x71, 0xA2, 0x06, 0x4F, 0xD7, 0xBC ), - BYTES_TO_T_UINT_8( 0xFF, 0x8B, 0x4D, 0x48, 0xE0, 0x98, 0xFB, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x16, 0x36, 0xEF, 0x61, 0x2D, 0xEE, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x5F, 0x88, 0xA0, 0x13, 0x12, 0xF7, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0xC6, 0xAD, 0x4A, 0x4A, 0x07, 0x01, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0x74, 0xB1, 0x4F, 0xEB, 0xBD, 0xD5, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xF9, 0x71, 0xA2, 0x06, 0x4F, 0xD7, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x8B, 0x4D, 0x48, 0xE0, 0x98, 0xFB, 0x6A ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_27_Y[] = { - BYTES_TO_T_UINT_8( 0xC4, 0xBA, 0x10, 0xA3, 0x0D, 0x52, 0xAC, 0x3A ), - BYTES_TO_T_UINT_8( 0x11, 0xD0, 0xE0, 0x36, 0xE6, 0x07, 0x3A, 0x30 ), - BYTES_TO_T_UINT_8( 0x7E, 0x80, 0xF0, 0xAA, 0x49, 0x22, 0x4B, 0xDD ), - BYTES_TO_T_UINT_8( 0xFF, 0xC7, 0xAB, 0x1C, 0x89, 0xCD, 0x24, 0x40 ), - BYTES_TO_T_UINT_8( 0x82, 0x2A, 0xFC, 0xB3, 0x6D, 0x45, 0x96, 0x49 ), - BYTES_TO_T_UINT_8( 0x63, 0xE4, 0xDB, 0x52, 0x3F, 0xC4, 0xB4, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0xBA, 0x10, 0xA3, 0x0D, 0x52, 0xAC, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xD0, 0xE0, 0x36, 0xE6, 0x07, 0x3A, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x80, 0xF0, 0xAA, 0x49, 0x22, 0x4B, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xC7, 0xAB, 0x1C, 0x89, 0xCD, 0x24, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x82, 0x2A, 0xFC, 0xB3, 0x6D, 0x45, 0x96, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0xE4, 0xDB, 0x52, 0x3F, 0xC4, 0xB4, 0x19 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_28_X[] = { - BYTES_TO_T_UINT_8( 0x5B, 0xCC, 0xC8, 0x7F, 0xBB, 0x6B, 0x87, 0x47 ), - BYTES_TO_T_UINT_8( 0xC0, 0x21, 0x3C, 0x69, 0x7D, 0x38, 0x57, 0x50 ), - BYTES_TO_T_UINT_8( 0x52, 0x4C, 0x18, 0x3C, 0x53, 0xA5, 0x48, 0x6D ), - BYTES_TO_T_UINT_8( 0x21, 0xC3, 0x64, 0x45, 0xDB, 0xC4, 0x6D, 0x15 ), - BYTES_TO_T_UINT_8( 0x49, 0xCC, 0xD1, 0xBB, 0x17, 0xB8, 0x34, 0x2D ), - BYTES_TO_T_UINT_8( 0x6C, 0x69, 0x71, 0xFA, 0xA0, 0x28, 0x4A, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5B, 0xCC, 0xC8, 0x7F, 0xBB, 0x6B, 0x87, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x21, 0x3C, 0x69, 0x7D, 0x38, 0x57, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0x4C, 0x18, 0x3C, 0x53, 0xA5, 0x48, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xC3, 0x64, 0x45, 0xDB, 0xC4, 0x6D, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0xCC, 0xD1, 0xBB, 0x17, 0xB8, 0x34, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x69, 0x71, 0xFA, 0xA0, 0x28, 0x4A, 0x3D ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_28_Y[] = { - BYTES_TO_T_UINT_8( 0xED, 0xE8, 0x9E, 0x39, 0xEA, 0x8D, 0x38, 0xDB ), - BYTES_TO_T_UINT_8( 0xCC, 0x9C, 0xBB, 0xCD, 0x80, 0x1A, 0xEE, 0xB7 ), - BYTES_TO_T_UINT_8( 0xBC, 0xA0, 0x45, 0xBF, 0xD9, 0x22, 0x11, 0x32 ), - BYTES_TO_T_UINT_8( 0xDA, 0x7C, 0x5C, 0xD9, 0xC0, 0x9F, 0x69, 0xF5 ), - BYTES_TO_T_UINT_8( 0xBC, 0x8A, 0xA6, 0x79, 0x4E, 0x35, 0xB9, 0xD5 ), - BYTES_TO_T_UINT_8( 0xCC, 0x8B, 0x9A, 0x3E, 0xA1, 0xB8, 0x28, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0xE8, 0x9E, 0x39, 0xEA, 0x8D, 0x38, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x9C, 0xBB, 0xCD, 0x80, 0x1A, 0xEE, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA0, 0x45, 0xBF, 0xD9, 0x22, 0x11, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x7C, 0x5C, 0xD9, 0xC0, 0x9F, 0x69, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x8A, 0xA6, 0x79, 0x4E, 0x35, 0xB9, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCC, 0x8B, 0x9A, 0x3E, 0xA1, 0xB8, 0x28, 0x10 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_29_X[] = { - BYTES_TO_T_UINT_8( 0x55, 0x2F, 0xEF, 0xBB, 0xA9, 0x72, 0x7F, 0xEA ), - BYTES_TO_T_UINT_8( 0xB5, 0x34, 0xB7, 0x12, 0xB9, 0xE7, 0xC3, 0x2A ), - BYTES_TO_T_UINT_8( 0xF8, 0x1D, 0xD9, 0x42, 0x77, 0x0C, 0x71, 0x6E ), - BYTES_TO_T_UINT_8( 0xEC, 0x01, 0x59, 0xA7, 0x56, 0x03, 0x91, 0x8D ), - BYTES_TO_T_UINT_8( 0x6C, 0x91, 0x99, 0x33, 0x30, 0x3E, 0xEF, 0x13 ), - BYTES_TO_T_UINT_8( 0x87, 0xC9, 0x5A, 0x9A, 0x54, 0x66, 0xF1, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x2F, 0xEF, 0xBB, 0xA9, 0x72, 0x7F, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x34, 0xB7, 0x12, 0xB9, 0xE7, 0xC3, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x1D, 0xD9, 0x42, 0x77, 0x0C, 0x71, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x01, 0x59, 0xA7, 0x56, 0x03, 0x91, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x91, 0x99, 0x33, 0x30, 0x3E, 0xEF, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0xC9, 0x5A, 0x9A, 0x54, 0x66, 0xF1, 0x70 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_29_Y[] = { - BYTES_TO_T_UINT_8( 0x64, 0x2C, 0xB7, 0x6E, 0x71, 0x7D, 0x35, 0x30 ), - BYTES_TO_T_UINT_8( 0x1A, 0x0D, 0xEF, 0xD1, 0x2D, 0x99, 0x63, 0x2F ), - BYTES_TO_T_UINT_8( 0xE4, 0x31, 0xAF, 0x2D, 0xC9, 0xC6, 0xC2, 0xAE ), - BYTES_TO_T_UINT_8( 0x19, 0xC0, 0xDF, 0x80, 0x54, 0xC4, 0xAC, 0xF3 ), - BYTES_TO_T_UINT_8( 0xE3, 0x6B, 0xA0, 0x84, 0x96, 0xF7, 0x31, 0xC8 ), - BYTES_TO_T_UINT_8( 0x93, 0xE2, 0x7C, 0x7A, 0x41, 0x45, 0x75, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x2C, 0xB7, 0x6E, 0x71, 0x7D, 0x35, 0x30 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x0D, 0xEF, 0xD1, 0x2D, 0x99, 0x63, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x31, 0xAF, 0x2D, 0xC9, 0xC6, 0xC2, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0xC0, 0xDF, 0x80, 0x54, 0xC4, 0xAC, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x6B, 0xA0, 0x84, 0x96, 0xF7, 0x31, 0xC8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0xE2, 0x7C, 0x7A, 0x41, 0x45, 0x75, 0x6A ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_30_X[] = { - BYTES_TO_T_UINT_8( 0xAE, 0xEE, 0x58, 0x31, 0xE8, 0x68, 0xD6, 0x76 ), - BYTES_TO_T_UINT_8( 0xD2, 0x2E, 0x48, 0xB7, 0x09, 0x9F, 0xD4, 0xCA ), - BYTES_TO_T_UINT_8( 0x34, 0xA9, 0x5C, 0xE7, 0x64, 0x43, 0x5D, 0xC9 ), - BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x9F, 0x50, 0xAB, 0x68, 0xFF, 0x6D ), - BYTES_TO_T_UINT_8( 0x87, 0x88, 0x2D, 0xBA, 0x12, 0xBF, 0x8D, 0x7D ), - BYTES_TO_T_UINT_8( 0xD4, 0xDF, 0x6F, 0xB3, 0x75, 0xA4, 0x55, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xEE, 0x58, 0x31, 0xE8, 0x68, 0xD6, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x2E, 0x48, 0xB7, 0x09, 0x9F, 0xD4, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xA9, 0x5C, 0xE7, 0x64, 0x43, 0x5D, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9E, 0x58, 0x9F, 0x50, 0xAB, 0x68, 0xFF, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x88, 0x2D, 0xBA, 0x12, 0xBF, 0x8D, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0xDF, 0x6F, 0xB3, 0x75, 0xA4, 0x55, 0x73 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_30_Y[] = { - BYTES_TO_T_UINT_8( 0x6D, 0x17, 0x92, 0x39, 0xB7, 0x13, 0x37, 0x6F ), - BYTES_TO_T_UINT_8( 0x5E, 0x43, 0x71, 0xA7, 0xCA, 0x17, 0x1B, 0x32 ), - BYTES_TO_T_UINT_8( 0xE7, 0xB9, 0xB0, 0x78, 0xEF, 0xA0, 0xDA, 0x83 ), - BYTES_TO_T_UINT_8( 0x9A, 0x84, 0xF2, 0x0F, 0x85, 0xA2, 0xB6, 0x1F ), - BYTES_TO_T_UINT_8( 0x72, 0x65, 0x2E, 0x6E, 0x45, 0xB9, 0x4C, 0x3C ), - BYTES_TO_T_UINT_8( 0xFE, 0x6A, 0x8C, 0x2B, 0x77, 0x96, 0x36, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x17, 0x92, 0x39, 0xB7, 0x13, 0x37, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x43, 0x71, 0xA7, 0xCA, 0x17, 0x1B, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xB9, 0xB0, 0x78, 0xEF, 0xA0, 0xDA, 0x83 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x84, 0xF2, 0x0F, 0x85, 0xA2, 0xB6, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x65, 0x2E, 0x6E, 0x45, 0xB9, 0x4C, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0x6A, 0x8C, 0x2B, 0x77, 0x96, 0x36, 0x22 ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_31_X[] = { - BYTES_TO_T_UINT_8( 0x68, 0x7A, 0x13, 0x4A, 0x97, 0x63, 0x02, 0x10 ), - BYTES_TO_T_UINT_8( 0xBC, 0x1E, 0x06, 0x03, 0x8F, 0xB9, 0xEE, 0x64 ), - BYTES_TO_T_UINT_8( 0x68, 0xEE, 0x8B, 0x89, 0xA9, 0x70, 0xDB, 0xCE ), - BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x81, 0xC9, 0x70, 0x8D, 0x62, 0x32 ), - BYTES_TO_T_UINT_8( 0x75, 0xDA, 0x46, 0xF8, 0xF9, 0x3A, 0xBE, 0x55 ), - BYTES_TO_T_UINT_8( 0x9F, 0x9C, 0x7A, 0x97, 0x62, 0xEB, 0xFA, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x7A, 0x13, 0x4A, 0x97, 0x63, 0x02, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x1E, 0x06, 0x03, 0x8F, 0xB9, 0xEE, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0xEE, 0x8B, 0x89, 0xA9, 0x70, 0xDB, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x7B, 0x81, 0xC9, 0x70, 0x8D, 0x62, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0xDA, 0x46, 0xF8, 0xF9, 0x3A, 0xBE, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0x9C, 0x7A, 0x97, 0x62, 0xEB, 0xFA, 0x0F ), }; static const mbedtls_mpi_uint brainpoolP384r1_T_31_Y[] = { - BYTES_TO_T_UINT_8( 0xB2, 0x03, 0x3D, 0x3C, 0x46, 0x27, 0x9E, 0x65 ), - BYTES_TO_T_UINT_8( 0xA4, 0x08, 0x1C, 0xD5, 0x25, 0xAF, 0xE9, 0x40 ), - BYTES_TO_T_UINT_8( 0xFE, 0x69, 0xDC, 0x59, 0xF4, 0x8A, 0x7C, 0x1F ), - BYTES_TO_T_UINT_8( 0xFC, 0x9A, 0x7A, 0x99, 0x21, 0x0C, 0x4E, 0xE3 ), - BYTES_TO_T_UINT_8( 0xF5, 0xCE, 0x85, 0x5F, 0xAC, 0xAA, 0x82, 0x10 ), - BYTES_TO_T_UINT_8( 0x83, 0x57, 0x69, 0x90, 0x76, 0xF3, 0x53, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0x03, 0x3D, 0x3C, 0x46, 0x27, 0x9E, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x08, 0x1C, 0xD5, 0x25, 0xAF, 0xE9, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0x69, 0xDC, 0x59, 0xF4, 0x8A, 0x7C, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x9A, 0x7A, 0x99, 0x21, 0x0C, 0x4E, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xCE, 0x85, 0x5F, 0xAC, 0xAA, 0x82, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x83, 0x57, 0x69, 0x90, 0x76, 0xF3, 0x53, 0x3F ), }; static const mbedtls_ecp_point brainpoolP384r1_T[32] = { ECP_POINT_INIT_XY_Z1(brainpoolP384r1_T_0_X, brainpoolP384r1_T_0_Y), @@ -3766,706 +3766,706 @@ static const mbedtls_ecp_point brainpoolP384r1_T[32] = { */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) static const mbedtls_mpi_uint brainpoolP512r1_p[] = { - BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ), - BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ), - BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ), - BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ), - BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), }; static const mbedtls_mpi_uint brainpoolP512r1_a[] = { - BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ), - BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ), - BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ), - BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ), - BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ), - BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ), - BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ), - BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ), }; static const mbedtls_mpi_uint brainpoolP512r1_b[] = { - BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ), - BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ), - BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ), - BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ), - BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ), - BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ), - BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ), - BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ), }; static const mbedtls_mpi_uint brainpoolP512r1_gx[] = { - BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), - BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), - BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), - BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), - BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), - BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), - BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), - BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), }; static const mbedtls_mpi_uint brainpoolP512r1_gy[] = { - BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), - BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), - BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), - BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), - BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), - BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), - BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), - BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), }; static const mbedtls_mpi_uint brainpoolP512r1_n[] = { - BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ), - BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ), - BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ), - BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ), - BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), }; #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 static const mbedtls_mpi_uint brainpoolP512r1_T_0_X[] = { - BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), - BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), - BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), - BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), - BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), - BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), - BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), - BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_0_Y[] = { - BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), - BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), - BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), - BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), - BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), - BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), - BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), - BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_1_X[] = { - BYTES_TO_T_UINT_8( 0xEA, 0xE9, 0x6B, 0x8C, 0x6F, 0x9D, 0x88, 0x43 ), - BYTES_TO_T_UINT_8( 0xBB, 0x4F, 0x86, 0x96, 0xA7, 0x56, 0xD1, 0x37 ), - BYTES_TO_T_UINT_8( 0x9D, 0xAB, 0xFA, 0xEE, 0xA7, 0xF5, 0x0E, 0xA6 ), - BYTES_TO_T_UINT_8( 0xE3, 0x40, 0xEF, 0x9E, 0x6D, 0xD6, 0x32, 0x33 ), - BYTES_TO_T_UINT_8( 0xE3, 0xED, 0x56, 0x14, 0x57, 0x1A, 0x8D, 0x69 ), - BYTES_TO_T_UINT_8( 0xA4, 0xED, 0x4D, 0x3A, 0xFA, 0x71, 0x75, 0x6B ), - BYTES_TO_T_UINT_8( 0x66, 0xC5, 0x76, 0x1C, 0x14, 0xBE, 0xB5, 0xCD ), - BYTES_TO_T_UINT_8( 0xE1, 0x5A, 0xCB, 0xE7, 0x36, 0x1D, 0x52, 0x1C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xE9, 0x6B, 0x8C, 0x6F, 0x9D, 0x88, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x4F, 0x86, 0x96, 0xA7, 0x56, 0xD1, 0x37 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xAB, 0xFA, 0xEE, 0xA7, 0xF5, 0x0E, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x40, 0xEF, 0x9E, 0x6D, 0xD6, 0x32, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0xED, 0x56, 0x14, 0x57, 0x1A, 0x8D, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xED, 0x4D, 0x3A, 0xFA, 0x71, 0x75, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xC5, 0x76, 0x1C, 0x14, 0xBE, 0xB5, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x5A, 0xCB, 0xE7, 0x36, 0x1D, 0x52, 0x1C ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_1_Y[] = { - BYTES_TO_T_UINT_8( 0x6B, 0x8D, 0x7A, 0xEB, 0xA3, 0x8B, 0xD5, 0xB0 ), - BYTES_TO_T_UINT_8( 0x1F, 0xA3, 0x41, 0xF8, 0xAC, 0x9E, 0xAB, 0x74 ), - BYTES_TO_T_UINT_8( 0x12, 0xE3, 0x65, 0x0D, 0x1C, 0xFE, 0x09, 0x2B ), - BYTES_TO_T_UINT_8( 0x3F, 0xCA, 0x13, 0x3F, 0xC5, 0xF9, 0x7E, 0xEC ), - BYTES_TO_T_UINT_8( 0x2C, 0x5D, 0x63, 0x28, 0xA6, 0x89, 0xD3, 0x91 ), - BYTES_TO_T_UINT_8( 0xC9, 0x95, 0x3F, 0x7A, 0x82, 0xD4, 0x77, 0xE3 ), - BYTES_TO_T_UINT_8( 0x34, 0xBB, 0x92, 0x32, 0x00, 0xF4, 0x66, 0x42 ), - BYTES_TO_T_UINT_8( 0xBA, 0x58, 0x31, 0xD1, 0x17, 0x9F, 0x2A, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x8D, 0x7A, 0xEB, 0xA3, 0x8B, 0xD5, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0xA3, 0x41, 0xF8, 0xAC, 0x9E, 0xAB, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0xE3, 0x65, 0x0D, 0x1C, 0xFE, 0x09, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0xCA, 0x13, 0x3F, 0xC5, 0xF9, 0x7E, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x5D, 0x63, 0x28, 0xA6, 0x89, 0xD3, 0x91 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x95, 0x3F, 0x7A, 0x82, 0xD4, 0x77, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xBB, 0x92, 0x32, 0x00, 0xF4, 0x66, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x58, 0x31, 0xD1, 0x17, 0x9F, 0x2A, 0x22 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_2_X[] = { - BYTES_TO_T_UINT_8( 0x52, 0x36, 0xA9, 0xCD, 0x80, 0xA5, 0x2D, 0x78 ), - BYTES_TO_T_UINT_8( 0x91, 0x44, 0xAB, 0xCE, 0x71, 0xFF, 0x0C, 0x9B ), - BYTES_TO_T_UINT_8( 0x18, 0x24, 0x58, 0x35, 0x5A, 0x21, 0x32, 0x93 ), - BYTES_TO_T_UINT_8( 0x1B, 0xA6, 0x28, 0xF8, 0x7A, 0x97, 0xAE, 0x8B ), - BYTES_TO_T_UINT_8( 0x84, 0xE7, 0x08, 0xFA, 0x47, 0xC9, 0x55, 0x09 ), - BYTES_TO_T_UINT_8( 0x8D, 0xAC, 0x2E, 0x84, 0xA4, 0xF5, 0x52, 0xC4 ), - BYTES_TO_T_UINT_8( 0xD9, 0x58, 0x05, 0x9D, 0xA7, 0xC8, 0x71, 0xBF ), - BYTES_TO_T_UINT_8( 0xB3, 0x92, 0xB4, 0x92, 0xC1, 0x92, 0xEC, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0x36, 0xA9, 0xCD, 0x80, 0xA5, 0x2D, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x91, 0x44, 0xAB, 0xCE, 0x71, 0xFF, 0x0C, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0x24, 0x58, 0x35, 0x5A, 0x21, 0x32, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1B, 0xA6, 0x28, 0xF8, 0x7A, 0x97, 0xAE, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0xE7, 0x08, 0xFA, 0x47, 0xC9, 0x55, 0x09 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xAC, 0x2E, 0x84, 0xA4, 0xF5, 0x52, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x58, 0x05, 0x9D, 0xA7, 0xC8, 0x71, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x92, 0xB4, 0x92, 0xC1, 0x92, 0xEC, 0x6B ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_2_Y[] = { - BYTES_TO_T_UINT_8( 0x4A, 0x48, 0x2D, 0x79, 0x5E, 0x58, 0xE5, 0x69 ), - BYTES_TO_T_UINT_8( 0xB4, 0x85, 0x26, 0xEC, 0xE9, 0x6E, 0xD4, 0x06 ), - BYTES_TO_T_UINT_8( 0x98, 0x68, 0x26, 0x87, 0x38, 0xA2, 0xD2, 0x0B ), - BYTES_TO_T_UINT_8( 0xF7, 0x17, 0x60, 0xCE, 0x75, 0xF8, 0xA5, 0x6F ), - BYTES_TO_T_UINT_8( 0x20, 0x51, 0xDB, 0xA9, 0xAE, 0x87, 0xF1, 0x15 ), - BYTES_TO_T_UINT_8( 0xDD, 0x49, 0x92, 0x3B, 0x19, 0x96, 0xF5, 0xB0 ), - BYTES_TO_T_UINT_8( 0xC4, 0xD5, 0x52, 0x52, 0x8C, 0xCE, 0xFD, 0xFA ), - BYTES_TO_T_UINT_8( 0x24, 0x18, 0x0A, 0xE6, 0xF6, 0xAE, 0x08, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4A, 0x48, 0x2D, 0x79, 0x5E, 0x58, 0xE5, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x85, 0x26, 0xEC, 0xE9, 0x6E, 0xD4, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x68, 0x26, 0x87, 0x38, 0xA2, 0xD2, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0x17, 0x60, 0xCE, 0x75, 0xF8, 0xA5, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0x51, 0xDB, 0xA9, 0xAE, 0x87, 0xF1, 0x15 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x49, 0x92, 0x3B, 0x19, 0x96, 0xF5, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0xD5, 0x52, 0x52, 0x8C, 0xCE, 0xFD, 0xFA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x18, 0x0A, 0xE6, 0xF6, 0xAE, 0x08, 0x41 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_3_X[] = { - BYTES_TO_T_UINT_8( 0x7E, 0x2B, 0xD8, 0x54, 0xCE, 0xB0, 0x57, 0xFE ), - BYTES_TO_T_UINT_8( 0x8A, 0xB0, 0xF8, 0x9E, 0x03, 0x03, 0x3C, 0x5D ), - BYTES_TO_T_UINT_8( 0x93, 0x0E, 0x29, 0x29, 0x00, 0xF3, 0x70, 0xBF ), - BYTES_TO_T_UINT_8( 0x54, 0x33, 0x99, 0x0E, 0x00, 0x5D, 0xFE, 0x4B ), - BYTES_TO_T_UINT_8( 0x46, 0x2D, 0xF2, 0x59, 0x32, 0xCF, 0x03, 0xF4 ), - BYTES_TO_T_UINT_8( 0x3B, 0xC9, 0x72, 0xAE, 0x0C, 0xEF, 0xD1, 0x5B ), - BYTES_TO_T_UINT_8( 0xB6, 0x5A, 0x27, 0xBF, 0x2F, 0x45, 0xF9, 0x51 ), - BYTES_TO_T_UINT_8( 0xD4, 0xBE, 0xE5, 0x2C, 0xFF, 0x5B, 0x1E, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x2B, 0xD8, 0x54, 0xCE, 0xB0, 0x57, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0xB0, 0xF8, 0x9E, 0x03, 0x03, 0x3C, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x0E, 0x29, 0x29, 0x00, 0xF3, 0x70, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x33, 0x99, 0x0E, 0x00, 0x5D, 0xFE, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0x2D, 0xF2, 0x59, 0x32, 0xCF, 0x03, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0xC9, 0x72, 0xAE, 0x0C, 0xEF, 0xD1, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x5A, 0x27, 0xBF, 0x2F, 0x45, 0xF9, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD4, 0xBE, 0xE5, 0x2C, 0xFF, 0x5B, 0x1E, 0x88 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_3_Y[] = { - BYTES_TO_T_UINT_8( 0xAA, 0xAC, 0xBB, 0xD8, 0x83, 0xC2, 0x46, 0xF6 ), - BYTES_TO_T_UINT_8( 0xCF, 0xDC, 0xCE, 0x15, 0xB4, 0xEF, 0xCF, 0x46 ), - BYTES_TO_T_UINT_8( 0x46, 0xDB, 0x5E, 0x94, 0x31, 0x0B, 0xB2, 0x7A ), - BYTES_TO_T_UINT_8( 0x3C, 0xB9, 0xE3, 0xE3, 0x11, 0x71, 0x41, 0x1E ), - BYTES_TO_T_UINT_8( 0x36, 0xE3, 0x01, 0xB7, 0x7D, 0xBC, 0x65, 0xBE ), - BYTES_TO_T_UINT_8( 0xFC, 0x07, 0x65, 0x87, 0xA7, 0xE8, 0x48, 0xE3 ), - BYTES_TO_T_UINT_8( 0x66, 0x48, 0x8F, 0xD4, 0x30, 0x8E, 0xB4, 0x6C ), - BYTES_TO_T_UINT_8( 0x86, 0xE0, 0x73, 0xBE, 0x1E, 0xBF, 0x56, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0xAC, 0xBB, 0xD8, 0x83, 0xC2, 0x46, 0xF6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0xDC, 0xCE, 0x15, 0xB4, 0xEF, 0xCF, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0xDB, 0x5E, 0x94, 0x31, 0x0B, 0xB2, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0xB9, 0xE3, 0xE3, 0x11, 0x71, 0x41, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xE3, 0x01, 0xB7, 0x7D, 0xBC, 0x65, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x07, 0x65, 0x87, 0xA7, 0xE8, 0x48, 0xE3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0x48, 0x8F, 0xD4, 0x30, 0x8E, 0xB4, 0x6C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0xE0, 0x73, 0xBE, 0x1E, 0xBF, 0x56, 0x36 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_4_X[] = { - BYTES_TO_T_UINT_8( 0xFE, 0x0E, 0x5E, 0x87, 0xC5, 0xAB, 0x0E, 0x3C ), - BYTES_TO_T_UINT_8( 0xB9, 0xF9, 0x5F, 0x80, 0x24, 0x4C, 0x2A, 0xF1 ), - BYTES_TO_T_UINT_8( 0xDE, 0x15, 0x21, 0x54, 0x92, 0x84, 0x8D, 0x6A ), - BYTES_TO_T_UINT_8( 0xA8, 0x8A, 0x47, 0x74, 0xDC, 0x42, 0xB1, 0xF8 ), - BYTES_TO_T_UINT_8( 0x81, 0xF7, 0x30, 0xFD, 0xC1, 0x9B, 0x0C, 0x5B ), - BYTES_TO_T_UINT_8( 0x4E, 0x6C, 0xCC, 0xDF, 0xC5, 0xE3, 0xA9, 0xD5 ), - BYTES_TO_T_UINT_8( 0xD6, 0x67, 0x59, 0x10, 0x5C, 0x51, 0x54, 0x40 ), - BYTES_TO_T_UINT_8( 0xA0, 0x37, 0xFB, 0x6E, 0xB0, 0x78, 0x63, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0x0E, 0x5E, 0x87, 0xC5, 0xAB, 0x0E, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xF9, 0x5F, 0x80, 0x24, 0x4C, 0x2A, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0x15, 0x21, 0x54, 0x92, 0x84, 0x8D, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x8A, 0x47, 0x74, 0xDC, 0x42, 0xB1, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0xF7, 0x30, 0xFD, 0xC1, 0x9B, 0x0C, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x6C, 0xCC, 0xDF, 0xC5, 0xE3, 0xA9, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x67, 0x59, 0x10, 0x5C, 0x51, 0x54, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x37, 0xFB, 0x6E, 0xB0, 0x78, 0x63, 0x8E ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_4_Y[] = { - BYTES_TO_T_UINT_8( 0xA5, 0xEF, 0xC4, 0x39, 0x20, 0xF1, 0x46, 0x66 ), - BYTES_TO_T_UINT_8( 0xE2, 0x62, 0xAE, 0xFF, 0x10, 0xE4, 0xE2, 0xE9 ), - BYTES_TO_T_UINT_8( 0xFF, 0x5C, 0xF5, 0x2E, 0x22, 0x89, 0xE5, 0x82 ), - BYTES_TO_T_UINT_8( 0x89, 0x0C, 0x29, 0xA8, 0x62, 0xAE, 0xDB, 0x65 ), - BYTES_TO_T_UINT_8( 0xD7, 0x9E, 0x0F, 0xCA, 0x87, 0x2A, 0x6F, 0x7B ), - BYTES_TO_T_UINT_8( 0xCE, 0xDC, 0x9B, 0x9F, 0x65, 0xD4, 0xAD, 0x27 ), - BYTES_TO_T_UINT_8( 0xED, 0xC3, 0x08, 0x0F, 0xCF, 0x67, 0xE9, 0xF4 ), - BYTES_TO_T_UINT_8( 0x92, 0x5C, 0xD7, 0xFF, 0x41, 0x9C, 0xCB, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0xEF, 0xC4, 0x39, 0x20, 0xF1, 0x46, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0x62, 0xAE, 0xFF, 0x10, 0xE4, 0xE2, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x5C, 0xF5, 0x2E, 0x22, 0x89, 0xE5, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x0C, 0x29, 0xA8, 0x62, 0xAE, 0xDB, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0x9E, 0x0F, 0xCA, 0x87, 0x2A, 0x6F, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xDC, 0x9B, 0x9F, 0x65, 0xD4, 0xAD, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0xC3, 0x08, 0x0F, 0xCF, 0x67, 0xE9, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x5C, 0xD7, 0xFF, 0x41, 0x9C, 0xCB, 0x26 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_5_X[] = { - BYTES_TO_T_UINT_8( 0x37, 0x25, 0x05, 0x12, 0xAD, 0x73, 0x63, 0x90 ), - BYTES_TO_T_UINT_8( 0xC7, 0x99, 0x07, 0x86, 0x57, 0xE7, 0x94, 0xB1 ), - BYTES_TO_T_UINT_8( 0x00, 0x4B, 0xA5, 0xBF, 0x18, 0xA9, 0xEF, 0x6A ), - BYTES_TO_T_UINT_8( 0xFA, 0x4C, 0xC4, 0x09, 0xF2, 0x2F, 0x0C, 0xAA ), - BYTES_TO_T_UINT_8( 0x8C, 0x3A, 0x04, 0xEA, 0x89, 0x6C, 0x91, 0xB9 ), - BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0x3A, 0xE7, 0xA3, 0xEC, 0x24, 0x7B ), - BYTES_TO_T_UINT_8( 0x16, 0xA1, 0x26, 0x21, 0x04, 0xE3, 0xB9, 0x40 ), - BYTES_TO_T_UINT_8( 0x53, 0x71, 0x4B, 0x7B, 0xC2, 0x89, 0xCD, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x25, 0x05, 0x12, 0xAD, 0x73, 0x63, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0x99, 0x07, 0x86, 0x57, 0xE7, 0x94, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x4B, 0xA5, 0xBF, 0x18, 0xA9, 0xEF, 0x6A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0x4C, 0xC4, 0x09, 0xF2, 0x2F, 0x0C, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0x3A, 0x04, 0xEA, 0x89, 0x6C, 0x91, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0x3A, 0xE7, 0xA3, 0xEC, 0x24, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xA1, 0x26, 0x21, 0x04, 0xE3, 0xB9, 0x40 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0x71, 0x4B, 0x7B, 0xC2, 0x89, 0xCD, 0xA2 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_5_Y[] = { - BYTES_TO_T_UINT_8( 0xB7, 0xB9, 0xA8, 0x9D, 0xFD, 0x00, 0x3A, 0x1F ), - BYTES_TO_T_UINT_8( 0x63, 0x41, 0x6C, 0xBB, 0x5A, 0xCA, 0x1F, 0x74 ), - BYTES_TO_T_UINT_8( 0x2A, 0xD7, 0xE2, 0x6C, 0x6B, 0xA7, 0x48, 0xC9 ), - BYTES_TO_T_UINT_8( 0x1E, 0x19, 0xAD, 0xA7, 0xC1, 0x7E, 0x4F, 0x6E ), - BYTES_TO_T_UINT_8( 0xD1, 0xF7, 0x19, 0x3C, 0x06, 0x74, 0x2C, 0x3A ), - BYTES_TO_T_UINT_8( 0xC5, 0x23, 0x4F, 0x0C, 0x09, 0xB0, 0x80, 0x4A ), - BYTES_TO_T_UINT_8( 0x4E, 0x74, 0x34, 0x08, 0x44, 0x7E, 0xA3, 0xDD ), - BYTES_TO_T_UINT_8( 0xFB, 0xCC, 0x8D, 0x12, 0x6E, 0xE1, 0x3D, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0xB9, 0xA8, 0x9D, 0xFD, 0x00, 0x3A, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x41, 0x6C, 0xBB, 0x5A, 0xCA, 0x1F, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0xD7, 0xE2, 0x6C, 0x6B, 0xA7, 0x48, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x19, 0xAD, 0xA7, 0xC1, 0x7E, 0x4F, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0xF7, 0x19, 0x3C, 0x06, 0x74, 0x2C, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x23, 0x4F, 0x0C, 0x09, 0xB0, 0x80, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4E, 0x74, 0x34, 0x08, 0x44, 0x7E, 0xA3, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xCC, 0x8D, 0x12, 0x6E, 0xE1, 0x3D, 0x0B ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_6_X[] = { - BYTES_TO_T_UINT_8( 0x38, 0x18, 0xB1, 0x71, 0x02, 0x93, 0xC2, 0xA4 ), - BYTES_TO_T_UINT_8( 0xC9, 0x89, 0x40, 0xE2, 0x1F, 0xE7, 0x5E, 0x68 ), - BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xAE, 0x89, 0x01, 0xD4, 0x0C, 0xEB ), - BYTES_TO_T_UINT_8( 0xAE, 0xDA, 0x58, 0x70, 0x24, 0xF2, 0xE4, 0x5F ), - BYTES_TO_T_UINT_8( 0x6F, 0xC7, 0x1D, 0xD6, 0x4A, 0x6F, 0x66, 0x4F ), - BYTES_TO_T_UINT_8( 0x92, 0x1D, 0x7E, 0x4A, 0x2C, 0xCA, 0xEC, 0x3B ), - BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x7F, 0xA8, 0x99, 0xE4, 0xD3, 0x4E ), - BYTES_TO_T_UINT_8( 0x2A, 0x1D, 0x5A, 0xDF, 0x5E, 0x58, 0x36, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x18, 0xB1, 0x71, 0x02, 0x93, 0xC2, 0xA4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x89, 0x40, 0xE2, 0x1F, 0xE7, 0x5E, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x8E, 0xAE, 0x89, 0x01, 0xD4, 0x0C, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xDA, 0x58, 0x70, 0x24, 0xF2, 0xE4, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0xC7, 0x1D, 0xD6, 0x4A, 0x6F, 0x66, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x1D, 0x7E, 0x4A, 0x2C, 0xCA, 0xEC, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x06, 0x7F, 0xA8, 0x99, 0xE4, 0xD3, 0x4E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x1D, 0x5A, 0xDF, 0x5E, 0x58, 0x36, 0x49 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_6_Y[] = { - BYTES_TO_T_UINT_8( 0x9C, 0xB9, 0x32, 0x69, 0x1F, 0x72, 0x2A, 0xB3 ), - BYTES_TO_T_UINT_8( 0x1C, 0x73, 0xE2, 0x03, 0x39, 0x35, 0xAA, 0xA8 ), - BYTES_TO_T_UINT_8( 0xEB, 0x5E, 0x5D, 0x48, 0xEF, 0xAE, 0x30, 0xF5 ), - BYTES_TO_T_UINT_8( 0x77, 0x7F, 0x60, 0x19, 0xAF, 0xEC, 0x9D, 0xFC ), - BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x19, 0xE4, 0x1B, 0x56, 0x15, 0x5F ), - BYTES_TO_T_UINT_8( 0xBC, 0xD7, 0x33, 0x59, 0x1F, 0x43, 0x59, 0x2C ), - BYTES_TO_T_UINT_8( 0xC6, 0xCE, 0xEE, 0xCA, 0xA4, 0x7F, 0x63, 0xD4 ), - BYTES_TO_T_UINT_8( 0xBD, 0x40, 0xC0, 0xF6, 0x19, 0x89, 0x43, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0xB9, 0x32, 0x69, 0x1F, 0x72, 0x2A, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0x73, 0xE2, 0x03, 0x39, 0x35, 0xAA, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x5E, 0x5D, 0x48, 0xEF, 0xAE, 0x30, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x7F, 0x60, 0x19, 0xAF, 0xEC, 0x9D, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0xD9, 0x19, 0xE4, 0x1B, 0x56, 0x15, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xD7, 0x33, 0x59, 0x1F, 0x43, 0x59, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0xCE, 0xEE, 0xCA, 0xA4, 0x7F, 0x63, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBD, 0x40, 0xC0, 0xF6, 0x19, 0x89, 0x43, 0x20 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_7_X[] = { - BYTES_TO_T_UINT_8( 0xEB, 0x92, 0xEA, 0x07, 0x65, 0x79, 0x86, 0xD3 ), - BYTES_TO_T_UINT_8( 0xFF, 0xB7, 0x13, 0x75, 0xD3, 0xC5, 0x0A, 0xC9 ), - BYTES_TO_T_UINT_8( 0x26, 0x9E, 0xFA, 0xE1, 0x1F, 0x0C, 0xF9, 0x74 ), - BYTES_TO_T_UINT_8( 0xB4, 0x8C, 0xED, 0x5C, 0x21, 0xE9, 0x09, 0xDD ), - BYTES_TO_T_UINT_8( 0xF4, 0x4D, 0xD8, 0x18, 0xC4, 0xF6, 0x36, 0x39 ), - BYTES_TO_T_UINT_8( 0xC7, 0xC9, 0xAC, 0x5C, 0xFA, 0x69, 0xA4, 0xA0 ), - BYTES_TO_T_UINT_8( 0x6B, 0x8C, 0x94, 0x1C, 0x7B, 0x71, 0x36, 0x58 ), - BYTES_TO_T_UINT_8( 0x7C, 0xBD, 0x46, 0xCE, 0xB7, 0x1D, 0x9C, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x92, 0xEA, 0x07, 0x65, 0x79, 0x86, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xB7, 0x13, 0x75, 0xD3, 0xC5, 0x0A, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x9E, 0xFA, 0xE1, 0x1F, 0x0C, 0xF9, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x8C, 0xED, 0x5C, 0x21, 0xE9, 0x09, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0x4D, 0xD8, 0x18, 0xC4, 0xF6, 0x36, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0xC9, 0xAC, 0x5C, 0xFA, 0x69, 0xA4, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x8C, 0x94, 0x1C, 0x7B, 0x71, 0x36, 0x58 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0xBD, 0x46, 0xCE, 0xB7, 0x1D, 0x9C, 0x5E ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_7_Y[] = { - BYTES_TO_T_UINT_8( 0xEA, 0xD6, 0x96, 0x4B, 0xA6, 0x47, 0xEB, 0xE5 ), - BYTES_TO_T_UINT_8( 0x5F, 0xF1, 0x5F, 0x15, 0xDE, 0x99, 0x6F, 0x66 ), - BYTES_TO_T_UINT_8( 0x21, 0xBD, 0xE5, 0x04, 0xB8, 0xE6, 0xC0, 0x0B ), - BYTES_TO_T_UINT_8( 0x49, 0xD3, 0xF0, 0x04, 0x00, 0xE4, 0x05, 0xDB ), - BYTES_TO_T_UINT_8( 0x96, 0xF3, 0x06, 0xA3, 0x1A, 0xFF, 0xEA, 0x73 ), - BYTES_TO_T_UINT_8( 0x08, 0x32, 0xAA, 0x99, 0x33, 0x09, 0xB6, 0x34 ), - BYTES_TO_T_UINT_8( 0x6E, 0xEF, 0xFC, 0x61, 0x10, 0x42, 0x31, 0x94 ), - BYTES_TO_T_UINT_8( 0x34, 0xF1, 0xF4, 0x33, 0xCF, 0x28, 0x90, 0x9C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xD6, 0x96, 0x4B, 0xA6, 0x47, 0xEB, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0xF1, 0x5F, 0x15, 0xDE, 0x99, 0x6F, 0x66 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xBD, 0xE5, 0x04, 0xB8, 0xE6, 0xC0, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0xD3, 0xF0, 0x04, 0x00, 0xE4, 0x05, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xF3, 0x06, 0xA3, 0x1A, 0xFF, 0xEA, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x32, 0xAA, 0x99, 0x33, 0x09, 0xB6, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0xEF, 0xFC, 0x61, 0x10, 0x42, 0x31, 0x94 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF1, 0xF4, 0x33, 0xCF, 0x28, 0x90, 0x9C ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_8_X[] = { - BYTES_TO_T_UINT_8( 0x10, 0xDE, 0xF9, 0x88, 0x87, 0x7B, 0xEB, 0xC9 ), - BYTES_TO_T_UINT_8( 0x66, 0xB8, 0xDA, 0xFA, 0xDA, 0x3D, 0xA6, 0x17 ), - BYTES_TO_T_UINT_8( 0xA0, 0xF0, 0x62, 0x82, 0x53, 0x32, 0x55, 0x03 ), - BYTES_TO_T_UINT_8( 0x2F, 0xA5, 0x32, 0x4A, 0x19, 0x11, 0x9C, 0x10 ), - BYTES_TO_T_UINT_8( 0x16, 0xB3, 0x27, 0xE9, 0x75, 0x90, 0x05, 0x2D ), - BYTES_TO_T_UINT_8( 0x63, 0x1C, 0x90, 0x48, 0x77, 0x01, 0x85, 0x1B ), - BYTES_TO_T_UINT_8( 0xC7, 0xD6, 0x9B, 0x84, 0xA8, 0xD7, 0xC5, 0x28 ), - BYTES_TO_T_UINT_8( 0xE1, 0x7A, 0xCB, 0xB3, 0x11, 0x46, 0xD7, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xDE, 0xF9, 0x88, 0x87, 0x7B, 0xEB, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xB8, 0xDA, 0xFA, 0xDA, 0x3D, 0xA6, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xF0, 0x62, 0x82, 0x53, 0x32, 0x55, 0x03 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xA5, 0x32, 0x4A, 0x19, 0x11, 0x9C, 0x10 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xB3, 0x27, 0xE9, 0x75, 0x90, 0x05, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x1C, 0x90, 0x48, 0x77, 0x01, 0x85, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0xD6, 0x9B, 0x84, 0xA8, 0xD7, 0xC5, 0x28 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x7A, 0xCB, 0xB3, 0x11, 0x46, 0xD7, 0x99 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_8_Y[] = { - BYTES_TO_T_UINT_8( 0x8B, 0x23, 0xBF, 0x75, 0x75, 0xA1, 0x95, 0x90 ), - BYTES_TO_T_UINT_8( 0x4B, 0x66, 0x5D, 0x34, 0x13, 0xA9, 0x03, 0xBE ), - BYTES_TO_T_UINT_8( 0x29, 0x80, 0x9D, 0x5F, 0xD2, 0x44, 0xE1, 0x62 ), - BYTES_TO_T_UINT_8( 0x96, 0x5D, 0xBD, 0xA8, 0xBF, 0xB4, 0x25, 0x1F ), - BYTES_TO_T_UINT_8( 0x6A, 0x99, 0x1F, 0x53, 0xF1, 0x57, 0xDB, 0xE7 ), - BYTES_TO_T_UINT_8( 0x21, 0x7C, 0xE5, 0xC5, 0x51, 0x0B, 0x4C, 0x9B ), - BYTES_TO_T_UINT_8( 0x6B, 0xB0, 0x1A, 0x9C, 0x16, 0xB0, 0x32, 0x1F ), - BYTES_TO_T_UINT_8( 0xF4, 0xE3, 0xCF, 0xDD, 0x48, 0xB4, 0x7B, 0x33 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0x23, 0xBF, 0x75, 0x75, 0xA1, 0x95, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x66, 0x5D, 0x34, 0x13, 0xA9, 0x03, 0xBE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x80, 0x9D, 0x5F, 0xD2, 0x44, 0xE1, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x5D, 0xBD, 0xA8, 0xBF, 0xB4, 0x25, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x99, 0x1F, 0x53, 0xF1, 0x57, 0xDB, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x7C, 0xE5, 0xC5, 0x51, 0x0B, 0x4C, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0xB0, 0x1A, 0x9C, 0x16, 0xB0, 0x32, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0xE3, 0xCF, 0xDD, 0x48, 0xB4, 0x7B, 0x33 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_9_X[] = { - BYTES_TO_T_UINT_8( 0xC0, 0xDD, 0x9E, 0x3C, 0x98, 0x0E, 0x77, 0x65 ), - BYTES_TO_T_UINT_8( 0x6C, 0xAB, 0x01, 0xD3, 0x87, 0x74, 0x25, 0x4A ), - BYTES_TO_T_UINT_8( 0x87, 0xA3, 0xE3, 0x76, 0x43, 0x87, 0x12, 0xBD ), - BYTES_TO_T_UINT_8( 0x54, 0xB1, 0x3B, 0x60, 0x66, 0xEB, 0x98, 0x54 ), - BYTES_TO_T_UINT_8( 0xD2, 0x78, 0xC8, 0xD7, 0x4E, 0x75, 0xCA, 0x69 ), - BYTES_TO_T_UINT_8( 0x07, 0xDF, 0x71, 0x19, 0xE7, 0x07, 0x36, 0xB5 ), - BYTES_TO_T_UINT_8( 0x6D, 0xC9, 0xA8, 0x5F, 0x91, 0xBF, 0x47, 0xB2 ), - BYTES_TO_T_UINT_8( 0x80, 0x96, 0x58, 0x96, 0x18, 0xB6, 0xFA, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xDD, 0x9E, 0x3C, 0x98, 0x0E, 0x77, 0x65 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0xAB, 0x01, 0xD3, 0x87, 0x74, 0x25, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0xA3, 0xE3, 0x76, 0x43, 0x87, 0x12, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0xB1, 0x3B, 0x60, 0x66, 0xEB, 0x98, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x78, 0xC8, 0xD7, 0x4E, 0x75, 0xCA, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xDF, 0x71, 0x19, 0xE7, 0x07, 0x36, 0xB5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xC9, 0xA8, 0x5F, 0x91, 0xBF, 0x47, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x96, 0x58, 0x96, 0x18, 0xB6, 0xFA, 0x01 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_9_Y[] = { - BYTES_TO_T_UINT_8( 0xD0, 0x2D, 0xA9, 0x9B, 0x86, 0xDB, 0x0C, 0x4C ), - BYTES_TO_T_UINT_8( 0xE4, 0x0B, 0x2D, 0x56, 0x4A, 0xD3, 0x93, 0x8A ), - BYTES_TO_T_UINT_8( 0xB5, 0x15, 0xE2, 0x65, 0x12, 0x86, 0x0E, 0xB2 ), - BYTES_TO_T_UINT_8( 0xB4, 0x41, 0x4D, 0xC1, 0xCB, 0xE4, 0xC3, 0xD7 ), - BYTES_TO_T_UINT_8( 0x6A, 0x53, 0x10, 0xCA, 0xA3, 0xAC, 0x83, 0x26 ), - BYTES_TO_T_UINT_8( 0x3E, 0x01, 0x22, 0x96, 0x10, 0xAD, 0x69, 0xDB ), - BYTES_TO_T_UINT_8( 0x42, 0x46, 0x4E, 0xD8, 0xEA, 0xD6, 0x9D, 0xF3 ), - BYTES_TO_T_UINT_8( 0x43, 0x2F, 0x7F, 0x62, 0x62, 0x80, 0xD0, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x2D, 0xA9, 0x9B, 0x86, 0xDB, 0x0C, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x0B, 0x2D, 0x56, 0x4A, 0xD3, 0x93, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x15, 0xE2, 0x65, 0x12, 0x86, 0x0E, 0xB2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x41, 0x4D, 0xC1, 0xCB, 0xE4, 0xC3, 0xD7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x53, 0x10, 0xCA, 0xA3, 0xAC, 0x83, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x01, 0x22, 0x96, 0x10, 0xAD, 0x69, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x46, 0x4E, 0xD8, 0xEA, 0xD6, 0x9D, 0xF3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x2F, 0x7F, 0x62, 0x62, 0x80, 0xD0, 0x14 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_10_X[] = { - BYTES_TO_T_UINT_8( 0xB2, 0xDA, 0x00, 0x63, 0x09, 0xBD, 0x6A, 0x83 ), - BYTES_TO_T_UINT_8( 0x0F, 0xD4, 0x6E, 0x48, 0x05, 0xB7, 0xF7, 0x17 ), - BYTES_TO_T_UINT_8( 0x14, 0x4D, 0xD7, 0x00, 0x4A, 0x15, 0x27, 0x7A ), - BYTES_TO_T_UINT_8( 0x3A, 0x15, 0xAA, 0x37, 0x27, 0x34, 0x18, 0x24 ), - BYTES_TO_T_UINT_8( 0x3A, 0x20, 0x2C, 0x84, 0x1B, 0x88, 0xBA, 0x05 ), - BYTES_TO_T_UINT_8( 0xAC, 0x09, 0xD6, 0x04, 0xA2, 0x60, 0x84, 0x72 ), - BYTES_TO_T_UINT_8( 0xC8, 0x04, 0x94, 0x08, 0xD4, 0xED, 0x47, 0xDB ), - BYTES_TO_T_UINT_8( 0x8B, 0xF3, 0xE4, 0x3E, 0xB9, 0x5B, 0x35, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0xDA, 0x00, 0x63, 0x09, 0xBD, 0x6A, 0x83 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xD4, 0x6E, 0x48, 0x05, 0xB7, 0xF7, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0x4D, 0xD7, 0x00, 0x4A, 0x15, 0x27, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x15, 0xAA, 0x37, 0x27, 0x34, 0x18, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x20, 0x2C, 0x84, 0x1B, 0x88, 0xBA, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x09, 0xD6, 0x04, 0xA2, 0x60, 0x84, 0x72 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0x04, 0x94, 0x08, 0xD4, 0xED, 0x47, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xF3, 0xE4, 0x3E, 0xB9, 0x5B, 0x35, 0x42 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_10_Y[] = { - BYTES_TO_T_UINT_8( 0x5F, 0xD8, 0xB6, 0x80, 0xD6, 0xF1, 0x30, 0xDD ), - BYTES_TO_T_UINT_8( 0xD6, 0x14, 0xA6, 0x85, 0xEE, 0xA7, 0xD8, 0x61 ), - BYTES_TO_T_UINT_8( 0xE4, 0x49, 0x2A, 0x1E, 0x7C, 0xE9, 0x2D, 0xEC ), - BYTES_TO_T_UINT_8( 0x3A, 0x87, 0x56, 0x91, 0x03, 0x77, 0x4D, 0x55 ), - BYTES_TO_T_UINT_8( 0x0E, 0x52, 0xD4, 0xAA, 0xF7, 0xFA, 0xB0, 0xC5 ), - BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x11, 0x39, 0xB1, 0xE7, 0x76, 0xAD ), - BYTES_TO_T_UINT_8( 0xD6, 0x13, 0xBC, 0x37, 0x5D, 0x74, 0xCD, 0xC2 ), - BYTES_TO_T_UINT_8( 0xC9, 0x48, 0x14, 0x23, 0x30, 0xF8, 0x46, 0x37 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0xD8, 0xB6, 0x80, 0xD6, 0xF1, 0x30, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x14, 0xA6, 0x85, 0xEE, 0xA7, 0xD8, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x49, 0x2A, 0x1E, 0x7C, 0xE9, 0x2D, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3A, 0x87, 0x56, 0x91, 0x03, 0x77, 0x4D, 0x55 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0x52, 0xD4, 0xAA, 0xF7, 0xFA, 0xB0, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x5D, 0x11, 0x39, 0xB1, 0xE7, 0x76, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x13, 0xBC, 0x37, 0x5D, 0x74, 0xCD, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x48, 0x14, 0x23, 0x30, 0xF8, 0x46, 0x37 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_11_X[] = { - BYTES_TO_T_UINT_8( 0xAC, 0x27, 0xB0, 0xD9, 0xB2, 0x74, 0xB4, 0xC0 ), - BYTES_TO_T_UINT_8( 0xEA, 0xA6, 0xB9, 0x6F, 0x9F, 0x64, 0x36, 0x92 ), - BYTES_TO_T_UINT_8( 0x2E, 0x2B, 0x78, 0x40, 0x05, 0x2B, 0x7B, 0xA9 ), - BYTES_TO_T_UINT_8( 0xB3, 0x68, 0x3A, 0xB6, 0x4A, 0xE2, 0xDB, 0xB8 ), - BYTES_TO_T_UINT_8( 0x1E, 0x33, 0xD7, 0x34, 0x8B, 0x25, 0x45, 0xEF ), - BYTES_TO_T_UINT_8( 0x89, 0xCE, 0xA8, 0xC9, 0x01, 0xFB, 0x0E, 0x7B ), - BYTES_TO_T_UINT_8( 0xE2, 0xF9, 0x51, 0x4C, 0x12, 0x9F, 0x60, 0xE4 ), - BYTES_TO_T_UINT_8( 0x67, 0x85, 0xBD, 0x30, 0x37, 0x84, 0x39, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x27, 0xB0, 0xD9, 0xB2, 0x74, 0xB4, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEA, 0xA6, 0xB9, 0x6F, 0x9F, 0x64, 0x36, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2E, 0x2B, 0x78, 0x40, 0x05, 0x2B, 0x7B, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x68, 0x3A, 0xB6, 0x4A, 0xE2, 0xDB, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0x33, 0xD7, 0x34, 0x8B, 0x25, 0x45, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0xCE, 0xA8, 0xC9, 0x01, 0xFB, 0x0E, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0xF9, 0x51, 0x4C, 0x12, 0x9F, 0x60, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x85, 0xBD, 0x30, 0x37, 0x84, 0x39, 0x44 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_11_Y[] = { - BYTES_TO_T_UINT_8( 0x26, 0x33, 0xAF, 0x2E, 0xB8, 0x2E, 0xCC, 0x3C ), - BYTES_TO_T_UINT_8( 0xA4, 0xB1, 0x73, 0x59, 0x4E, 0x0C, 0x09, 0x4A ), - BYTES_TO_T_UINT_8( 0x8A, 0x24, 0x89, 0x81, 0x12, 0xFF, 0xBB, 0x6E ), - BYTES_TO_T_UINT_8( 0x71, 0x37, 0x1A, 0x66, 0xEE, 0xED, 0xB6, 0x9B ), - BYTES_TO_T_UINT_8( 0x16, 0xBD, 0x04, 0x20, 0x5D, 0xFB, 0xBF, 0x95 ), - BYTES_TO_T_UINT_8( 0xA0, 0xF8, 0x34, 0xA3, 0xFF, 0x45, 0xDE, 0x92 ), - BYTES_TO_T_UINT_8( 0x9B, 0x18, 0x73, 0xF1, 0x32, 0x25, 0x58, 0xEB ), - BYTES_TO_T_UINT_8( 0x63, 0xC1, 0x14, 0xE3, 0x9E, 0x40, 0x0F, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x33, 0xAF, 0x2E, 0xB8, 0x2E, 0xCC, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xB1, 0x73, 0x59, 0x4E, 0x0C, 0x09, 0x4A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0x24, 0x89, 0x81, 0x12, 0xFF, 0xBB, 0x6E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x37, 0x1A, 0x66, 0xEE, 0xED, 0xB6, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0xBD, 0x04, 0x20, 0x5D, 0xFB, 0xBF, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xF8, 0x34, 0xA3, 0xFF, 0x45, 0xDE, 0x92 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x18, 0x73, 0xF1, 0x32, 0x25, 0x58, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0xC1, 0x14, 0xE3, 0x9E, 0x40, 0x0F, 0x12 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_12_X[] = { - BYTES_TO_T_UINT_8( 0x61, 0x07, 0x9D, 0x9C, 0x00, 0xF7, 0x56, 0x19 ), - BYTES_TO_T_UINT_8( 0xFB, 0xBA, 0x87, 0xF9, 0x15, 0x0C, 0x66, 0x5D ), - BYTES_TO_T_UINT_8( 0x7E, 0x1F, 0xC1, 0x28, 0xB0, 0x47, 0x0D, 0xF5 ), - BYTES_TO_T_UINT_8( 0x96, 0xCA, 0x27, 0xEE, 0x4B, 0x23, 0x2B, 0x89 ), - BYTES_TO_T_UINT_8( 0x7E, 0xB5, 0x68, 0xC8, 0x17, 0x5D, 0xC3, 0xAA ), - BYTES_TO_T_UINT_8( 0x17, 0x02, 0x08, 0xEE, 0x20, 0x9D, 0xEA, 0x64 ), - BYTES_TO_T_UINT_8( 0xA7, 0x14, 0x50, 0xD4, 0x7D, 0x5F, 0xCF, 0xA0 ), - BYTES_TO_T_UINT_8( 0xD5, 0xFA, 0xF8, 0xA7, 0xC6, 0xDC, 0x14, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0x9D, 0x9C, 0x00, 0xF7, 0x56, 0x19 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0xBA, 0x87, 0xF9, 0x15, 0x0C, 0x66, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0x1F, 0xC1, 0x28, 0xB0, 0x47, 0x0D, 0xF5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xCA, 0x27, 0xEE, 0x4B, 0x23, 0x2B, 0x89 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7E, 0xB5, 0x68, 0xC8, 0x17, 0x5D, 0xC3, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0x02, 0x08, 0xEE, 0x20, 0x9D, 0xEA, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x14, 0x50, 0xD4, 0x7D, 0x5F, 0xCF, 0xA0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xFA, 0xF8, 0xA7, 0xC6, 0xDC, 0x14, 0x8C ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_12_Y[] = { - BYTES_TO_T_UINT_8( 0x76, 0xBD, 0x0A, 0x1A, 0x18, 0x98, 0xDC, 0xB0 ), - BYTES_TO_T_UINT_8( 0x63, 0x63, 0x02, 0xB7, 0xD5, 0x5B, 0x5A, 0xC6 ), - BYTES_TO_T_UINT_8( 0x51, 0xB1, 0xD7, 0x4B, 0x15, 0x39, 0x61, 0x5D ), - BYTES_TO_T_UINT_8( 0x5C, 0x32, 0xE1, 0x9E, 0x70, 0x1B, 0xCE, 0x51 ), - BYTES_TO_T_UINT_8( 0x64, 0xD8, 0x18, 0x83, 0x52, 0x9B, 0x6D, 0xA2 ), - BYTES_TO_T_UINT_8( 0xA4, 0x55, 0x56, 0x19, 0x34, 0xA4, 0xEA, 0xFC ), - BYTES_TO_T_UINT_8( 0x30, 0xA9, 0x55, 0x80, 0xE3, 0x15, 0x36, 0x8B ), - BYTES_TO_T_UINT_8( 0xBB, 0x06, 0xC8, 0x1D, 0x17, 0x0D, 0xAD, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x76, 0xBD, 0x0A, 0x1A, 0x18, 0x98, 0xDC, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x63, 0x63, 0x02, 0xB7, 0xD5, 0x5B, 0x5A, 0xC6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0xB1, 0xD7, 0x4B, 0x15, 0x39, 0x61, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0x32, 0xE1, 0x9E, 0x70, 0x1B, 0xCE, 0x51 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD8, 0x18, 0x83, 0x52, 0x9B, 0x6D, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x55, 0x56, 0x19, 0x34, 0xA4, 0xEA, 0xFC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0xA9, 0x55, 0x80, 0xE3, 0x15, 0x36, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0x06, 0xC8, 0x1D, 0x17, 0x0D, 0xAD, 0x16 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_13_X[] = { - BYTES_TO_T_UINT_8( 0x20, 0xD6, 0xF0, 0xCC, 0xF3, 0x63, 0x53, 0xD2 ), - BYTES_TO_T_UINT_8( 0x27, 0x5A, 0xDC, 0x46, 0xBD, 0x0D, 0xAD, 0x96 ), - BYTES_TO_T_UINT_8( 0x21, 0x2F, 0x11, 0x60, 0x15, 0x51, 0x4A, 0xEA ), - BYTES_TO_T_UINT_8( 0x33, 0xE3, 0x93, 0x38, 0xD5, 0x83, 0xAA, 0x0D ), - BYTES_TO_T_UINT_8( 0x90, 0xA6, 0xCC, 0xB1, 0xFD, 0xBB, 0x1A, 0x0F ), - BYTES_TO_T_UINT_8( 0x3B, 0x54, 0xC8, 0x54, 0x6F, 0x79, 0x1A, 0x59 ), - BYTES_TO_T_UINT_8( 0x3F, 0x4A, 0xDA, 0x28, 0x92, 0x97, 0x9D, 0x7F ), - BYTES_TO_T_UINT_8( 0xD6, 0x4B, 0xDB, 0xC7, 0x52, 0xC5, 0x66, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0xD6, 0xF0, 0xCC, 0xF3, 0x63, 0x53, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x5A, 0xDC, 0x46, 0xBD, 0x0D, 0xAD, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x2F, 0x11, 0x60, 0x15, 0x51, 0x4A, 0xEA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0xE3, 0x93, 0x38, 0xD5, 0x83, 0xAA, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x90, 0xA6, 0xCC, 0xB1, 0xFD, 0xBB, 0x1A, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0x54, 0xC8, 0x54, 0x6F, 0x79, 0x1A, 0x59 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x4A, 0xDA, 0x28, 0x92, 0x97, 0x9D, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0x4B, 0xDB, 0xC7, 0x52, 0xC5, 0x66, 0x34 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_13_Y[] = { - BYTES_TO_T_UINT_8( 0x05, 0x7E, 0x92, 0x53, 0x30, 0x93, 0xFD, 0xFF ), - BYTES_TO_T_UINT_8( 0xA0, 0x16, 0x6A, 0xB1, 0x91, 0x0A, 0xB4, 0x52 ), - BYTES_TO_T_UINT_8( 0x6D, 0x9D, 0x40, 0x3F, 0xE3, 0xF1, 0x01, 0x46 ), - BYTES_TO_T_UINT_8( 0x13, 0x0E, 0xD8, 0xED, 0x11, 0x8E, 0x4C, 0xED ), - BYTES_TO_T_UINT_8( 0x86, 0x4A, 0x1B, 0x88, 0xDF, 0x8D, 0x29, 0xE7 ), - BYTES_TO_T_UINT_8( 0x97, 0x23, 0x21, 0x11, 0xAB, 0x77, 0x81, 0x62 ), - BYTES_TO_T_UINT_8( 0x0B, 0xAF, 0x11, 0xFA, 0xBA, 0x40, 0x63, 0xE7 ), - BYTES_TO_T_UINT_8( 0x2B, 0x6F, 0x8D, 0x80, 0xDF, 0x67, 0xF5, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x7E, 0x92, 0x53, 0x30, 0x93, 0xFD, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x16, 0x6A, 0xB1, 0x91, 0x0A, 0xB4, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0x9D, 0x40, 0x3F, 0xE3, 0xF1, 0x01, 0x46 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x0E, 0xD8, 0xED, 0x11, 0x8E, 0x4C, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x4A, 0x1B, 0x88, 0xDF, 0x8D, 0x29, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x23, 0x21, 0x11, 0xAB, 0x77, 0x81, 0x62 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0B, 0xAF, 0x11, 0xFA, 0xBA, 0x40, 0x63, 0xE7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0x6F, 0x8D, 0x80, 0xDF, 0x67, 0xF5, 0x44 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_14_X[] = { - BYTES_TO_T_UINT_8( 0xB2, 0x8B, 0xB7, 0x08, 0xF4, 0xD7, 0x2D, 0xA8 ), - BYTES_TO_T_UINT_8( 0xC7, 0x2B, 0x30, 0x02, 0x45, 0x71, 0x08, 0x49 ), - BYTES_TO_T_UINT_8( 0x97, 0x3A, 0xCA, 0x50, 0xF6, 0xC2, 0x19, 0x8C ), - BYTES_TO_T_UINT_8( 0x17, 0xB9, 0x9B, 0x3E, 0x73, 0x95, 0x1D, 0x49 ), - BYTES_TO_T_UINT_8( 0xB6, 0x60, 0x59, 0x48, 0xCB, 0xD8, 0xD6, 0xAA ), - BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x6C, 0x89, 0xAB, 0x99, 0xA8, 0xF8 ), - BYTES_TO_T_UINT_8( 0xEF, 0xA1, 0x8B, 0x4E, 0x06, 0x19, 0xEC, 0x99 ), - BYTES_TO_T_UINT_8( 0x70, 0x95, 0x04, 0xCF, 0xD5, 0x94, 0xB3, 0x02 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0x8B, 0xB7, 0x08, 0xF4, 0xD7, 0x2D, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0x2B, 0x30, 0x02, 0x45, 0x71, 0x08, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x3A, 0xCA, 0x50, 0xF6, 0xC2, 0x19, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xB9, 0x9B, 0x3E, 0x73, 0x95, 0x1D, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x60, 0x59, 0x48, 0xCB, 0xD8, 0xD6, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0xB9, 0x6C, 0x89, 0xAB, 0x99, 0xA8, 0xF8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0xA1, 0x8B, 0x4E, 0x06, 0x19, 0xEC, 0x99 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x95, 0x04, 0xCF, 0xD5, 0x94, 0xB3, 0x02 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_14_Y[] = { - BYTES_TO_T_UINT_8( 0x29, 0x35, 0x93, 0x7C, 0xB3, 0xB8, 0x9E, 0x1B ), - BYTES_TO_T_UINT_8( 0xC4, 0x45, 0x5C, 0x7E, 0xBF, 0x75, 0x81, 0x0F ), - BYTES_TO_T_UINT_8( 0xDC, 0xE8, 0x24, 0xDF, 0xEC, 0x2F, 0x7D, 0xB9 ), - BYTES_TO_T_UINT_8( 0xF2, 0x8B, 0xD5, 0x6A, 0x9B, 0xA0, 0xE0, 0x4F ), - BYTES_TO_T_UINT_8( 0x32, 0xE3, 0x27, 0x82, 0xDE, 0xDD, 0xCA, 0x4B ), - BYTES_TO_T_UINT_8( 0xA7, 0x57, 0x56, 0x46, 0x05, 0x06, 0x01, 0x2E ), - BYTES_TO_T_UINT_8( 0x74, 0x35, 0xA7, 0x47, 0xE2, 0x6B, 0x2C, 0x4F ), - BYTES_TO_T_UINT_8( 0x38, 0x9D, 0x4C, 0xEC, 0x1F, 0x11, 0x75, 0x2B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0x35, 0x93, 0x7C, 0xB3, 0xB8, 0x9E, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC4, 0x45, 0x5C, 0x7E, 0xBF, 0x75, 0x81, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0xE8, 0x24, 0xDF, 0xEC, 0x2F, 0x7D, 0xB9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x8B, 0xD5, 0x6A, 0x9B, 0xA0, 0xE0, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0xE3, 0x27, 0x82, 0xDE, 0xDD, 0xCA, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x57, 0x56, 0x46, 0x05, 0x06, 0x01, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0x35, 0xA7, 0x47, 0xE2, 0x6B, 0x2C, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x9D, 0x4C, 0xEC, 0x1F, 0x11, 0x75, 0x2B ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_15_X[] = { - BYTES_TO_T_UINT_8( 0xAC, 0xAA, 0x41, 0xC1, 0xE9, 0x0E, 0xE9, 0xAA ), - BYTES_TO_T_UINT_8( 0x0A, 0xCF, 0x9C, 0x4B, 0xE8, 0xED, 0x0A, 0x49 ), - BYTES_TO_T_UINT_8( 0x3D, 0x73, 0xCA, 0x0C, 0x46, 0x0A, 0x9C, 0xE4 ), - BYTES_TO_T_UINT_8( 0x99, 0xE1, 0x9E, 0xBC, 0xFE, 0x44, 0x63, 0x6D ), - BYTES_TO_T_UINT_8( 0x31, 0x43, 0x71, 0xEE, 0xF8, 0xC1, 0x8C, 0x5C ), - BYTES_TO_T_UINT_8( 0x6A, 0x4B, 0xF0, 0x69, 0x25, 0xBD, 0x71, 0x1A ), - BYTES_TO_T_UINT_8( 0xFD, 0x9A, 0xFE, 0x82, 0xE7, 0xC1, 0xC1, 0xEE ), - BYTES_TO_T_UINT_8( 0xFC, 0x5A, 0x6E, 0x5E, 0x97, 0x6A, 0x35, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xAA, 0x41, 0xC1, 0xE9, 0x0E, 0xE9, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0xCF, 0x9C, 0x4B, 0xE8, 0xED, 0x0A, 0x49 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x73, 0xCA, 0x0C, 0x46, 0x0A, 0x9C, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xE1, 0x9E, 0xBC, 0xFE, 0x44, 0x63, 0x6D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x43, 0x71, 0xEE, 0xF8, 0xC1, 0x8C, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6A, 0x4B, 0xF0, 0x69, 0x25, 0xBD, 0x71, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x9A, 0xFE, 0x82, 0xE7, 0xC1, 0xC1, 0xEE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFC, 0x5A, 0x6E, 0x5E, 0x97, 0x6A, 0x35, 0x8D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_15_Y[] = { - BYTES_TO_T_UINT_8( 0xA2, 0x18, 0x6C, 0x7E, 0xB8, 0x9E, 0x57, 0x32 ), - BYTES_TO_T_UINT_8( 0x35, 0xB9, 0xC1, 0xD0, 0xFE, 0x78, 0xFB, 0x32 ), - BYTES_TO_T_UINT_8( 0x7C, 0x08, 0xAE, 0x46, 0x34, 0xEA, 0x7A, 0x7F ), - BYTES_TO_T_UINT_8( 0xE8, 0x1C, 0x56, 0xA9, 0x18, 0x37, 0xD4, 0x9E ), - BYTES_TO_T_UINT_8( 0x28, 0x63, 0xE9, 0x0A, 0xB6, 0x38, 0x3C, 0xC1 ), - BYTES_TO_T_UINT_8( 0x3E, 0x4F, 0xA4, 0x6E, 0x85, 0x31, 0x23, 0x52 ), - BYTES_TO_T_UINT_8( 0x0D, 0xAD, 0xC4, 0xC3, 0xB1, 0x4B, 0x1C, 0x82 ), - BYTES_TO_T_UINT_8( 0x30, 0x56, 0x4A, 0x38, 0xB3, 0x6B, 0x6F, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA2, 0x18, 0x6C, 0x7E, 0xB8, 0x9E, 0x57, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x35, 0xB9, 0xC1, 0xD0, 0xFE, 0x78, 0xFB, 0x32 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x08, 0xAE, 0x46, 0x34, 0xEA, 0x7A, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x1C, 0x56, 0xA9, 0x18, 0x37, 0xD4, 0x9E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x63, 0xE9, 0x0A, 0xB6, 0x38, 0x3C, 0xC1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0x4F, 0xA4, 0x6E, 0x85, 0x31, 0x23, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0D, 0xAD, 0xC4, 0xC3, 0xB1, 0x4B, 0x1C, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x56, 0x4A, 0x38, 0xB3, 0x6B, 0x6F, 0x2C ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_16_X[] = { - BYTES_TO_T_UINT_8( 0x67, 0xC7, 0x19, 0xDE, 0x21, 0xED, 0x89, 0xD0 ), - BYTES_TO_T_UINT_8( 0x2F, 0xBE, 0xA6, 0xAE, 0xEB, 0x9D, 0xA7, 0x2A ), - BYTES_TO_T_UINT_8( 0x04, 0x0E, 0x13, 0x1E, 0x86, 0x57, 0xC3, 0x3B ), - BYTES_TO_T_UINT_8( 0x1F, 0x4B, 0x30, 0x46, 0x52, 0xC1, 0xEC, 0x52 ), - BYTES_TO_T_UINT_8( 0x6E, 0xD5, 0x44, 0x31, 0x96, 0x3B, 0x26, 0x27 ), - BYTES_TO_T_UINT_8( 0x77, 0x68, 0xA8, 0x67, 0x78, 0x39, 0xE8, 0x68 ), - BYTES_TO_T_UINT_8( 0x8E, 0x78, 0xB7, 0xDD, 0xF2, 0x58, 0xB6, 0x3D ), - BYTES_TO_T_UINT_8( 0x81, 0x3C, 0xB3, 0x26, 0xC4, 0x2C, 0x8C, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0xC7, 0x19, 0xDE, 0x21, 0xED, 0x89, 0xD0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xBE, 0xA6, 0xAE, 0xEB, 0x9D, 0xA7, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x0E, 0x13, 0x1E, 0x86, 0x57, 0xC3, 0x3B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x4B, 0x30, 0x46, 0x52, 0xC1, 0xEC, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6E, 0xD5, 0x44, 0x31, 0x96, 0x3B, 0x26, 0x27 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x68, 0xA8, 0x67, 0x78, 0x39, 0xE8, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x78, 0xB7, 0xDD, 0xF2, 0x58, 0xB6, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x81, 0x3C, 0xB3, 0x26, 0xC4, 0x2C, 0x8C, 0xA5 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_16_Y[] = { - BYTES_TO_T_UINT_8( 0xB9, 0x24, 0xE5, 0x73, 0xEE, 0x9A, 0x02, 0xA9 ), - BYTES_TO_T_UINT_8( 0xD9, 0x6A, 0x65, 0x60, 0xF3, 0x62, 0xE3, 0xE9 ), - BYTES_TO_T_UINT_8( 0xFB, 0x07, 0x84, 0xE6, 0x3B, 0x46, 0x65, 0x9F ), - BYTES_TO_T_UINT_8( 0xE1, 0x8F, 0x0C, 0xB0, 0xE1, 0x04, 0x82, 0x9D ), - BYTES_TO_T_UINT_8( 0xEB, 0x13, 0xBF, 0x3D, 0xA0, 0x48, 0xA2, 0x74 ), - BYTES_TO_T_UINT_8( 0x08, 0x26, 0x76, 0x74, 0xAB, 0x0B, 0x29, 0xE8 ), - BYTES_TO_T_UINT_8( 0x30, 0x6E, 0x5F, 0x03, 0x34, 0x7C, 0x38, 0xCE ), - BYTES_TO_T_UINT_8( 0x4D, 0x72, 0xF9, 0x3B, 0x3C, 0xA4, 0xBC, 0x7C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x24, 0xE5, 0x73, 0xEE, 0x9A, 0x02, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x6A, 0x65, 0x60, 0xF3, 0x62, 0xE3, 0xE9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFB, 0x07, 0x84, 0xE6, 0x3B, 0x46, 0x65, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x8F, 0x0C, 0xB0, 0xE1, 0x04, 0x82, 0x9D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0x13, 0xBF, 0x3D, 0xA0, 0x48, 0xA2, 0x74 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0x26, 0x76, 0x74, 0xAB, 0x0B, 0x29, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x30, 0x6E, 0x5F, 0x03, 0x34, 0x7C, 0x38, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0x72, 0xF9, 0x3B, 0x3C, 0xA4, 0xBC, 0x7C ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_17_X[] = { - BYTES_TO_T_UINT_8( 0x5C, 0xCE, 0x18, 0x80, 0xB8, 0x24, 0x45, 0x81 ), - BYTES_TO_T_UINT_8( 0xF1, 0x09, 0x03, 0xB8, 0x06, 0x64, 0xF7, 0xEC ), - BYTES_TO_T_UINT_8( 0xF1, 0x26, 0xB1, 0x10, 0x6D, 0x71, 0x12, 0x2E ), - BYTES_TO_T_UINT_8( 0xAD, 0x12, 0xC6, 0x6E, 0x1E, 0x6A, 0xC3, 0x80 ), - BYTES_TO_T_UINT_8( 0xE5, 0xD3, 0x0A, 0xDE, 0xD8, 0x6B, 0x04, 0x5C ), - BYTES_TO_T_UINT_8( 0x96, 0x87, 0x5B, 0xAE, 0xDB, 0x3C, 0xC0, 0xC5 ), - BYTES_TO_T_UINT_8( 0x8E, 0xF5, 0xF9, 0xC1, 0x9A, 0x89, 0xBB, 0x7E ), - BYTES_TO_T_UINT_8( 0xED, 0x69, 0x72, 0x8B, 0xAE, 0x32, 0x13, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xCE, 0x18, 0x80, 0xB8, 0x24, 0x45, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x09, 0x03, 0xB8, 0x06, 0x64, 0xF7, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x26, 0xB1, 0x10, 0x6D, 0x71, 0x12, 0x2E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x12, 0xC6, 0x6E, 0x1E, 0x6A, 0xC3, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE5, 0xD3, 0x0A, 0xDE, 0xD8, 0x6B, 0x04, 0x5C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x87, 0x5B, 0xAE, 0xDB, 0x3C, 0xC0, 0xC5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0xF5, 0xF9, 0xC1, 0x9A, 0x89, 0xBB, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xED, 0x69, 0x72, 0x8B, 0xAE, 0x32, 0x13, 0x11 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_17_Y[] = { - BYTES_TO_T_UINT_8( 0xF9, 0x16, 0x07, 0x50, 0xFA, 0x4C, 0xCF, 0xE8 ), - BYTES_TO_T_UINT_8( 0xF8, 0x50, 0x21, 0xE9, 0xDE, 0xEC, 0x7E, 0xDF ), - BYTES_TO_T_UINT_8( 0x7C, 0x2F, 0xE8, 0x83, 0x30, 0x0B, 0x65, 0x0E ), - BYTES_TO_T_UINT_8( 0xA5, 0x0B, 0x99, 0xAC, 0xC9, 0xBA, 0x6C, 0x2A ), - BYTES_TO_T_UINT_8( 0xA7, 0x59, 0x5A, 0x0D, 0x7B, 0x9E, 0x08, 0xAD ), - BYTES_TO_T_UINT_8( 0x34, 0x91, 0xB2, 0xDC, 0x90, 0xCE, 0x67, 0xED ), - BYTES_TO_T_UINT_8( 0xE3, 0x93, 0x60, 0x0C, 0xD7, 0x1F, 0x2F, 0x17 ), - BYTES_TO_T_UINT_8( 0x19, 0x7F, 0x9D, 0x40, 0xF8, 0x78, 0x7A, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x16, 0x07, 0x50, 0xFA, 0x4C, 0xCF, 0xE8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x50, 0x21, 0xE9, 0xDE, 0xEC, 0x7E, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x2F, 0xE8, 0x83, 0x30, 0x0B, 0x65, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x0B, 0x99, 0xAC, 0xC9, 0xBA, 0x6C, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x59, 0x5A, 0x0D, 0x7B, 0x9E, 0x08, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x91, 0xB2, 0xDC, 0x90, 0xCE, 0x67, 0xED ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x93, 0x60, 0x0C, 0xD7, 0x1F, 0x2F, 0x17 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x7F, 0x9D, 0x40, 0xF8, 0x78, 0x7A, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_18_X[] = { - BYTES_TO_T_UINT_8( 0x13, 0x22, 0x95, 0xE8, 0xEF, 0x31, 0x57, 0x35 ), - BYTES_TO_T_UINT_8( 0x2D, 0x88, 0x53, 0xFE, 0xAF, 0x7C, 0x47, 0x14 ), - BYTES_TO_T_UINT_8( 0x0E, 0xCE, 0xCC, 0x79, 0xE8, 0x9F, 0x8C, 0xC4 ), - BYTES_TO_T_UINT_8( 0xDB, 0x16, 0xDD, 0x77, 0x6E, 0x8A, 0x73, 0x97 ), - BYTES_TO_T_UINT_8( 0xC0, 0x07, 0x97, 0x21, 0x3B, 0xF8, 0x5F, 0xA8 ), - BYTES_TO_T_UINT_8( 0xC6, 0xB5, 0xD2, 0x81, 0x84, 0xF0, 0xE7, 0x9F ), - BYTES_TO_T_UINT_8( 0xCB, 0x8F, 0x75, 0x09, 0x6A, 0x0E, 0x53, 0xAD ), - BYTES_TO_T_UINT_8( 0xE6, 0x4F, 0x70, 0x97, 0xC7, 0xAC, 0x7D, 0x3F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x13, 0x22, 0x95, 0xE8, 0xEF, 0x31, 0x57, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0x88, 0x53, 0xFE, 0xAF, 0x7C, 0x47, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xCE, 0xCC, 0x79, 0xE8, 0x9F, 0x8C, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDB, 0x16, 0xDD, 0x77, 0x6E, 0x8A, 0x73, 0x97 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x07, 0x97, 0x21, 0x3B, 0xF8, 0x5F, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC6, 0xB5, 0xD2, 0x81, 0x84, 0xF0, 0xE7, 0x9F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x8F, 0x75, 0x09, 0x6A, 0x0E, 0x53, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x4F, 0x70, 0x97, 0xC7, 0xAC, 0x7D, 0x3F ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_18_Y[] = { - BYTES_TO_T_UINT_8( 0xF9, 0x3C, 0x6A, 0xB4, 0x10, 0xA9, 0xC8, 0x1D ), - BYTES_TO_T_UINT_8( 0xEE, 0xC5, 0xD6, 0x69, 0x16, 0xB8, 0xAC, 0x25 ), - BYTES_TO_T_UINT_8( 0xAC, 0x44, 0xDC, 0xEB, 0x48, 0x54, 0x5D, 0x5F ), - BYTES_TO_T_UINT_8( 0x6F, 0x48, 0x9B, 0xD7, 0x72, 0x69, 0xA4, 0x8A ), - BYTES_TO_T_UINT_8( 0xB4, 0x0D, 0x36, 0x9A, 0x66, 0x0B, 0xEC, 0x24 ), - BYTES_TO_T_UINT_8( 0xBE, 0xC6, 0xD4, 0xB6, 0x60, 0xE5, 0xC3, 0x3A ), - BYTES_TO_T_UINT_8( 0xBA, 0x29, 0x42, 0xE0, 0x9D, 0xFD, 0x7C, 0x3E ), - BYTES_TO_T_UINT_8( 0x43, 0x10, 0xBA, 0x55, 0xBC, 0x3B, 0x38, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF9, 0x3C, 0x6A, 0xB4, 0x10, 0xA9, 0xC8, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0xC5, 0xD6, 0x69, 0x16, 0xB8, 0xAC, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x44, 0xDC, 0xEB, 0x48, 0x54, 0x5D, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x48, 0x9B, 0xD7, 0x72, 0x69, 0xA4, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x0D, 0x36, 0x9A, 0x66, 0x0B, 0xEC, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0xC6, 0xD4, 0xB6, 0x60, 0xE5, 0xC3, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x29, 0x42, 0xE0, 0x9D, 0xFD, 0x7C, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x10, 0xBA, 0x55, 0xBC, 0x3B, 0x38, 0x5D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_19_X[] = { - BYTES_TO_T_UINT_8( 0x25, 0x66, 0xFA, 0x05, 0x73, 0x03, 0x1B, 0x69 ), - BYTES_TO_T_UINT_8( 0x11, 0xA4, 0x66, 0x12, 0x96, 0x7B, 0x02, 0x4C ), - BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xDE, 0x6D, 0x98, 0xD1, 0xD5, 0xA8 ), - BYTES_TO_T_UINT_8( 0xE2, 0xF5, 0x44, 0xB8, 0x8E, 0xF6, 0x8C, 0x05 ), - BYTES_TO_T_UINT_8( 0x68, 0x15, 0x2B, 0x72, 0xBC, 0x49, 0xE5, 0xDF ), - BYTES_TO_T_UINT_8( 0x6C, 0x44, 0xD7, 0xDF, 0x8F, 0xEB, 0x8D, 0x80 ), - BYTES_TO_T_UINT_8( 0x05, 0x64, 0x88, 0xAA, 0xB7, 0xE4, 0x70, 0x1D ), - BYTES_TO_T_UINT_8( 0x9C, 0x14, 0xBB, 0xE9, 0x9B, 0xB9, 0x65, 0x5D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x25, 0x66, 0xFA, 0x05, 0x73, 0x03, 0x1B, 0x69 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0xA4, 0x66, 0x12, 0x96, 0x7B, 0x02, 0x4C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0xB5, 0xDE, 0x6D, 0x98, 0xD1, 0xD5, 0xA8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE2, 0xF5, 0x44, 0xB8, 0x8E, 0xF6, 0x8C, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x15, 0x2B, 0x72, 0xBC, 0x49, 0xE5, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x44, 0xD7, 0xDF, 0x8F, 0xEB, 0x8D, 0x80 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x64, 0x88, 0xAA, 0xB7, 0xE4, 0x70, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9C, 0x14, 0xBB, 0xE9, 0x9B, 0xB9, 0x65, 0x5D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_19_Y[] = { - BYTES_TO_T_UINT_8( 0x66, 0x8E, 0x88, 0xF5, 0xF1, 0xC1, 0x89, 0xA2 ), - BYTES_TO_T_UINT_8( 0x16, 0x30, 0x53, 0xE6, 0xFB, 0x2D, 0x82, 0xB4 ), - BYTES_TO_T_UINT_8( 0xA7, 0xE4, 0xFF, 0xBA, 0x31, 0x79, 0xAB, 0xC2 ), - BYTES_TO_T_UINT_8( 0x45, 0x09, 0xF7, 0xB7, 0x09, 0x78, 0x4C, 0x90 ), - BYTES_TO_T_UINT_8( 0x10, 0xAE, 0xC2, 0x44, 0xDC, 0x17, 0x78, 0x47 ), - BYTES_TO_T_UINT_8( 0xC7, 0xD4, 0x17, 0x43, 0x19, 0x74, 0x9E, 0x23 ), - BYTES_TO_T_UINT_8( 0x15, 0x64, 0x3B, 0x73, 0xA2, 0x99, 0x27, 0x76 ), - BYTES_TO_T_UINT_8( 0x05, 0x74, 0x36, 0x5F, 0xD3, 0x14, 0xB1, 0x31 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0x8E, 0x88, 0xF5, 0xF1, 0xC1, 0x89, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x30, 0x53, 0xE6, 0xFB, 0x2D, 0x82, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0xE4, 0xFF, 0xBA, 0x31, 0x79, 0xAB, 0xC2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x45, 0x09, 0xF7, 0xB7, 0x09, 0x78, 0x4C, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xAE, 0xC2, 0x44, 0xDC, 0x17, 0x78, 0x47 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0xD4, 0x17, 0x43, 0x19, 0x74, 0x9E, 0x23 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x64, 0x3B, 0x73, 0xA2, 0x99, 0x27, 0x76 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x74, 0x36, 0x5F, 0xD3, 0x14, 0xB1, 0x31 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_20_X[] = { - BYTES_TO_T_UINT_8( 0xAC, 0x07, 0xAB, 0xFD, 0x9B, 0x03, 0xC5, 0xD5 ), - BYTES_TO_T_UINT_8( 0xC7, 0xBE, 0xB0, 0x1D, 0xF2, 0x0C, 0x73, 0x73 ), - BYTES_TO_T_UINT_8( 0x99, 0xE7, 0x7B, 0x87, 0xD3, 0x34, 0xFD, 0xE2 ), - BYTES_TO_T_UINT_8( 0x9A, 0x25, 0x3D, 0xC7, 0x36, 0x83, 0x53, 0xDC ), - BYTES_TO_T_UINT_8( 0x22, 0x7C, 0xCF, 0x63, 0x55, 0x12, 0x11, 0xB0 ), - BYTES_TO_T_UINT_8( 0xC0, 0x34, 0x4D, 0x27, 0x92, 0xAC, 0x18, 0x16 ), - BYTES_TO_T_UINT_8( 0x98, 0x42, 0x61, 0x9D, 0x2E, 0xFF, 0x13, 0x16 ), - BYTES_TO_T_UINT_8( 0xF4, 0xDE, 0x92, 0x65, 0x57, 0x0D, 0xBC, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0x07, 0xAB, 0xFD, 0x9B, 0x03, 0xC5, 0xD5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0xBE, 0xB0, 0x1D, 0xF2, 0x0C, 0x73, 0x73 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xE7, 0x7B, 0x87, 0xD3, 0x34, 0xFD, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9A, 0x25, 0x3D, 0xC7, 0x36, 0x83, 0x53, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x7C, 0xCF, 0x63, 0x55, 0x12, 0x11, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0x34, 0x4D, 0x27, 0x92, 0xAC, 0x18, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x42, 0x61, 0x9D, 0x2E, 0xFF, 0x13, 0x16 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF4, 0xDE, 0x92, 0x65, 0x57, 0x0D, 0xBC, 0x0A ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_20_Y[] = { - BYTES_TO_T_UINT_8( 0xEF, 0x7B, 0x6E, 0xC6, 0x2A, 0x21, 0x74, 0x0A ), - BYTES_TO_T_UINT_8( 0x37, 0xA7, 0x53, 0x4D, 0x29, 0x36, 0xEF, 0xE5 ), - BYTES_TO_T_UINT_8( 0xE1, 0xD6, 0x41, 0xC7, 0x99, 0xAD, 0x50, 0x53 ), - BYTES_TO_T_UINT_8( 0x99, 0xAC, 0x41, 0x9F, 0xFB, 0x4C, 0x86, 0xF1 ), - BYTES_TO_T_UINT_8( 0x8B, 0xBB, 0xE6, 0x25, 0x28, 0xAA, 0xEB, 0x1E ), - BYTES_TO_T_UINT_8( 0x92, 0x04, 0xA2, 0xC3, 0xAA, 0x08, 0x8A, 0xCC ), - BYTES_TO_T_UINT_8( 0x5A, 0x2B, 0x5B, 0xE2, 0x8D, 0x76, 0xEA, 0x34 ), - BYTES_TO_T_UINT_8( 0xB3, 0x33, 0xD2, 0x21, 0x4D, 0x62, 0xE3, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x7B, 0x6E, 0xC6, 0x2A, 0x21, 0x74, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xA7, 0x53, 0x4D, 0x29, 0x36, 0xEF, 0xE5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0xD6, 0x41, 0xC7, 0x99, 0xAD, 0x50, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x99, 0xAC, 0x41, 0x9F, 0xFB, 0x4C, 0x86, 0xF1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xBB, 0xE6, 0x25, 0x28, 0xAA, 0xEB, 0x1E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x04, 0xA2, 0xC3, 0xAA, 0x08, 0x8A, 0xCC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x2B, 0x5B, 0xE2, 0x8D, 0x76, 0xEA, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x33, 0xD2, 0x21, 0x4D, 0x62, 0xE3, 0x8E ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_21_X[] = { - BYTES_TO_T_UINT_8( 0xF6, 0x06, 0x8B, 0x2B, 0xC2, 0xC4, 0xB1, 0xD2 ), - BYTES_TO_T_UINT_8( 0xFA, 0xF5, 0xA1, 0xC0, 0x03, 0x6A, 0x29, 0x12 ), - BYTES_TO_T_UINT_8( 0xF5, 0xA9, 0xEF, 0x55, 0xB6, 0x1A, 0x9F, 0x6B ), - BYTES_TO_T_UINT_8( 0x9B, 0x54, 0x32, 0xBE, 0x06, 0x43, 0xB5, 0xFD ), - BYTES_TO_T_UINT_8( 0xF7, 0xD6, 0xD9, 0x20, 0x89, 0xBE, 0xD4, 0x1B ), - BYTES_TO_T_UINT_8( 0xE8, 0x26, 0x95, 0x10, 0xCE, 0xB4, 0x88, 0x79 ), - BYTES_TO_T_UINT_8( 0xE6, 0xA6, 0x27, 0xAC, 0x32, 0xBA, 0xBD, 0xC7 ), - BYTES_TO_T_UINT_8( 0xA3, 0xA6, 0xAE, 0x9C, 0x7B, 0xBE, 0xA1, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x06, 0x8B, 0x2B, 0xC2, 0xC4, 0xB1, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xF5, 0xA1, 0xC0, 0x03, 0x6A, 0x29, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0xA9, 0xEF, 0x55, 0xB6, 0x1A, 0x9F, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x54, 0x32, 0xBE, 0x06, 0x43, 0xB5, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xD6, 0xD9, 0x20, 0x89, 0xBE, 0xD4, 0x1B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x26, 0x95, 0x10, 0xCE, 0xB4, 0x88, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xA6, 0x27, 0xAC, 0x32, 0xBA, 0xBD, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0xA6, 0xAE, 0x9C, 0x7B, 0xBE, 0xA1, 0x63 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_21_Y[] = { - BYTES_TO_T_UINT_8( 0x8B, 0xCD, 0x4D, 0x3D, 0xDF, 0x96, 0xBB, 0x7D ), - BYTES_TO_T_UINT_8( 0x77, 0xA7, 0x11, 0x06, 0xCC, 0x0E, 0x31, 0x81 ), - BYTES_TO_T_UINT_8( 0x20, 0xE4, 0xF4, 0xAD, 0x7B, 0x5F, 0xF1, 0xEF ), - BYTES_TO_T_UINT_8( 0xE4, 0x54, 0xBE, 0xF4, 0x8A, 0x03, 0x47, 0xDF ), - BYTES_TO_T_UINT_8( 0xB4, 0x53, 0x00, 0x7F, 0xB0, 0x8A, 0x68, 0xA6 ), - BYTES_TO_T_UINT_8( 0xA0, 0x16, 0xB1, 0x73, 0x6F, 0x5B, 0x0E, 0xC3 ), - BYTES_TO_T_UINT_8( 0x2A, 0x32, 0xE3, 0x43, 0x64, 0x75, 0xFB, 0xFB ), - BYTES_TO_T_UINT_8( 0xA0, 0x18, 0x55, 0x8A, 0x4E, 0x6E, 0x35, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xCD, 0x4D, 0x3D, 0xDF, 0x96, 0xBB, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0xA7, 0x11, 0x06, 0xCC, 0x0E, 0x31, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x20, 0xE4, 0xF4, 0xAD, 0x7B, 0x5F, 0xF1, 0xEF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0x54, 0xBE, 0xF4, 0x8A, 0x03, 0x47, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x53, 0x00, 0x7F, 0xB0, 0x8A, 0x68, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x16, 0xB1, 0x73, 0x6F, 0x5B, 0x0E, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x32, 0xE3, 0x43, 0x64, 0x75, 0xFB, 0xFB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x18, 0x55, 0x8A, 0x4E, 0x6E, 0x35, 0x54 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_22_X[] = { - BYTES_TO_T_UINT_8( 0x80, 0x97, 0x15, 0x1E, 0xCB, 0xF2, 0x9C, 0xA5 ), - BYTES_TO_T_UINT_8( 0x2B, 0xD1, 0xBB, 0xF3, 0x70, 0xAD, 0x13, 0xAD ), - BYTES_TO_T_UINT_8( 0xD8, 0x96, 0xA4, 0xC5, 0x5E, 0xDA, 0xD5, 0x57 ), - BYTES_TO_T_UINT_8( 0x07, 0x81, 0xE9, 0x65, 0x66, 0x76, 0x47, 0x45 ), - BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x87, 0x06, 0x73, 0xCF, 0x34, 0xD2 ), - BYTES_TO_T_UINT_8( 0x5A, 0x81, 0x15, 0x42, 0xA2, 0x79, 0x5B, 0x42 ), - BYTES_TO_T_UINT_8( 0x08, 0xA2, 0x7D, 0x09, 0x14, 0x64, 0xC6, 0xAE ), - BYTES_TO_T_UINT_8( 0x5E, 0x6D, 0xC4, 0xED, 0xF1, 0xD6, 0xE9, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x80, 0x97, 0x15, 0x1E, 0xCB, 0xF2, 0x9C, 0xA5 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0xD1, 0xBB, 0xF3, 0x70, 0xAD, 0x13, 0xAD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0x96, 0xA4, 0xC5, 0x5E, 0xDA, 0xD5, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x81, 0xE9, 0x65, 0x66, 0x76, 0x47, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x35, 0x87, 0x06, 0x73, 0xCF, 0x34, 0xD2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x81, 0x15, 0x42, 0xA2, 0x79, 0x5B, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x08, 0xA2, 0x7D, 0x09, 0x14, 0x64, 0xC6, 0xAE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x6D, 0xC4, 0xED, 0xF1, 0xD6, 0xE9, 0x24 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_22_Y[] = { - BYTES_TO_T_UINT_8( 0xB4, 0xD5, 0xBB, 0x25, 0xA3, 0xDD, 0xA3, 0x88 ), - BYTES_TO_T_UINT_8( 0x46, 0xF2, 0x68, 0x67, 0x39, 0x8F, 0x73, 0x93 ), - BYTES_TO_T_UINT_8( 0xF0, 0x76, 0x28, 0x89, 0xAD, 0x32, 0xE0, 0xDF ), - BYTES_TO_T_UINT_8( 0xF8, 0x90, 0xCC, 0x57, 0x58, 0xAA, 0xC9, 0x75 ), - BYTES_TO_T_UINT_8( 0x5E, 0xD7, 0x43, 0xD2, 0xCE, 0x5E, 0xA0, 0x08 ), - BYTES_TO_T_UINT_8( 0x33, 0xB0, 0xB8, 0xA4, 0x9E, 0x96, 0x26, 0x86 ), - BYTES_TO_T_UINT_8( 0x94, 0x61, 0x1D, 0xF3, 0x65, 0x5E, 0x60, 0xCA ), - BYTES_TO_T_UINT_8( 0xC7, 0x1E, 0x65, 0xED, 0xCF, 0x07, 0x60, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xD5, 0xBB, 0x25, 0xA3, 0xDD, 0xA3, 0x88 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0xF2, 0x68, 0x67, 0x39, 0x8F, 0x73, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x76, 0x28, 0x89, 0xAD, 0x32, 0xE0, 0xDF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0x90, 0xCC, 0x57, 0x58, 0xAA, 0xC9, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0xD7, 0x43, 0xD2, 0xCE, 0x5E, 0xA0, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x33, 0xB0, 0xB8, 0xA4, 0x9E, 0x96, 0x26, 0x86 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0x61, 0x1D, 0xF3, 0x65, 0x5E, 0x60, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC7, 0x1E, 0x65, 0xED, 0xCF, 0x07, 0x60, 0x20 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_23_X[] = { - BYTES_TO_T_UINT_8( 0xA4, 0x30, 0x17, 0x8A, 0x91, 0x88, 0x0A, 0xA4 ), - BYTES_TO_T_UINT_8( 0x05, 0x7D, 0x18, 0xA4, 0xAC, 0x59, 0xFC, 0x5F ), - BYTES_TO_T_UINT_8( 0xA4, 0x31, 0x8B, 0x25, 0x65, 0x39, 0x9A, 0xDC ), - BYTES_TO_T_UINT_8( 0x15, 0x16, 0x4B, 0x68, 0xBA, 0x59, 0x13, 0x2F ), - BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xD3, 0xC5, 0x56, 0xC9, 0x8C, 0x5E ), - BYTES_TO_T_UINT_8( 0xBC, 0xC6, 0x9F, 0xF4, 0xE6, 0xF7, 0xB4, 0x01 ), - BYTES_TO_T_UINT_8( 0x2D, 0x7C, 0x03, 0x00, 0x26, 0x9F, 0xD8, 0x7B ), - BYTES_TO_T_UINT_8( 0x24, 0x1D, 0x6E, 0x00, 0xB9, 0x00, 0x6E, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x30, 0x17, 0x8A, 0x91, 0x88, 0x0A, 0xA4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x05, 0x7D, 0x18, 0xA4, 0xAC, 0x59, 0xFC, 0x5F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x31, 0x8B, 0x25, 0x65, 0x39, 0x9A, 0xDC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x16, 0x4B, 0x68, 0xBA, 0x59, 0x13, 0x2F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xD3, 0xC5, 0x56, 0xC9, 0x8C, 0x5E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xC6, 0x9F, 0xF4, 0xE6, 0xF7, 0xB4, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2D, 0x7C, 0x03, 0x00, 0x26, 0x9F, 0xD8, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x1D, 0x6E, 0x00, 0xB9, 0x00, 0x6E, 0x93 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_23_Y[] = { - BYTES_TO_T_UINT_8( 0x75, 0x63, 0xDA, 0x03, 0x2B, 0xD5, 0x0B, 0xFE ), - BYTES_TO_T_UINT_8( 0x46, 0xFC, 0xE2, 0xC8, 0x47, 0xF0, 0xAE, 0xF2 ), - BYTES_TO_T_UINT_8( 0x51, 0x4C, 0xF7, 0x50, 0x0C, 0x48, 0x06, 0x2A ), - BYTES_TO_T_UINT_8( 0xDF, 0x2B, 0x32, 0x98, 0x0E, 0x7E, 0x61, 0x41 ), - BYTES_TO_T_UINT_8( 0x5D, 0x02, 0x27, 0xFE, 0x75, 0x86, 0xDF, 0x24 ), - BYTES_TO_T_UINT_8( 0x2B, 0x30, 0xB1, 0x22, 0x32, 0x1B, 0xFE, 0x24 ), - BYTES_TO_T_UINT_8( 0xC2, 0x27, 0xF7, 0x78, 0x6F, 0xD7, 0xFD, 0xE4 ), - BYTES_TO_T_UINT_8( 0xA0, 0x78, 0xCC, 0xEA, 0xC0, 0x50, 0x24, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x63, 0xDA, 0x03, 0x2B, 0xD5, 0x0B, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x46, 0xFC, 0xE2, 0xC8, 0x47, 0xF0, 0xAE, 0xF2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x4C, 0xF7, 0x50, 0x0C, 0x48, 0x06, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x2B, 0x32, 0x98, 0x0E, 0x7E, 0x61, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x02, 0x27, 0xFE, 0x75, 0x86, 0xDF, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2B, 0x30, 0xB1, 0x22, 0x32, 0x1B, 0xFE, 0x24 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x27, 0xF7, 0x78, 0x6F, 0xD7, 0xFD, 0xE4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x78, 0xCC, 0xEA, 0xC0, 0x50, 0x24, 0x44 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_24_X[] = { - BYTES_TO_T_UINT_8( 0x37, 0x2B, 0x4F, 0x7F, 0x58, 0xE6, 0xC2, 0x70 ), - BYTES_TO_T_UINT_8( 0x37, 0x43, 0xD5, 0xA7, 0x35, 0x3C, 0x80, 0xB8 ), - BYTES_TO_T_UINT_8( 0x1A, 0x6D, 0x4B, 0x12, 0x00, 0x7B, 0xE6, 0xA6 ), - BYTES_TO_T_UINT_8( 0x37, 0x15, 0xBD, 0xD0, 0x9B, 0xCA, 0xAA, 0x81 ), - BYTES_TO_T_UINT_8( 0xCF, 0xCE, 0x9C, 0xE3, 0x8B, 0x60, 0x7A, 0x53 ), - BYTES_TO_T_UINT_8( 0x0C, 0xDA, 0x4B, 0x03, 0xA7, 0x8D, 0x43, 0x22 ), - BYTES_TO_T_UINT_8( 0x57, 0xAF, 0x00, 0x2B, 0x32, 0xF0, 0x22, 0x68 ), - BYTES_TO_T_UINT_8( 0xDC, 0xD9, 0x99, 0x99, 0xBE, 0x43, 0x99, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x2B, 0x4F, 0x7F, 0x58, 0xE6, 0xC2, 0x70 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x43, 0xD5, 0xA7, 0x35, 0x3C, 0x80, 0xB8 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x6D, 0x4B, 0x12, 0x00, 0x7B, 0xE6, 0xA6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x15, 0xBD, 0xD0, 0x9B, 0xCA, 0xAA, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xCF, 0xCE, 0x9C, 0xE3, 0x8B, 0x60, 0x7A, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0xDA, 0x4B, 0x03, 0xA7, 0x8D, 0x43, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0xAF, 0x00, 0x2B, 0x32, 0xF0, 0x22, 0x68 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDC, 0xD9, 0x99, 0x99, 0xBE, 0x43, 0x99, 0x3E ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_24_Y[] = { - BYTES_TO_T_UINT_8( 0x1F, 0x71, 0x41, 0xF4, 0xB5, 0xFD, 0xDD, 0x36 ), - BYTES_TO_T_UINT_8( 0x9D, 0xE2, 0x20, 0x4C, 0xD1, 0x2E, 0x1F, 0x06 ), - BYTES_TO_T_UINT_8( 0x96, 0x43, 0x48, 0x76, 0x8A, 0x49, 0xAC, 0x87 ), - BYTES_TO_T_UINT_8( 0x0C, 0x1A, 0x55, 0xA8, 0xA3, 0xD4, 0x57, 0x75 ), - BYTES_TO_T_UINT_8( 0x7C, 0xA6, 0x84, 0x39, 0xC9, 0x13, 0xBB, 0x60 ), - BYTES_TO_T_UINT_8( 0xD9, 0xFA, 0xA9, 0x70, 0xDE, 0x83, 0xDD, 0xC9 ), - BYTES_TO_T_UINT_8( 0xEC, 0xC9, 0xD9, 0x3E, 0x44, 0x91, 0x68, 0x7B ), - BYTES_TO_T_UINT_8( 0xB6, 0x9F, 0x85, 0x6D, 0xF7, 0x54, 0x36, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x71, 0x41, 0xF4, 0xB5, 0xFD, 0xDD, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xE2, 0x20, 0x4C, 0xD1, 0x2E, 0x1F, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0x43, 0x48, 0x76, 0x8A, 0x49, 0xAC, 0x87 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x1A, 0x55, 0xA8, 0xA3, 0xD4, 0x57, 0x75 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0xA6, 0x84, 0x39, 0xC9, 0x13, 0xBB, 0x60 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xFA, 0xA9, 0x70, 0xDE, 0x83, 0xDD, 0xC9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0xC9, 0xD9, 0x3E, 0x44, 0x91, 0x68, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x9F, 0x85, 0x6D, 0xF7, 0x54, 0x36, 0x82 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_25_X[] = { - BYTES_TO_T_UINT_8( 0x68, 0x6B, 0xA6, 0xA3, 0xE5, 0xD4, 0x46, 0xDB ), - BYTES_TO_T_UINT_8( 0x23, 0x3E, 0xDC, 0x84, 0x7C, 0x7B, 0x24, 0x34 ), - BYTES_TO_T_UINT_8( 0x14, 0xED, 0x7F, 0x86, 0x07, 0x6C, 0x57, 0xCA ), - BYTES_TO_T_UINT_8( 0x95, 0x06, 0xFE, 0x52, 0x12, 0x79, 0x69, 0x56 ), - BYTES_TO_T_UINT_8( 0x84, 0xD1, 0x44, 0x5F, 0x21, 0x3A, 0xC3, 0x84 ), - BYTES_TO_T_UINT_8( 0x5E, 0xD9, 0x4A, 0xC0, 0x75, 0xAB, 0x17, 0xAC ), - BYTES_TO_T_UINT_8( 0xFF, 0x81, 0x94, 0xB6, 0x80, 0x6B, 0x6F, 0xC3 ), - BYTES_TO_T_UINT_8( 0x07, 0xBE, 0x8E, 0xA5, 0xAA, 0xBC, 0x1E, 0x3E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x6B, 0xA6, 0xA3, 0xE5, 0xD4, 0x46, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x3E, 0xDC, 0x84, 0x7C, 0x7B, 0x24, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x14, 0xED, 0x7F, 0x86, 0x07, 0x6C, 0x57, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x95, 0x06, 0xFE, 0x52, 0x12, 0x79, 0x69, 0x56 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0xD1, 0x44, 0x5F, 0x21, 0x3A, 0xC3, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0xD9, 0x4A, 0xC0, 0x75, 0xAB, 0x17, 0xAC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x81, 0x94, 0xB6, 0x80, 0x6B, 0x6F, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xBE, 0x8E, 0xA5, 0xAA, 0xBC, 0x1E, 0x3E ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_25_Y[] = { - BYTES_TO_T_UINT_8( 0x89, 0xC7, 0x85, 0xA6, 0x59, 0x9B, 0xB1, 0x52 ), - BYTES_TO_T_UINT_8( 0x1C, 0xCE, 0x40, 0xD1, 0xFB, 0xDF, 0x94, 0xF7 ), - BYTES_TO_T_UINT_8( 0x18, 0xB8, 0x5E, 0xBF, 0x45, 0xA8, 0x2D, 0x2D ), - BYTES_TO_T_UINT_8( 0x98, 0x9C, 0x06, 0x1B, 0xA9, 0x57, 0xB9, 0x79 ), - BYTES_TO_T_UINT_8( 0x53, 0xE9, 0xCE, 0xA2, 0xD3, 0x74, 0xA1, 0x3C ), - BYTES_TO_T_UINT_8( 0xAA, 0x5F, 0x34, 0x78, 0xDB, 0xAE, 0x3A, 0x14 ), - BYTES_TO_T_UINT_8( 0x7D, 0x32, 0x84, 0x3E, 0x68, 0x6A, 0x43, 0x0F ), - BYTES_TO_T_UINT_8( 0x8C, 0xBC, 0x39, 0x36, 0xA4, 0xC5, 0xBB, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0xC7, 0x85, 0xA6, 0x59, 0x9B, 0xB1, 0x52 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0xCE, 0x40, 0xD1, 0xFB, 0xDF, 0x94, 0xF7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x18, 0xB8, 0x5E, 0xBF, 0x45, 0xA8, 0x2D, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9C, 0x06, 0x1B, 0xA9, 0x57, 0xB9, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xE9, 0xCE, 0xA2, 0xD3, 0x74, 0xA1, 0x3C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x5F, 0x34, 0x78, 0xDB, 0xAE, 0x3A, 0x14 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x32, 0x84, 0x3E, 0x68, 0x6A, 0x43, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0xBC, 0x39, 0x36, 0xA4, 0xC5, 0xBB, 0x11 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_26_X[] = { - BYTES_TO_T_UINT_8( 0x8C, 0x07, 0xA2, 0xB5, 0xC9, 0x0F, 0x4D, 0x0F ), - BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0x67, 0xE6, 0xF1, 0x46, 0xEB, 0x71 ), - BYTES_TO_T_UINT_8( 0xD7, 0x41, 0x23, 0x95, 0xE7, 0xE0, 0x10, 0xDD ), - BYTES_TO_T_UINT_8( 0xBE, 0x69, 0xFE, 0x68, 0x8C, 0xC6, 0x5F, 0xB6 ), - BYTES_TO_T_UINT_8( 0xE3, 0xB9, 0x2B, 0x3D, 0xD2, 0x4F, 0xD8, 0x1A ), - BYTES_TO_T_UINT_8( 0xA3, 0x09, 0xF5, 0x5F, 0xCF, 0xF6, 0x91, 0x57 ), - BYTES_TO_T_UINT_8( 0x65, 0x15, 0x42, 0x6B, 0x6D, 0xB5, 0xF3, 0xB6 ), - BYTES_TO_T_UINT_8( 0xBF, 0x56, 0x9D, 0xC5, 0xFF, 0xCA, 0x13, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8C, 0x07, 0xA2, 0xB5, 0xC9, 0x0F, 0x4D, 0x0F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x1D, 0x67, 0xE6, 0xF1, 0x46, 0xEB, 0x71 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD7, 0x41, 0x23, 0x95, 0xE7, 0xE0, 0x10, 0xDD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x69, 0xFE, 0x68, 0x8C, 0xC6, 0x5F, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0xB9, 0x2B, 0x3D, 0xD2, 0x4F, 0xD8, 0x1A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA3, 0x09, 0xF5, 0x5F, 0xCF, 0xF6, 0x91, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x15, 0x42, 0x6B, 0x6D, 0xB5, 0xF3, 0xB6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x56, 0x9D, 0xC5, 0xFF, 0xCA, 0x13, 0x9B ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_26_Y[] = { - BYTES_TO_T_UINT_8( 0x4D, 0x38, 0xE6, 0x23, 0x63, 0x48, 0x3C, 0xCA ), - BYTES_TO_T_UINT_8( 0xD2, 0x68, 0x3C, 0xD1, 0x3B, 0xE9, 0x3B, 0x82 ), - BYTES_TO_T_UINT_8( 0xB5, 0x08, 0x54, 0x49, 0xD1, 0x46, 0x45, 0x13 ), - BYTES_TO_T_UINT_8( 0x07, 0x70, 0x52, 0x6E, 0x79, 0xC4, 0x5E, 0x95 ), - BYTES_TO_T_UINT_8( 0x36, 0xDF, 0xE8, 0x5A, 0x32, 0x81, 0xDA, 0xD3 ), - BYTES_TO_T_UINT_8( 0x3C, 0x2D, 0x94, 0x5B, 0xB5, 0x35, 0x9F, 0x0A ), - BYTES_TO_T_UINT_8( 0x2A, 0x12, 0x8D, 0xC3, 0x36, 0x36, 0xB2, 0x2A ), - BYTES_TO_T_UINT_8( 0x39, 0x2F, 0x22, 0x38, 0x5B, 0x18, 0x4C, 0x35 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0x38, 0xE6, 0x23, 0x63, 0x48, 0x3C, 0xCA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD2, 0x68, 0x3C, 0xD1, 0x3B, 0xE9, 0x3B, 0x82 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0x08, 0x54, 0x49, 0xD1, 0x46, 0x45, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x70, 0x52, 0x6E, 0x79, 0xC4, 0x5E, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xDF, 0xE8, 0x5A, 0x32, 0x81, 0xDA, 0xD3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3C, 0x2D, 0x94, 0x5B, 0xB5, 0x35, 0x9F, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2A, 0x12, 0x8D, 0xC3, 0x36, 0x36, 0xB2, 0x2A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x39, 0x2F, 0x22, 0x38, 0x5B, 0x18, 0x4C, 0x35 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_27_X[] = { - BYTES_TO_T_UINT_8( 0x10, 0xC1, 0x22, 0x0E, 0xF0, 0x73, 0x11, 0x05 ), - BYTES_TO_T_UINT_8( 0xB2, 0xAE, 0xA4, 0x56, 0x18, 0x61, 0x66, 0x12 ), - BYTES_TO_T_UINT_8( 0x79, 0xFB, 0x72, 0x08, 0x84, 0x38, 0x51, 0xB0 ), - BYTES_TO_T_UINT_8( 0xDA, 0x86, 0xA8, 0xB9, 0x31, 0x99, 0x29, 0xC3 ), - BYTES_TO_T_UINT_8( 0x8A, 0xFB, 0xC3, 0x42, 0xB3, 0xC7, 0x6F, 0x3A ), - BYTES_TO_T_UINT_8( 0xD8, 0xF8, 0xE1, 0x09, 0xBE, 0x75, 0xB0, 0x22 ), - BYTES_TO_T_UINT_8( 0x5A, 0x7D, 0xFF, 0xF4, 0x99, 0xFC, 0x13, 0xAB ), - BYTES_TO_T_UINT_8( 0xE6, 0x1B, 0x84, 0x81, 0x42, 0x22, 0xC6, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xC1, 0x22, 0x0E, 0xF0, 0x73, 0x11, 0x05 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB2, 0xAE, 0xA4, 0x56, 0x18, 0x61, 0x66, 0x12 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x79, 0xFB, 0x72, 0x08, 0x84, 0x38, 0x51, 0xB0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDA, 0x86, 0xA8, 0xB9, 0x31, 0x99, 0x29, 0xC3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x8A, 0xFB, 0xC3, 0x42, 0xB3, 0xC7, 0x6F, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD8, 0xF8, 0xE1, 0x09, 0xBE, 0x75, 0xB0, 0x22 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x7D, 0xFF, 0xF4, 0x99, 0xFC, 0x13, 0xAB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x1B, 0x84, 0x81, 0x42, 0x22, 0xC6, 0x3D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_27_Y[] = { - BYTES_TO_T_UINT_8( 0x21, 0xE0, 0x37, 0xA4, 0xA0, 0x2F, 0x38, 0x7F ), - BYTES_TO_T_UINT_8( 0xD0, 0x3D, 0xB7, 0x40, 0x2F, 0x39, 0x3C, 0x7A ), - BYTES_TO_T_UINT_8( 0x7A, 0x3B, 0x8A, 0x51, 0xAE, 0x40, 0x49, 0x7A ), - BYTES_TO_T_UINT_8( 0x36, 0x20, 0x9F, 0xDD, 0xA9, 0xD0, 0x77, 0xC7 ), - BYTES_TO_T_UINT_8( 0x78, 0x1D, 0x64, 0xDA, 0xA0, 0x53, 0xC7, 0x7D ), - BYTES_TO_T_UINT_8( 0x37, 0x7B, 0x66, 0x55, 0x94, 0xD1, 0x51, 0x44 ), - BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xB5, 0x5B, 0x38, 0x35, 0x40, 0xC0 ), - BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0x0F, 0xF0, 0x73, 0x79, 0x43, 0x61 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xE0, 0x37, 0xA4, 0xA0, 0x2F, 0x38, 0x7F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x3D, 0xB7, 0x40, 0x2F, 0x39, 0x3C, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0x3B, 0x8A, 0x51, 0xAE, 0x40, 0x49, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0x20, 0x9F, 0xDD, 0xA9, 0xD0, 0x77, 0xC7 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0x1D, 0x64, 0xDA, 0xA0, 0x53, 0xC7, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x7B, 0x66, 0x55, 0x94, 0xD1, 0x51, 0x44 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xA9, 0xB5, 0x5B, 0x38, 0x35, 0x40, 0xC0 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC8, 0xC9, 0x0F, 0xF0, 0x73, 0x79, 0x43, 0x61 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_28_X[] = { - BYTES_TO_T_UINT_8( 0x10, 0x47, 0x45, 0x69, 0x80, 0x72, 0x72, 0x42 ), - BYTES_TO_T_UINT_8( 0x70, 0x11, 0x99, 0x59, 0xDB, 0x48, 0x80, 0x39 ), - BYTES_TO_T_UINT_8( 0x75, 0x6E, 0x3D, 0xFC, 0x37, 0x15, 0xF4, 0xBF ), - BYTES_TO_T_UINT_8( 0x17, 0xBB, 0x5B, 0xA6, 0x35, 0x8D, 0x28, 0x20 ), - BYTES_TO_T_UINT_8( 0xAB, 0x1A, 0x3B, 0x2C, 0x8F, 0xD3, 0xAA, 0x2D ), - BYTES_TO_T_UINT_8( 0x55, 0x1C, 0x1A, 0xF8, 0x02, 0xD9, 0x7B, 0x41 ), - BYTES_TO_T_UINT_8( 0xAF, 0x69, 0xAC, 0xF8, 0x54, 0x31, 0x14, 0xA1 ), - BYTES_TO_T_UINT_8( 0x41, 0x8A, 0xE6, 0xDE, 0x58, 0xB9, 0xC4, 0x7A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x47, 0x45, 0x69, 0x80, 0x72, 0x72, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x11, 0x99, 0x59, 0xDB, 0x48, 0x80, 0x39 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x75, 0x6E, 0x3D, 0xFC, 0x37, 0x15, 0xF4, 0xBF ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xBB, 0x5B, 0xA6, 0x35, 0x8D, 0x28, 0x20 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0x1A, 0x3B, 0x2C, 0x8F, 0xD3, 0xAA, 0x2D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x55, 0x1C, 0x1A, 0xF8, 0x02, 0xD9, 0x7B, 0x41 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0x69, 0xAC, 0xF8, 0x54, 0x31, 0x14, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x8A, 0xE6, 0xDE, 0x58, 0xB9, 0xC4, 0x7A ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_28_Y[] = { - BYTES_TO_T_UINT_8( 0x57, 0x83, 0x52, 0xFE, 0xF9, 0x7B, 0xE9, 0x1F ), - BYTES_TO_T_UINT_8( 0x07, 0xA2, 0x55, 0x46, 0x15, 0x49, 0xC1, 0x3A ), - BYTES_TO_T_UINT_8( 0x1D, 0xBC, 0x5C, 0x91, 0xBD, 0xB9, 0x9C, 0xF4 ), - BYTES_TO_T_UINT_8( 0xBB, 0xFD, 0xB1, 0x4E, 0x5F, 0x74, 0xEE, 0x53 ), - BYTES_TO_T_UINT_8( 0xB1, 0x8B, 0xD8, 0x8B, 0x17, 0x73, 0x1B, 0x96 ), - BYTES_TO_T_UINT_8( 0x22, 0x92, 0xD7, 0x67, 0x06, 0xAD, 0x25, 0xCD ), - BYTES_TO_T_UINT_8( 0x01, 0x0F, 0x80, 0x24, 0xE2, 0x27, 0x5F, 0x8B ), - BYTES_TO_T_UINT_8( 0x61, 0x1C, 0xCE, 0xD0, 0x67, 0xCA, 0xD4, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x83, 0x52, 0xFE, 0xF9, 0x7B, 0xE9, 0x1F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xA2, 0x55, 0x46, 0x15, 0x49, 0xC1, 0x3A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0xBC, 0x5C, 0x91, 0xBD, 0xB9, 0x9C, 0xF4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBB, 0xFD, 0xB1, 0x4E, 0x5F, 0x74, 0xEE, 0x53 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0x8B, 0xD8, 0x8B, 0x17, 0x73, 0x1B, 0x96 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x92, 0xD7, 0x67, 0x06, 0xAD, 0x25, 0xCD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x0F, 0x80, 0x24, 0xE2, 0x27, 0x5F, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x1C, 0xCE, 0xD0, 0x67, 0xCA, 0xD4, 0x0B ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_29_X[] = { - BYTES_TO_T_UINT_8( 0x87, 0xF1, 0xDD, 0x33, 0x66, 0xF9, 0x05, 0xD6 ), - BYTES_TO_T_UINT_8( 0x1D, 0xE5, 0x6B, 0x79, 0xBD, 0x48, 0x42, 0xAA ), - BYTES_TO_T_UINT_8( 0xD1, 0x14, 0x52, 0xE3, 0x53, 0xB4, 0x50, 0xD4 ), - BYTES_TO_T_UINT_8( 0x32, 0x84, 0x6C, 0xCF, 0xDA, 0xB2, 0x20, 0x0A ), - BYTES_TO_T_UINT_8( 0x70, 0xD6, 0x1A, 0xE5, 0xE2, 0x29, 0x70, 0xCE ), - BYTES_TO_T_UINT_8( 0xD5, 0x61, 0xFE, 0xBB, 0x21, 0x82, 0xD1, 0xFE ), - BYTES_TO_T_UINT_8( 0x2C, 0xF0, 0x9C, 0x8B, 0x1A, 0x42, 0x30, 0x06 ), - BYTES_TO_T_UINT_8( 0x43, 0xD6, 0x49, 0x81, 0x92, 0xF1, 0xD0, 0x90 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0xF1, 0xDD, 0x33, 0x66, 0xF9, 0x05, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1D, 0xE5, 0x6B, 0x79, 0xBD, 0x48, 0x42, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x14, 0x52, 0xE3, 0x53, 0xB4, 0x50, 0xD4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x32, 0x84, 0x6C, 0xCF, 0xDA, 0xB2, 0x20, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0xD6, 0x1A, 0xE5, 0xE2, 0x29, 0x70, 0xCE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x61, 0xFE, 0xBB, 0x21, 0x82, 0xD1, 0xFE ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0xF0, 0x9C, 0x8B, 0x1A, 0x42, 0x30, 0x06 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0xD6, 0x49, 0x81, 0x92, 0xF1, 0xD0, 0x90 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_29_Y[] = { - BYTES_TO_T_UINT_8( 0xC9, 0x91, 0x93, 0x6A, 0xA6, 0x22, 0xE9, 0xD6 ), - BYTES_TO_T_UINT_8( 0x09, 0xDC, 0xC3, 0x69, 0x11, 0x95, 0x7D, 0xEC ), - BYTES_TO_T_UINT_8( 0x1C, 0xA3, 0x9D, 0x87, 0x5E, 0x64, 0x41, 0xA2 ), - BYTES_TO_T_UINT_8( 0xBE, 0x87, 0x5A, 0x15, 0xBD, 0x6E, 0x3C, 0x8D ), - BYTES_TO_T_UINT_8( 0xD0, 0x8D, 0x50, 0xCC, 0xCF, 0xB7, 0x8F, 0x0B ), - BYTES_TO_T_UINT_8( 0x38, 0x65, 0xCD, 0x31, 0x30, 0xF1, 0x68, 0x13 ), - BYTES_TO_T_UINT_8( 0x10, 0x5C, 0x66, 0x67, 0x92, 0x30, 0x57, 0x95 ), - BYTES_TO_T_UINT_8( 0x23, 0x9B, 0x01, 0x3D, 0x20, 0x8B, 0xD1, 0x0D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x91, 0x93, 0x6A, 0xA6, 0x22, 0xE9, 0xD6 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0xDC, 0xC3, 0x69, 0x11, 0x95, 0x7D, 0xEC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x1C, 0xA3, 0x9D, 0x87, 0x5E, 0x64, 0x41, 0xA2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xBE, 0x87, 0x5A, 0x15, 0xBD, 0x6E, 0x3C, 0x8D ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0x8D, 0x50, 0xCC, 0xCF, 0xB7, 0x8F, 0x0B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x65, 0xCD, 0x31, 0x30, 0xF1, 0x68, 0x13 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x5C, 0x66, 0x67, 0x92, 0x30, 0x57, 0x95 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x9B, 0x01, 0x3D, 0x20, 0x8B, 0xD1, 0x0D ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_30_X[] = { - BYTES_TO_T_UINT_8( 0xAB, 0xC0, 0xE6, 0x4F, 0xDE, 0x62, 0xAB, 0xB3 ), - BYTES_TO_T_UINT_8( 0xA4, 0x48, 0xB3, 0x1C, 0x0F, 0x16, 0x93, 0x45 ), - BYTES_TO_T_UINT_8( 0x77, 0x63, 0xBD, 0x1F, 0x16, 0x50, 0x56, 0x98 ), - BYTES_TO_T_UINT_8( 0x5D, 0x06, 0xBC, 0xE9, 0x27, 0x1C, 0x9A, 0x7B ), - BYTES_TO_T_UINT_8( 0xF8, 0xFE, 0x21, 0xC5, 0x39, 0x55, 0xE1, 0xFD ), - BYTES_TO_T_UINT_8( 0xF6, 0xA8, 0xD0, 0x96, 0x0E, 0xB5, 0xB2, 0x84 ), - BYTES_TO_T_UINT_8( 0x3D, 0xE7, 0x4B, 0xF3, 0x11, 0x0C, 0xC9, 0x5B ), - BYTES_TO_T_UINT_8( 0x43, 0x3A, 0xC4, 0x87, 0x71, 0xEE, 0xFA, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAB, 0xC0, 0xE6, 0x4F, 0xDE, 0x62, 0xAB, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0x48, 0xB3, 0x1C, 0x0F, 0x16, 0x93, 0x45 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x63, 0xBD, 0x1F, 0x16, 0x50, 0x56, 0x98 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x5D, 0x06, 0xBC, 0xE9, 0x27, 0x1C, 0x9A, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF8, 0xFE, 0x21, 0xC5, 0x39, 0x55, 0xE1, 0xFD ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xA8, 0xD0, 0x96, 0x0E, 0xB5, 0xB2, 0x84 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0xE7, 0x4B, 0xF3, 0x11, 0x0C, 0xC9, 0x5B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x43, 0x3A, 0xC4, 0x87, 0x71, 0xEE, 0xFA, 0x18 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_30_Y[] = { - BYTES_TO_T_UINT_8( 0xA7, 0x77, 0xEE, 0x81, 0x5E, 0x96, 0xEA, 0x4B ), - BYTES_TO_T_UINT_8( 0xEE, 0xDF, 0xA9, 0xF4, 0x4F, 0x7C, 0xB2, 0x43 ), - BYTES_TO_T_UINT_8( 0x9F, 0xD4, 0xDF, 0x35, 0x63, 0x47, 0x25, 0x8A ), - BYTES_TO_T_UINT_8( 0xA5, 0x3D, 0xFF, 0xA4, 0x02, 0xC3, 0x95, 0x11 ), - BYTES_TO_T_UINT_8( 0xD5, 0x10, 0x78, 0xD1, 0x2B, 0xB7, 0xBE, 0x0E ), - BYTES_TO_T_UINT_8( 0x0A, 0xE9, 0x57, 0xF9, 0xE0, 0xD8, 0xFC, 0xBC ), - BYTES_TO_T_UINT_8( 0xF3, 0xC4, 0x01, 0xD6, 0xB4, 0xE7, 0x78, 0xE2 ), - BYTES_TO_T_UINT_8( 0x02, 0x6C, 0xB9, 0x13, 0xA4, 0xE8, 0x6D, 0x6F ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x77, 0xEE, 0x81, 0x5E, 0x96, 0xEA, 0x4B ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0xDF, 0xA9, 0xF4, 0x4F, 0x7C, 0xB2, 0x43 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x9F, 0xD4, 0xDF, 0x35, 0x63, 0x47, 0x25, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x3D, 0xFF, 0xA4, 0x02, 0xC3, 0x95, 0x11 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x10, 0x78, 0xD1, 0x2B, 0xB7, 0xBE, 0x0E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x0A, 0xE9, 0x57, 0xF9, 0xE0, 0xD8, 0xFC, 0xBC ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0xC4, 0x01, 0xD6, 0xB4, 0xE7, 0x78, 0xE2 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x02, 0x6C, 0xB9, 0x13, 0xA4, 0xE8, 0x6D, 0x6F ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_31_X[] = { - BYTES_TO_T_UINT_8( 0xE8, 0xB0, 0xC9, 0xCD, 0xBF, 0xA2, 0x1E, 0x63 ), - BYTES_TO_T_UINT_8( 0xDD, 0x4F, 0x86, 0x22, 0x9B, 0xEA, 0xE8, 0xBB ), - BYTES_TO_T_UINT_8( 0x50, 0x46, 0xDF, 0x43, 0xB9, 0x82, 0x2D, 0x0A ), - BYTES_TO_T_UINT_8( 0x07, 0x32, 0xF1, 0x4E, 0x95, 0x41, 0xAE, 0x8E ), - BYTES_TO_T_UINT_8( 0x52, 0x93, 0x26, 0xFC, 0xD3, 0x90, 0xDC, 0xEB ), - BYTES_TO_T_UINT_8( 0x04, 0x05, 0x45, 0xCA, 0xF9, 0x5A, 0x89, 0x93 ), - BYTES_TO_T_UINT_8( 0xC5, 0x82, 0x63, 0x4E, 0x55, 0x1D, 0x3A, 0x08 ), - BYTES_TO_T_UINT_8( 0x7C, 0x69, 0x52, 0x49, 0xE9, 0xED, 0x57, 0x34 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0xB0, 0xC9, 0xCD, 0xBF, 0xA2, 0x1E, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0x4F, 0x86, 0x22, 0x9B, 0xEA, 0xE8, 0xBB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x46, 0xDF, 0x43, 0xB9, 0x82, 0x2D, 0x0A ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x32, 0xF1, 0x4E, 0x95, 0x41, 0xAE, 0x8E ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0x93, 0x26, 0xFC, 0xD3, 0x90, 0xDC, 0xEB ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x05, 0x45, 0xCA, 0xF9, 0x5A, 0x89, 0x93 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x82, 0x63, 0x4E, 0x55, 0x1D, 0x3A, 0x08 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x69, 0x52, 0x49, 0xE9, 0xED, 0x57, 0x34 ), }; static const mbedtls_mpi_uint brainpoolP512r1_T_31_Y[] = { - BYTES_TO_T_UINT_8( 0x70, 0x64, 0xE9, 0xAC, 0x4C, 0x4A, 0xEA, 0x25 ), - BYTES_TO_T_UINT_8( 0xE9, 0xE9, 0x0B, 0x99, 0xE7, 0xF9, 0xA9, 0x2C ), - BYTES_TO_T_UINT_8( 0x24, 0x0C, 0xC1, 0xF4, 0x8D, 0x07, 0xB6, 0xB1 ), - BYTES_TO_T_UINT_8( 0xAD, 0x68, 0xFA, 0x35, 0xE4, 0x9E, 0xAE, 0xD9 ), - BYTES_TO_T_UINT_8( 0xF0, 0x2D, 0x1A, 0x13, 0x8E, 0x02, 0xE2, 0x63 ), - BYTES_TO_T_UINT_8( 0x27, 0x38, 0x28, 0x86, 0x46, 0x7B, 0x3A, 0xE1 ), - BYTES_TO_T_UINT_8( 0x3F, 0x4C, 0x64, 0x59, 0x0A, 0xF9, 0x02, 0xC4 ), - BYTES_TO_T_UINT_8( 0x41, 0x4F, 0x23, 0xA2, 0xC3, 0xD5, 0xEF, 0x42 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x64, 0xE9, 0xAC, 0x4C, 0x4A, 0xEA, 0x25 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xE9, 0xE9, 0x0B, 0x99, 0xE7, 0xF9, 0xA9, 0x2C ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x24, 0x0C, 0xC1, 0xF4, 0x8D, 0x07, 0xB6, 0xB1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xAD, 0x68, 0xFA, 0x35, 0xE4, 0x9E, 0xAE, 0xD9 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0xF0, 0x2D, 0x1A, 0x13, 0x8E, 0x02, 0xE2, 0x63 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x27, 0x38, 0x28, 0x86, 0x46, 0x7B, 0x3A, 0xE1 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x3F, 0x4C, 0x64, 0x59, 0x0A, 0xF9, 0x02, 0xC4 ), + MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x4F, 0x23, 0xA2, 0xC3, 0xD5, 0xEF, 0x42 ), }; static const mbedtls_ecp_point brainpoolP512r1_T[32] = { ECP_POINT_INIT_XY_Z1(brainpoolP512r1_T_0_X, brainpoolP512r1_T_0_Y), @@ -5410,9 +5410,11 @@ cleanup: static int ecp_mod_p192k1( mbedtls_mpi *N ) { static mbedtls_mpi_uint Rp[] = { - BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); + return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, + 0 ) ); } #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ @@ -5424,12 +5426,14 @@ static int ecp_mod_p192k1( mbedtls_mpi *N ) static int ecp_mod_p224k1( mbedtls_mpi *N ) { static mbedtls_mpi_uint Rp[] = { - BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00 ) }; #if defined(MBEDTLS_HAVE_INT64) return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) ); #else - return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); + return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, + 0 ) ); #endif } @@ -5443,8 +5447,10 @@ static int ecp_mod_p224k1( mbedtls_mpi *N ) static int ecp_mod_p256k1( mbedtls_mpi *N ) { static mbedtls_mpi_uint Rp[] = { - BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); + MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00 ) }; + return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, + 0 ) ); } #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ From cdfd73aa7fe2b8f533fe4508b898957dc5823a20 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 25 Jun 2021 13:43:59 +0100 Subject: [PATCH 0530/1065] Add ChangeLog entry Signed-off-by: Janos Follath --- ChangeLog.d/reject-low-order-points-early.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/reject-low-order-points-early.txt diff --git a/ChangeLog.d/reject-low-order-points-early.txt b/ChangeLog.d/reject-low-order-points-early.txt new file mode 100644 index 0000000000..eb735697a9 --- /dev/null +++ b/ChangeLog.d/reject-low-order-points-early.txt @@ -0,0 +1,6 @@ +Security + * An adversary with access to precise enough timing information (typically, a + co-located process) could recover a Curve25519 or Curve448 static ECDH key + after inputting a chosen public key and observing the victim performing the + corresponding private-key operation. Found and reported by Leila Batina, + Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. From 83e384da59719393bd5021f32b056a95f04841c3 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 25 Jun 2021 15:29:56 +0100 Subject: [PATCH 0531/1065] Fix unused parameter warning Signed-off-by: Janos Follath --- library/ecp.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ecp.c b/library/ecp.c index 30e726a8c7..e8df7ff284 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2818,6 +2818,8 @@ static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, goto cleanup; } } +#else + (void) grp_id; #endif /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ From 5ab7303409594710d3317c4dfc37fce8801c1fb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 27 May 2021 11:25:03 +0200 Subject: [PATCH 0532/1065] Introduce a level of indirection in config header MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Create a separate header file (mbedtls/build_info.h) to use when depending on the config options defined in config.h. Also copy the handling of the MBEDTLS_CONFIG_FILE macro into the new header, so that the next commit can remove this code from every other place where config.h used to be included. Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 include/mbedtls/build_info.h diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h new file mode 100644 index 0000000000..8e6b0b83f8 --- /dev/null +++ b/include/mbedtls/build_info.h @@ -0,0 +1,35 @@ +/** + * \file build_info.h + * + * \brief Build-time configuration info + * + * Include this file if you need to depend on the + * configuration options defined in config.h + */ + /* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_BUILD_INFO_H +#define MBEDTLS_BUILD_INFO_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#endif /* MBEDTLS_BUILD_INFO_H */ From c662b36af26de818059e07229343696956236f62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 27 May 2021 11:25:03 +0200 Subject: [PATCH 0533/1065] Replace all inclusions of config.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since build_info.h alreadyy handles it. This commit was generated using the following script: # ======================== #!/bin/sh git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i ' /^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h" //,/^#endif/d ' # ======================== Signed-off-by: Bence Szépkúti --- include/mbedtls/aes.h | 6 +----- include/mbedtls/aria.h | 6 +----- include/mbedtls/asn1.h | 6 +----- include/mbedtls/asn1write.h | 6 +----- include/mbedtls/base64.h | 6 +----- include/mbedtls/bignum.h | 6 +----- include/mbedtls/camellia.h | 6 +----- include/mbedtls/ccm.h | 6 +----- include/mbedtls/chacha20.h | 6 +----- include/mbedtls/chachapoly.h | 6 +----- include/mbedtls/cipher.h | 6 +----- include/mbedtls/cmac.h | 6 +----- include/mbedtls/ctr_drbg.h | 6 +----- include/mbedtls/debug.h | 6 +----- include/mbedtls/des.h | 6 +----- include/mbedtls/dhm.h | 6 +----- include/mbedtls/ecdh.h | 6 +----- include/mbedtls/ecdsa.h | 6 +----- include/mbedtls/ecjpake.h | 6 +----- include/mbedtls/ecp.h | 6 +----- include/mbedtls/entropy.h | 6 +----- include/mbedtls/error.h | 6 +----- include/mbedtls/gcm.h | 6 +----- include/mbedtls/hkdf.h | 6 +----- include/mbedtls/hmac_drbg.h | 6 +----- include/mbedtls/md.h | 6 +----- include/mbedtls/md5.h | 6 +----- include/mbedtls/memory_buffer_alloc.h | 6 +----- include/mbedtls/net_sockets.h | 6 +----- include/mbedtls/nist_kw.h | 6 +----- include/mbedtls/oid.h | 6 +----- include/mbedtls/pem.h | 6 +----- include/mbedtls/pk.h | 6 +----- include/mbedtls/pkcs12.h | 6 +----- include/mbedtls/pkcs5.h | 6 +----- include/mbedtls/platform.h | 6 +----- include/mbedtls/platform_time.h | 6 +----- include/mbedtls/platform_util.h | 6 +----- include/mbedtls/poly1305.h | 6 +----- include/mbedtls/psa_util.h | 6 +----- include/mbedtls/ripemd160.h | 6 +----- include/mbedtls/rsa.h | 6 +----- include/mbedtls/sha1.h | 6 +----- include/mbedtls/sha256.h | 6 +----- include/mbedtls/sha512.h | 6 +----- include/mbedtls/ssl.h | 6 +----- include/mbedtls/ssl_cache.h | 6 +----- include/mbedtls/ssl_ciphersuites.h | 6 +----- include/mbedtls/ssl_cookie.h | 6 +----- include/mbedtls/ssl_ticket.h | 6 +----- include/mbedtls/threading.h | 6 +----- include/mbedtls/timing.h | 6 +----- include/mbedtls/version.h | 6 +----- include/mbedtls/x509.h | 6 +----- include/mbedtls/x509_crl.h | 6 +----- include/mbedtls/x509_crt.h | 6 +----- include/mbedtls/x509_csr.h | 6 +----- include/psa/crypto_platform.h | 6 +----- include/psa/crypto_sizes.h | 6 +----- include/psa/crypto_struct.h | 6 +----- library/aesni.h | 6 +----- library/bn_mul.h | 6 +----- library/cipher_wrap.h | 6 +----- library/common.h | 6 +----- library/ecp_internal_alt.h | 6 +----- library/entropy_poll.h | 6 +----- library/md_wrap.h | 6 +----- library/padlock.h | 6 +----- library/pk_wrap.h | 6 +----- library/psa_crypto_core.h | 6 +----- library/psa_crypto_invasive.h | 6 +----- library/psa_crypto_se.h | 6 +----- library/rsa_alt_helpers.h | 6 +----- library/ssl_misc.h | 6 +----- programs/aes/crypt_and_hash.c | 6 +----- programs/fuzz/onefile.c | 6 +----- programs/hash/generic_sum.c | 6 +----- programs/hash/hello.c | 6 +----- programs/pkey/dh_client.c | 6 +----- programs/pkey/dh_genprime.c | 6 +----- programs/pkey/dh_server.c | 6 +----- programs/pkey/ecdh_curve25519.c | 6 +----- programs/pkey/ecdsa.c | 6 +----- programs/pkey/gen_key.c | 6 +----- programs/pkey/key_app.c | 6 +----- programs/pkey/key_app_writer.c | 6 +----- programs/pkey/mpi_demo.c | 6 +----- programs/pkey/pk_decrypt.c | 6 +----- programs/pkey/pk_encrypt.c | 6 +----- programs/pkey/pk_sign.c | 6 +----- programs/pkey/pk_verify.c | 6 +----- programs/pkey/rsa_decrypt.c | 6 +----- programs/pkey/rsa_encrypt.c | 6 +----- programs/pkey/rsa_genkey.c | 6 +----- programs/pkey/rsa_sign.c | 6 +----- programs/pkey/rsa_sign_pss.c | 6 +----- programs/pkey/rsa_verify.c | 6 +----- programs/pkey/rsa_verify_pss.c | 6 +----- programs/psa/key_ladder_demo.c | 6 +----- programs/random/gen_entropy.c | 6 +----- programs/random/gen_random_ctr_drbg.c | 6 +----- programs/ssl/dtls_client.c | 6 +----- programs/ssl/dtls_server.c | 6 +----- programs/ssl/mini_client.c | 6 +----- programs/ssl/ssl_client1.c | 6 +----- programs/ssl/ssl_context_info.c | 6 +----- programs/ssl/ssl_fork_server.c | 6 +----- programs/ssl/ssl_mail_client.c | 6 +----- programs/ssl/ssl_pthread_server.c | 6 +----- programs/ssl/ssl_server.c | 6 +----- programs/ssl/ssl_test_lib.h | 6 +----- programs/test/benchmark.c | 6 +----- programs/test/cmake_package/cmake_package.c | 6 +----- programs/test/cmake_package_install/cmake_package_install.c | 6 +----- programs/test/cmake_subproject/cmake_subproject.c | 6 +----- programs/test/cpp_dummy_build.cpp | 6 +----- programs/test/query_compile_time_config.c | 6 +----- programs/test/query_config.h | 6 +----- programs/test/selftest.c | 6 +----- programs/test/udp_proxy.c | 6 +----- programs/test/zeroize.c | 6 +----- programs/util/pem2der.c | 6 +----- programs/util/strerror.c | 6 +----- programs/x509/cert_app.c | 6 +----- programs/x509/cert_req.c | 6 +----- programs/x509/cert_write.c | 6 +----- programs/x509/crl_app.c | 6 +----- programs/x509/req_app.c | 6 +----- scripts/data_files/query_config.fmt | 6 +----- tests/include/test/certs.h | 6 +----- tests/include/test/constant_flow.h | 6 +----- tests/include/test/drivers/aead.h | 6 +----- tests/include/test/drivers/cipher.h | 6 +----- tests/include/test/drivers/hash.h | 6 +----- tests/include/test/drivers/key_management.h | 6 +----- tests/include/test/drivers/mac.h | 6 +----- tests/include/test/drivers/signature.h | 6 +----- tests/include/test/drivers/size.h | 6 +----- tests/include/test/fake_external_rng_for_test.h | 6 +----- tests/include/test/helpers.h | 6 +----- tests/include/test/macros.h | 6 +----- tests/include/test/random.h | 6 +----- tests/suites/main_test.function | 6 +----- 143 files changed, 143 insertions(+), 715 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index e23b9ca94a..0050980835 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -41,11 +41,7 @@ #define MBEDTLS_AES_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 854aa699ea..08547068c7 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -30,11 +30,7 @@ #define MBEDTLS_ARIA_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 66119810f8..4668581095 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -23,11 +23,7 @@ #define MBEDTLS_ASN1_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index fb111cac71..d60ca0daa9 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/asn1.h" diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 7e73a8bd16..e3938b40e3 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 74deecf5cc..5187d86611 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -23,11 +23,7 @@ #define MBEDTLS_BIGNUM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index d2d4f61b10..6a09da88b5 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -23,11 +23,7 @@ #define MBEDTLS_CAMELLIA_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 9529e2f5d1..6613cee7d4 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -48,11 +48,7 @@ #define MBEDTLS_CCM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index 441aaa4c87..25e1a263ab 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -33,11 +33,7 @@ #define MBEDTLS_CHACHA20_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 7c36739857..3f6e4a3315 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -33,11 +33,7 @@ #define MBEDTLS_CHACHAPOLY_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /* for shared error codes */ #include "mbedtls/poly1305.h" diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 99dc7c79b9..7afdc6ac97 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -28,11 +28,7 @@ #define MBEDTLS_CIPHER_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include "mbedtls/platform_util.h" diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 65c831c870..3e599b9dc9 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -27,11 +27,7 @@ #define MBEDTLS_CMAC_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index b8e2c71bc4..34e139fcbb 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -42,11 +42,7 @@ #define MBEDTLS_CTR_DRBG_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/aes.h" diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 71b08295d6..0aed59619c 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_DEBUG_H #define MBEDTLS_DEBUG_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ssl.h" diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 24d2402833..9e2f6839f4 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -28,11 +28,7 @@ #define MBEDTLS_DES_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 850813e376..75baed951b 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -64,11 +64,7 @@ #define MBEDTLS_DHM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" /* diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 587035aad5..7fa7440a53 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -33,11 +33,7 @@ #define MBEDTLS_ECDH_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ecp.h" diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 735d37764f..4586ddb246 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -31,11 +31,7 @@ #define MBEDTLS_ECDSA_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ecp.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 27a091d501..a73f6249d0 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -39,11 +39,7 @@ * The payloads are serialized in a way suitable for use in TLS, but could * also be use outside TLS. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ecp.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index db84c10d75..8a1b127538 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -35,11 +35,7 @@ #define MBEDTLS_ECP_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 78591e7654..133aa52335 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -23,11 +23,7 @@ #define MBEDTLS_ENTROPY_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 2835fd55c3..2eb2b05f78 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 06b06b48cb..d1219bb1a4 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -32,11 +32,7 @@ #define MBEDTLS_GCM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 2e6b363045..81a627014e 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -25,11 +25,7 @@ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 164a4f7e37..793636fd1b 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -27,11 +27,7 @@ #define MBEDTLS_HMAC_DRBG_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 7bf821340c..1170bc1ad5 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -28,11 +28,7 @@ #include -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 6ef359154a..e7befc34f0 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -27,11 +27,7 @@ #define MBEDTLS_MD5_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 233977252a..0b4d023b0a 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 502b9f453d..7b77329a81 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -39,11 +39,7 @@ #define MBEDTLS_NET_SOCKETS_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ssl.h" diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index c537b589ac..bd6c658411 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -36,11 +36,7 @@ #define MBEDTLS_NIST_KW_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 19210424d4..9e68e91979 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -23,11 +23,7 @@ #define MBEDTLS_OID_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/asn1.h" #include "mbedtls/pk.h" diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index 9242da6b16..a01a296b40 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -23,11 +23,7 @@ #define MBEDTLS_PEM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index ec7fe6e723..9bbb2f6808 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -24,11 +24,7 @@ #define MBEDTLS_PK_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 06092d36eb..de139ac6b8 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/md.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 8f348ce524..c339398a7c 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -24,11 +24,7 @@ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/asn1.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index c50d7d211d..8fafe58af5 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -32,11 +32,7 @@ #define MBEDTLS_PLATFORM_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 7e7daab692..c63d389a48 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index 6d9cfecfa8..1a0a13513e 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -23,11 +23,7 @@ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #if defined(MBEDTLS_HAVE_TIME_DATE) diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 4d253858e1..7984ca4b7d 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -33,11 +33,7 @@ #define MBEDTLS_POLY1305_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index d7b9b172d3..f6f2e58054 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -27,11 +27,7 @@ #define MBEDTLS_PSA_UTIL_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index f12f4346d5..9132a83be3 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -23,11 +23,7 @@ #define MBEDTLS_RIPEMD160_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 9a070e703a..cffbe3b508 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -29,11 +29,7 @@ #define MBEDTLS_RSA_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" #include "mbedtls/md.h" diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 0975e2d70d..d2db67ca6f 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -30,11 +30,7 @@ #define MBEDTLS_SHA1_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 76bed43e3a..7f42c2c900 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -26,11 +26,7 @@ #define MBEDTLS_SHA256_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 00d8338b32..c43b9075e3 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -25,11 +25,7 @@ #define MBEDTLS_SHA512_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 02b59ed737..da3ca9c893 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -23,11 +23,7 @@ #define MBEDTLS_SSL_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" #include "mbedtls/ecp.h" diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index d995f8f6d5..e8d077f013 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -23,11 +23,7 @@ #define MBEDTLS_SSL_CACHE_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ssl.h" diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index e343c9c3d0..812560c8a1 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -23,11 +23,7 @@ #define MBEDTLS_SSL_CIPHERSUITES_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/pk.h" #include "mbedtls/cipher.h" diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index c4f042c80b..e216812655 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -23,11 +23,7 @@ #define MBEDTLS_SSL_COOKIE_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ssl.h" diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 1047dbb0d4..0f4117d343 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -23,11 +23,7 @@ #define MBEDTLS_SSL_TICKET_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /* * This implementation of the session ticket callbacks includes key diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index fae96c2d0c..96cadc4df8 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -23,11 +23,7 @@ #define MBEDTLS_THREADING_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 6ffc812d8b..25db1c6aa7 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -23,11 +23,7 @@ #define MBEDTLS_TIMING_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 5b0c70fca7..15161cc944 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -26,11 +26,7 @@ #ifndef MBEDTLS_VERSION_H #define MBEDTLS_VERSION_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /** * The version number x.y.z is split into three parts. diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index b7a969a3b2..5be4286ece 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -23,11 +23,7 @@ #define MBEDTLS_X509_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/asn1.h" #include "mbedtls/pk.h" diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 440da12166..9331827bb2 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -23,11 +23,7 @@ #define MBEDTLS_X509_CRL_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/x509.h" diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 9b0a495dc6..49211a948f 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -23,11 +23,7 @@ #define MBEDTLS_X509_CRT_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/x509.h" #include "mbedtls/x509_crl.h" diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index a0f1278e2a..674f9ce793 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -23,11 +23,7 @@ #define MBEDTLS_X509_CSR_H #include "mbedtls/private_access.h" -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/x509.h" diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index edf72107d8..4787e44b6c 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -36,11 +36,7 @@ /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /* Translate between classic MBEDTLS_xxx feature symbols and PSA_xxx * feature symbols. */ diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 15cdb416a5..2811c237af 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -42,11 +42,7 @@ /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 0afdf84aad..0b49a217e5 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -68,11 +68,7 @@ extern "C" { /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cmac.h" #include "mbedtls/gcm.h" diff --git a/library/aesni.h b/library/aesni.h index c1d22f59af..3359cfe94f 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -25,11 +25,7 @@ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/aes.h" diff --git a/library/bn_mul.h b/library/bn_mul.h index 17d057f3ab..b6b3b9e4ca 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -36,11 +36,7 @@ #ifndef MBEDTLS_BN_MUL_H #define MBEDTLS_BN_MUL_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 5635982b43..90563d85d0 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -24,11 +24,7 @@ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/cipher.h" diff --git a/library/common.h b/library/common.h index 0f61f94526..a2c8a1e726 100644 --- a/library/common.h +++ b/library/common.h @@ -23,11 +23,7 @@ #ifndef MBEDTLS_LIBRARY_COMMON_H #define MBEDTLS_LIBRARY_COMMON_H -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif +#include "mbedtls/build_info.h" /** Helper to define a function as static except when building invasive tests. * diff --git a/library/ecp_internal_alt.h b/library/ecp_internal_alt.h index 9b157eaa3b..a7544aaf17 100644 --- a/library/ecp_internal_alt.h +++ b/library/ecp_internal_alt.h @@ -59,11 +59,7 @@ #ifndef MBEDTLS_ECP_INTERNAL_H #define MBEDTLS_ECP_INTERNAL_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_ECP_INTERNAL_ALT) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index bf268892d2..9edf1f1d03 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/library/md_wrap.h b/library/md_wrap.h index cfd418a9b5..90c7957316 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -26,11 +26,7 @@ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/md.h" diff --git a/library/padlock.h b/library/padlock.h index 4f4e400346..1506ee0c9f 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -26,11 +26,7 @@ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/aes.h" diff --git a/library/pk_wrap.h b/library/pk_wrap.h index b2db63739f..eab9939104 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -23,11 +23,7 @@ #ifndef MBEDTLS_PK_WRAP_H #define MBEDTLS_PK_WRAP_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/pk.h" diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 4420ec2569..91757b5fdb 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -21,11 +21,7 @@ #ifndef PSA_CRYPTO_CORE_H #define PSA_CRYPTO_CORE_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index 1e5a407118..1dd957933b 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -28,11 +28,7 @@ #ifndef PSA_CRYPTO_INVASIVE_H #define PSA_CRYPTO_INVASIVE_H -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif +#include "mbedtls/build_info.h" #include "psa/crypto.h" #include "common.h" diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 710426168d..549dfb69e2 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -21,11 +21,7 @@ #ifndef PSA_CRYPTO_SE_H #define PSA_CRYPTO_SE_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h index 90c88a29f4..d6fc8e5925 100644 --- a/library/rsa_alt_helpers.h +++ b/library/rsa_alt_helpers.h @@ -55,11 +55,7 @@ #ifndef MBEDTLS_RSA_INTERNAL_H #define MBEDTLS_RSA_INTERNAL_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/bignum.h" diff --git a/library/ssl_misc.h b/library/ssl_misc.h index d25bc5576b..c93c88dfd0 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_SSL_MISC_H #define MBEDTLS_SSL_MISC_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/ssl.h" #include "mbedtls/cipher.h" diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 0f97867fad..0bee86fc0a 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -23,11 +23,7 @@ * Harmless on other platforms. */ #define _POSIX_C_SOURCE 200112L -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/fuzz/onefile.c b/programs/fuzz/onefile.c index c845149638..7b9a5906ba 100644 --- a/programs/fuzz/onefile.c +++ b/programs/fuzz/onefile.c @@ -5,11 +5,7 @@ /* This file doesn't use any Mbed TLS function, but grab config.h anyway * in case it contains platform-specific #defines related to malloc or * stdio functions. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index f73e5f8399..9243f0a4a4 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 18beb6997f..d2b6910f6b 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 28bfb893a1..eccb42ad83 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index a481e32916..174a363f22 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 79c313c055..0ddb85cf83 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 1f4b8bc3f5..ca046fd241 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 31b4584fff..f4756a4a44 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 941553012e..4043dfa6e0 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 2145e072ad..42039024ac 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 89c67ed9e6..8a09af5125 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index 8245d01bc3..63417522b6 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index e01f5d558f..f1bfd8a152 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index e629dc137d..293c0a0897 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 422fa257e2..08c4ddcc30 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index ee72243196..51735070d7 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index bb3649f900..42ec6a7a43 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index a000505248..f7ff68f9d7 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 1dcfc52f0f..e48050af4b 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index ebc88e457b..5aa592d03c 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index bbbe0a9bd2..91cb789e36 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 5a68246e52..1b3e193979 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 527d799167..d6634badd8 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 5d643492b2..cad875e015 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -50,11 +50,7 @@ /* First include Mbed TLS headers to get the Mbed TLS configuration and * platform definitions that we'll use in this program. Also include * standard C headers for functions we'll use here. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 0f27aaa30d..4deb92435d 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index 158a312192..0a9e2dd3bf 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 1e97795336..2bebb0df1e 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index d2cc4509d0..f2570490f5 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 42dbeac9ed..1e0bef6b1c 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -18,11 +18,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 6624224af4..3f7256fa83 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index b04d4b5380..5ad9120321 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -19,11 +19,7 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 74190103e2..542a334606 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index f223977a85..85514ee581 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -24,11 +24,7 @@ #define _POSIX_C_SOURCE 200112L #define _XOPEN_SOURCE 600 -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index a083e4b644..a8db4d8b10 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -18,11 +18,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index aaccb58ecd..ace657ceba 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index bd303bc02f..f9e031b587 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -20,11 +20,7 @@ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 6a53647d08..6b3cc25832 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -19,11 +19,7 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/platform.h" #if !defined(MBEDTLS_PLATFORM_C) diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c index 3f993a07b6..1ae627d423 100644 --- a/programs/test/cmake_package/cmake_package.c +++ b/programs/test/cmake_package/cmake_package.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c index 1ae0b8471a..9d5d3e4c73 100644 --- a/programs/test/cmake_package_install/cmake_package_install.c +++ b/programs/test/cmake_package_install/cmake_package_install.c @@ -18,11 +18,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c index 6d81830d55..ff6ebf02e2 100644 --- a/programs/test/cmake_subproject/cmake_subproject.c +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -18,11 +18,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index 61a7e896c5..7f1efe8dba 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -18,11 +18,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/aes.h" #include "mbedtls/aria.h" diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index 0e356c8225..a6eaf61590 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/query_config.h b/programs/test/query_config.h index 23009c46aa..79c23cffcd 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -20,11 +20,7 @@ #ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H #define MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /** Check whether a given configuration symbol is enabled. * diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 87d8a13b75..c7bcc53ac9 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -19,11 +19,7 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "mbedtls/entropy.h" #include "mbedtls/hmac_drbg.h" diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 91c231f9b5..307fc74260 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -25,11 +25,7 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index 5e6b58e155..a44099dfa2 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -25,11 +25,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index a2fd0fcb61..e273200a9e 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 6b7e448370..4b776d340e 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 2adef3904b..aab15db2b7 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 0ea2607686..ed42079b49 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index f1e5c6b419..9a20d63419 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index db43c54a1e..2720b1d8ef 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index e151734d21..fd316e223a 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index c707e4ca3b..2e5c23f675 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -17,11 +17,7 @@ * limitations under the License. */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include "query_config.h" diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h index c93c741c7f..03f0d03b85 100644 --- a/tests/include/test/certs.h +++ b/tests/include/test/certs.h @@ -22,11 +22,7 @@ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h index af64011669..9626af9e46 100644 --- a/tests/include/test/constant_flow.h +++ b/tests/include/test/constant_flow.h @@ -24,11 +24,7 @@ #ifndef TEST_CONSTANT_FLOW_H #define TEST_CONSTANT_FLOW_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /* * This file defines the two macros diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 2207cb36fe..0830229e4e 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H #define PSA_CRYPTO_TEST_DRIVERS_AEAD_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 4fe559618f..142f3b7655 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H #define PSA_CRYPTO_TEST_DRIVERS_CIPHER_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index ebe83dee4e..d202c8bf06 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H #define PSA_CRYPTO_TEST_DRIVERS_HASH_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 45814fd034..16e1f755ca 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H #define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 7733dd341c..5f6cd38a4d 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H #define PSA_CRYPTO_TEST_DRIVERS_MAC_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 5e64edc3c8..67f2b29a35 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H #define PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h index b2665bdda5..4e3301c4ae 100644 --- a/tests/include/test/drivers/size.h +++ b/tests/include/test/drivers/size.h @@ -20,11 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIZE_H #define PSA_CRYPTO_TEST_DRIVERS_SIZE_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h index faeef22e86..9d56dabf0d 100644 --- a/tests/include/test/fake_external_rng_for_test.h +++ b/tests/include/test/fake_external_rng_for_test.h @@ -22,11 +22,7 @@ #ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H #define FAKE_EXTERNAL_RNG_FOR_TEST_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /** Enable the insecure implementation of mbedtls_psa_external_get_random(). diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index c0d2c00724..27e5599ed1 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -30,11 +30,7 @@ * directly (without using the MBEDTLS_PRIVATE wrapper). */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \ defined(MBEDTLS_TEST_HOOKS) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 87e86d38e5..9b3fc9c809 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -24,11 +24,7 @@ #ifndef TEST_MACROS_H #define TEST_MACROS_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include diff --git a/tests/include/test/random.h b/tests/include/test/random.h index 6428280780..58548a2c8b 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -25,11 +25,7 @@ #ifndef TEST_RANDOM_H #define TEST_RANDOM_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #include #include diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 1278d95d26..52b586eaad 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -23,11 +23,7 @@ #endif #endif -#if !defined(MBEDTLS_CONFIG_FILE) -#include -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set From c5c9eb474140d45679ec5181bd73eb084b2d09ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 27 May 2021 23:31:30 +0200 Subject: [PATCH 0534/1065] Move preprocessor logic to build_info.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- configs/config-ccm-psk-tls1_2.h | 6 ----- configs/config-no-entropy.h | 7 ------ configs/config-suite-b.h | 7 ------ configs/config-symmetric-only.h | 9 -------- configs/config-thread.h | 7 ------ include/mbedtls/build_info.h | 19 ++++++++++++++++ include/mbedtls/config.h | 24 -------------------- tests/configs/config-wrapper-malloc-0-null.h | 5 ---- 8 files changed, 19 insertions(+), 65 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index a82950190d..51bb962919 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -29,8 +29,6 @@ * * See README.txt for usage instructions. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H /* System support */ //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ @@ -85,7 +83,3 @@ */ #define MBEDTLS_SSL_IN_CONTENT_LEN 1024 #define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 7ca33c3816..edba4a0782 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -29,9 +29,6 @@ * See README.txt for usage instructions. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME @@ -86,7 +83,3 @@ /* Miscellaneous options */ #define MBEDTLS_AES_ROM_TABLES - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index b62bdfabd0..c70773d63b 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -33,9 +33,6 @@ * See README.txt for usage instructions. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME @@ -113,7 +110,3 @@ */ #define MBEDTLS_SSL_IN_CONTENT_LEN 1024 #define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 5b10063277..6aff42f1c1 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -20,9 +20,6 @@ * limitations under the License. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - /* System support */ //#define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME @@ -90,9 +87,3 @@ //#define MBEDTLS_THREADING_C #define MBEDTLS_TIMING_C #define MBEDTLS_VERSION_C - -#include "mbedtls/config_psa.h" - -#include "check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h index c1937de80a..be889a1874 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -32,9 +32,6 @@ * See README.txt for usage instructions. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - /* System support */ #define MBEDTLS_HAVE_ASM @@ -89,7 +86,3 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 8e6b0b83f8..ad6d394c39 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -26,10 +26,29 @@ #ifndef MBEDTLS_BUILD_INFO_H #define MBEDTLS_BUILD_INFO_H +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif +/* Target and application specific configurations + * + * Allow user to override any previous default. + * + */ +#if defined(MBEDTLS_USER_CONFIG_FILE) +#include MBEDTLS_USER_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#include "mbedtls/config_psa.h" +#endif + +#include "mbedtls/check_config.h" + #endif /* MBEDTLS_BUILD_INFO_H */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 47605f9e24..f874ae235c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -24,13 +24,6 @@ * limitations under the License. */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - /** * \name SECTION: System support * @@ -3263,20 +3256,3 @@ //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED /* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -#include "mbedtls/config_psa.h" -#endif - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h index 69a9578c64..4c4f3bfcd3 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -18,9 +18,6 @@ * limitations under the License. */ -#ifndef MBEDTLS_CONFIG_H -/* Don't #define MBEDTLS_CONFIG_H, let config.h do it. */ - #include "mbedtls/config.h" #include @@ -33,5 +30,3 @@ static inline void *custom_calloc( size_t nmemb, size_t size ) #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc - -#endif /* MBEDTLS_CONFIG_H */ From 2893269cbb2c9dc638e7f66c4e8af354197bdd2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 27 May 2021 23:50:48 +0200 Subject: [PATCH 0535/1065] Remove reference to obsolete inclusion guard MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/generate_query_config.pl | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 7276049822..6c4deefecb 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -63,9 +63,6 @@ while (my $line = ) { if ($line =~ /^(\/\/)?\s*#\s*define\s+(MBEDTLS_\w+).*/) { my $name = $2; - # Skip over the macro that prevents multiple inclusion - next if "MBEDTLS_CONFIG_H" eq $name; - # Skip over the macro if it is in the ecluded list next if $name =~ /$excluded_re/; From bb0cfeb2d4b34eb3ec932ca8b8e215f49b703153 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 28 May 2021 09:42:25 +0200 Subject: [PATCH 0536/1065] Rename config.h to mbedtls_config.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit was generated using the following script: # ======================== #!/bin/sh git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i ' s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g s/config\.h/mbedtls_config.h/g y/\n/./ ' mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h # ======================== Signed-off-by: Bence Szépkúti --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- 3rdparty/CMakeLists.txt | 2 +- CMakeLists.txt | 2 +- README.md | 6 +++--- configs/README.txt | 4 ++-- .../Remove_3DES_ciphersuites.md | 2 +- ...e_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md | 4 ++-- .../modify_SHA384_option_behaviour.md | 2 +- .../remove-enable-weak-ciphersuites.md | 2 +- docs/3.0-migration-guide.d/remove-null-entropy.md | 2 +- ...emove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md | 2 +- .../remove_SSL_DTLS_BADMAC_LIMIT_option.md | 2 +- .../remove_ssl_record_checking.md | 2 +- .../separate_SHA224_from_SHA256.md | 2 +- ..._CLIENT_PREFERENCE_config_opt_to_runtime_opt.md | 2 +- docs/3.0-migration-guide.md | 2 +- docs/architecture/testing/test-framework.md | 2 +- docs/architecture/tls13-experimental.md | 2 +- docs/proposed/psa-conditional-inclusion-c.md | 14 +++++++------- include/CMakeLists.txt | 2 +- include/mbedtls/build_info.h | 4 ++-- include/mbedtls/check_config.h | 4 ++-- include/mbedtls/config_psa.h | 4 ++-- include/mbedtls/ctr_drbg.h | 4 ++-- include/mbedtls/ecp.h | 4 ++-- include/mbedtls/entropy.h | 2 +- include/mbedtls/hmac_drbg.h | 2 +- include/mbedtls/{config.h => mbedtls_config.h} | 4 ++-- include/mbedtls/memory_buffer_alloc.h | 2 +- include/mbedtls/platform.h | 2 +- include/mbedtls/platform_time.h | 2 +- include/mbedtls/ssl.h | 6 +++--- include/mbedtls/ssl_cache.h | 2 +- include/mbedtls/ssl_cookie.h | 2 +- include/mbedtls/version.h | 2 +- include/psa/crypto_config.h | 4 ++-- include/psa/crypto_extra.h | 2 +- library/Makefile | 10 +++++----- library/entropy_poll.c | 2 +- library/entropy_poll.h | 2 +- library/net_sockets.c | 4 ++-- library/platform_util.c | 2 +- library/threading.c | 2 +- library/timing.c | 2 +- programs/Makefile | 8 ++++---- programs/aes/crypt_and_hash.c | 2 +- programs/fuzz/onefile.c | 2 +- programs/ssl/ssl_mail_client.c | 2 +- programs/test/query_config.h | 4 ++-- scripts/apidoc_full.sh | 4 ++-- scripts/config.py | 12 ++++++------ scripts/data_files/query_config.fmt | 4 ++-- scripts/ecc-heap.sh | 4 ++-- scripts/ecp_comb_table.py | 2 +- scripts/footprint.sh | 6 +++--- scripts/generate_features.pl | 2 +- scripts/generate_query_config.pl | 6 +++--- scripts/memory.sh | 4 ++-- tests/compat.sh | 2 +- tests/configs/config-wrapper-malloc-0-null.h | 4 ++-- tests/scripts/all.sh | 10 +++++----- tests/scripts/basic-build-test.sh | 4 ++-- tests/scripts/curves.pl | 4 ++-- tests/scripts/depends-hashes.pl | 2 +- tests/scripts/depends-pkalgs.pl | 2 +- tests/scripts/key-exchanges.pl | 2 +- tests/scripts/list-symbols.sh | 4 ++-- tests/scripts/set_psa_test_dependencies.py | 2 +- tests/scripts/test-ref-configs.pl | 2 +- tests/scripts/test_config_script.py | 4 ++-- tests/ssl-opt.sh | 14 +++++++------- 71 files changed, 127 insertions(+), 127 deletions(-) rename include/mbedtls/{config.h => mbedtls_config.h} (99%) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index b9f146808a..c2031125ce 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -15,7 +15,7 @@ assignees: '' Mbed TLS version (number or commit id): Operating system and version: -Configuration (if not default, please attach `config.h`): +Configuration (if not default, please attach `mbedtls_config.h`): Compiler and options (if you used a pre-built binary, please indicate how you obtained it): Additional environment information: diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt index fbd0470de4..e81ff513a8 100644 --- a/3rdparty/CMakeLists.txt +++ b/3rdparty/CMakeLists.txt @@ -1,4 +1,4 @@ -execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) +execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/mbedtls_config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) if(${result} EQUAL 0) add_subdirectory(everest) diff --git a/CMakeLists.txt b/CMakeLists.txt index f126f8d10f..b92e0bb014 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -86,7 +86,7 @@ endif() if(MBEDTLS_PYTHON_EXECUTABLE) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY RESULT_VARIABLE result) if(${result} EQUAL 0) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) diff --git a/README.md b/README.md index 4c3c938632..a469f8fa2d 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Stability Configuration ------------- -Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Python 3 script `scripts/config.py` (use `--help` for usage instructions). +Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/mbedtls_config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Python 3 script `scripts/config.py` (use `--help` for usage instructions). Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below). @@ -242,7 +242,7 @@ For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, ad - `tests/compat.sh` tests interoperability of every ciphersuite with other implementations. - `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations. - `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled -- `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc). +- `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `mbedtls_config.h`, etc). Porting Mbed TLS ---------------- @@ -281,7 +281,7 @@ A browsable copy of the PSA Cryptography API documents is available on the [PSA Mbed TLS includes a reference implementation of the PSA Cryptography API. This implementation is not yet as mature as the rest of the library. Some parts of the code have not been reviewed as thoroughly, and some parts of the PSA implementation are not yet well optimized for code size. -The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `config.h`. +The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `mbedtls_config.h`. There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list. diff --git a/configs/README.txt b/configs/README.txt index 933fa7f21d..51560fb8d8 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -4,10 +4,10 @@ The examples are generally focused on a particular usage case (eg, support for a restricted number of ciphersuites) and aim at minimizing resource usage for this target. They can be used as a basis for custom configurations. -These files are complete replacements for the default config.h. To use one of +These files are complete replacements for the default mbedtls_config.h. To use one of them, you can pick one of the following methods: -1. Replace the default file include/mbedtls/config.h with the chosen one. +1. Replace the default file include/mbedtls/mbedtls_config.h with the chosen one. (Depending on your compiler, you may need to adjust the line with #include "mbedtls/check_config.h" then.) diff --git a/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md b/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md index 85a85b97a6..0863363685 100644 --- a/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md +++ b/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md @@ -1,7 +1,7 @@ Remove 3DES ciphersuites -- -This change does not affect users using default settings for 3DES in `config.h` +This change does not affect users using default settings for 3DES in `mbedtls_config.h` because the 3DES ciphersuites were disabled by that. 3DES has weaknesses/limitations and there are better alternatives, and more and diff --git a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md index bc3fa68069..c4005cffc8 100644 --- a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md +++ b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md @@ -1,10 +1,10 @@ Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options -- -This change affects users who modified the default `config.h` padding granularity +This change affects users who modified the default `mbedtls_config.h` padding granularity settings, i.e. enabled at least one of the options. -The `config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and +The `mbedtls_config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because they used exactly the same padding mechanism and hence their respective padding granularities can be used in exactly the same way. This change simplifies the diff --git a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md index fe6c75ec9e..68eacfc161 100644 --- a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md +++ b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md @@ -1,7 +1,7 @@ Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C ------------------------------------------------------ -This does not affect users who use the default `config.h`. +This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is enabled by default. diff --git a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md index c3c3306234..917d1ac8a4 100644 --- a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md +++ b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md @@ -1,7 +1,7 @@ Remove the configuration to enable weak ciphersuites in SSL / TLS ----------------------------------------------------------------- -This does not affect users who use the default `config.h`, as this option was +This does not affect users who use the default `mbedtls_config.h`, as this option was already off by default. If you were using a weak cipher, please switch to any of the modern, diff --git a/docs/3.0-migration-guide.d/remove-null-entropy.md b/docs/3.0-migration-guide.d/remove-null-entropy.md index 50e024a2a5..c38c93056a 100644 --- a/docs/3.0-migration-guide.d/remove-null-entropy.md +++ b/docs/3.0-migration-guide.d/remove-null-entropy.md @@ -1,7 +1,7 @@ Remove the option to build the library without any entropy sources ------------------------------------------------------------------ -This does not affect users who use the default `config.h`, as this option was +This does not affect users who use the default `mbedtls_config.h`, as this option was already off by default. If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md index 2acb3bfbe6..ebb4be946f 100644 --- a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md +++ b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md @@ -1,4 +1,4 @@ -Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `config.h` +Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` ------------------------------------------------------------------- This change affects users who have chosen the configuration options to disable the diff --git a/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md b/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md index f81bdadbaf..3c0cbe944a 100644 --- a/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md +++ b/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md @@ -1,7 +1,7 @@ Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option ------------------------------------------- -This change does not affect users who used the default `config.h`, as the option +This change does not affect users who used the default `mbedtls_config.h`, as the option MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. This option was a trade-off between functionality and code size: it allowed diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index 7550f7b5a5..7bee4ae9d2 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -1,7 +1,7 @@ Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default -------------------------------------------------------------------------- -This change does not affect users who use the default config.h, as the +This change does not affect users who use the default mbedtls_config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. This option was added only to control compilation of one function, diff --git a/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md b/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md index 96a38e057e..f5a8d98739 100644 --- a/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md +++ b/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md @@ -1,7 +1,7 @@ Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C ----------------------------------------------------------------- -This does not affect users who use the default `config.h`. MBEDTLS_SHA256_C +This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are enabled. diff --git a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md index 6a6554dfb0..6f5a13acaa 100644 --- a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md +++ b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md @@ -2,7 +2,7 @@ Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runti -- This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE -option in the `config.h` +option in the `mbedtls_config.h` This option has been removed and a new function with similar functionality has been introduced into the SSL API. diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 1541c7abbf..5fe6ebd7a6 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -139,7 +139,7 @@ avoid variants of the CRIME and BREACH attacks. Remove support for TLS RC4-based ciphersuites --------------------------------------------- -This does not affect people who used the default `config.h` and the default +This does not affect people who used the default `mbedtls_config.h` and the default list of ciphersuites, as RC4-based ciphersuites were already not negotiated in that case. diff --git a/docs/architecture/testing/test-framework.md b/docs/architecture/testing/test-framework.md index c4178fa170..d0d4776112 100644 --- a/docs/architecture/testing/test-framework.md +++ b/docs/architecture/testing/test-framework.md @@ -51,7 +51,7 @@ The outcome file is in a CSV format using `;` (semicolon) as the delimiter and n The outcome file has 6 fields: * **Platform**: a description of the platform, e.g. `Linux-x86_64` or `Linux-x86_64-gcc7-msan`. -* **Configuration**: a unique description of the configuration (`config.h`). +* **Configuration**: a unique description of the configuration (`mbedtls_config.h`). * **Test suite**: `test_suite_xxx` or `ssl-opt`. * **Test case**: the description of the test case. * **Result**: one of `PASS`, `SKIP` or `FAIL`. diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md index 10cbfa1e73..0009c68180 100644 --- a/docs/architecture/tls13-experimental.md +++ b/docs/architecture/tls13-experimental.md @@ -15,7 +15,7 @@ MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL This macro will likely be renamed to `MBEDTLS_SSL_PROTO_TLS1_3` once a minimal viable implementation of the TLS 1.3 protocol is available. -See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/config.h) +See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/mbedtls_config.h) for more information. Status diff --git a/docs/proposed/psa-conditional-inclusion-c.md b/docs/proposed/psa-conditional-inclusion-c.md index 2ddba7fb27..aae4e61936 100644 --- a/docs/proposed/psa-conditional-inclusion-c.md +++ b/docs/proposed/psa-conditional-inclusion-c.md @@ -15,7 +15,7 @@ The present document proposes a way for an application using the PSA cryptograph ### Conditional inclusion of legacy cryptography modules -Mbed TLS offers a way to select which cryptographic mechanisms are included in a build through its configuration file (`config.h`). This mechanism is based on two main sets of symbols: `MBEDTLS_xxx_C` controls the availability of the mechanism to the application, and `MBEDTLS_xxx_ALT` controls the availability of an alternative implementation, so the software implementation is only included if `MBEDTLS_xxx_C` is defined but not `MBEDTLS_xxx_ALT`. +Mbed TLS offers a way to select which cryptographic mechanisms are included in a build through its configuration file (`mbedtls_config.h`). This mechanism is based on two main sets of symbols: `MBEDTLS_xxx_C` controls the availability of the mechanism to the application, and `MBEDTLS_xxx_ALT` controls the availability of an alternative implementation, so the software implementation is only included if `MBEDTLS_xxx_C` is defined but not `MBEDTLS_xxx_ALT`. ### PSA evolution @@ -51,10 +51,10 @@ The current model is difficult to adapt to the PSA interface for several reasons The PSA Crypto configuration file `psa/crypto_config.h` defines a series of symbols of the form `PSA_WANT_xxx` where `xxx` describes the feature that the symbol enables. The symbols are documented in the section [“PSA Crypto configuration symbols”](#psa-crypto-configuration-symbols) below. -The symbol `MBEDTLS_PSA_CRYPTO_CONFIG` in `mbedtls/config.h` determines whether `psa/crypto_config.h` is used. +The symbol `MBEDTLS_PSA_CRYPTO_CONFIG` in `mbedtls/mbedtls_config.h` determines whether `psa/crypto_config.h` is used. * If `MBEDTLS_PSA_CRYPTO_CONFIG` is unset, which is the default at least in Mbed TLS 2.x versions, things are as they are today: the PSA subsystem includes generic code unconditionally, and includes support for specific mechanisms conditionally based on the existing `MBEDTLS_xxx_` symbols. -* If `MBEDTLS_PSA_CRYPTO_CONFIG` is set, the necessary software implementations of cryptographic algorithms are included based on both the content of the PSA Crypto configuration file and the Mbed TLS configuration file. For example, the code in `aes.c` is enabled if either `mbedtls/config.h` contains `MBEDTLS_AES_C` or `psa/crypto_config.h` contains `PSA_WANT_KEY_TYPE_AES`. +* If `MBEDTLS_PSA_CRYPTO_CONFIG` is set, the necessary software implementations of cryptographic algorithms are included based on both the content of the PSA Crypto configuration file and the Mbed TLS configuration file. For example, the code in `aes.c` is enabled if either `mbedtls/mbedtls_config.h` contains `MBEDTLS_AES_C` or `psa/crypto_config.h` contains `PSA_WANT_KEY_TYPE_AES`. ### PSA Crypto configuration symbols @@ -123,17 +123,17 @@ These symbols are not part of the public interface of Mbed TLS towards applicati #### New-style definition of configuration symbols -When `MBEDTLS_PSA_CRYPTO_CONFIG` is set, the header file `mbedtls/config.h` needs to define all the `MBEDTLS_xxx_C` configuration symbols, including the ones deduced from the PSA Crypto configuration. It does this by including the new header file **`mbedtls/config_psa.h`**, which defines the `MBEDTLS_PSA_BUILTIN_xxx` symbols and deduces the corresponding `MBEDTLS_xxx_C` (and other) symbols. +When `MBEDTLS_PSA_CRYPTO_CONFIG` is set, the header file `mbedtls/mbedtls_config.h` needs to define all the `MBEDTLS_xxx_C` configuration symbols, including the ones deduced from the PSA Crypto configuration. It does this by including the new header file **`mbedtls/config_psa.h`**, which defines the `MBEDTLS_PSA_BUILTIN_xxx` symbols and deduces the corresponding `MBEDTLS_xxx_C` (and other) symbols. `mbedtls/config_psa.h` includes `psa/crypto_config.h`, the user-editable file that defines application requirements. #### Old-style definition of configuration symbols -When `MBEDTLS_PSA_CRYPTO_CONFIG` is not set, the configuration of Mbed TLS works as before, and the inclusion of non-PSA code only depends on `MBEDTLS_xxx` symbols defined (or not) in `mbedtls/config.h`. Furthermore, the new header file **`mbedtls/config_psa.h`** deduces PSA configuration symbols (`PSA_WANT_xxx`, `MBEDTLS_PSA_BUILTIN_xxx`) from classic configuration symbols (`MBEDTLS_xxx`). +When `MBEDTLS_PSA_CRYPTO_CONFIG` is not set, the configuration of Mbed TLS works as before, and the inclusion of non-PSA code only depends on `MBEDTLS_xxx` symbols defined (or not) in `mbedtls/mbedtls_config.h`. Furthermore, the new header file **`mbedtls/config_psa.h`** deduces PSA configuration symbols (`PSA_WANT_xxx`, `MBEDTLS_PSA_BUILTIN_xxx`) from classic configuration symbols (`MBEDTLS_xxx`). The `PSA_WANT_xxx` definitions in `mbedtls/config_psa.h` are needed not only to build the PSA parts of the library, but also to build code that uses these parts. This includes structure definitions in `psa/crypto_struct.h`, size calculations in `psa/crypto_sizes.h`, and application code that's specific to a given cryptographic mechanism. In Mbed TLS itself, code under `MBEDTLS_USE_PSA_CRYPTO` and conditional compilation guards in tests and sample programs need `PSA_WANT_xxx`. -Since some existing applications use a handwritten `mbedtls/config.h` or an edited copy of `mbedtls/config.h` from an earlier version of Mbed TLS, `mbedtls/config_psa.h` must be included via an already existing header that is not `mbedtls/config.h`, so it is included via `psa/crypto.h` (for example from `psa/crypto_platform.h`). +Since some existing applications use a handwritten `mbedtls/mbedtls_config.h` or an edited copy of `mbedtls/mbedtls_config.h` from an earlier version of Mbed TLS, `mbedtls/config_psa.h` must be included via an already existing header that is not `mbedtls/mbedtls_config.h`, so it is included via `psa/crypto.h` (for example from `psa/crypto_platform.h`). #### Summary of definitions of configuration symbols @@ -147,7 +147,7 @@ The following table summarizes where symbols are defined depending on the config | Symbols | With `MBEDTLS_PSA_CRYPTO_CONFIG` | Without `MBEDTLS_PSA_CRYPTO_CONFIG` | | ------------------------- | -------------------------------- | ----------------------------------- | -| `MBEDTLS_xxx_C` | `mbedtls/config.h` (U) or | `mbedtls/config.h` (U) | +| `MBEDTLS_xxx_C` | `mbedtls/mbedtls_config.h` (U) or | `mbedtls/mbedtls_config.h` (U) | | | `mbedtls/config_psa.h` (D) | | | `PSA_WANT_xxx` | `psa/crypto_config.h` (U) | `mbedtls/config_psa.h` (D) | | `MBEDTLS_PSA_BUILTIN_xxx` | `mbedtls/config_psa.h` (D) | `mbedtls/config_psa.h` (D) | diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 62c0f620af..e693bc17cc 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -15,7 +15,7 @@ if(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS) -# Make config.h available in an out-of-source build. ssl-opt.sh requires it. +# Make mbedtls_config.h available in an out-of-source build. ssl-opt.sh requires it. if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(mbedtls) link_to_source(psa) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index ad6d394c39..ab4ceff008 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -4,7 +4,7 @@ * \brief Build-time configuration info * * Include this file if you need to depend on the - * configuration options defined in config.h + * configuration options defined in mbedtls_config.h */ /* * Copyright The Mbed TLS Contributors @@ -31,7 +31,7 @@ #endif #if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" +#include "mbedtls/mbedtls_config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 36959ed63f..aa8bcd2531 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -21,7 +21,7 @@ */ /* - * It is recommended to include this file from your config.h + * It is recommended to include this file from your mbedtls_config.h * in order to catch dependency issues early. */ @@ -42,7 +42,7 @@ #error "MBEDTLS_PLATFORM_C is required on Windows" #endif -/* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as +/* Fix the config here. Not convenient to put an #ifdef _WIN32 in mbedtls_config.h as * it would confuse config.py. */ #if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \ !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index a0f2637fb0..f182c5274a 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -3,11 +3,11 @@ * \brief PSA crypto configuration options (set of defines) * * This set of compile-time options takes settings defined in - * include/mbedtls/config.h and include/psa/crypto_config.h and uses + * include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h and uses * those definitions to define symbols used in the library code. * * Users and integrators should not edit this file, please edit - * include/mbedtls/config.h for MBETLS_XXX settings or + * include/mbedtls/mbedtls_config.h for MBETLS_XXX settings or * include/psa/crypto_config.h for PSA_WANT_XXX settings. */ /* diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 34e139fcbb..c188b08ae2 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -16,7 +16,7 @@ * The security strength as defined in NIST SP 800-90A is * 128 bits when AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) * and 256 bits otherwise, provided that #MBEDTLS_CTR_DRBG_ENTROPY_LEN is - * kept at its default value (and not overridden in config.h) and that the + * kept at its default value (and not overridden in mbedtls_config.h) and that the * DRBG instance is set up with default parameters. * See the documentation of mbedtls_ctr_drbg_seed() for more * information. @@ -80,7 +80,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them using the compiler command + * Either change them in mbedtls_config.h or define them using the compiler command * line. * \{ */ diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 8a1b127538..b87114bc72 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -91,7 +91,7 @@ extern "C" { * - Increment MBEDTLS_ECP_DP_MAX below if needed. * - Update the calculation of MBEDTLS_ECP_MAX_BITS below. * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to - * config.h. + * mbedtls_config.h. * - List the curve as a dependency of MBEDTLS_ECP_C and * MBEDTLS_ECDSA_C if supported in check_config.h. * - Add the curve to the appropriate curve type macro @@ -244,7 +244,7 @@ mbedtls_ecp_group; * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h, or define them using the compiler command line. + * Either change them in mbedtls_config.h, or define them using the compiler command line. * \{ */ diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 133aa52335..a16a3753fb 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -52,7 +52,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 793636fd1b..0df8ee8554 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -47,7 +47,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/config.h b/include/mbedtls/mbedtls_config.h similarity index 99% rename from include/mbedtls/config.h rename to include/mbedtls/mbedtls_config.h index f874ae235c..5212fb3be6 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1,5 +1,5 @@ /** - * \file config.h + * \file mbedtls_config.h * * \brief Configuration options (set of defines) * @@ -1736,7 +1736,7 @@ * * If you enable this option and write your own configuration file, you must * include mbedtls/config_psa.h in your configuration file. The default - * provided mbedtls/config.h contains the necessary inclusion. + * provided mbedtls/mbedtls_config.h contains the necessary inclusion. * * This feature is still experimental and is not ready for production since * it is not completed. diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 0b4d023b0a..d4737f5c42 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -30,7 +30,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 8fafe58af5..277a85c7df 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -46,7 +46,7 @@ extern "C" { * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index c63d389a48..8d4b95d1db 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -32,7 +32,7 @@ extern "C" { * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index da3ca9c893..ed3936a831 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -211,7 +211,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ @@ -3539,7 +3539,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * * \note The logic to determine the maximum outgoing record payload is * version-specific. It takes into account various factors, such as - * the config.h setting \c MBEDTLS_SSL_OUT_CONTENT_LEN, extensions + * the mbedtls_config.h setting \c MBEDTLS_SSL_OUT_CONTENT_LEN, extensions * such as the max fragment length or record size limit extension if * used, and for DTLS the path MTU as configured and current * record expansion. @@ -3566,7 +3566,7 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); * * \note The logic to determine the maximum outgoing record payload is * version-specific. It takes into account various factors, such as - * the config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions + * the mbedtls_config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions * such as the max fragment length extension or record size limit * extension if used, and the current record expansion. * diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index e8d077f013..6a81ac990d 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -35,7 +35,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index e216812655..86698b050b 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -35,7 +35,7 @@ * \name SECTION: Module settings * * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. + * Either change them in mbedtls_config.h or define them on the compiler command line. * \{ */ #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 15161cc944..cdd3ca6344 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -86,7 +86,7 @@ void mbedtls_version_get_string_full( char *string ); * * \note only checks against defines in the sections "System * support", "mbed TLS modules" and "mbed TLS feature - * support" in config.h + * support" in mbedtls_config.h * * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C") * diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 32ef1c2f26..3f95d0ef19 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -5,7 +5,7 @@ */ #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /** - * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h, + * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, * this file determines which cryptographic mechanisms are enabled * through the PSA Cryptography API (\c psa_xxx() functions). * @@ -24,7 +24,7 @@ */ #else /** - * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h, + * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h, * this file is not used, and cryptographic mechanisms are supported * through the PSA API if and only if they are supported through the * mbedtls_xxx API. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 51c0859378..2c0b1067c8 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -40,7 +40,7 @@ extern "C" { /* UID for secure storage seed */ #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 -/* See config.h for definition */ +/* See mbedtls_config.h for definition */ #if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT) #define MBEDTLS_PSA_KEY_SLOT_COUNT 32 #endif diff --git a/library/Makefile b/library/Makefile index 62fd99709c..3f54bacb42 100644 --- a/library/Makefile +++ b/library/Makefile @@ -1,5 +1,5 @@ -# Also see "include/mbedtls/config.h" +# Also see "include/mbedtls/mbedtls_config.h" CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral @@ -281,12 +281,12 @@ error.c: version_features.c: ../scripts/generate_features.pl version_features.c: ../scripts/data_files/version_features.fmt -## The generated file only depends on the options that are present in config.h, +## The generated file only depends on the options that are present in mbedtls_config.h, ## not on which options are set. To avoid regenerating this file all the time -## when switching between configurations, don't declare config.h as a +## when switching between configurations, don't declare mbedtls_config.h as a ## dependency. Remove this file from your working tree if you've just added or -## removed an option in config.h. -#version_features.c: ../include/mbedtls/config.h +## removed an option in mbedtls_config.h. +#version_features.c: ../include/mbedtls/mbedtls_config.h version_features.c: echo " Gen $@" $(PERL) ../scripts/generate_features.pl diff --git a/library/entropy_poll.c b/library/entropy_poll.c index bccc03478e..058c307dfb 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -44,7 +44,7 @@ #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ !defined(__HAIKU__) && !defined(__midipix__) -#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" +#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in mbedtls_config.h" #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index 9edf1f1d03..aef1a0977d 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -51,7 +51,7 @@ int mbedtls_platform_entropy_poll( void *data, * \brief Entropy poll callback for a hardware source * * \warning This is not provided by mbed TLS! - * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h. + * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in mbedtls_config.h. * * \note This must accept NULL as its first argument. */ diff --git a/library/net_sockets.c b/library/net_sockets.c index 5fbe1f764a..17a9e4a576 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -18,7 +18,7 @@ */ /* Enable definition of getaddrinfo() even when compiling with -std=c99. Must - * be set before config.h, which pulls in glibc's features.h indirectly. + * be set before mbedtls_config.h, which pulls in glibc's features.h indirectly. * Harmless on other platforms. */ #ifndef _POSIX_C_SOURCE #define _POSIX_C_SOURCE 200112L @@ -34,7 +34,7 @@ #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ !defined(__HAIKU__) && !defined(__midipix__) -#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h" +#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in mbedtls_config.h" #endif #if defined(MBEDTLS_PLATFORM_C) diff --git a/library/platform_util.c b/library/platform_util.c index 98fe5deb2d..4e97e4d1b8 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -20,7 +20,7 @@ /* * Ensure gmtime_r is available even with -std=c99; must be defined before - * config.h, which pulls in glibc's features.h. Harmless on other platforms. + * mbedtls_config.h, which pulls in glibc's features.h. Harmless on other platforms. */ #if !defined(_POSIX_C_SOURCE) #define _POSIX_C_SOURCE 200112L diff --git a/library/threading.c b/library/threading.c index 2de117f52a..bae6644f68 100644 --- a/library/threading.c +++ b/library/threading.c @@ -19,7 +19,7 @@ /* * Ensure gmtime_r is available even with -std=c99; must be defined before - * config.h, which pulls in glibc's features.h. Harmless on other platforms. + * mbedtls_config.h, which pulls in glibc's features.h. Harmless on other platforms. */ #if !defined(_POSIX_C_SOURCE) #define _POSIX_C_SOURCE 200112L diff --git a/library/timing.c b/library/timing.c index a85ce67b83..8a02c00de0 100644 --- a/library/timing.c +++ b/library/timing.c @@ -28,7 +28,7 @@ #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ !defined(__HAIKU__) && !defined(__midipix__) -#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h" +#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in mbedtls_config.h" #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) diff --git a/programs/Makefile b/programs/Makefile index dcdb8f36db..997c198716 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -153,12 +153,12 @@ psa/psa_constant_names_generated.c: $(PYTHON) ../scripts/generate_psa_constants.py test/query_config.c: ../scripts/generate_query_config.pl -## The generated file only depends on the options that are present in config.h, +## The generated file only depends on the options that are present in mbedtls_config.h, ## not on which options are set. To avoid regenerating this file all the time -## when switching between configurations, don't declare config.h as a +## when switching between configurations, don't declare mbedtls_config.h as a ## dependency. Remove this file from your working tree if you've just added or -## removed an option in config.h. -#test/query_config.c: ../include/mbedtls/config.h +## removed an option in mbedtls_config.h. +#test/query_config.c: ../include/mbedtls/mbedtls_config.h test/query_config.c: ../scripts/data_files/query_config.fmt test/query_config.c: echo " Gen $@" diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 0bee86fc0a..a8026a3353 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -19,7 +19,7 @@ */ /* Enable definition of fileno() even when compiling with -std=c99. Must be - * set before config.h, which pulls in glibc's features.h indirectly. + * set before mbedtls_config.h, which pulls in glibc's features.h indirectly. * Harmless on other platforms. */ #define _POSIX_C_SOURCE 200112L diff --git a/programs/fuzz/onefile.c b/programs/fuzz/onefile.c index 7b9a5906ba..efd8dbb828 100644 --- a/programs/fuzz/onefile.c +++ b/programs/fuzz/onefile.c @@ -2,7 +2,7 @@ #include #include -/* This file doesn't use any Mbed TLS function, but grab config.h anyway +/* This file doesn't use any Mbed TLS function, but grab mbedtls_config.h anyway * in case it contains platform-specific #defines related to malloc or * stdio functions. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 85514ee581..32960ad411 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -18,7 +18,7 @@ */ /* Enable definition of gethostname() even when compiling with -std=c99. Must - * be set before config.h, which pulls in glibc's features.h indirectly. + * be set before mbedtls_config.h, which pulls in glibc's features.h indirectly. * Harmless on other platforms. */ #define _POSIX_C_SOURCE 200112L diff --git a/programs/test/query_config.h b/programs/test/query_config.h index 79c23cffcd..0fad886d14 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -1,5 +1,5 @@ /* - * Query Mbed TLS compile time configurations from config.h + * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -26,7 +26,7 @@ * * \param config The symbol to query (e.g. "MBEDTLS_RSA_C"). * \return \c 0 if the symbol was defined at compile time - * (in MBEDTLS_CONFIG_FILE or config.h), + * (in MBEDTLS_CONFIG_FILE or mbedtls_config.h), * \c 1 otherwise. * * \note This function is defined in `programs/test/query_config.c` diff --git a/scripts/apidoc_full.sh b/scripts/apidoc_full.sh index 03bbb64200..cf01e1f8e7 100755 --- a/scripts/apidoc_full.sh +++ b/scripts/apidoc_full.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Generate doxygen documentation with a full config.h (this ensures that every +# Generate doxygen documentation with a full mbedtls_config.h (this ensures that every # available flag is documented, and avoids warnings about documentation # without a corresponding #define). # @@ -24,7 +24,7 @@ set -eu -CONFIG_H='include/mbedtls/config.h' +CONFIG_H='include/mbedtls/mbedtls_config.h' if [ -r $CONFIG_H ]; then :; else echo "$CONFIG_H not found" >&2 diff --git a/scripts/config.py b/scripts/config.py index cbce1eb471..6d5edc7c0b 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -26,14 +26,14 @@ import os import re class Setting: - """Representation of one Mbed TLS config.h setting. + """Representation of one Mbed TLS mbedtls_config.h setting. Fields: * name: the symbol name ('MBEDTLS_xxx'). * value: the value of the macro. The empty string for a plain #define with no value. * active: True if name is defined, False if a #define for name is - present in config.h but commented out. + present in mbedtls_config.h but commented out. * section: the name of the section that contains this symbol. """ # pylint: disable=too-few-public-methods @@ -321,7 +321,7 @@ class ConfigFile(Config): and modify the configuration. """ - _path_in_tree = 'include/mbedtls/config.h' + _path_in_tree = 'include/mbedtls/mbedtls_config.h' default_path = [_path_in_tree, os.path.join(os.path.dirname(__file__), os.pardir, @@ -363,7 +363,7 @@ class ConfigFile(Config): _config_line_regexp = re.compile(r'|'.join([_define_line_regexp, _section_line_regexp])) def _parse_line(self, line): - """Parse a line in config.h and return the corresponding template.""" + """Parse a line in mbedtls_config.h and return the corresponding template.""" line = line.rstrip('\r\n') m = re.match(self._config_line_regexp, line) if m is None: @@ -384,7 +384,7 @@ class ConfigFile(Config): return template def _format_template(self, name, indent, middle): - """Build a line for config.h for the given setting. + """Build a line for mbedtls_config.h for the given setting. The line has the form "#define " where is "#define ". @@ -428,7 +428,7 @@ class ConfigFile(Config): if __name__ == '__main__': def main(): - """Command line config.h manipulation tool.""" + """Command line mbedtls_config.h manipulation tool.""" parser = argparse.ArgumentParser(description=""" Mbed TLS and Mbed Crypto configuration file manipulation tool. """) diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 2e5c23f675..ffa816ecee 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -1,5 +1,5 @@ /* - * Query Mbed TLS compile time configurations from config.h + * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -30,7 +30,7 @@ /* * Include all the headers with public APIs in case they define a macro to its - * default value when that configuration is not set in the config.h. + * default value when that configuration is not set in the mbedtls_config.h. */ #include "mbedtls/aes.h" #include "mbedtls/aria.h" diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 8d1beee5fb..76ecf111a9 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -24,7 +24,7 @@ set -eu -CONFIG_H='include/mbedtls/config.h' +CONFIG_H='include/mbedtls/mbedtls_config.h' if [ -r $CONFIG_H ]; then :; else echo "$CONFIG_H not found" >&2 @@ -37,7 +37,7 @@ if grep -i cmake Makefile >/dev/null; then :; else fi if git status | grep -F $CONFIG_H >/dev/null 2>&1; then - echo "config.h not clean" >&2 + echo "mbedtls_config.h not clean" >&2 exit 1 fi diff --git a/scripts/ecp_comb_table.py b/scripts/ecp_comb_table.py index bc11431189..6719be1c37 100755 --- a/scripts/ecp_comb_table.py +++ b/scripts/ecp_comb_table.py @@ -126,7 +126,7 @@ int main() } if ( grp.T == NULL ) { fprintf( stderr, "grp.T is not generated. Please make sure" - "MBEDTLS_ECP_FIXED_POINT_OPTIM is enabled in config.h\n" ); + "MBEDTLS_ECP_FIXED_POINT_OPTIM is enabled in mbedtls_config.h\n" ); return 1; } dump_T( &grp ); diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 4d7be7a27c..6c0fc2554a 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -21,7 +21,7 @@ # configurations, when built for a Cortex M3/M4 target. # # Configurations included: -# default include/mbedtls/config.h +# default include/mbedtls/mbedtls_config.h # thread configs/config-thread.h # suite-b configs/config-suite-b.h # psk configs/config-ccm-psk-tls1_2.h @@ -30,7 +30,7 @@ # set -eu -CONFIG_H='include/mbedtls/config.h' +CONFIG_H='include/mbedtls/mbedtls_config.h' if [ -r $CONFIG_H ]; then :; else echo "$CONFIG_H not found" >&2 @@ -112,7 +112,7 @@ log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION" log "$( arm-none-eabi-gcc --version | head -n1 )" log "CFLAGS=$ARMGCC_FLAGS" -doit default include/mbedtls/config.h +doit default include/mbedtls/mbedtls_config.h doit thread configs/config-thread.h doit suite-b configs/config-suite-b.h doit psk configs/config-ccm-psk-tls1_2.h diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index 6b1dcbf897..b99c637c5b 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -51,7 +51,7 @@ close(FORMAT_FILE); $/ = $line_separator; -open(CONFIG_H, '<:crlf', "$include_dir/config.h") || die("Failure when opening config.h: $!"); +open(CONFIG_H, '<:crlf', "$include_dir/mbedtls_config.h") || die("Failure when opening mbedtls_config.h: $!"); my $feature_defines = ""; my $in_section = 0; diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 6c4deefecb..e3bbaa0745 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -8,9 +8,9 @@ # the library, for example, for testing. # # The query_config.c is generated from the current configuration at -# include/mbedtls/config.h. The idea is that the config.h contains ALL the +# include/mbedtls/mbedtls_config.h. The idea is that the mbedtls_config.h contains ALL the # compile time configurations available in Mbed TLS (commented or uncommented). -# This script extracts the configuration macros from the config.h and this +# This script extracts the configuration macros from the mbedtls_config.h and this # information is used to automatically generate the body of the query_config() # function by using the template in scripts/data_files/query_config.fmt. # @@ -33,7 +33,7 @@ use strict; -my $config_file = "./include/mbedtls/config.h"; +my $config_file = "./include/mbedtls/mbedtls_config.h"; my $query_config_format_file = "./scripts/data_files/query_config.fmt"; my $query_config_file = "./programs/test/query_config.c"; diff --git a/scripts/memory.sh b/scripts/memory.sh index c05be74c86..e3ce9d6d17 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -23,7 +23,7 @@ set -eu -CONFIG_H='include/mbedtls/config.h' +CONFIG_H='include/mbedtls/mbedtls_config.h' CLIENT='mini_client' @@ -46,7 +46,7 @@ if [ $( uname ) != Linux ]; then fi if git status | grep -F $CONFIG_H >/dev/null 2>&1; then - echo "config.h not clean" >&2 + echo "mbedtls_config.h not clean" >&2 exit 1 fi diff --git a/tests/compat.sh b/tests/compat.sh index 6c1e0d4dac..c2bef26121 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -74,7 +74,7 @@ FILTER="" # exclude: # - NULL: excluded from our default config # avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL) -# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1 +# - ARIA: not in default mbedtls_config.h + requires OpenSSL >= 1.1.1 # - ChachaPoly: requires OpenSSL >= 1.1.0 # - 3DES: not in default config EXCLUDE='NULL\|DES\|ARIA\|CHACHA20-POLY1305' diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h index 4c4f3bfcd3..e7bdbeb9e4 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -1,4 +1,4 @@ -/* config.h wrapper that forces calloc(0) to return NULL. +/* mbedtls_config.h wrapper that forces calloc(0) to return NULL. * Used for testing. */ /* @@ -18,7 +18,7 @@ * limitations under the License. */ -#include "mbedtls/config.h" +#include "mbedtls/mbedtls_config.h" #include static inline void *custom_calloc( size_t nmemb, size_t size ) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c0771f0738..256cacbc9e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -34,7 +34,7 @@ # Warning: the test is destructive. It includes various build modes and # configurations, and can and will arbitrarily change the current CMake # configuration. The following files must be committed into git: -# * include/mbedtls/config.h +# * include/mbedtls/mbedtls_config.h # * Makefile, library/Makefile, programs/Makefile, tests/Makefile, # programs/fuzz/Makefile # After running this script, the CMake cache will be lost and CMake @@ -85,7 +85,7 @@ # means that components can assume that the working directory is in a # cleaned-up state, and don't need to perform the cleanup themselves. # * Run `make clean`. -# * Restore `include/mbedtks/config.h` from a backup made before running +# * Restore `include/mbedtks/mbedtls_config.h` from a backup made before running # the component. # * Check out `Makefile`, `library/Makefile`, `programs/Makefile`, # `tests/Makefile` and `programs/fuzz/Makefile` from git. @@ -125,7 +125,7 @@ pre_check_environment () { } pre_initialize_variables () { - CONFIG_H='include/mbedtls/config.h' + CONFIG_H='include/mbedtls/mbedtls_config.h' CONFIG_BAK="$CONFIG_H.bak" CRYPTO_CONFIG_H='include/psa/crypto_config.h' CRYPTO_CONFIG_BAK="$CRYPTO_CONFIG_H.bak" @@ -463,8 +463,8 @@ pre_check_git () { exit 1 fi - if ! git diff --quiet include/mbedtls/config.h; then - err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " + if ! git diff --quiet include/mbedtls/mbedtls_config.h; then + err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. " echo "You can either delete or preserve your work, or force the test by rerunning the" echo "script as: $0 --force" exit 1 diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 8fcde6fdb1..83aa87aa08 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -30,7 +30,7 @@ # # The tests focus on functionality and do not consider performance. # -# Note the tests self-adapt due to configurations in include/mbedtls/config.h +# Note the tests self-adapt due to configurations in include/mbedtls/mbedtls_config.h # which can lead to some tests being skipped, and can cause the number of # available tests to fluctuate. # @@ -68,7 +68,7 @@ export OPENSSL_CMD="$OPENSSL" export GNUTLS_CLI="$GNUTLS_CLI" export GNUTLS_SERV="$GNUTLS_SERV" -CONFIG_H='include/mbedtls/config.h' +CONFIG_H='include/mbedtls/mbedtls_config.h' CONFIG_BAK="$CONFIG_H.bak" # Step 0 - print build environment info diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl index 2572e93301..47196f456f 100755 --- a/tests/scripts/curves.pl +++ b/tests/scripts/curves.pl @@ -36,7 +36,7 @@ # # This script should be executed from the root of the project directory. # -# Only curves that are enabled in config.h will be tested. +# Only curves that are enabled in mbedtls_config.h will be tested. # # For best effect, run either with cmake disabled, or cmake enabled in a mode # that includes -Werror. @@ -47,7 +47,7 @@ use strict; -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; my $sed_cmd = 's/^#define \(MBEDTLS_ECP_DP.*_ENABLED\)/\1/p'; -my $config_h = 'include/mbedtls/config.h'; +my $config_h = 'include/mbedtls/mbedtls_config.h'; my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); # Determine which curves support ECDSA by checking the dependencies of diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index c5f1521674..cd17066fdd 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -42,7 +42,7 @@ use strict; -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; -my $config_h = 'include/mbedtls/config.h'; +my $config_h = 'include/mbedtls/mbedtls_config.h'; # as many SSL options depend on specific hashes, # and SSL is not in the test suites anyways, diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index 2ad4a7cccb..6eb726927e 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -43,7 +43,7 @@ use strict; -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; -my $config_h = 'include/mbedtls/config.h'; +my $config_h = 'include/mbedtls/mbedtls_config.h'; # Some algorithms can't be disabled on their own as others depend on them, so # we list those reverse-dependencies here to keep check_config.h happy. diff --git a/tests/scripts/key-exchanges.pl b/tests/scripts/key-exchanges.pl index 20f3aa6358..46f1b97542 100755 --- a/tests/scripts/key-exchanges.pl +++ b/tests/scripts/key-exchanges.pl @@ -40,7 +40,7 @@ use strict; -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p'; -my $config_h = 'include/mbedtls/config.h'; +my $config_h = 'include/mbedtls/mbedtls_config.h'; my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); system( "cp $config_h $config_h.bak" ) and die; diff --git a/tests/scripts/list-symbols.sh b/tests/scripts/list-symbols.sh index 8bdc55f81a..4a5d035658 100755 --- a/tests/scripts/list-symbols.sh +++ b/tests/scripts/list-symbols.sh @@ -27,7 +27,7 @@ if grep -i cmake Makefile >/dev/null; then exit 1 fi -cp include/mbedtls/config.h include/mbedtls/config.h.bak +cp include/mbedtls/mbedtls_config.h include/mbedtls/mbedtls_config.h.bak scripts/config.py full make clean make_ret= @@ -39,7 +39,7 @@ CFLAGS=-fno-asynchronous-unwind-tables make lib \ cat list-symbols.make.log >&2 } rm list-symbols.make.log -mv include/mbedtls/config.h.bak include/mbedtls/config.h +mv include/mbedtls/mbedtls_config.h.bak include/mbedtls/mbedtls_config.h if [ -n "$make_ret" ]; then exit "$make_ret" fi diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index 2705f064ae..7f4ebeb7f1 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -23,7 +23,7 @@ import re import sys CLASSIC_DEPENDENCIES = frozenset([ - # This list is manually filtered from config.h. + # This list is manually filtered from mbedtls_config.h. # Mbed TLS feature support. # Only features that affect what can be done are listed here. diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index a79604e9ff..dd24db79fb 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -60,7 +60,7 @@ if ($#ARGV >= 0) { -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; -my $config_h = 'include/mbedtls/config.h'; +my $config_h = 'include/mbedtls/mbedtls_config.h'; system( "cp $config_h $config_h.bak" ) and die; sub abort { diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index 8ca41032c4..e230e3c876 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -8,7 +8,7 @@ This is a harness to help regression testing, not a functional tester. Sample usage: test_config_script.py -d old - ## Modify config.py and/or config.h ## + ## Modify config.py and/or mbedtls_config.h ## test_config_script.py -d new diff -ru old new """ @@ -170,7 +170,7 @@ def main(): dest='output_directory', required=True, help="""Output directory.""") parser.add_argument('-f', metavar='FILE', - dest='input_file', default='include/mbedtls/config.h', + dest='input_file', default='include/mbedtls/mbedtls_config.h', help="""Config file (default: %(default)s).""") parser.add_argument('-p', metavar='PRESET,...', dest='presets', diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c8e49853ed..da5854e8e2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -51,7 +51,7 @@ fi : ${PERL:=perl} guess_config_name() { - if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then + if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then echo "default" else echo "unknown" @@ -93,7 +93,7 @@ TESTS=0 FAILS=0 SKIPS=0 -CONFIG_H='../include/mbedtls/config.h' +CONFIG_H='../include/mbedtls/mbedtls_config.h' MEMCHECK=0 FILTER='.*' @@ -178,7 +178,7 @@ case "$MBEDTLS_TEST_OUTCOME_FILE" in ;; esac -# Read boolean configuration options from config.h for easy and quick +# Read boolean configuration options from mbedtls_config.h for easy and quick # testing. Skip non-boolean options (with something other than spaces # and a comment after "#define SYMBOL"). The variable contains a # space-separated list of symbols. @@ -194,7 +194,7 @@ skip_next_test() { SKIP_NEXT="YES" } -# skip next test if the flag is not enabled in config.h +# skip next test if the flag is not enabled in mbedtls_config.h requires_config_enabled() { case $CONFIGS_ENABLED in *" $1 "*) :;; @@ -202,7 +202,7 @@ requires_config_enabled() { esac } -# skip next test if the flag is enabled in config.h +# skip next test if the flag is enabled in mbedtls_config.h requires_config_disabled() { case $CONFIGS_ENABLED in *" $1 "*) SKIP_NEXT="YES";; @@ -3146,7 +3146,7 @@ run_test "Renegotiation: server-initiated" \ # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that # the server did not parse the Signature Algorithm extension. This test is valid only if an MD -# algorithm stronger than SHA-1 is enabled in config.h +# algorithm stronger than SHA-1 is enabled in mbedtls_config.h requires_config_enabled MBEDTLS_SSL_RENEGOTIATION run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ @@ -3164,7 +3164,7 @@ run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that # the server did not parse the Signature Algorithm extension. This test is valid only if an MD -# algorithm stronger than SHA-1 is enabled in config.h +# algorithm stronger than SHA-1 is enabled in mbedtls_config.h requires_config_enabled MBEDTLS_SSL_RENEGOTIATION run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ From dba968f59b009d6e36b933728fcc6962dbe53a05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 31 May 2021 15:10:37 +0200 Subject: [PATCH 0537/1065] Realign Markdown table MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- docs/proposed/psa-conditional-inclusion-c.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/proposed/psa-conditional-inclusion-c.md b/docs/proposed/psa-conditional-inclusion-c.md index aae4e61936..50a1404046 100644 --- a/docs/proposed/psa-conditional-inclusion-c.md +++ b/docs/proposed/psa-conditional-inclusion-c.md @@ -145,13 +145,13 @@ The following table summarizes where symbols are defined depending on the config * (D) indicates a symbol that is deduced from other symbols by code that ships with Mbed TLS. * (G) indicates a symbol that is generated from driver descriptions. -| Symbols | With `MBEDTLS_PSA_CRYPTO_CONFIG` | Without `MBEDTLS_PSA_CRYPTO_CONFIG` | -| ------------------------- | -------------------------------- | ----------------------------------- | -| `MBEDTLS_xxx_C` | `mbedtls/mbedtls_config.h` (U) or | `mbedtls/mbedtls_config.h` (U) | -| | `mbedtls/config_psa.h` (D) | | -| `PSA_WANT_xxx` | `psa/crypto_config.h` (U) | `mbedtls/config_psa.h` (D) | -| `MBEDTLS_PSA_BUILTIN_xxx` | `mbedtls/config_psa.h` (D) | `mbedtls/config_psa.h` (D) | -| `MBEDTLS_PSA_ACCEL_xxx` | `mbedtls/crypto_drivers.h` (G) | N/A | +| Symbols | With `MBEDTLS_PSA_CRYPTO_CONFIG` | Without `MBEDTLS_PSA_CRYPTO_CONFIG` | +| ------------------------- | --------------------------------- | ----------------------------------- | +| `MBEDTLS_xxx_C` | `mbedtls/mbedtls_config.h` (U) or | `mbedtls/mbedtls_config.h` (U) | +| | `mbedtls/config_psa.h` (D) | | +| `PSA_WANT_xxx` | `psa/crypto_config.h` (U) | `mbedtls/config_psa.h` (D) | +| `MBEDTLS_PSA_BUILTIN_xxx` | `mbedtls/config_psa.h` (D) | `mbedtls/config_psa.h` (D) | +| `MBEDTLS_PSA_ACCEL_xxx` | `mbedtls/crypto_drivers.h` (G) | N/A | #### Visibility of internal symbols From ba7248abc442e04624e883cf04e322c014576024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 31 May 2021 16:53:56 +0200 Subject: [PATCH 0538/1065] Introduce versioning in the config files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- configs/config-ccm-psk-tls1_2.h | 2 ++ configs/config-no-entropy.h | 2 ++ configs/config-suite-b.h | 2 ++ configs/config-symmetric-only.h | 2 ++ configs/config-thread.h | 2 ++ include/mbedtls/build_info.h | 13 +++++++++++++ include/mbedtls/mbedtls_config.h | 2 ++ tests/scripts/check-names.sh | 2 +- 8 files changed, 26 insertions(+), 1 deletion(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 51bb962919..cd74d86ca0 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -30,6 +30,8 @@ * See README.txt for usage instructions. */ +#define MBEDTLS_CONFIG_VERSION 1 + /* System support */ //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index edba4a0782..acfad388d1 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -29,6 +29,8 @@ * See README.txt for usage instructions. */ +#define MBEDTLS_CONFIG_VERSION 1 + /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index c70773d63b..264826d47a 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -33,6 +33,8 @@ * See README.txt for usage instructions. */ +#define MBEDTLS_CONFIG_VERSION 1 + /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 6aff42f1c1..6b22cba3cf 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -20,6 +20,8 @@ * limitations under the License. */ +#define MBEDTLS_CONFIG_VERSION 1 + /* System support */ //#define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-thread.h b/configs/config-thread.h index be889a1874..d8ee1c8d76 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -32,6 +32,8 @@ * See README.txt for usage instructions. */ +#define MBEDTLS_CONFIG_VERSION 1 + /* System support */ #define MBEDTLS_HAVE_ASM diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index ab4ceff008..2498a738b6 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -36,13 +36,26 @@ #include MBEDTLS_CONFIG_FILE #endif +#if !defined(MBEDTLS_CONFIG_VERSION) || \ + MBEDTLS_CONFIG_VERSION != 1 +#error "Invalid config version, MBEDTLS_CONFIG_VERSION != 1" +#endif + /* Target and application specific configurations * * Allow user to override any previous default. * */ +#if defined(MBEDTLS_USER_CONFIG_VERSION) +#error "MBEDTLS_USER_CONFIG_VERSION defined outside MBEDTLS_USER_CONFIG_FILE" +#endif + #if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE +#if !defined(MBEDTLS_USER_CONFIG_VERSION) || \ + MBEDTLS_USER_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION +#error "Version mismatch between config file and MBEDTLS_USER_CONFIG_FILE" +#endif #endif #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 5212fb3be6..af2c438e1d 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -24,6 +24,8 @@ * limitations under the License. */ +#define MBEDTLS_CONFIG_VERSION 1 + /** * \name SECTION: System support * diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 2a06adc117..7649970ee7 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -102,7 +102,7 @@ cat $HEADERS $LIBRARY \ | sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ | grep MBEDTLS | sort -u > _MBEDTLS_XXX TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \ - | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true ) + | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|^MBEDTLS_USER_CONFIG_VERSION$' || true ) rm _MBEDTLS_XXX _caps if [ "x$TYPOS" = "x" ]; then echo "PASS" From d3da503c293e8ffc5cb0af895d2b3e67d3aca658 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 2 Jun 2021 11:31:51 +0200 Subject: [PATCH 0539/1065] Move comment closer to relevant code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 2498a738b6..e4a89c60e6 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -41,15 +41,15 @@ #error "Invalid config version, MBEDTLS_CONFIG_VERSION != 1" #endif +#if defined(MBEDTLS_USER_CONFIG_VERSION) +#error "MBEDTLS_USER_CONFIG_VERSION defined outside MBEDTLS_USER_CONFIG_FILE" +#endif + /* Target and application specific configurations * * Allow user to override any previous default. * */ -#if defined(MBEDTLS_USER_CONFIG_VERSION) -#error "MBEDTLS_USER_CONFIG_VERSION defined outside MBEDTLS_USER_CONFIG_FILE" -#endif - #if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE #if !defined(MBEDTLS_USER_CONFIG_VERSION) || \ From c850054759d9420b120c646d97f449475285700b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 3 Jun 2021 23:55:43 +0200 Subject: [PATCH 0540/1065] Remove reference to including check_config.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- configs/README.txt | 2 -- 1 file changed, 2 deletions(-) diff --git a/configs/README.txt b/configs/README.txt index 51560fb8d8..9e5a243f8d 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -8,8 +8,6 @@ These files are complete replacements for the default mbedtls_config.h. To use o them, you can pick one of the following methods: 1. Replace the default file include/mbedtls/mbedtls_config.h with the chosen one. - (Depending on your compiler, you may need to adjust the line with - #include "mbedtls/check_config.h" then.) 2. Define MBEDTLS_CONFIG_FILE and adjust the include path accordingly. For example, using make: From 90b79ab34229fff167d99c360fdb0c94f17f4666 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 4 Jun 2021 00:19:53 +0200 Subject: [PATCH 0541/1065] Add migration guide and changelog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- ChangeLog.d/split-config.txt | 12 ++++++++++++ docs/3.0-migration-guide.d/split_config.md | 16 ++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 ChangeLog.d/split-config.txt create mode 100644 docs/3.0-migration-guide.d/split_config.md diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt new file mode 100644 index 0000000000..bb807be7a2 --- /dev/null +++ b/ChangeLog.d/split-config.txt @@ -0,0 +1,12 @@ +Changes + * config.h has been split into build_info.h and mbedtls_config.h + build_info.h is intended to be included from C code directly, while + mbedtls_config.h is intended to be edited by end users whishing to + change the build configuration, and should generally only be included from + build_info.h. + * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. + * Mandatory version symbols MBEDTLS_CONFIG_VERSION and + MBEDTLS_USER_CONFIG_VERSION were introduced for MBEDTLS_CONFIG_FILE and + MBEDTLS_USER_CONFIG_FILE respectively. They have to be defined with a + value of one in their respective config file for the config to be + considered valid. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md new file mode 100644 index 0000000000..b8f516af5e --- /dev/null +++ b/docs/3.0-migration-guide.d/split_config.md @@ -0,0 +1,16 @@ +Introduce a level of indirection and versioning in the config files +------------------------------------------------------------------- + +`config.h` was split into `build_info.h` and `mbedtls_config.h`. +`build_info.h` is intended to be included from C code directly, while +`mbedtls_config.h` is intended to be edited by end users whishing to +change the build configuration, and should generally only be included from +`build_info.h`. This is because all the preprocessor logic has been moved +into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` +macro. + +Mandatory version symbols were introduced for `MBEDTLS_CONFIG_FILE` and +`MBEDTLS_USER_CONFIG_FILE`, `MBEDTLS_CONFIG_VERSION` and +`MBEDTLS_USER_CONFIG_VERSION` respectively. Both config files should include +a definiton of their respective version symbol, with a value of `1` to be +considered valid. From 8d9132f43cbf4b69d41f761e25a819565836449f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 16 Jun 2021 09:10:41 +0200 Subject: [PATCH 0542/1065] Fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- ChangeLog.d/split-config.txt | 2 +- docs/3.0-migration-guide.d/split_config.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt index bb807be7a2..7fe2955f1a 100644 --- a/ChangeLog.d/split-config.txt +++ b/ChangeLog.d/split-config.txt @@ -1,7 +1,7 @@ Changes * config.h has been split into build_info.h and mbedtls_config.h build_info.h is intended to be included from C code directly, while - mbedtls_config.h is intended to be edited by end users whishing to + mbedtls_config.h is intended to be edited by end users wishing to change the build configuration, and should generally only be included from build_info.h. * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index b8f516af5e..8fba5b3551 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -3,7 +3,7 @@ Introduce a level of indirection and versioning in the config files `config.h` was split into `build_info.h` and `mbedtls_config.h`. `build_info.h` is intended to be included from C code directly, while -`mbedtls_config.h` is intended to be edited by end users whishing to +`mbedtls_config.h` is intended to be edited by end users wishing to change the build configuration, and should generally only be included from `build_info.h`. This is because all the preprocessor logic has been moved into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` From 04982f7b6bacc7ef552dc5afafc3c3adb980813e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 21 Jun 2021 14:40:51 +0200 Subject: [PATCH 0543/1065] Move version defines to build_info.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 23 +++++++++++++++++++++++ include/mbedtls/version.h | 22 +++------------------- 2 files changed, 26 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index e4a89c60e6..2f34365e20 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -26,6 +26,29 @@ #ifndef MBEDTLS_BUILD_INFO_H #define MBEDTLS_BUILD_INFO_H +/* + * This set of compile-time defines can be used to determine the version number + * of the mbed TLS library used. Run-time variables for the same can be found in + * version.h + */ + +/** + * The version number x.y.z is split into three parts. + * Major, Minor, Patchlevel + */ +#define MBEDTLS_VERSION_MAJOR 2 +#define MBEDTLS_VERSION_MINOR 26 +#define MBEDTLS_VERSION_PATCH 0 + +/** + * The single version number has the following structure: + * MMNNPP00 + * Major version | Minor version | Patch version + */ +#define MBEDTLS_VERSION_NUMBER 0x021A0000 +#define MBEDTLS_VERSION_STRING "2.26.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index cdd3ca6344..648db7ed62 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -20,31 +20,15 @@ * limitations under the License. */ /* - * This set of compile-time defines and run-time variables can be used to - * determine the version number of the mbed TLS library used. + * This set of run-time variables can be used to determine the version number of + * the mbed TLS library used. Compile-time version defines for the same can be + * found in build_info.h */ #ifndef MBEDTLS_VERSION_H #define MBEDTLS_VERSION_H #include "mbedtls/build_info.h" -/** - * The version number x.y.z is split into three parts. - * Major, Minor, Patchlevel - */ -#define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 26 -#define MBEDTLS_VERSION_PATCH 0 - -/** - * The single version number has the following structure: - * MMNNPP00 - * Major version | Minor version | Patch version - */ -#define MBEDTLS_VERSION_NUMBER 0x021A0000 -#define MBEDTLS_VERSION_STRING "2.26.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" - #if defined(MBEDTLS_VERSION_C) #ifdef __cplusplus From b2e23de0f3c63e8cd7e49836c2e3f1243e95996f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 21 Jun 2021 15:53:07 +0200 Subject: [PATCH 0544/1065] Make config version symbols optional MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also remove them from the example configs, but keep the one in mbedtls_config.h. Signed-off-by: Bence Szépkúti --- configs/config-ccm-psk-tls1_2.h | 2 -- configs/config-no-entropy.h | 2 -- configs/config-suite-b.h | 2 -- configs/config-symmetric-only.h | 2 -- configs/config-thread.h | 2 -- include/mbedtls/build_info.h | 11 +++++++---- 6 files changed, 7 insertions(+), 14 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index cd74d86ca0..51bb962919 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -30,8 +30,6 @@ * See README.txt for usage instructions. */ -#define MBEDTLS_CONFIG_VERSION 1 - /* System support */ //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index acfad388d1..edba4a0782 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -29,8 +29,6 @@ * See README.txt for usage instructions. */ -#define MBEDTLS_CONFIG_VERSION 1 - /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 264826d47a..c70773d63b 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -33,8 +33,6 @@ * See README.txt for usage instructions. */ -#define MBEDTLS_CONFIG_VERSION 1 - /* System support */ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 6b22cba3cf..6aff42f1c1 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -20,8 +20,6 @@ * limitations under the License. */ -#define MBEDTLS_CONFIG_VERSION 1 - /* System support */ //#define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME diff --git a/configs/config-thread.h b/configs/config-thread.h index d8ee1c8d76..be889a1874 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -32,8 +32,6 @@ * See README.txt for usage instructions. */ -#define MBEDTLS_CONFIG_VERSION 1 - /* System support */ #define MBEDTLS_HAVE_ASM diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 2f34365e20..6ccbc00953 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -49,6 +49,8 @@ #define MBEDTLS_VERSION_STRING "2.26.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" +#define MBEDTLS_CONFIG_VERSION_LATEST 1 + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif @@ -59,9 +61,10 @@ #include MBEDTLS_CONFIG_FILE #endif -#if !defined(MBEDTLS_CONFIG_VERSION) || \ - MBEDTLS_CONFIG_VERSION != 1 -#error "Invalid config version, MBEDTLS_CONFIG_VERSION != 1" +#if !defined(MBEDTLS_CONFIG_VERSION) +#define MBEDTLS_CONFIG_VERSION MBEDTLS_CONFIG_VERSION_LATEST +#elif MBEDTLS_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION_LATEST +#error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #endif #if defined(MBEDTLS_USER_CONFIG_VERSION) @@ -75,7 +78,7 @@ */ #if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE -#if !defined(MBEDTLS_USER_CONFIG_VERSION) || \ +#if defined(MBEDTLS_USER_CONFIG_VERSION) && \ MBEDTLS_USER_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION #error "Version mismatch between config file and MBEDTLS_USER_CONFIG_FILE" #endif From 2bb7456334bc72d4f4eb9cf29da8b989b76c1544 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 21 Jun 2021 16:19:00 +0200 Subject: [PATCH 0545/1065] Base the config version on MBEDTLS_VERSION_NUMBER MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 6 +++++- include/mbedtls/mbedtls_config.h | 9 ++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 6ccbc00953..1bb133dc7d 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -49,7 +49,11 @@ #define MBEDTLS_VERSION_STRING "2.26.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" -#define MBEDTLS_CONFIG_VERSION_LATEST 1 +/** + * Equal to the #MBEDTLS_VERSION_NUMBER of the mbedtls version that introduced + * the most recent config version + */ +#define MBEDTLS_CONFIG_VERSION_LATEST 0x03000000 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af2c438e1d..8aa88b0d60 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -24,7 +24,14 @@ * limitations under the License. */ -#define MBEDTLS_CONFIG_VERSION 1 +/** + * This is an optional version symbol that enables comatibility handling of + * config files. + * + * It is equal to the #MBEDTLS_VERSION_NUMBER of the mbedtls version that + * introduced the config format we want to be compatible with. + */ +#define MBEDTLS_CONFIG_VERSION 0x03000000 /** * \name SECTION: System support From 36da4ccc5144279325530ef01d38e4b55673628a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 21 Jun 2021 17:14:41 +0200 Subject: [PATCH 0546/1065] Update changelog and migration guide MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reflect changes to the config version symbols. Signed-off-by: Bence Szépkúti --- ChangeLog.d/split-config.txt | 14 +++++++++----- docs/3.0-migration-guide.d/split_config.md | 14 +++++++++----- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt index 7fe2955f1a..9a1c678305 100644 --- a/ChangeLog.d/split-config.txt +++ b/ChangeLog.d/split-config.txt @@ -5,8 +5,12 @@ Changes change the build configuration, and should generally only be included from build_info.h. * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. - * Mandatory version symbols MBEDTLS_CONFIG_VERSION and - MBEDTLS_USER_CONFIG_VERSION were introduced for MBEDTLS_CONFIG_FILE and - MBEDTLS_USER_CONFIG_FILE respectively. They have to be defined with a - value of one in their respective config file for the config to be - considered valid. + * Config file symbols MBEDTLS_CONFIG_VERSION and MBEDTLS_USER_CONFIG_VERSION + were introduced for use in MBEDTLS_CONFIG_FILE and + MBEDTLS_USER_CONFIG_FILE respectively. + Defining them to a particular value will ensure that mbedtls interprets + the config file in a way that's compatible with the config file format + indicated by the value. + The config file versions are based on the value of MBEDTLS_VERSION_NUMBER + of the mbedtls version that first introduced that config file format. + The only value currently supported is 0x03000000. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index 8fba5b3551..fc809258d6 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -9,8 +9,12 @@ change the build configuration, and should generally only be included from into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` macro. -Mandatory version symbols were introduced for `MBEDTLS_CONFIG_FILE` and -`MBEDTLS_USER_CONFIG_FILE`, `MBEDTLS_CONFIG_VERSION` and -`MBEDTLS_USER_CONFIG_VERSION` respectively. Both config files should include -a definiton of their respective version symbol, with a value of `1` to be -considered valid. +Config file symbols `MBEDTLS_CONFIG_VERSION` and `MBEDTLS_USER_CONFIG_VERSION` +were introduced for use in `MBEDTLS_CONFIG_FILE` and +`MBEDTLS_USER_CONFIG_FILE` respectively. +Defining them to a particular value will ensure that mbedtls interprets +the config file in a way that's compatible with the config file format +indicated by the value. +The config file versions are based on the value of `MBEDTLS_VERSION_NUMBER` +of the mbedtls version that first introduced that config file format. +The only value currently supported is `0x03000000`. From fc04aa2be587b983177e8992d8408b296439b486 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 22 Jun 2021 09:14:25 +0200 Subject: [PATCH 0547/1065] Remove MBEDTLS_USER_CONFIG_VERSION handling MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 13 ++----------- tests/scripts/check-names.sh | 2 +- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 1bb133dc7d..d07f6ac0d0 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -65,16 +65,11 @@ #include MBEDTLS_CONFIG_FILE #endif -#if !defined(MBEDTLS_CONFIG_VERSION) -#define MBEDTLS_CONFIG_VERSION MBEDTLS_CONFIG_VERSION_LATEST -#elif MBEDTLS_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION_LATEST +#if defined(MBEDTLS_CONFIG_VERSION) && \ + MBEDTLS_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION_LATEST #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #endif -#if defined(MBEDTLS_USER_CONFIG_VERSION) -#error "MBEDTLS_USER_CONFIG_VERSION defined outside MBEDTLS_USER_CONFIG_FILE" -#endif - /* Target and application specific configurations * * Allow user to override any previous default. @@ -82,10 +77,6 @@ */ #if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE -#if defined(MBEDTLS_USER_CONFIG_VERSION) && \ - MBEDTLS_USER_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION -#error "Version mismatch between config file and MBEDTLS_USER_CONFIG_FILE" -#endif #endif #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 7649970ee7..2a06adc117 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -102,7 +102,7 @@ cat $HEADERS $LIBRARY \ | sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ | grep MBEDTLS | sort -u > _MBEDTLS_XXX TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \ - | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|^MBEDTLS_USER_CONFIG_VERSION$' || true ) + | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true ) rm _MBEDTLS_XXX _caps if [ "x$TYPOS" = "x" ]; then echo "PASS" From 1cafe5ce20c54e68a4de0f85bd4bc844e3798198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 22 Jun 2021 09:30:08 +0200 Subject: [PATCH 0548/1065] Base config compat check on MBETLS_VERSION_NUMBER MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Any config with a version older than 3.0.0 or newer than MBETLS_VERSION_NUMBER will be rejected. This does mean that the current development version doesn'T accept *any* value of MBETLS_CONFIG_VERSION, but this will be fixed when we bump the version during our normal release process. Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 11 +++-------- include/mbedtls/mbedtls_config.h | 4 +++- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index d07f6ac0d0..0ff3286795 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -49,12 +49,6 @@ #define MBEDTLS_VERSION_STRING "2.26.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" -/** - * Equal to the #MBEDTLS_VERSION_NUMBER of the mbedtls version that introduced - * the most recent config version - */ -#define MBEDTLS_CONFIG_VERSION_LATEST 0x03000000 - #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif @@ -65,8 +59,9 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_CONFIG_VERSION) && \ - MBEDTLS_CONFIG_VERSION != MBEDTLS_CONFIG_VERSION_LATEST +#if defined(MBEDTLS_CONFIG_VERSION) && ( \ + MBEDTLS_CONFIG_VERSION < 0x03000000 || \ + MBEDLTS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER ) #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 8aa88b0d60..80bbebddf5 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -25,13 +25,15 @@ */ /** + * \def MBEDTLS_CONFIG_VERSION + * * This is an optional version symbol that enables comatibility handling of * config files. * * It is equal to the #MBEDTLS_VERSION_NUMBER of the mbedtls version that * introduced the config format we want to be compatible with. */ -#define MBEDTLS_CONFIG_VERSION 0x03000000 +//#define MBEDTLS_CONFIG_VERSION 0x03000000 /** * \name SECTION: System support From 60c863411cf4284ee22bfe0c5db2dff3aee79773 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 22 Jun 2021 10:03:02 +0200 Subject: [PATCH 0549/1065] Remove references to MBEDTLS_USER_CONFIG_VERSION MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- ChangeLog.d/split-config.txt | 13 +++++-------- docs/3.0-migration-guide.d/split_config.md | 13 +++++-------- 2 files changed, 10 insertions(+), 16 deletions(-) diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt index 9a1c678305..5d1201c8a3 100644 --- a/ChangeLog.d/split-config.txt +++ b/ChangeLog.d/split-config.txt @@ -5,12 +5,9 @@ Changes change the build configuration, and should generally only be included from build_info.h. * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. - * Config file symbols MBEDTLS_CONFIG_VERSION and MBEDTLS_USER_CONFIG_VERSION - were introduced for use in MBEDTLS_CONFIG_FILE and - MBEDTLS_USER_CONFIG_FILE respectively. - Defining them to a particular value will ensure that mbedtls interprets + * A config file version symbol, MBEDTLS_CONFIG_VERSION was introduced. + Defining it to a particular value will ensure that mbedtls interprets the config file in a way that's compatible with the config file format - indicated by the value. - The config file versions are based on the value of MBEDTLS_VERSION_NUMBER - of the mbedtls version that first introduced that config file format. - The only value currently supported is 0x03000000. + used by the mbedtls release whose MBEDTLS_VERSION_NUMBER has the same + value. + The only value supported by mbedtls 3.0.0 is 0x03000000. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index fc809258d6..b011ad77cd 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -9,12 +9,9 @@ change the build configuration, and should generally only be included from into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` macro. -Config file symbols `MBEDTLS_CONFIG_VERSION` and `MBEDTLS_USER_CONFIG_VERSION` -were introduced for use in `MBEDTLS_CONFIG_FILE` and -`MBEDTLS_USER_CONFIG_FILE` respectively. -Defining them to a particular value will ensure that mbedtls interprets +A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. +Defining it to a particular value will ensure that mbedtls interprets the config file in a way that's compatible with the config file format -indicated by the value. -The config file versions are based on the value of `MBEDTLS_VERSION_NUMBER` -of the mbedtls version that first introduced that config file format. -The only value currently supported is `0x03000000`. +used by the mbedtls release whose `MBEDTLS_VERSION_NUMBER` has the same +value. +The only value supported by mbedtls 3.0.0 is `0x03000000`. From 5c70c140b7bf6dbb2989c847f8025e46abaf89e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 22 Jun 2021 14:00:33 +0200 Subject: [PATCH 0550/1065] Remove def directive for version symbol MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/mbedtls_config.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 80bbebddf5..21f0c77a6c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -25,8 +25,6 @@ */ /** - * \def MBEDTLS_CONFIG_VERSION - * * This is an optional version symbol that enables comatibility handling of * config files. * From a1d1f5b84f42de4ba17e4ba22802feb07d1f2e4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 09:49:04 +0100 Subject: [PATCH 0551/1065] Fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 0ff3286795..771aeb5b0a 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -61,7 +61,7 @@ #if defined(MBEDTLS_CONFIG_VERSION) && ( \ MBEDTLS_CONFIG_VERSION < 0x03000000 || \ - MBEDLTS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER ) + MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER ) #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #endif From 1b2a8836c4cf67c47cadcb77bd05e82e2c5c5277 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 10:26:11 +0100 Subject: [PATCH 0552/1065] Correct documentation references to Mbed TLS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Use the correct formatting of the product name in the documentation. Signed-off-by: Bence Szépkúti --- ChangeLog.d/split-config.txt | 6 +++--- docs/3.0-migration-guide.d/split_config.md | 6 +++--- include/mbedtls/build_info.h | 2 +- include/mbedtls/mbedtls_config.h | 2 +- include/mbedtls/version.h | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt index 5d1201c8a3..f66dc93a8e 100644 --- a/ChangeLog.d/split-config.txt +++ b/ChangeLog.d/split-config.txt @@ -6,8 +6,8 @@ Changes build_info.h. * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. * A config file version symbol, MBEDTLS_CONFIG_VERSION was introduced. - Defining it to a particular value will ensure that mbedtls interprets + Defining it to a particular value will ensure that Mbed TLS interprets the config file in a way that's compatible with the config file format - used by the mbedtls release whose MBEDTLS_VERSION_NUMBER has the same + used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same value. - The only value supported by mbedtls 3.0.0 is 0x03000000. + The only value supported by Mbed TLS 3.0.0 is 0x03000000. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index b011ad77cd..ced38967d9 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -10,8 +10,8 @@ into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` macro. A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. -Defining it to a particular value will ensure that mbedtls interprets +Defining it to a particular value will ensure that Mbed TLS interprets the config file in a way that's compatible with the config file format -used by the mbedtls release whose `MBEDTLS_VERSION_NUMBER` has the same +used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. -The only value supported by mbedtls 3.0.0 is `0x03000000`. +The only value supported by Mbed TLS 3.0.0 is `0x03000000`. diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 771aeb5b0a..53327a8c8a 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -28,7 +28,7 @@ /* * This set of compile-time defines can be used to determine the version number - * of the mbed TLS library used. Run-time variables for the same can be found in + * of the Mbed TLS library used. Run-time variables for the same can be found in * version.h */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 21f0c77a6c..3a4189d180 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -28,7 +28,7 @@ * This is an optional version symbol that enables comatibility handling of * config files. * - * It is equal to the #MBEDTLS_VERSION_NUMBER of the mbedtls version that + * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that * introduced the config format we want to be compatible with. */ //#define MBEDTLS_CONFIG_VERSION 0x03000000 diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 648db7ed62..773da4a677 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -21,7 +21,7 @@ */ /* * This set of run-time variables can be used to determine the version number of - * the mbed TLS library used. Compile-time version defines for the same can be + * the Mbed TLS library used. Compile-time version defines for the same can be * found in build_info.h */ #ifndef MBEDTLS_VERSION_H From dbf5d2b1a729cbc70150149e0e4d5e31defd8412 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 10:34:29 +0100 Subject: [PATCH 0553/1065] Improve the instructions in the migration guide MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- docs/3.0-migration-guide.d/split_config.md | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index ced38967d9..989326122e 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -2,12 +2,15 @@ Introduce a level of indirection and versioning in the config files ------------------------------------------------------------------- `config.h` was split into `build_info.h` and `mbedtls_config.h`. -`build_info.h` is intended to be included from C code directly, while -`mbedtls_config.h` is intended to be edited by end users wishing to -change the build configuration, and should generally only be included from -`build_info.h`. This is because all the preprocessor logic has been moved -into `build_info.h`, including the handling of the `MBEDTLS_CONFIG_FILE` -macro. + +* In code, use `#include `. Don't include `mbedtls/config.h` and don't refer to `MBEDTLS_CONFIG_FILE`. +* In build tools, edit `mbedtls_config.h`, or edit `MBEDTLS_CONFIG_FILE` as before. +* If you had a tool that parsed the library version from `include/mbedtls/version.h`, this has moved to `include/mbedtls/build_info.h`. From C code, both headers now define the `MBEDTLS_VERSION_xxx` macros. + +Also, if you have a custom configuration file: + +* Don't include `check_config.h` anymore. +* Don't define `MBEDTLS_CONFIG_H` anymore. A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. Defining it to a particular value will ensure that Mbed TLS interprets From 2fe5f61e1a68f1550390fb7efd8a19626c6df50c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:08:57 +0100 Subject: [PATCH 0554/1065] Add generic codes for syntactic and semantic message parsing errors Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 7 +++---- include/mbedtls/ssl.h | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 2835fd55c3..82c88dcf7b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,10 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 23 (Started from top, plus 0x6000, gaps at - * 0x6600) - * SSL 7 28 (Started from 0x7080, gaps at - * 0x7300, 0x7500, 0x7580, 0x7800) + * SSL 6 24 (Started from top, plus 0x6000) + * SSL 7 29 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7800) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 02b59ed737..7187533422 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -68,7 +68,7 @@ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ @@ -112,7 +112,7 @@ #define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ #define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600 /**< A field in a message was incorrect or inconsistent with other fields. */ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ #define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ From 93636cce4ab753cebb56b07df5d65ae9318ce0f8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:32:17 +0100 Subject: [PATCH 0555/1065] Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 82c88dcf7b..294e218009 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 29 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7800) + * SSL 7 30 (Started from 0x7080, gaps at + * 0x7500, 0x7580) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7187533422..0a31d79cec 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -78,7 +78,7 @@ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ From bc00044279e3c702b99cf4f6d6f7f47556faef10 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:18:19 +0100 Subject: [PATCH 0556/1065] Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- tests/suites/test_suite_ssl.function | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 0a31d79cec..ba5b0beea8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -95,7 +95,7 @@ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ -#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ +#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ #define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 30e64c4843..4ea8321f6d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1887,7 +1887,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } cookie_len = *p++; @@ -2041,7 +2041,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 47151298d4..e92887417f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1405,7 +1405,7 @@ read_record_header: ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } if( ssl->major_ver > ssl->conf->max_major_ver ) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d5123fac19..98ed11fd44 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1842,7 +1842,7 @@ void perform_handshake( handshake_test_options* options ) if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE ) { - expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; + expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl), From 241c19707b68ebd42dd74859c2d743696f0860e7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:44:26 +0100 Subject: [PATCH 0557/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 ++- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 294e218009..9d48c9ae46 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,7 +101,8 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 24 (Started from top, plus 0x6000) + * SSL 6 23 (Started from top, plus 0x6000, gaps at + * 0x6E00) * SSL 7 30 (Started from 0x7080, gaps at * 0x7500, 0x7580) * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ba5b0beea8..df6b629eb7 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4ea8321f6d..149b6c16ae 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -4121,7 +4121,7 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); @@ -4136,7 +4136,7 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len ) ); From d01fc5f583741ed4fdc8c772122db5fb5441ae4b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:51:27 +0100 Subject: [PATCH 0558/1065] Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 +-- include/mbedtls/ssl.h | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 9d48c9ae46..479a63ebcb 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,10 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 23 (Started from top, plus 0x6000, gaps at - * 0x6E00) * SSL 7 30 (Started from 0x7080, gaps at * 0x7500, 0x7580) + * SSL 6 24 (Started from top, plus 0x6000) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index df6b629eb7..728b546952 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -/* Error space gap */ +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< Handshake negotiation failed because of incompatible parameter sets supported by client and server. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ From b24e74bff7774877e899b0e1b7b999381fd2af9f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:52:01 +0100 Subject: [PATCH 0559/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 479a63ebcb..d8253a1fc3 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,9 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 7 30 (Started from 0x7080, gaps at - * 0x7500, 0x7580) * SSL 6 24 (Started from top, plus 0x6000) + * SSL 7 29 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 728b546952..903ef51b69 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -87,7 +87,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index e92887417f..36281c98b5 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3404,7 +3404,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } *p += n; @@ -3769,7 +3769,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) p, end - p) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, @@ -3915,7 +3915,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) p, end - p ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_USE_PSA_CRYPTO) From 029cc2f97b2d2d7ec7cb8809ef1b87a9b3b72bae Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:09:50 +0100 Subject: [PATCH 0560/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d8253a1fc3..46021204d6 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 29 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7C80) + * SSL 7 28 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7B80, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 903ef51b69..7a70185b05 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -85,7 +85,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 149b6c16ae..e7e18c67d4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3479,7 +3479,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->state++; From 666b5b45f7ea6efef3a20010edb580ec55d8049a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:13:31 +0100 Subject: [PATCH 0561/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 24 ++++++++++++------------ 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 46021204d6..989d31e229 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 28 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7B80, 0x7C80) + * SSL 7 27 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7B80, 0x7C00, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7a70185b05..e067cded2b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -86,7 +86,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ +/* Error space gap */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 36281c98b5..8facacfc44 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3389,7 +3389,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( *p + 2 > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -3398,7 +3398,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( *p + n > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) @@ -3466,20 +3466,20 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if ( p + 2 > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( *p++ != ( ( len >> 8 ) & 0xFF ) || *p++ != ( ( len ) & 0xFF ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #endif if( p + len != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -3640,7 +3640,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha if( end - *p < 2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -3649,7 +3649,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha if( n == 0 || n > end - *p ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ssl->conf->f_psk != NULL ) @@ -3718,13 +3718,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) @@ -3739,7 +3739,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, @@ -3805,7 +3805,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -3890,7 +3890,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, From d3eec7825831cafdf57f8eeb311de635ffdb713a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:21:46 +0100 Subject: [PATCH 0562/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 989d31e229..63a529f1c8 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 27 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7B80, 0x7C00, 0x7C80) + * SSL 7 26 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7D00) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index e067cded2b..6ee4cd8be2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -88,7 +88,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 8facacfc44..b667d016c8 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3749,7 +3749,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); @@ -3782,7 +3782,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, From d934a2aafc3f23710250765cf9b5e8215b30b815 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:23:45 +0100 Subject: [PATCH 0563/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 14 +++++++------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 63a529f1c8..d64f0d097e 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 26 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7D00) + * SSL 7 25 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7D80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6ee4cd8be2..85c3649f1b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -89,7 +89,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index b667d016c8..c6749af3b0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -4061,7 +4061,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } i = mbedtls_ssl_hs_hdr_len( ssl ); @@ -4089,7 +4089,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + 2 > ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -4101,7 +4101,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if !defined(MBEDTLS_MD_SHA1) @@ -4122,7 +4122,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -4131,7 +4131,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } i++; @@ -4146,7 +4146,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + 2 > ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; @@ -4155,7 +4155,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + sig_len != ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Calculate hash and verify signature */ From d200296f17b65a5a0ba275cdcdaa90fb9022ad68 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:25:40 +0100 Subject: [PATCH 0564/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d64f0d097e..6ba280ab13 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 25 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7D80) + * SSL 7 24 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7E00) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 85c3649f1b..d8d7f579ed 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -90,7 +90,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ From a0ca87eb68cda0d9e20644a4c81ec38f70e51690 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:27:37 +0100 Subject: [PATCH 0565/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 16 +++++++++++----- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 6ba280ab13..54465149f0 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 24 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7E00) + * SSL 7 23 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index d8d7f579ed..2751aa25a0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -91,7 +91,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1396400ceb..d11658217f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2903,13 +2903,19 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) hash_len = 12; - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), @@ -2917,8 +2923,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if defined(MBEDTLS_SSL_RENEGOTIATION) From cbc8f6fd5d5c8d154e518fb85de15a541013f605 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:32:31 +0100 Subject: [PATCH 0566/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE Signed-off-by: Hanno Becker Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 52 ++++++++++++++++++++--------------------- library/ssl_srv.c | 2 +- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 54465149f0..2f9e8d4ae9 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 23 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7E80) + * SSL 7 22 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B00-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2751aa25a0..3e6037b52c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -84,7 +84,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ +/* Error space gap */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e7e18c67d4..714ae304c1 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2482,7 +2482,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", dhm_actual_bitlen, ssl->conf->dhm_min_bitlen ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); @@ -2554,11 +2554,11 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, */ if( end - *p < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* First byte is curve_type; only named_curve is handled */ if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; @@ -2569,10 +2569,10 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, if( ( handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ecdh_bits > 0xffff ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); handshake->ecdh_bits = (uint16_t) ecdh_bits; /* @@ -2581,7 +2581,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, ecpoint_len = *(*p)++; if( (size_t)( end - *p ) < ecpoint_len ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); if( mbedtls_psa_tls_ecpoint_to_psa_ec( *p, ecpoint_len, @@ -2631,7 +2631,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } return( ret ); @@ -2658,7 +2658,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } len = (*p)[0] << 8 | (*p)[1]; *p += 2; @@ -2667,7 +2667,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -2791,7 +2791,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, } if( (*p) + 2 > end ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* * Get hash algorithm @@ -2801,7 +2801,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -2812,7 +2812,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -2822,7 +2822,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm %d that was not offered", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", @@ -3007,7 +3007,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } /* FALLTROUGH */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -3031,8 +3031,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3050,8 +3050,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3071,8 +3071,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3090,8 +3090,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else @@ -3129,7 +3129,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( pk_alg != @@ -3141,7 +3141,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -3162,7 +3162,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_len = ( p[0] << 8 ) | p[1]; p += 2; @@ -3174,7 +3174,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c6749af3b0..6ac8d9d858 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3955,7 +3955,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, From 5697af0d3d0bf404c0f50203a0afaf53db397766 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:33:51 +0100 Subject: [PATCH 0567/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 2f9e8d4ae9..0c4e47dd2c 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 22 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B00-0x7E80) + * SSL 7 21 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3e6037b52c..ccdb8d634b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -83,7 +83,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ +/* Error space gap */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 714ae304c1..4ff8a935aa 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3363,7 +3363,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; n = cert_type_len; @@ -3383,7 +3383,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* supported_signature_algorithms */ @@ -3418,7 +3418,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_DEBUG_C) @@ -3445,7 +3445,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } exit: From 9ed1ba5926bcb842d19eb5d72f5811067596e262 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:03:13 +0100 Subject: [PATCH 0568/1065] Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER as fit. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 2 +- library/ssl_tls.c | 30 ++++++++++++++++++------------ 3 files changed, 20 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ccdb8d634b..4e44b11961 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -82,7 +82,7 @@ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4ff8a935aa..b4634c27c4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2876,7 +2876,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) if( ssl_check_server_ecdh_params( ssl ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d11658217f..e8ca5e11f6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1855,13 +1855,19 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || - ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } i = mbedtls_ssl_hs_hdr_len( ssl ); @@ -1877,7 +1883,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ @@ -1892,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ @@ -1902,7 +1908,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Read length of the next CRT in the chain. */ @@ -1916,7 +1922,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Check if we're handling the first CRT in the chain. */ @@ -1937,8 +1943,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* Now we can safely free the original chain. */ @@ -2148,7 +2154,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } } #endif /* MBEDTLS_ECP_C */ @@ -2160,7 +2166,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } /* mbedtls_x509_crt_verify_with_profile is supposed to report a @@ -2171,7 +2177,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * ssl_parse_certificate even if verification was optional. */ if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) + ret == MBEDTLS_ERR_SSL_BAD_CERTIFICATE ) ) { ret = 0; } From c3411d4041d71102288fdb54b2de684b7393a7af Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:09:00 +0100 Subject: [PATCH 0569/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 +- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 90 ++++++++++++++++++++--------------------- 3 files changed, 48 insertions(+), 48 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0c4e47dd2c..15265bb52b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 21 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7A80-0x7E80) + * SSL 7 20 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 4e44b11961..b7eea479f8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -81,7 +81,7 @@ #define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index b4634c27c4..adcac44404 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1389,8 +1389,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -1403,8 +1403,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1431,8 +1431,8 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } return( 0 ); @@ -1453,16 +1453,16 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( len == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } peer_cid_len = *buf++; @@ -1472,16 +1472,16 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( len != peer_cid_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; @@ -1508,8 +1508,8 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1533,8 +1533,8 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1558,8 +1558,8 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1584,7 +1584,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = buf[0]; @@ -1612,7 +1612,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ @@ -1665,8 +1665,8 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -1684,7 +1684,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_len = ( buf[0] << 8 ) | buf[1]; @@ -1692,7 +1692,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } name_len = buf[2]; @@ -1700,7 +1700,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Check that the server chosen protocol was in our list and save it */ @@ -1717,7 +1717,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_SSL_ALPN */ @@ -1759,7 +1759,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * and optional srtp_mki */ if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* * get the server protection profile @@ -1770,7 +1770,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * one protection profile in server Hello */ if( ( buf[0] != 0 ) || ( buf[1] != 2 ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); server_protection_profile_value = ( buf[2] << 8 ) | buf[3]; server_protection = mbedtls_ssl_check_srtp_profile_value( @@ -1804,7 +1804,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* If server does not use mki in its reply, make sure the client won't keep @@ -1825,7 +1825,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if defined (MBEDTLS_DEBUG_C) if( len > 5 ) @@ -1860,7 +1860,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) ( "incoming HelloVerifyRequest message is too short" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -1897,7 +1897,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) ( "cookie length does not match incoming message size" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); @@ -2005,7 +2005,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -2061,7 +2061,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) @@ -2077,7 +2077,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) @@ -2089,7 +2089,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* ciphersuite (used later) */ @@ -2186,7 +2186,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ssl->conf->ciphersuite_list[i++] == @@ -2205,8 +2205,8 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -2228,7 +2228,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->session_negotiate->compression = comp; @@ -2250,7 +2250,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } switch( ext_id ) @@ -2395,7 +2395,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 && ext_len < 4 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } @@ -2443,7 +2443,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); From 90d59dddf58ac927e307a8e33c67ec1340d6e5db Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:17:13 +0100 Subject: [PATCH 0570/1065] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 +- include/mbedtls/ssl.h | 2 +- library/ssl_msg.c | 6 +-- library/ssl_srv.c | 116 ++++++++++++++++++++-------------------- 4 files changed, 64 insertions(+), 64 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 15265bb52b..49e9f1b02f 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7980, 0x7A80-0x7E80) + * SSL 7 19 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b7eea479f8..b96fe07c49 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -80,7 +80,7 @@ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ #define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ +/* Error space gap */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 0fa206b592..11896ca740 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3112,16 +3112,16 @@ static int ssl_check_dtls_clihlo_cookie( in[3] != 0 || in[4] != 0 || in[19] != 0 || in[20] != 0 || in[21] != 0 ) { - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sid_len = in[59]; if( sid_len > in_len - 61 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); cookie_len = in[60 + sid_len]; if( cookie_len > in_len - 60 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len, cli_id, cli_id_len ) == 0 ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 6ac8d9d858..a7de9f451b 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -91,7 +91,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( servername_list_size + 2 != len ) @@ -99,7 +99,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } p = buf + 2; @@ -111,7 +111,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) @@ -123,7 +123,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME ); } return( 0 ); } @@ -136,8 +136,8 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } return( 0 ); @@ -201,8 +201,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -212,8 +212,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -253,7 +253,7 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( sig_alg_list_size + 2 != len || @@ -262,7 +262,7 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Currently we only guarantee signing the ServerKeyExchange message according @@ -327,7 +327,7 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( list_size + 2 != len || @@ -336,7 +336,7 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Should never happen unless client duplicates the extension */ @@ -344,8 +344,8 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* Don't allow our peer to make us allocate too much memory, @@ -393,7 +393,7 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = buf[0]; @@ -462,7 +462,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->session_negotiate->mfl_code = buf[0]; @@ -484,7 +484,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -500,8 +500,8 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } peer_cid_len = *buf++; @@ -511,8 +511,8 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Ignore CID if the user has disabled its use. */ @@ -529,7 +529,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; @@ -553,7 +553,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ((void) buf); @@ -577,7 +577,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ((void) buf); @@ -690,7 +690,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_len = ( buf[0] << 8 ) | buf[1]; @@ -698,7 +698,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -715,7 +715,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Empty strings MUST NOT be included */ @@ -723,7 +723,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } @@ -749,7 +749,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, /* If we get there, no match was found */ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_SSL_ALPN */ @@ -793,8 +793,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, if( len < size_of_lengths ) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; @@ -808,8 +808,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */ { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* * parse the extension list values are defined in @@ -853,8 +853,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, mki_length + profile_length + size_of_lengths != len ) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Parse the mki only if present and mki is supported locally */ @@ -1183,7 +1183,7 @@ read_record_header: if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, message len.: %d", @@ -1201,7 +1201,7 @@ read_record_header: if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } /* For DTLS if this is the initial handshake, remember the client sequence @@ -1217,7 +1217,7 @@ read_record_header: if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); @@ -1251,7 +1251,7 @@ read_record_header: if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ( ret = mbedtls_ssl_fetch_input( ssl, @@ -1287,7 +1287,7 @@ read_record_header: if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); @@ -1295,7 +1295,7 @@ read_record_header: if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", @@ -1306,7 +1306,7 @@ read_record_header: msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -1328,7 +1328,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " "%u (expected %u)", cli_msg_seq, ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->handshake->in_msg_seq++; @@ -1382,7 +1382,7 @@ read_record_header: if( msg_len < 38 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -1434,7 +1434,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); @@ -1458,8 +1458,8 @@ read_record_header: { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", @@ -1493,7 +1493,7 @@ read_record_header: { /* This may be an attacker's probe, so don't send an alert */ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); @@ -1518,7 +1518,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", @@ -1538,7 +1538,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", @@ -1561,7 +1561,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ext_len = ( buf[ext_offset + 0] << 8 ) @@ -1572,7 +1572,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -1589,7 +1589,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); @@ -1599,7 +1599,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } switch( ext_id ) { @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1830,7 +1830,7 @@ read_record_header: { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* From 2e3ecda684f867a6304d1611e13859ea1312e5c3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:22:22 +0100 Subject: [PATCH 0571/1065] Adust migration guide for SSL error codes Signed-off-by: Hanno Becker --- .../ssl-error-code-cleanup.md | 25 +++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md index 49d1a0f223..cad5a61b52 100644 --- a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md +++ b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md @@ -1,20 +1,41 @@ -Removal of some SSL error codes +Changes in the SSL error code space ----------------------------------------------------------------- +# Removals + This affects users manually checking for the following error codes: - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` - `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` +- `MBEDTLS_ERR_SSL_BAD_HS_XXX` Migration paths: + - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` should never be returned from Mbed TLS, and there is no need to check for it. + Users should simply remove manual checks for those codes, and let the Mbed TLS team know if -- contrary to the team's understanding -- there is in fact a situation where one of them was ever returned. + - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate - is too large to fit into the output buffers. Users should check for + is too large to fit into the output buffers. + + Users should check for `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their own certificate against the configured size of the output buffer to understand if the error is due to an overly large certificate. + +- All `MBEDTLS_ERR_SSL_BAD_HS_XXX` error code have been removed. + + Users should check for the newly introduced generic error codes + * `MBEDTLS_ERR_SSL_DECODE_ERROR` + * `MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER`, + * `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` + * `MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION` + * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` + * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` + instead. + + Users should check for the generic error codes instead. From 2fc9a652bca2ba715e90d68b7bb0cbbd998db085 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 15:40:11 +0100 Subject: [PATCH 0572/1065] Address review feedback Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/ssl-error-code-cleanup.md | 2 -- library/ssl_cli.c | 8 ++++---- library/ssl_srv.c | 2 +- library/ssl_tls.c | 4 ++-- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md index cad5a61b52..ce795e5d90 100644 --- a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md +++ b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md @@ -37,5 +37,3 @@ Migration paths: * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` instead. - - Users should check for the generic error codes instead. diff --git a/library/ssl_cli.c b/library/ssl_cli.c index adcac44404..1acb3d0195 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2558,7 +2558,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, /* First byte is curve_type; only named_curve is handled */ if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; @@ -2569,7 +2569,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, if( ( handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) { - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } if( ecdh_bits > 0xffff ) return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); @@ -2631,7 +2631,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } return( ret ); @@ -2801,7 +2801,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* diff --git a/library/ssl_srv.c b/library/ssl_srv.c index a7de9f451b..2c801ef766 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e8ca5e11f6..eb3dcc2ca8 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1907,8 +1907,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* Read length of the next CRT in the chain. */ From 77b4a6592ae9eaf86d0bd6e71b0f749596f4094f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 16:27:09 +0100 Subject: [PATCH 0573/1065] Address review feedback Signed-off-by: Hanno Becker --- library/ssl_cli.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 1acb3d0195..6ea7865c62 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3090,8 +3090,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else From b561bedadd61d9845ed647a4290ebf1cc0e961f8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 16:41:01 +0100 Subject: [PATCH 0574/1065] Make MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE more generic Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b96fe07c49..df085974fe 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< Handshake negotiation failed because of incompatible parameter sets supported by client and server. */ +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< The handshake negotiation failed. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ From 8f127397f87c32083ee77dadc442f5d4abc1d25a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 12:02:21 +0100 Subject: [PATCH 0575/1065] Update alert message for parsing PSK hint Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 6ea7865c62..fb33b54fa8 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3006,7 +3006,7 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } /* FALLTROUGH */ From 5f8c18b0d0d0d90f0c9ef7e6ae47370350bc6c33 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 11:58:00 +0100 Subject: [PATCH 0576/1065] Update error code from ssl_parse_signature_algorithm Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fb33b54fa8..558755d4ea 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2812,7 +2812,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* From e8dbd539661e7e3b67abe72eb7afb45e25162495 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 12:05:06 +0100 Subject: [PATCH 0577/1065] Update error code for cert parsing failure Signed-off-by: Dave Rodgman --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index eb3dcc2ca8..97f9c1b842 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1898,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); + return( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ From 2abf03c551cc5a559ec123eb5295048913120650 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 25 Jun 2021 14:40:09 +0200 Subject: [PATCH 0578/1065] Remove all TLS 1.0 and 1.1 instances and add some compatibility tests Signed-off-by: TRodziewicz --- include/mbedtls/check_config.h | 8 - library/ssl_ciphersuites.c | 134 +- library/ssl_cli.c | 2 +- library/ssl_misc.h | 55 +- library/ssl_msg.c | 17 +- library/ssl_tls.c | 13 +- tests/ssl-opt.sh | 61 + tests/suites/test_suite_ssl.data | 2604 -------------------------- tests/suites/test_suite_ssl.function | 36 +- 9 files changed, 166 insertions(+), 2764 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 36959ed63f..0c43d2f6dd 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -809,14 +809,6 @@ #error "MBEDTLS_ZLIB_SUPPORT was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4031" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) //no-check-names -#error "MBEDTLS_SSL_PROTO_TLS1 (TLS v1.0 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) //no-check-names -#error "MBEDTLS_SSL_PROTO_TLS1_1 (TLS v1.1 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" -#endif - #if defined(MBEDTLS_CHECK_PARAMS) //no-check-names #error "MBEDTLS_CHECK_PARAMS was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4313" #endif diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index be0acb78f3..a3ee157d50 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -358,12 +358,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -429,14 +429,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -464,7 +464,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -477,12 +477,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -526,14 +526,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -561,7 +561,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -607,13 +607,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -661,13 +661,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -732,13 +732,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -786,13 +786,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -825,12 +825,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -874,14 +874,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -909,7 +909,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -922,12 +922,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -971,14 +971,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1006,7 +1006,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -1037,7 +1037,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1045,7 +1045,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1053,13 +1053,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -1093,7 +1093,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1101,7 +1101,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1152,7 +1152,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1160,7 +1160,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1168,13 +1168,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -1208,7 +1208,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1216,7 +1216,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1250,7 +1250,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1258,7 +1258,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1266,13 +1266,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -1284,7 +1284,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1292,7 +1292,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1325,7 +1325,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1333,7 +1333,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1341,13 +1341,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA1_C */ @@ -1359,7 +1359,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ @@ -1367,7 +1367,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA384_C */ @@ -1411,7 +1411,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_MD5_C) { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1419,7 +1419,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1427,7 +1427,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1437,7 +1437,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -1445,7 +1445,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1453,7 +1453,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA384_C */ @@ -1463,7 +1463,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -1471,7 +1471,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1479,7 +1479,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA384_C */ @@ -1489,7 +1489,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -1497,7 +1497,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1505,7 +1505,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA384_C */ @@ -1515,7 +1515,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA1_C */ @@ -1523,7 +1523,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif @@ -1531,7 +1531,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, #endif /* MBEDTLS_SHA384_C */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 30e64c4843..7d04a6ee51 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1878,7 +1878,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) * even is lower than our min version. */ if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || + minor_ver < MBEDTLS_SSL_MAJOR_VERSION_3 - 1 || major_ver > ssl->conf->max_major_ver || minor_ver > ssl->conf->max_minor_ver ) { diff --git a/library/ssl_misc.h b/library/ssl_misc.h index d25bc5576b..147530d494 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -65,16 +65,6 @@ #define inline __inline #endif -/* Legacy minor version numbers as defined by: - * - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0 - * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 - * - * We no longer support these versions, but some code still references those - * constants, for keep them for now until we clean up that code. - */ -#define MBEDTLS_SSL_MINOR_VERSION_1 1 -#define MBEDTLS_SSL_MINOR_VERSION_2 2 - /* Determine minimum supported version */ #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 @@ -630,20 +620,14 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * Representation of decryption/encryption transformations on records * * There are the following general types of record transformations: - * - Stream transformations (TLS versions <= 1.2 only) + * - Stream transformations (TLS versions == 1.2 only) * Transformation adding a MAC and applying a stream-cipher * to the authenticated message. - * - CBC block cipher transformations ([D]TLS versions <= 1.2 only) - * In addition to the distinction of the order of encryption and - * authentication, there's a fundamental difference between the - * handling in TLS 1.0 and TLS 1.1 and TLS 1.2: For TLS 1.0, - * the final IV after processing a record is used - * as the IV for the next record. No explicit IV is contained - * in an encrypted record. The IV for the first record is extracted - * at key extraction time. In contrast, for TLS 1.1 and 1.2, no - * IV is generated at key extraction time, but every encrypted - * record is explicitly prefixed by the IV with which it was encrypted. - * - AEAD transformations ([D]TLS versions >= 1.2 only) + * - CBC block cipher transformations ([D]TLS versions == 1.2 only) + * For TLS 1.2, no IV is generated at key extraction time, but every + * encrypted record is explicitly prefixed by the IV with which it was + * encrypted. + * - AEAD transformations ([D]TLS versions == 1.2 only) * These come in two fundamentally different versions, the first one * used in TLS 1.2, excluding ChaChaPoly ciphersuites, and the second * one used for ChaChaPoly ciphersuites in TLS 1.2 as well as for TLS 1.3. @@ -666,17 +650,16 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * - For stream/CBC, (static) encryption/decryption keys for the digest. * - For AEAD transformations, the size (potentially 0) of an explicit, * random initialization vector placed in encrypted records. - * - For some transformations (currently AEAD and CBC in TLS 1.0) - * an implicit IV. It may be static (e.g. AEAD) or dynamic (e.g. CBC) - * and (if present) is combined with the explicit IV in a transformation- - * dependent way (e.g. appending in TLS 1.2 and XOR'ing in TLS 1.3). + * - For some transformations (currently AEAD) an implicit IV. It may be static + * (e.g. AEAD) or dynamic (e.g. CBC) and (if present) is combined with the + * explicit IV in a transformation-dependent way (e.g. appending in TLS 1.2 + * and XOR'ing in TLS 1.3). * - For stream/CBC, a flag determining the order of encryption and MAC. * - The details of the transformation depend on the SSL/TLS version. * - The length of the authentication tag. * - * Note: Except for CBC in TLS 1.0, these parameters are - * constant across multiple encryption/decryption operations. - * For CBC, the implicit IV needs to be updated after each + * Note: These parameters are constant across multiple encryption/decryption + * operations. For CBC, the implicit IV needs to be updated after each * operation. * * The struct below refines this abstract view as follows: @@ -691,11 +674,9 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * - For stream/CBC transformations, the message digest contexts * used for the MAC's are stored in md_ctx_{enc/dec}. These contexts * are unused for AEAD transformations. - * - For stream/CBC transformations and versions >= TLS 1.0, the - * MAC keys are not stored explicitly but maintained within - * md_ctx_{enc/dec}. - * - The mac_enc and mac_dec fields are unused for EAD transformations or - * transformations >= TLS 1.0. + * - For stream/CBC transformations, the MAC keys are not stored explicitly + * but maintained within md_ctx_{enc/dec}. + * - The mac_enc and mac_dec fields are unused for EAD transformations. * - For transformations using an implicit IV maintained within * the transformation context, its contents are stored within * iv_{enc/dec}. @@ -709,10 +690,6 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * and indicates the length of the static part of the IV which is * constant throughout the communication, and which is stored in * the first fixed_ivlen bytes of the iv_{enc/dec} arrays. - * Note: For CBC in TLS 1.0, the fields iv_{enc/dec} - * still store IV's for continued use across multiple transformations, - * so it is not true that fixed_ivlen == 0 means that iv_{enc/dec} are - * not being used! * - minor_ver denotes the SSL/TLS version * - For stream/CBC transformations, maclen denotes the length of the * authentication tag, while taglen is unused and 0. @@ -792,7 +769,7 @@ static inline int mbedtls_ssl_transform_uses_aead( * pre-expansion during record protection. Concretely, * this is the length of the fixed part of the explicit IV * used for encryption, or 0 if no explicit IV is used - * (e.g. for CBC in TLS 1.0, or stream ciphers). + * (e.g. for stream ciphers). * * The reason for the data_offset in the unencrypted case * is to allow for in-place conversion of an unencrypted to diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 0fa206b592..5008ddb97c 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -100,9 +100,7 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen ); /* We don't support record checking in TLS because - * (a) there doesn't seem to be a usecase for it, and - * (b) In TLS 1.0, CBC record decryption has state - * and we'd need to backup the transform here. + * there doesn't seem to be a usecase for it. */ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) { @@ -645,7 +643,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; @@ -902,7 +900,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * TLSCipherText.type + * TLSCipherText.version + * length_of( (IV +) ENC(...) ) + - * IV + // except for TLS 1.0 + * IV + * ENC(content + padding + padding_length)); */ @@ -1107,7 +1105,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac( * Then we only need to compute HASH(okey + inner_hash) and we're done. */ const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info ); - /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5, + /* TLS 1.2 only supports SHA-384, SHA-256, SHA-1, MD-5, * all of which have the same block size except SHA-384. */ const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64; const unsigned char * const ikey = ctx->hmac_ctx; @@ -5171,7 +5169,7 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_WARNING, @@ -5601,7 +5599,6 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, * * For TLS this is the identity. * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: - * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) */ void mbedtls_ssl_write_version( int major, int minor, int transport, @@ -5610,7 +5607,7 @@ void mbedtls_ssl_write_version( int major, int minor, int transport, #if defined(MBEDTLS_SSL_PROTO_DTLS) if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) + if( minor == MBEDTLS_SSL_MINOR_VERSION_3 - 1 ) --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ ver[0] = (unsigned char)( 255 - ( major - 2 ) ); @@ -5635,7 +5632,7 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport, *major = 255 - ver[0] + 2; *minor = 255 - ver[1] + 1; - if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) + if( *minor == MBEDTLS_SSL_MINOR_VERSION_3 - 2 ) ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ } else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1396400ceb..5a23894309 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -854,7 +854,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * GenericBlockCipher: * 1. if EtM is in use: one block plus MAC * otherwise: * first multiple of blocklen greater than maclen - * 2. IV except for TLS 1.0 + * 2. IV */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) @@ -948,7 +948,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { /* For HMAC-based ciphersuites, initialize the HMAC transforms. For AEAD-based ciphersuites, there is nothing to do here. */ @@ -4234,9 +4234,6 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) { switch( ssl->minor_ver ) { - case MBEDTLS_SSL_MINOR_VERSION_2: - return( "DTLSv1.0" ); - case MBEDTLS_SSL_MINOR_VERSION_3: return( "DTLSv1.2" ); @@ -4248,12 +4245,6 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) switch( ssl->minor_ver ) { - case MBEDTLS_SSL_MINOR_VERSION_1: - return( "TLSv1.0" ); - - case MBEDTLS_SSL_MINOR_VERSION_2: - return( "TLSv1.1" ); - case MBEDTLS_SSL_MINOR_VERSION_3: return( "TLSv1.2" ); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c8e49853ed..559cb4cfbd 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4667,6 +4667,67 @@ run_test "Version check: all -> 1.2" \ -s "Protocol is TLSv1.2" \ -c "Protocol is TLSv1.2" +run_test "Not supported version check: cli TLS 1.0" \ + "$P_SRV" \ + "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.0" \ + 1 \ + -s "Handshake protocol not within min/max boundaries" \ + -c "Error in protocol version" \ + -S "Protocol is TLSv1.0" \ + -C "Handshake was completed" + +run_test "Not supported version check: cli TLS 1.1" \ + "$P_SRV" \ + "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.1" \ + 1 \ + -s "Handshake protocol not within min/max boundaries" \ + -c "Error in protocol version" \ + -S "Protocol is TLSv1.1" \ + -C "Handshake was completed" + +run_test "Not supported version check: srv max TLS 1.0" \ + "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" \ + "$P_CLI" \ + 1 \ + -s "Error in protocol version" \ + -c "Handshake protocol not within min/max boundaries" \ + -S "Version: TLS1.0" \ + -C "Protocol is TLSv1.0" + +run_test "Not supported version check: srv max TLS 1.1" \ + "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1" \ + "$P_CLI" \ + 1 \ + -s "Error in protocol version" \ + -c "Handshake protocol not within min/max boundaries" \ + -S "Version: TLS1.1" \ + -C "Protocol is TLSv1.1" + +## ClientHello generated with +## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..." +## then manually twiddling the ciphersuite list. +## The ClientHello content is spelled out below as a hex string as +## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". +## The expected response is an inappropriate_fallback alert. + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: beginning of list" \ + "$P_SRV debug_level=2" \ + "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020246'" \ + 0 \ + -s "client only supports ssl smaller than minimum" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: end of list" \ + "$P_SRV debug_level=2" \ + "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020246'" \ + 0 \ + -s "client only supports ssl smaller than minimum" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + # Tests for ALPN extension run_test "ALPN: none" \ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e0a95aefff..eb26fc266d 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -211,14 +211,6 @@ move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_VERIFY_RE Negative test moving servers ssl to state: NEW_SESSION_TICKET move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:0 -Handshake, tls1 -depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake, tls1_1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2 - Handshake, tls1_2 depends_on:MBEDTLS_SSL_PROTO_TLS1_2 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 @@ -247,14 +239,6 @@ Handshake, PSK-WITH-AES-128-CBC-SHA depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 -DTLS Handshake, tls1_1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS -handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2 - -DTLS Handshake, tls1_2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS -handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 - DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 @@ -293,34 +277,6 @@ Handshake min/max version check, all -> 1.2 depends_on:MBEDTLS_SSL_PROTO_TLS1_2 handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_3 -Handshake min/max version check, cli max 1.1 -> 1.1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake min/max version check, srv max 1.1 -> 1.1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake min/max version check, cli+srv max 1.1 -> 1.1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake min/max version check, cli max 1.1, srv min 1.1 -> 1.1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake min/max version check, cli min 1.1, srv max 1.1 -> 1.1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC -handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_1:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1 - -Handshake min/max version check, cli min 1.2, srv max 1.1 -> fail -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_TLS1_2 -handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_2:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:TEST_SSL_MINOR_VERSION_NONE - -Handshake min/max version check, srv min 1.2, cli max 1.1 -> fail -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_TLS1_2 -handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_2:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE - Sending app data via TLS, MFL=512 without fragmentation depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH app_data_tls:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1 @@ -862,134 +818,6 @@ Record crypt, AES-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, AES-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, AES-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -1182,134 +1010,6 @@ Record crypt, AES-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, AES-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, AES-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -1502,134 +1202,6 @@ Record crypt, AES-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, AES-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, AES-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, ARIA-128-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -1822,134 +1394,6 @@ Record crypt, ARIA-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, ARIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, ARIA-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -2142,134 +1586,6 @@ Record crypt, ARIA-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, ARIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, ARIA-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -2462,134 +1778,6 @@ Record crypt, ARIA-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, ARIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, ARIA-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -2782,134 +1970,6 @@ Record crypt, CAMELLIA-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -3102,134 +2162,6 @@ Record crypt, CAMELLIA-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -3422,134 +2354,6 @@ Record crypt, CAMELLIA-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, CAMELLIA-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -3926,134 +2730,6 @@ Record crypt, NULL cipher, 1.2, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 -Record crypt, NULL cipher, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, NULL cipher, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, NULL cipher, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, ChachaPoly depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -4270,134 +2946,6 @@ Record crypt, little space, AES-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, AES-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, AES-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -4590,134 +3138,6 @@ Record crypt, little space, AES-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, AES-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, AES-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -4910,134 +3330,6 @@ Record crypt, little space, AES-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, AES-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, AES-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -5230,134 +3522,6 @@ Record crypt, little space, ARIA-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -5550,134 +3714,6 @@ Record crypt, little space, ARIA-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -5870,134 +3906,6 @@ Record crypt, little space, ARIA-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, ARIA-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -6190,134 +4098,6 @@ Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-128-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -6510,134 +4290,6 @@ Record crypt, little space, CAMELLIA-192-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-192-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -6830,134 +4482,6 @@ Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, short tag, EtM, CID 4+0 depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, CAMELLIA-256-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Record crypt, little space, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -7334,134 +4858,6 @@ Record crypt, little space, NULL cipher, 1.2, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 -Record crypt, little space, NULL cipher, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, NULL cipher, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d5123fac19..93d6256bde 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1868,21 +1868,18 @@ void perform_handshake( handshake_test_options* options ) #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) if( options->resize_buffers != 0 ) { - if( options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1 ) - { - /* A server, when using DTLS, might delay a buffer resize to happen - * after it receives a message, so we force it. */ - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); + /* A server, when using DTLS, might delay a buffer resize to happen + * after it receives a message, so we force it. */ + TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - TEST_ASSERT( client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &client.ssl ) ); - TEST_ASSERT( client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &client.ssl ) ); - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); - } + TEST_ASSERT( client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen( &client.ssl ) ); + TEST_ASSERT( client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen( &client.ssl ) ); + TEST_ASSERT( server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen( &server.ssl ) ); + TEST_ASSERT( server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen( &server.ssl ) ); } #endif @@ -3467,9 +3464,7 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, * Test record decryption for CBC without EtM, focused on the verification * of padding and MAC. * - * Actually depends on TLS >= 1.0 and either AES, ARIA, Camellia or DES, - * but since the test framework doesn't support alternation in - * dependency statements, just depend on TLS 1.2 and AES. + * Actually depends on TLS 1.2 and AES. * * The length_selector argument is interpreted as follows: * - if it's -1, the plaintext length is 0 and minimal padding is applied @@ -4362,13 +4357,6 @@ void handshake_version( int dtls, int client_min_version, int client_max_version options.expected_negotiated_version = expected_negotiated_version; options.dtls = dtls; - /* By default, TLSv1.0 use 1/n-1 splitting when sending data, so - * the number of fragments will be twice as big. */ - if( expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1 ) - { - options.expected_cli_fragments = 2; - options.expected_srv_fragments = 2; - } perform_handshake( &options ); /* The goto below is used to avoid an "unused label" warning.*/ From 5b1ea6ee7023b8e29c99da5d613b3a2dc36a772a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 28 Jun 2021 14:34:47 +0200 Subject: [PATCH 0579/1065] Adding changelog file Signed-off-by: TRodziewicz --- ChangeLog.d/issue4564.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/issue4564.txt diff --git a/ChangeLog.d/issue4564.txt b/ChangeLog.d/issue4564.txt new file mode 100644 index 0000000000..286c31b37b --- /dev/null +++ b/ChangeLog.d/issue4564.txt @@ -0,0 +1,3 @@ +Removals + * Remove all instances of MBEDTLS_SSL_MINOR_VERSION_1 and + MBEDTLS_SSL_MINOR_VERSION_2 and related dead code and tests. Fixes #4564. From 414d6bd424c5e02d06ff6f9156d182b79f27879b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 14:11:11 +0100 Subject: [PATCH 0580/1065] Fix pre-existing typo in comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 256cacbc9e..f8e43c8714 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -85,7 +85,7 @@ # means that components can assume that the working directory is in a # cleaned-up state, and don't need to perform the cleanup themselves. # * Run `make clean`. -# * Restore `include/mbedtks/mbedtls_config.h` from a backup made before running +# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running # the component. # * Check out `Makefile`, `library/Makefile`, `programs/Makefile`, # `tests/Makefile` and `programs/fuzz/Makefile` from git. From 4a9d1bf95c2123952fcc411f5db1cfc5d5d8c8e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 14:21:55 +0100 Subject: [PATCH 0581/1065] Remove check_config.h inclusion from ecc-heap.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/ecc-heap.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 76ecf111a9..acf51f2e6e 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -66,8 +66,6 @@ cat << EOF >$CONFIG_H #define MBEDTLS_ECP_DP_SECP521R1_ENABLED #define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#include "check_config.h" - //#define MBEDTLS_ECP_WINDOW_SIZE 6 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 EOF From 9cd70653077bf652b0cbf0e0bff7d3b066080c1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 14:22:39 +0100 Subject: [PATCH 0582/1065] No other headers are included by mbedtls_config.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These have been moved to build_info.h. Update the documentation to reflect this. Signed-off-by: Bence Szépkúti --- docs/3.0-migration-guide.d/split_config.md | 2 +- include/mbedtls/check_config.h | 5 ----- include/mbedtls/mbedtls_config.h | 4 ---- 3 files changed, 1 insertion(+), 10 deletions(-) diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md index 989326122e..6f433c5f7f 100644 --- a/docs/3.0-migration-guide.d/split_config.md +++ b/docs/3.0-migration-guide.d/split_config.md @@ -9,7 +9,7 @@ Introduce a level of indirection and versioning in the config files Also, if you have a custom configuration file: -* Don't include `check_config.h` anymore. +* Don't include `check_config.h` or `config_psa.h` anymore. * Don't define `MBEDTLS_CONFIG_H` anymore. A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index aa8bcd2531..e38892d8fb 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -20,11 +20,6 @@ * limitations under the License. */ -/* - * It is recommended to include this file from your mbedtls_config.h - * in order to catch dependency issues early. - */ - #ifndef MBEDTLS_CHECK_CONFIG_H #define MBEDTLS_CHECK_CONFIG_H diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3a4189d180..a60db7e930 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1743,10 +1743,6 @@ * Uncomment this to enable use of PSA Crypto configuration settings which * can be found in include/psa/crypto_config.h. * - * If you enable this option and write your own configuration file, you must - * include mbedtls/config_psa.h in your configuration file. The default - * provided mbedtls/mbedtls_config.h contains the necessary inclusion. - * * This feature is still experimental and is not ready for production since * it is not completed. */ From 5e2743f2842c2120359157c8e0a6370ed01eb908 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 14:32:01 +0100 Subject: [PATCH 0583/1065] Mention MBEDTLS_CONFIG_FILE in build_info.h docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 53327a8c8a..625e926f98 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -4,7 +4,7 @@ * \brief Build-time configuration info * * Include this file if you need to depend on the - * configuration options defined in mbedtls_config.h + * configuration options defined in mbedtls_config.h or #MBEDTLS_CONFIG_FILE */ /* * Copyright The Mbed TLS Contributors From e55a821f0e642dc0abd0d94b21104446a7642840 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 28 Jun 2021 15:15:56 +0100 Subject: [PATCH 0584/1065] Remove explicit link to MBEDTLS_CONFIG_FILE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This symbol is not declared in our code, so trying to explicitly link to it causes a doxygen error. Signed-off-by: Bence Szépkúti --- include/mbedtls/build_info.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 625e926f98..c7d4cdb6c5 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -4,7 +4,7 @@ * \brief Build-time configuration info * * Include this file if you need to depend on the - * configuration options defined in mbedtls_config.h or #MBEDTLS_CONFIG_FILE + * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE */ /* * Copyright The Mbed TLS Contributors From 43fcb8d7c126a725d40783f382f13a5609986b39 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 21:49:15 +0100 Subject: [PATCH 0585/1065] Address review feedback Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_fragment_len_return.txt | 5 +++++ ChangeLog.d/update_ssl_error_codes.txt | 3 +++ library/ssl_cli.c | 12 ++++++------ library/ssl_srv.c | 8 ++++---- library/ssl_tls.c | 14 +++++++------- 5 files changed, 25 insertions(+), 17 deletions(-) create mode 100644 ChangeLog.d/fix_fragment_len_return.txt create mode 100644 ChangeLog.d/update_ssl_error_codes.txt diff --git a/ChangeLog.d/fix_fragment_len_return.txt b/ChangeLog.d/fix_fragment_len_return.txt new file mode 100644 index 0000000000..bfbf93cd21 --- /dev/null +++ b/ChangeLog.d/fix_fragment_len_return.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix the error returned when a client requests an invalid + * fragment length, as per RFC6066 section 4. We now return + * MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER, and raise the corresponding + * alert. diff --git a/ChangeLog.d/update_ssl_error_codes.txt b/ChangeLog.d/update_ssl_error_codes.txt new file mode 100644 index 0000000000..0630b54759 --- /dev/null +++ b/ChangeLog.d/update_ssl_error_codes.txt @@ -0,0 +1,3 @@ +Changes + * Various changes to which alert and/or error code may be returned + * during the TLS handshake. diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 558755d4ea..fc791d6bd9 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1389,8 +1389,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else @@ -1403,8 +1403,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1453,7 +1453,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } @@ -1508,7 +1508,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 2c801ef766..75beb6e937 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -201,8 +201,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else @@ -212,8 +212,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 97f9c1b842..1cfda4a081 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1898,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ @@ -1907,8 +1907,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* Read length of the next CRT in the chain. */ @@ -1943,8 +1943,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* Now we can safely free the original chain. */ @@ -2929,8 +2929,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #if defined(MBEDTLS_SSL_RENEGOTIATION) From 858894056dc3bf7bc49b7ed6b7ce4c5e328a60b6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 09:43:55 +0100 Subject: [PATCH 0586/1065] Improve changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_fragment_len_return.txt | 5 ----- ChangeLog.d/fix_tls_alert_codes.txt | 6 ++++++ 2 files changed, 6 insertions(+), 5 deletions(-) delete mode 100644 ChangeLog.d/fix_fragment_len_return.txt create mode 100644 ChangeLog.d/fix_tls_alert_codes.txt diff --git a/ChangeLog.d/fix_fragment_len_return.txt b/ChangeLog.d/fix_fragment_len_return.txt deleted file mode 100644 index bfbf93cd21..0000000000 --- a/ChangeLog.d/fix_fragment_len_return.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix the error returned when a client requests an invalid - * fragment length, as per RFC6066 section 4. We now return - * MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER, and raise the corresponding - * alert. diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt new file mode 100644 index 0000000000..abe3a5e6df --- /dev/null +++ b/ChangeLog.d/fix_tls_alert_codes.txt @@ -0,0 +1,6 @@ +Bugfix + * Fix the alert raised when a client requests an invalid + * fragment length, as per RFC6066 section 4. We now alert with + * MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER. Similarly, raise + * MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR for an invalid finished + * message, as per RFC5247 section 7.2.2. From 096c41111e28b221ec2f46540a9c6da1949178f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 09:52:06 +0100 Subject: [PATCH 0587/1065] Remove MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index df085974fe..95cf1fbfcd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -105,7 +105,7 @@ #define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ #define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ #define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ -#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ #define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ #define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 75beb6e937..c41eff233d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1885,7 +1885,7 @@ read_record_header: "but none of them usable" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } else { From 53c8689e886f274f29751b58febeacd752a4d6be Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 10:02:06 +0100 Subject: [PATCH 0588/1065] Introduce new TLS error codes Introduce new codes: * MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION * MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL These are returned when the corresponding alert is raised. Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 4 ++-- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 95cf1fbfcd..64f90fecd0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -72,8 +72,8 @@ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -/* NOTE: Error space gap */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */ +#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580 /**< No ALPN protocols supported that the client advertises */ #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fc791d6bd9..d588fcd229 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1454,7 +1454,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } if( len == 0 ) @@ -1509,7 +1509,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c41eff233d..7e94102548 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -749,7 +749,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, /* If we get there, no match was found */ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL ); } #endif /* MBEDTLS_SSL_ALPN */ From bb05cd09b726b1c2116c33462db8633a773408a7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 10:37:43 +0100 Subject: [PATCH 0589/1065] Remove MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 64f90fecd0..492fe93d98 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -69,7 +69,7 @@ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ #define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */ -#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ #define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 7e94102548..9de18be934 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1892,7 +1892,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } have_ciphersuite: @@ -3054,7 +3054,7 @@ curve_matching_done: if( curve == NULL || *curve == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); From 03edc8614fbb9206aee7759c0c9b394827c25d85 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 11:06:18 +0100 Subject: [PATCH 0590/1065] Fix docs in error.h Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 49e9f1b02f..cc79d4f073 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -100,10 +100,10 @@ * MD 5 5 * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 8 (Started from 0x6080) + * CIPHER 6 7 (Started from 0x6080, gap at 0x6980) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 19 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7900-0x7980, 0x7A80-0x7E80) + * SSL 7 20 (Started from 0x7080, gaps at + * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ From bed8927538447ca9ca3397ba08387bf2d0952995 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 12:06:32 +0100 Subject: [PATCH 0591/1065] Correct some TLS alerts and error codes Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index d588fcd229..e3c1ef63bb 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1533,8 +1533,8 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); @@ -1558,8 +1558,8 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); @@ -1665,8 +1665,8 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } /* @@ -3031,8 +3031,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else From 6ce10be0ce203a96505358fa7d497d5e22162432 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:20:31 +0100 Subject: [PATCH 0592/1065] Fix test failure The test was checking for an obsolete error. Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c8e49853ed..674485e4c4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5375,7 +5375,7 @@ run_test "PSK callback: no psk, no callback" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 1 \ - -s "SSL - None of the common ciphersuites is usable" \ + -s "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" From c628fc980f075ae6dfdcd4d0fce75a61897995cb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:32:46 +0100 Subject: [PATCH 0593/1065] Correct and clarify the SSL error code documentation Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 6 +++--- include/mbedtls/ssl.h | 10 +++++++++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index cc79d4f073..5c7fb61416 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -100,9 +100,9 @@ * MD 5 5 * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 7 (Started from 0x6080, gap at 0x6980) - * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7080, gaps at + * CIPHER 6 8 (Started from 0x6080) + * SSL 6 22 (Started from top, plus 0x6000) + * SSL 7 20 (Started from 0x7000, gaps at * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 492fe93d98..45e4054757 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -63,6 +63,7 @@ /* * SSL Error codes */ +#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ #define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ #define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ @@ -116,9 +117,16 @@ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ #define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */ #define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 /**< An operation failed due to an unexpected version or configuration. */ -#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ #define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */ /* From 4b60e0742b4888235b90e3fcf55269f1d9bb48d6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:40:02 +0100 Subject: [PATCH 0594/1065] Improve Changelog wording Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_tls_alert_codes.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt index abe3a5e6df..10235d7bc3 100644 --- a/ChangeLog.d/fix_tls_alert_codes.txt +++ b/ChangeLog.d/fix_tls_alert_codes.txt @@ -1,6 +1,5 @@ Bugfix - * Fix the alert raised when a client requests an invalid - * fragment length, as per RFC6066 section 4. We now alert with - * MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER. Similarly, raise - * MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR for an invalid finished - * message, as per RFC5247 section 7.2.2. + * Fix which alert is sent in some cases to conform to the + applicable RFC: on an invalid Finished message value, an + invalid max_fragment_length extension, or an + unsupported extension used by the server. From c50b717a192fe84a0cdc183d7b207eb70032775a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:40:23 +0100 Subject: [PATCH 0595/1065] Update a couple of ssl error codes Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e3c1ef63bb..0e763e63ac 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3050,8 +3050,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 9de18be934..38ccc72abd 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; From 39bd5a655e146348f47c71778867a696f5afd67a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 15:25:21 +0100 Subject: [PATCH 0596/1065] Address review comment Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e763e63ac..a80da545f8 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3071,8 +3071,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else From 86bf0087823cf45f723df42b07678293098b0eab Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 29 Apr 2021 15:57:57 +0200 Subject: [PATCH 0597/1065] Extend PSA_USAGE_SIGN/VERIFY_HASH key policies According to the PSA specification the PSA_USAGE_SIGN_HASH has the permission to sign a message as PSA_USAGE_SIGN_MESSAGE. Similarly the PSA_USAGE_VERIFY_HASH has the permission to verify a message as PSA_USAGE_VERIFY_MESSAGE. These permission will also be present when the application queries the usage flags of the key. Signed-off-by: gabor-mezei-arm --- include/psa/crypto_struct.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 0b49a217e5..be89f289f8 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -395,6 +395,12 @@ static inline psa_key_lifetime_t psa_get_key_lifetime( static inline void psa_set_key_usage_flags( psa_key_attributes_t *attributes, psa_key_usage_t usage_flags ) { + if( usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; + + if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; } From 4ff73037f970701e099df41142ccd5ab8f769aee Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 13 May 2021 12:05:01 +0200 Subject: [PATCH 0598/1065] Update tests for extended key usage policies Signed-off-by: gabor-mezei-arm --- tests/include/test/psa_crypto_helpers.h | 8 +++ tests/src/psa_crypto_helpers.c | 13 +++++ tests/suites/test_suite_psa_crypto.data | 50 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 8 ++- ..._suite_psa_crypto_slot_management.function | 9 ++-- 5 files changed, 58 insertions(+), 30 deletions(-) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 9881eaebef..522fbae71f 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -186,6 +186,14 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ +/** Return extended key usage policies. + * + * Do a key policy permission extension on key usage policies always involves + * permissions of other usage policies + * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE). + */ +psa_key_usage_t update_key_usage_flags( psa_key_usage_t usage_flags ); + /** Skip a test case if the given key is a 192 bits AES key and the AES * implementation is at least partially provided by an accelerator or * alternative implementation. diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index f2222cb285..934b76bb84 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -114,4 +114,17 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, } #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ +psa_key_usage_t update_key_usage_flags( psa_key_usage_t usage_flags ) +{ + psa_key_usage_t updated_usage = usage_flags; + + if( usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + + if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + + return( updated_usage ); +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1a8bbd6b76..31e534d25c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -367,11 +367,11 @@ check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDI PSA key policy: ECC SECP256R1, sign depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign+verify depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 @@ -762,7 +762,7 @@ key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAG PSA key policy algorithm2: ECDH, ECDSA depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy algorithm2 with message signature: ECDH, ECDSA depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 @@ -805,55 +805,55 @@ copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:P Copy key: RSA key pair, same usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0 depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED @@ -868,39 +868,39 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_A Copy key: source=MAC min-length, target=MAC length > min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy key: source=MAC min-length, target=MAC length = min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy fail: source=MAC min-length, target=MAC length < min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=MAC min-length, target=MAC min-length, src > tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy key: source=MAC min-length, target=MAC min-length, src = tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=MAC min-length, target=MAC min-length, src < tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy fail: source=MAC, target=MAC min-length > length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=MAC, target=MAC min-length = length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=MAC, target=MAC min-length < length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=AEAD min-length, target=AEAD length > min-length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 41e29729b5..3e193c5302 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -322,7 +322,8 @@ void import_with_policy( int type_arg, PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); + TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), + update_key_usage_flags( usage ) ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); ASSERT_NO_SLOT_NUMBER( &got_attributes ); @@ -1162,6 +1163,8 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* Update the usage flags to obtain extended usage flags */ + usage = update_key_usage_flags( usage ); PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); @@ -5186,7 +5189,8 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_KEY_LIFETIME_PERSISTENT ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); /* Export the key again if permitted by the key policy. */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index dac52ab490..8a9e25a194 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -242,7 +242,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -261,7 +262,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -293,7 +295,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), psa_get_key_id( &read_attributes ) ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), psa_get_key_algorithm( &read_attributes ) ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), From edf2df84ba46819db1c4287c538bcef73aaa102a Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 13 May 2021 16:17:16 +0200 Subject: [PATCH 0599/1065] Add test for extended key usage policies Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 174 +++++++++++++------- tests/suites/test_suite_psa_crypto.function | 86 ++++++++-- 2 files changed, 188 insertions(+), 72 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 31e534d25c..1fbf2b66ab 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -359,122 +359,142 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy: AES ECB depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING +check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING PSA key policy: AES CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING +check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING -PSA key policy: ECC SECP256R1, sign +PSA key policy: ECC SECP256R1, sign hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign+verify +PSA key policy: ECC SECP256R1, sign hash with key usage extension depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY + +PSA key policy: ECC SECP256R1, sign+verify hash +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY + +PSA key policy: ECC SECP256R1, sign+verify hash with key usage extension +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy: ECC SECP256R1, sign+verify message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Key attributes initializers zero properly key_attributes_init: PSA key policy: MAC, sign | verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS + +PSA key policy: MAC, sign, key usage extension +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_SUCCESS + +PSA key policy: MAC, verify, key usage extension +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS + +PSA key policy: MAC, sign | verify, key usage extension +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: MAC, wrong algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, alg=0 in policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, ANY_HASH in policy is not meaningful depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, sign but not verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_SUCCESS PSA key policy: MAC, verify but not sign depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: MAC, neither sign nor verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: CMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, default tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy used as algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_INVALID_ARGUMENT PSA key policy: HMAC, sign-verify, tag length > exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length = exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED PSA key policy: cipher, encrypt | decrypt depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES @@ -612,85 +632,105 @@ PSA key policy: asymmetric encryption, neither encrypt nor decrypt depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT -PSA key policy: asymmetric signature, sign | verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA key policy: asymmetric signature, sign, key usage extension +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE + +PSA key policy: asymmetric signature, verify, key usage extension +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA key policy: asymmetric signature, sign | verify, key usage extension +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong hash algorithm -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, alg=0 in policy -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign but not verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature, verify but not sign -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, neither sign nor verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:0 PSA key policy: asymmetric signature for message, sign | verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, ECDSA SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wrong hash algorithm -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_WANT_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, alg=0 in policy depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, sign but not verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature for message, verify but not sign depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: derive via HKDF, permitted depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -764,6 +804,10 @@ PSA key policy algorithm2: ECDH, ECDSA depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +PSA key policy algorithm2 with extended usage: ECDH, ECDSA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + PSA key policy algorithm2 with message signature: ECDH, ECDSA depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) @@ -807,6 +851,10 @@ Copy key: RSA key pair, same usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +Copy key: RSA key pair, extended usage flags +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + Copy key: RSA key pair, fewer usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 @@ -839,6 +887,10 @@ Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + Copy key: source=ECDSA+ECDH, target=ECDSA+0 depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 @@ -866,6 +918,10 @@ Copy fail: AES, incompatible target policy depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +Copy key: source=MAC, target=MAC extended usage flags +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0 + Copy key: source=MAC min-length, target=MAC length > min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3e193c5302..eee4334052 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -711,6 +711,10 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + /* Check if all extended usage flags are deployed + in the expected usage flags. */ + TEST_EQUAL( expected_usage, update_key_usage_flags( usage ) ); + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, usage ); @@ -741,10 +745,11 @@ exit: /* BEGIN_CASE */ void check_key_policy( int type_arg, int bits_arg, - int usage_arg, int alg_arg ) + int usage_arg, int expected_usage_arg, int alg_arg ) { test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg, - usage_arg, usage_arg, alg_arg, alg_arg ); + usage_arg, expected_usage_arg, + alg_arg, alg_arg ); goto exit; } /* END_CASE */ @@ -785,20 +790,30 @@ void key_attributes_init( ) /* END_CASE */ /* BEGIN_CASE */ -void mac_key_policy( int policy_usage, - int policy_alg, - int key_type, +void mac_key_policy( int policy_usage_arg, + int policy_alg_arg, + int key_type_arg, data_t *key_data, - int exercise_alg, + int exercise_alg_arg, + int expected_usage_arg, int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t policy_alg = policy_alg_arg; + psa_algorithm_t exercise_alg = exercise_alg_arg; + psa_key_usage_t policy_usage = policy_usage_arg; + psa_key_usage_t expected_usage = expected_usage_arg; psa_status_t status; psa_status_t expected_status = expected_status_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; + /* Check if all extended usage flags are deployed + in the expected usage flags. */ + TEST_EQUAL( expected_usage, update_key_usage_flags( policy_usage ) ); + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, policy_usage ); @@ -808,6 +823,8 @@ void mac_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); + status = psa_mac_sign_setup( &operation, key, exercise_alg ); if( ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) == 0 ) TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -831,7 +848,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_key_policy( int policy_usage, +void cipher_key_policy( int policy_usage_arg, int policy_alg, int key_type, data_t *key_data, @@ -840,6 +857,7 @@ void cipher_key_policy( int policy_usage, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -851,6 +869,9 @@ void cipher_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* Check if no key usage extension is done */ + TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + status = psa_cipher_encrypt_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) @@ -874,7 +895,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_key_policy( int policy_usage, +void aead_key_policy( int policy_usage_arg, int policy_alg, int key_type, data_t *key_data, @@ -885,6 +906,7 @@ void aead_key_policy( int policy_usage, { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; psa_status_t expected_status = expected_status_arg; unsigned char nonce[16] = {0}; @@ -905,6 +927,9 @@ void aead_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* Check if no key usage extension is done */ + TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + status = psa_aead_encrypt( key, exercise_alg, nonce, nonce_length, NULL, 0, @@ -937,7 +962,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_key_policy( int policy_usage, +void asymmetric_encryption_key_policy( int policy_usage_arg, int policy_alg, int key_type, data_t *key_data, @@ -945,6 +970,7 @@ void asymmetric_encryption_key_policy( int policy_usage, { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; size_t key_bits; size_t buffer_length; @@ -960,6 +986,9 @@ void asymmetric_encryption_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* Check if no key usage extension is done */ + TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, @@ -1004,15 +1033,19 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_key_policy( int policy_usage, +void asymmetric_signature_key_policy( int policy_usage_arg, int policy_alg, int key_type, data_t *key_data, int exercise_alg, - int payload_length_arg ) + int payload_length_arg, + int hashing_permitted, + int expected_usage_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t policy_usage = policy_usage_arg; + psa_key_usage_t expected_usage = expected_usage_arg; psa_status_t status; unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be @@ -1024,6 +1057,10 @@ void asymmetric_signature_key_policy( int policy_usage, unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; + /* Check if all extended usage flags are deployed + in the expected usage flags. */ + TEST_EQUAL( expected_usage, update_key_usage_flags( policy_usage ) ); + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, policy_usage ); @@ -1033,11 +1070,13 @@ void asymmetric_signature_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); + status = psa_sign_hash( key, exercise_alg, payload, payload_length, signature, sizeof( signature ), &signature_length ); - if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) + if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -1046,11 +1085,32 @@ void asymmetric_signature_key_policy( int policy_usage, status = psa_verify_hash( key, exercise_alg, payload, payload_length, signature, sizeof( signature ) ); - if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) + if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + if( hashing_permitted ) + { + status = psa_sign_message( key, exercise_alg, + payload, payload_length, + signature, sizeof( signature ), + &signature_length ); + if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE ) != 0 ) + PSA_ASSERT( status ); + else + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + + memset( signature, 0, sizeof( signature ) ); + status = psa_verify_message( key, exercise_alg, + payload, payload_length, + signature, sizeof( signature ) ); + if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) != 0 ) + TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); + else + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + } + exit: psa_destroy_key( key ); PSA_DONE( ); From 43110b6b2c188542e0072813aa2b6fa43ef0805a Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 23 Jun 2021 16:48:08 +0200 Subject: [PATCH 0600/1065] Do key usage policy extension when loading keys Signed-off-by: gabor-mezei-arm --- include/psa/crypto_struct.h | 16 ++++++++++------ library/psa_crypto_slot_management.c | 4 ++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index be89f289f8..381abf9605 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -392,15 +392,19 @@ static inline psa_key_lifetime_t psa_get_key_lifetime( return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) ); } -static inline void psa_set_key_usage_flags( psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags ) +static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags ) { - if( usage_flags & PSA_KEY_USAGE_SIGN_HASH ) - usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; + if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; - if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) - usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; + if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; +} +static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) +{ + psa_extend_key_usage_flags( &usage_flags ); attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 925d68428c..bab2a1aa78 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -391,6 +391,10 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, if( status == PSA_ERROR_DOES_NOT_EXIST ) status = PSA_ERROR_INVALID_HANDLE; } + else + /* Do the key usage policy extension. */ + psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage ); + return( status ); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ return( PSA_ERROR_INVALID_HANDLE ); From 7b5c4e2db352e2d9cb8bd296ffc75fa52866793e Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 23 Jun 2021 17:01:44 +0200 Subject: [PATCH 0601/1065] Add type annotations Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 9615c29a3f..da759835e1 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -250,9 +250,9 @@ class StorageFormat: generate backward compatibility test cases which inject a key representation and check that it can be read and used. """ - self.constructors = info.constructors - self.version = version - self.forward = forward + self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator + self.version = version #type: int + self.forward = forward #type: bool def make_test_case(self, key: StorageKey) -> test_case.TestCase: """Construct a storage format test case for the given key. From b5db2c480fb4e6fdcedee59c36cdd2e8544d2b8a Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 23 Jun 2021 17:33:30 +0200 Subject: [PATCH 0602/1065] Convert iterators to lists to remove late binding Remove late binding of iterators to enable the creation of an object with an actual state of a variable. Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 87 +++++++++++++++-------------- 1 file changed, 45 insertions(+), 42 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index da759835e1..7e04b2ee95 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -313,10 +313,11 @@ class StorageFormat: description=description) return key - def all_keys_for_lifetimes(self) -> Iterator[StorageKey]: + def all_keys_for_lifetimes(self) -> List[StorageKey]: """Generate test keys covering lifetimes.""" lifetimes = sorted(self.constructors.lifetimes) expressions = self.constructors.generate_expressions(lifetimes) + keys = [] #type List[StorageKey] for lifetime in expressions: # Don't attempt to create or load a volatile key in storage if 'VOLATILE' in lifetime: @@ -325,7 +326,8 @@ class StorageFormat: # but do attempt to load one. if 'READ_ONLY' in lifetime and self.forward: continue - yield self.key_for_lifetime(lifetime) + keys.append(self.key_for_lifetime(lifetime)) + return keys def key_for_usage_flags( self, @@ -337,36 +339,38 @@ class StorageFormat: if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) description = 'usage: ' + short - key = StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description) - return key + return StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description) - def all_keys_for_usage_flags(self) -> Iterator[StorageKey]: + def all_keys_for_usage_flags(self) -> List[StorageKey]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) - yield self.key_for_usage_flags(['0']) - for usage_flag in known_flags: - yield self.key_for_usage_flags([usage_flag]) - for flag1, flag2 in zip(known_flags, - known_flags[1:] + [known_flags[0]]): - yield self.key_for_usage_flags([flag1, flag2]) - yield self.key_for_usage_flags(known_flags, short='all known') + keys = [] #type List[StorageKey] + keys.append(self.key_for_usage_flags(['0'])) + keys += [self.key_for_usage_flags([usage_flag]) + for usage_flag in known_flags] + keys += [self.key_for_usage_flags([flag1, flag2]) + for flag1, flag2 in zip(known_flags, + known_flags[1:] + [known_flags[0]])] + keys.append(self.key_for_usage_flags(known_flags, short='all known')) + return keys def keys_for_type( self, key_type: str, params: Optional[Iterable[str]] = None - ) -> Iterator[StorageKey]: + ) -> List[StorageKey]: """Generate test keys for the given key type. For key types that depend on a parameter (e.g. elliptic curve family), `param` is the parameter to pass to the constructor. Only a single parameter is supported. """ + keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) for bits in kt.sizes_to_test(): usage_flags = 'PSA_KEY_USAGE_EXPORT' @@ -377,21 +381,21 @@ class StorageFormat: r'', kt.expression) description = 'type: {} {}-bit'.format(short_expression, bits) - key = StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description) - yield key + keys.append(StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg, alg2=alg2, + material=key_material, + description=description)) + return keys - def all_keys_for_types(self) -> Iterator[StorageKey]: + def all_keys_for_types(self) -> List[StorageKey]: """Generate test keys covering key types and their representations.""" key_types = sorted(self.constructors.key_types) - for key_type in self.constructors.generate_expressions(key_types): - yield from self.keys_for_type(key_type) + return [key for key_type in self.constructors.generate_expressions(key_types) + for key in self.keys_for_type(key_type)] - def keys_for_algorithm(self, alg: str) -> Iterator[StorageKey]: + def keys_for_algorithm(self, alg: str) -> List[StorageKey]: """Generate test keys for the specified algorithm.""" # For now, we don't have information on the compatibility of key # types and algorithms. So we just test the encoding of algorithms, @@ -405,22 +409,21 @@ class StorageFormat: usage=usage, alg=alg, alg2=0, material=b'K', description='alg: ' + descr) - yield key1 key2 = StorageKey(version=self.version, id=1, lifetime=0x00000001, type='PSA_KEY_TYPE_RAW_DATA', bits=8, usage=usage, alg=0, alg2=alg, material=b'L', description='alg2: ' + descr) - yield key2 + return [key1, key2] - def all_keys_for_algorithms(self) -> Iterator[StorageKey]: + def all_keys_for_algorithms(self) -> List[StorageKey]: """Generate test keys covering algorithm encodings.""" algorithms = sorted(self.constructors.algorithms) - for alg in self.constructors.generate_expressions(algorithms): - yield from self.keys_for_algorithm(alg) + return [key for alg in self.constructors.generate_expressions(algorithms) + for key in self.keys_for_algorithm(alg)] - def all_test_cases(self) -> Iterator[test_case.TestCase]: + def all_test_cases(self) -> List[test_case.TestCase]: """Generate all storage format test cases.""" # First build a list of all keys, then construct all the corresponding # test cases. This allows all required information to be obtained in @@ -431,13 +434,13 @@ class StorageFormat: keys += self.all_keys_for_usage_flags() keys += self.all_keys_for_types() keys += self.all_keys_for_algorithms() - for key in keys: - if key.location_value() != 0: - # Skip keys with a non-default location, because they - # require a driver and we currently have no mechanism to - # determine whether a driver is available. - continue - yield self.make_test_case(key) + + # Skip keys with a non-default location, because they + # require a driver and we currently have no mechanism to + # determine whether a driver is available. + keys = filter(lambda key: key.location_value() == 0, keys) + + return [self.make_test_case(key) for key in keys] class TestGenerator: From 68c030a76c7338b25d623d6e0d49f907d3094e76 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 09:38:21 +0200 Subject: [PATCH 0603/1065] Use builder method pattern to generate a key Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 69 ++++++++++++++++------------- 1 file changed, 39 insertions(+), 30 deletions(-) mode change 100755 => 100644 tests/scripts/generate_psa_tests.py diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100755 new mode 100644 index 7e04b2ee95..793bc34dc5 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -236,6 +236,12 @@ class StorageKey(psa_storage.Key): def __init__(self, *, description: str, **kwargs) -> None: super().__init__(**kwargs) self.description = description #type: str +class StorageKeyBuilder: + def __init__(self) -> None: + pass + + def build(self, **kwargs) -> StorageKey: + return StorageKey(**kwargs) class StorageFormat: """Storage format stability test cases.""" @@ -253,6 +259,7 @@ class StorageFormat: self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator self.version = version #type: int self.forward = forward #type: bool + self.key_builder = StorageKeyBuilder() #type: StorageKeyBuilder def make_test_case(self, key: StorageKey) -> test_case.TestCase: """Construct a storage format test case for the given key. @@ -305,12 +312,13 @@ class StorageFormat: r'', short) short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) description = 'lifetime: ' + short - key = StorageKey(version=self.version, - id=1, lifetime=lifetime, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, - material=b'L', - description=description) + key = self.key_builder.build( + version=self.version, + id=1, lifetime=lifetime, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + material=b'L', + description=description) return key def all_keys_for_lifetimes(self) -> List[StorageKey]: @@ -339,12 +347,12 @@ class StorageFormat: if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) description = 'usage: ' + short - return StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description) + return self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description) def all_keys_for_usage_flags(self) -> List[StorageKey]: """Generate test keys covering usage flags.""" @@ -381,12 +389,13 @@ class StorageFormat: r'', kt.expression) description = 'type: {} {}-bit'.format(short_expression, bits) - keys.append(StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description)) + keys.append(self.key_builder.build( + version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg, alg2=alg2, + material=key_material, + description=description)) return keys def all_keys_for_types(self) -> List[StorageKey]: @@ -403,18 +412,18 @@ class StorageFormat: descr = re.sub(r'PSA_ALG_', r'', alg) descr = re.sub(r',', r', ', re.sub(r' +', r'', descr)) usage = 'PSA_KEY_USAGE_EXPORT' - key1 = StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=alg, alg2=0, - material=b'K', - description='alg: ' + descr) - key2 = StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=alg, - material=b'L', - description='alg2: ' + descr) + key1 = self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=alg, alg2=0, + material=b'K', + description='alg: ' + descr) + key2 = self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=alg, + material=b'L', + description='alg2: ' + descr) return [key1, key2] def all_keys_for_algorithms(self) -> List[StorageKey]: From 6ee7253df22ed9e04f90163374f4cf778ef8e8c0 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 09:42:02 +0200 Subject: [PATCH 0604/1065] Extend description generation Add an extra optional parameter to generate a more detailed description for test cases. Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 793bc34dc5..39438d105c 100644 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -340,13 +340,15 @@ class StorageFormat: def key_for_usage_flags( self, usage_flags: List[str], - short: Optional[str] = None + short: Optional[str] = None, + extra_desc: Optional[str] = None ) -> StorageKey: """Construct a test key for the given key usage.""" usage = ' | '.join(usage_flags) if usage_flags else '0' if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) - description = 'usage: ' + short + extra_desc = ' ' + extra_desc if extra_desc is not None and len(extra_desc) > 0 else '' + description = 'usage' + extra_desc + ': ' + short return self.key_builder.build(version=self.version, id=1, lifetime=0x00000001, type='PSA_KEY_TYPE_RAW_DATA', bits=8, @@ -354,14 +356,17 @@ class StorageFormat: material=b'K', description=description) - def all_keys_for_usage_flags(self) -> List[StorageKey]: + def all_keys_for_usage_flags( + self, + extra_desc: Optional[str] = None + ) -> List[StorageKey]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) keys = [] #type List[StorageKey] - keys.append(self.key_for_usage_flags(['0'])) - keys += [self.key_for_usage_flags([usage_flag]) + keys.append(self.key_for_usage_flags(['0'], extra_desc=extra_desc)) + keys += [self.key_for_usage_flags([usage_flag], extra_desc=extra_desc) for usage_flag in known_flags] - keys += [self.key_for_usage_flags([flag1, flag2]) + keys += [self.key_for_usage_flags([flag1, flag2], extra_desc=extra_desc) for flag1, flag2 in zip(known_flags, known_flags[1:] + [known_flags[0]])] keys.append(self.key_for_usage_flags(known_flags, short='all known')) From 780cf9da722de9ade8117b838b8ada5b33446ace Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 09:49:50 +0200 Subject: [PATCH 0605/1065] Create a function for gather all the keys. Prepare for using subclasses. Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 39438d105c..eeffcebb2d 100644 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -437,22 +437,27 @@ class StorageFormat: return [key for alg in self.constructors.generate_expressions(algorithms) for key in self.keys_for_algorithm(alg)] + def generate_all_keys(self) -> List[StorageKey]: + """Generate all keys for the test cases.""" + keys = [] #type: List[StorageKey] + keys += self.all_keys_for_lifetimes() + keys += self.all_keys_for_usage_flags() + keys += self.all_keys_for_types() + keys += self.all_keys_for_algorithms() + return keys + def all_test_cases(self) -> List[test_case.TestCase]: """Generate all storage format test cases.""" # First build a list of all keys, then construct all the corresponding # test cases. This allows all required information to be obtained in # one go, which is a significant performance gain as the information # includes numerical values obtained by compiling a C program. - keys = [] #type: List[StorageKey] - keys += self.all_keys_for_lifetimes() - keys += self.all_keys_for_usage_flags() - keys += self.all_keys_for_types() - keys += self.all_keys_for_algorithms() - + generated_keys = self.generate_all_keys() + # Skip keys with a non-default location, because they # require a driver and we currently have no mechanism to # determine whether a driver is available. - keys = filter(lambda key: key.location_value() == 0, keys) + keys = filter(lambda key: key.location_value() == 0, generated_keys) return [self.make_test_case(key) for key in keys] From a4102cb57d87ad0aa4bed52fc9c579d3506c1bf7 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 09:53:26 +0200 Subject: [PATCH 0606/1065] Use different subslasses for the test data files Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index eeffcebb2d..af1cb533ec 100644 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -461,6 +461,17 @@ class StorageFormat: return [self.make_test_case(key) for key in keys] +class StorageFormatForward(StorageFormat): + """Storage format stability test cases for forward compatibility.""" + + def __init__(self, info: Information, version: int) -> None: + super().__init__(info, version, True) + +class StorageFormatV0(StorageFormat): + """Storage format stability test cases for version 0 compatibility.""" + + def __init__(self, info: Information) -> None: + super().__init__(info, 0, False) class TestGenerator: """Generate test data.""" @@ -492,9 +503,9 @@ class TestGenerator: 'test_suite_psa_crypto_not_supported.generated': lambda info: NotSupported(info).test_cases_for_not_supported(), 'test_suite_psa_crypto_storage_format.current': - lambda info: StorageFormat(info, 0, True).all_test_cases(), + lambda info: StorageFormatForward(info, 0).all_test_cases(), 'test_suite_psa_crypto_storage_format.v0': - lambda info: StorageFormat(info, 0, False).all_test_cases(), + lambda info: StorageFormatV0(info).all_test_cases(), } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]] def generate_target(self, name: str) -> None: From 7748b6f24b897855cc1cab7ca219357074c3db9b Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 10:04:38 +0200 Subject: [PATCH 0607/1065] Add key usage policy extension support for key generation Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/psa_storage.py | 21 ++++++++++++++++++--- tests/scripts/generate_psa_tests.py | 28 ++++++++++++++++++++++++---- 2 files changed, 42 insertions(+), 7 deletions(-) mode change 100644 => 100755 tests/scripts/generate_psa_tests.py diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 45f0380e7b..4cd3dfe916 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -101,6 +101,12 @@ class Key: LATEST_VERSION = 0 """The latest version of the storage format.""" + EXTENDABLE_USAGE_FLAGS = { + Expr('PSA_KEY_USAGE_SIGN_HASH'): Expr('PSA_KEY_USAGE_SIGN_MESSAGE'), + Expr('PSA_KEY_USAGE_VERIFY_HASH'): Expr('PSA_KEY_USAGE_VERIFY_MESSAGE') + } #type: Dict[Expr, Expr] + """The extendable usage flags with the corresponding extension flags.""" + def __init__(self, *, version: Optional[int] = None, id: Optional[int] = None, #pylint: disable=redefined-builtin @@ -108,18 +114,27 @@ class Key: type: Exprable, #pylint: disable=redefined-builtin bits: int, usage: Exprable, alg: Exprable, alg2: Exprable, - material: bytes #pylint: disable=used-before-assignment + material: bytes, #pylint: disable=used-before-assignment + usage_extension: bool = True ) -> None: self.version = self.LATEST_VERSION if version is None else version self.id = id #pylint: disable=invalid-name #type: Optional[int] self.lifetime = as_expr(lifetime) #type: Expr self.type = as_expr(type) #type: Expr self.bits = bits #type: int - self.usage = as_expr(usage) #type: Expr + self.original_usage = as_expr(usage) #type: Expr + self.updated_usage = self.original_usage #type: Expr self.alg = as_expr(alg) #type: Expr self.alg2 = as_expr(alg2) #type: Expr self.material = material #type: bytes + if usage_extension: + for flag, extension in self.EXTENDABLE_USAGE_FLAGS.items(): + if self.original_usage.value() & flag.value() and \ + self.original_usage.value() & extension.value() == 0: + self.updated_usage = Expr(self.updated_usage.string + + ' | ' + extension.string) + MAGIC = b'PSA\000KEY\000' @staticmethod @@ -151,7 +166,7 @@ class Key: if self.version == 0: attributes = self.pack('LHHLLL', self.lifetime, self.type, self.bits, - self.usage, self.alg, self.alg2) + self.updated_usage, self.alg, self.alg2) material = self.pack('L', len(self.material)) + self.material else: raise NotImplementedError diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100644 new mode 100755 index af1cb533ec..f1f3c42b0c --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -236,12 +236,14 @@ class StorageKey(psa_storage.Key): def __init__(self, *, description: str, **kwargs) -> None: super().__init__(**kwargs) self.description = description #type: str + self.usage = self.original_usage #type: psa_storage.Expr + class StorageKeyBuilder: - def __init__(self) -> None: - pass + def __init__(self, usage_extension: bool) -> None: + self.usage_extension = usage_extension #type: bool def build(self, **kwargs) -> StorageKey: - return StorageKey(**kwargs) + return StorageKey(usage_extension = self.usage_extension, **kwargs) class StorageFormat: """Storage format stability test cases.""" @@ -259,7 +261,7 @@ class StorageFormat: self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator self.version = version #type: int self.forward = forward #type: bool - self.key_builder = StorageKeyBuilder() #type: StorageKeyBuilder + self.key_builder = StorageKeyBuilder(usage_extension = True) #type: StorageKeyBuilder def make_test_case(self, key: StorageKey) -> test_case.TestCase: """Construct a storage format test case for the given key. @@ -473,6 +475,24 @@ class StorageFormatV0(StorageFormat): def __init__(self, info: Information) -> None: super().__init__(info, 0, False) + def all_keys_for_usage_flags(self) -> List[StorageKey]: + """Generate test keys covering usage flags.""" + # First generate keys without usage policy extension for + # compatibility testing, then generate the keys with extension + # to check the extension is working. + keys = [] #type: List[StorageKey] + prev_builder = self.key_builder + + self.key_builder = StorageKeyBuilder(usage_extension = False) + keys += super().all_keys_for_usage_flags(extra_desc = 'without extension') + + self.key_builder = StorageKeyBuilder(usage_extension = True) + keys += super().all_keys_for_usage_flags(extra_desc = 'with extension') + + self.key_builder = prev_builder + return keys + + class TestGenerator: """Generate test data.""" From 672e376ba58d4cabe8ec8e3b025bd4d1d2b4d24c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 10:16:44 +0200 Subject: [PATCH 0608/1065] Add test case generation for usage extensions when loading keys Add test cases validating that if a stored key only had the hash policy, then after loading it psa_get_key_attributes reports that it also has the message policy, and the key can be used with message functions. Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/macro_collector.py | 6 +- scripts/mbedtls_dev/psa_storage.py | 8 ++ tests/scripts/generate_psa_tests.py | 139 ++++++++++++++++++++++++- 3 files changed, 148 insertions(+), 5 deletions(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 6eb0d00d13..f9ef5f9150 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -101,6 +101,7 @@ class PSAMacroEnumerator: self.kdf_algorithms = set() #type: Set[str] self.pake_algorithms = set() #type: Set[str] self.aead_algorithms = set() #type: Set[str] + self.sign_algorithms = set() #type: Set[str] # macro name -> list of argument names self.argspecs = {} #type: Dict[str, List[str]] # argument name -> list of values @@ -135,6 +136,7 @@ class PSAMacroEnumerator: self.arguments_for['ka_alg'] = sorted(self.ka_algorithms) self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms) self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) + self.arguments_for['sign_alg'] = sorted(self.sign_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) self.arguments_for['group'] = sorted(self.dh_groups) self.arguments_for['persistence'] = sorted(self.persistence_levels) @@ -368,11 +370,11 @@ enumerate 'hash_algorithm': [self.hash_algorithms], 'mac_algorithm': [self.mac_algorithms], 'cipher_algorithm': [], - 'hmac_algorithm': [self.mac_algorithms], + 'hmac_algorithm': [self.mac_algorithms, self.sign_algorithms], 'aead_algorithm': [self.aead_algorithms], 'key_derivation_algorithm': [self.kdf_algorithms], 'key_agreement_algorithm': [self.ka_algorithms], - 'asymmetric_signature_algorithm': [], + 'asymmetric_signature_algorithm': [self.sign_algorithms], 'asymmetric_signature_wildcard': [self.algorithms], 'asymmetric_encryption_algorithm': [], 'pake_algorithm': [self.pake_algorithms], diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 4cd3dfe916..ff2fdd434e 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -107,6 +107,14 @@ class Key: } #type: Dict[Expr, Expr] """The extendable usage flags with the corresponding extension flags.""" + EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION = { + 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR', + 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*' + } #type: Dict[str, str] + """The key type filter for the extendable usage flags. + The filter is a regexp. + """ + def __init__(self, *, version: Optional[int] = None, id: Optional[int] = None, #pylint: disable=redefined-builtin diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index f1f3c42b0c..5cf893b0fd 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -233,10 +233,25 @@ class NotSupported: class StorageKey(psa_storage.Key): """Representation of a key for storage format testing.""" - def __init__(self, *, description: str, **kwargs) -> None: + def __init__( + self, + description: str, + expected_usage: Optional[str] = None, + **kwargs + ) -> None: + """Prepare to generate a key. + + * `description`: used for the the test case names + * `expected_usage`: the usage flags generated as the expected usage + flags in the test cases. When testing usage + extension the usage flags can differ in the + generated key and the expected usage flags + in the test cases. + """ super().__init__(**kwargs) self.description = description #type: str - self.usage = self.original_usage #type: psa_storage.Expr + self.usage = psa_storage.as_expr(expected_usage) if expected_usage is not None else\ + self.original_usage #type: psa_storage.Expr class StorageKeyBuilder: def __init__(self, usage_extension: bool) -> None: @@ -475,7 +490,10 @@ class StorageFormatV0(StorageFormat): def __init__(self, info: Information) -> None: super().__init__(info, 0, False) - def all_keys_for_usage_flags(self) -> List[StorageKey]: + def all_keys_for_usage_flags( + self, + extra_desc: Optional[str] = None + ) -> List[StorageKey]: """Generate test keys covering usage flags.""" # First generate keys without usage policy extension for # compatibility testing, then generate the keys with extension @@ -492,6 +510,121 @@ class StorageFormatV0(StorageFormat): self.key_builder = prev_builder return keys + def keys_for_usage_extension( + self, + extendable: psa_storage.Expr, + alg: str, + key_type: str, + params: Optional[Iterable[str]] = None + ) -> List[StorageKey]: + """Generate test keys for the specified extendable usage flag, + algorithm and key type combination. + """ + keys = [] #type: List[StorageKey] + kt = crypto_knowledge.KeyType(key_type, params) + for bits in kt.sizes_to_test(): + extension = StorageKey.EXTENDABLE_USAGE_FLAGS[extendable] + usage_flags = 'PSA_KEY_USAGE_EXPORT' + material_usage_flags = usage_flags + ' | ' + extendable.string + expected_usage_flags = material_usage_flags + ' | ' + extension.string + alg2 = 0 + key_material = kt.key_material(bits) + usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', extendable.string) + alg_expression = re.sub(r'PSA_ALG_', r'', alg) + alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) + key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', + r'', + kt.expression) + description = 'extend {}: {} {} {}-bit'.format( + usage_expression, alg_expression, key_type_expression, bits) + keys.append(self.key_builder.build( + version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=material_usage_flags, + expected_usage=expected_usage_flags, + alg=alg, alg2=alg2, + material=key_material, + description=description)) + return keys + + def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: + """Match possible key types for sign algorithms.""" + # To create a valid combinaton both the algorithms and key types + # must be filtered. Pair them with keywords created from its names. + incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE']) + incompatible_key_type_keywords = frozenset(['MONTGOMERY']) + keyword_translation = { + 'ECDSA': 'ECC', + 'ED[0-9]*.*' : 'EDWARDS' + } + exclusive_keywords = { + 'EDWARDS': 'ECC' + } + key_types = set(self.constructors.generate_expressions( + self.constructors.key_types)) + algorithms = set(self.constructors.generate_expressions( + self.constructors.sign_algorithms)) + alg_with_keys = {} #type: Dict[str, List[str]] + translation_table = str.maketrans('(', '_', ')') + for alg in algorithms: + # Generate keywords from the name of the algorithm + alg_keywords = set(alg.partition('(')[0].split(sep='_')[2:]) + # Translate keywords for better matching with the key types + for keyword in alg_keywords.copy(): + for pattern, replace in keyword_translation.items(): + if re.match(pattern, keyword): + alg_keywords.remove(keyword) + alg_keywords.add(replace) + # Filter out incompatible algortihms + if not alg_keywords.isdisjoint(incompatible_alg_keyword): + continue + + for key_type in key_types: + # Generate keywords from the of the key type + key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:]) + + # Remove ambigious keywords + for keyword1, keyword2 in exclusive_keywords.items(): + if keyword1 in key_type_keywords: + key_type_keywords.remove(keyword2) + + if key_type_keywords.isdisjoint(incompatible_key_type_keywords) and\ + not key_type_keywords.isdisjoint(alg_keywords): + if alg in alg_with_keys: + alg_with_keys[alg].append(key_type) + else: + alg_with_keys[alg] = [key_type] + return alg_with_keys + + def all_keys_for_usage_extension(self) -> List[StorageKey]: + """Generate test keys for usage flag extensions.""" + # Generate a key type and algorithm pair for each extendable usage + # flag to generate a valid key for exercising. The key is generated + # without usage extension to check the extension compatiblity. + keys = [] #type: List[StorageKey] + prev_builder = self.key_builder + + # Generate the key without usage extension + self.key_builder = StorageKeyBuilder(usage_extension = False) + alg_with_keys = self.gather_key_types_for_sign_alg() + key_restrictions = StorageKey.EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION + # Walk through all combintion. The key types must be filtered to fit + # the specific usage flag. + keys += [key for usage in StorageKey.EXTENDABLE_USAGE_FLAGS.keys() + for alg in sorted(alg_with_keys.keys()) + for key_type in sorted(filter( + lambda kt: re.match(key_restrictions[usage.string], kt), + alg_with_keys[alg])) + for key in self.keys_for_usage_extension(usage, alg, key_type)] + + self.key_builder = prev_builder + return keys + + def generate_all_keys(self) -> List[StorageKey]: + keys = super().generate_all_keys() + keys += self.all_keys_for_usage_extension() + return keys class TestGenerator: """Generate test data.""" From 060fdce53648c169117467eb69ec42a597072640 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 14:36:09 +0200 Subject: [PATCH 0609/1065] Fix tests Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1fbf2b66ab..75a6210dab 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -718,7 +718,7 @@ asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIF PSA key policy: asymmetric signature for message, wrong hash algorithm depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_WANT_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, alg=0 in policy depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR @@ -801,11 +801,11 @@ depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING PSA key policy algorithm2: ECDH, ECDSA -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy algorithm2 with extended usage: ECDH, ECDSA -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy algorithm2 with message signature: ECDH, ECDSA From 0f8136af79b1b9cd9690684f4cf3dd18fd63e3b5 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 14:38:25 +0200 Subject: [PATCH 0610/1065] Fix pylint issues Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 91 +++++++++++++++-------------- 1 file changed, 47 insertions(+), 44 deletions(-) mode change 100755 => 100644 tests/scripts/generate_psa_tests.py diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100755 new mode 100644 index 5cf893b0fd..52c2a09bcf --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -254,11 +254,12 @@ class StorageKey(psa_storage.Key): self.original_usage #type: psa_storage.Expr class StorageKeyBuilder: + # pylint: disable=too-few-public-methods def __init__(self, usage_extension: bool) -> None: self.usage_extension = usage_extension #type: bool def build(self, **kwargs) -> StorageKey: - return StorageKey(usage_extension = self.usage_extension, **kwargs) + return StorageKey(usage_extension=self.usage_extension, **kwargs) class StorageFormat: """Storage format stability test cases.""" @@ -276,7 +277,7 @@ class StorageFormat: self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator self.version = version #type: int self.forward = forward #type: bool - self.key_builder = StorageKeyBuilder(usage_extension = True) #type: StorageKeyBuilder + self.key_builder = StorageKeyBuilder(usage_extension=True) #type: StorageKeyBuilder def make_test_case(self, key: StorageKey) -> test_case.TestCase: """Construct a storage format test case for the given key. @@ -329,13 +330,12 @@ class StorageFormat: r'', short) short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) description = 'lifetime: ' + short - key = self.key_builder.build( - version=self.version, - id=1, lifetime=lifetime, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, - material=b'L', - description=description) + key = self.key_builder.build(version=self.version, + id=1, lifetime=lifetime, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + material=b'L', + description=description) return key def all_keys_for_lifetimes(self) -> List[StorageKey]: @@ -373,7 +373,7 @@ class StorageFormat: material=b'K', description=description) - def all_keys_for_usage_flags( + def generate_keys_for_usage_flags( self, extra_desc: Optional[str] = None ) -> List[StorageKey]: @@ -411,20 +411,20 @@ class StorageFormat: r'', kt.expression) description = 'type: {} {}-bit'.format(short_expression, bits) - keys.append(self.key_builder.build( - version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description)) + keys.append(self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg, alg2=alg2, + material=key_material, + description=description)) return keys def all_keys_for_types(self) -> List[StorageKey]: """Generate test keys covering key types and their representations.""" key_types = sorted(self.constructors.key_types) - return [key for key_type in self.constructors.generate_expressions(key_types) - for key in self.keys_for_type(key_type)] + return [key + for key_type in self.constructors.generate_expressions(key_types) + for key in self.keys_for_type(key_type)] def keys_for_algorithm(self, alg: str) -> List[StorageKey]: """Generate test keys for the specified algorithm.""" @@ -451,8 +451,9 @@ class StorageFormat: def all_keys_for_algorithms(self) -> List[StorageKey]: """Generate test keys covering algorithm encodings.""" algorithms = sorted(self.constructors.algorithms) - return [key for alg in self.constructors.generate_expressions(algorithms) - for key in self.keys_for_algorithm(alg)] + return [key + for alg in self.constructors.generate_expressions(algorithms) + for key in self.keys_for_algorithm(alg)] def generate_all_keys(self) -> List[StorageKey]: """Generate all keys for the test cases.""" @@ -497,7 +498,9 @@ class StorageFormatV0(StorageFormat): """Generate test keys covering usage flags.""" # First generate keys without usage policy extension for # compatibility testing, then generate the keys with extension - # to check the extension is working. + # to check the extension is working. Finally generate key for all known + # usage flag which needs to be separted because it is not affected by + # usage extension. keys = [] #type: List[StorageKey] prev_builder = self.key_builder @@ -517,6 +520,7 @@ class StorageFormatV0(StorageFormat): key_type: str, params: Optional[Iterable[str]] = None ) -> List[StorageKey]: + # pylint: disable=too-many-locals """Generate test keys for the specified extendable usage flag, algorithm and key type combination. """ @@ -533,22 +537,22 @@ class StorageFormatV0(StorageFormat): alg_expression = re.sub(r'PSA_ALG_', r'', alg) alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', - r'', - kt.expression) + r'', + kt.expression) description = 'extend {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) - keys.append(self.key_builder.build( - version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=material_usage_flags, - expected_usage=expected_usage_flags, - alg=alg, alg2=alg2, - material=key_material, - description=description)) + keys.append(self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=material_usage_flags, + expected_usage=expected_usage_flags, + alg=alg, alg2=alg2, + material=key_material, + description=description)) return keys def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: + # pylint: disable=too-many-locals """Match possible key types for sign algorithms.""" # To create a valid combinaton both the algorithms and key types # must be filtered. Pair them with keywords created from its names. @@ -561,10 +565,8 @@ class StorageFormatV0(StorageFormat): exclusive_keywords = { 'EDWARDS': 'ECC' } - key_types = set(self.constructors.generate_expressions( - self.constructors.key_types)) - algorithms = set(self.constructors.generate_expressions( - self.constructors.sign_algorithms)) + key_types = set(self.constructors.generate_expressions(self.constructors.key_types)) + algorithms = set(self.constructors.generate_expressions(self.constructors.sign_algorithms)) alg_with_keys = {} #type: Dict[str, List[str]] translation_table = str.maketrans('(', '_', ')') for alg in algorithms: @@ -606,17 +608,18 @@ class StorageFormatV0(StorageFormat): prev_builder = self.key_builder # Generate the key without usage extension - self.key_builder = StorageKeyBuilder(usage_extension = False) + self.key_builder = StorageKeyBuilder(usage_extension=False) alg_with_keys = self.gather_key_types_for_sign_alg() key_restrictions = StorageKey.EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION # Walk through all combintion. The key types must be filtered to fit # the specific usage flag. - keys += [key for usage in StorageKey.EXTENDABLE_USAGE_FLAGS.keys() - for alg in sorted(alg_with_keys.keys()) - for key_type in sorted(filter( - lambda kt: re.match(key_restrictions[usage.string], kt), - alg_with_keys[alg])) - for key in self.keys_for_usage_extension(usage, alg, key_type)] + keys += [key + for usage in StorageKey.EXTENDABLE_USAGE_FLAGS + for alg in sorted(alg_with_keys) + for key_type in sorted([kt + for kt in alg_with_keys[alg] + if re.match(key_restrictions[usage.string], kt)]) + for key in self.keys_for_usage_extension(usage, alg, key_type)] self.key_builder = prev_builder return keys From 49d6ea9c9afdd74e500f149660fd56c0e4347cdd Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 14:38:51 +0200 Subject: [PATCH 0611/1065] Fix test case duplication Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) mode change 100644 => 100755 tests/scripts/generate_psa_tests.py diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100644 new mode 100755 index 52c2a09bcf..658daa588f --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -386,7 +386,18 @@ class StorageFormat: keys += [self.key_for_usage_flags([flag1, flag2], extra_desc=extra_desc) for flag1, flag2 in zip(known_flags, known_flags[1:] + [known_flags[0]])] - keys.append(self.key_for_usage_flags(known_flags, short='all known')) + return keys + + def generate_key_for_all_usage_flags(self) -> StorageKey: + known_flags = sorted(self.constructors.key_usage_flags) + return self.key_for_usage_flags(known_flags, short='all known') + + def all_keys_for_usage_flags( + self, + extra_desc: Optional[str] = None + ) -> List[StorageKey]: + keys = self.generate_keys_for_usage_flags(extra_desc=extra_desc) + keys.append(self.generate_key_for_all_usage_flags()) return keys def keys_for_type( @@ -504,11 +515,13 @@ class StorageFormatV0(StorageFormat): keys = [] #type: List[StorageKey] prev_builder = self.key_builder - self.key_builder = StorageKeyBuilder(usage_extension = False) - keys += super().all_keys_for_usage_flags(extra_desc = 'without extension') + self.key_builder = StorageKeyBuilder(usage_extension=False) + keys += self.generate_keys_for_usage_flags(extra_desc='without extension') - self.key_builder = StorageKeyBuilder(usage_extension = True) - keys += super().all_keys_for_usage_flags(extra_desc = 'with extension') + self.key_builder = StorageKeyBuilder(usage_extension=True) + keys += self.generate_keys_for_usage_flags(extra_desc='with extension') + + keys.append(self.generate_key_for_all_usage_flags()) self.key_builder = prev_builder return keys From 11e4838ef384349051d6addf314cd9d3e960e8e3 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 16:35:01 +0200 Subject: [PATCH 0612/1065] Fix generated file modification Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 658daa588f..13dbd2f837 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -620,19 +620,23 @@ class StorageFormatV0(StorageFormat): keys = [] #type: List[StorageKey] prev_builder = self.key_builder - # Generate the key without usage extension + # Generate the keys without usage extension self.key_builder = StorageKeyBuilder(usage_extension=False) alg_with_keys = self.gather_key_types_for_sign_alg() - key_restrictions = StorageKey.EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION + key_filter = StorageKey.EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION + + # Use a lookup for the extendable usage flags to able to sort them + usage_lookup = {} #type: Dict[str, psa_storage.Expr] + for usage_flag in StorageKey.EXTENDABLE_USAGE_FLAGS: + usage_lookup[usage_flag.string] = usage_flag + # Walk through all combintion. The key types must be filtered to fit # the specific usage flag. keys += [key - for usage in StorageKey.EXTENDABLE_USAGE_FLAGS + for usage in sorted(usage_lookup) for alg in sorted(alg_with_keys) - for key_type in sorted([kt - for kt in alg_with_keys[alg] - if re.match(key_restrictions[usage.string], kt)]) - for key in self.keys_for_usage_extension(usage, alg, key_type)] + for key_type in sorted(alg_with_keys[alg]) if re.match(key_filter[usage], key_type) + for key in self.keys_for_usage_extension(usage_lookup[usage], alg, key_type)] self.key_builder = prev_builder return keys From c8720c485752c33ea01ad83595669cc764406171 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 13:47:35 +0200 Subject: [PATCH 0613/1065] Give better name for test cases Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 75a6210dab..91d82f79ea 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -365,27 +365,27 @@ PSA key policy: AES CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING -PSA key policy: ECC SECP256R1, sign hash +PSA key policy: ECC SECP256R1, sign_hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign hash with key usage extension +PSA key policy: ECC SECP256R1, sign_hash -> sign_hash+message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign+verify hash +PSA key policy: ECC SECP256R1, sign_hash+verify_hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign+verify hash with key usage extension +PSA key policy: ECC SECP256R1, sign+verify_hash -> sign+verify_hash + sign+verify_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign message +PSA key policy: ECC SECP256R1, sign_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) -PSA key policy: ECC SECP256R1, sign+verify message +PSA key policy: ECC SECP256R1, sign+verify_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) @@ -800,15 +800,15 @@ PSA key policy algorithm2: CTR, CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING -PSA key policy algorithm2: ECDH, ECDSA +PSA key policy algorithm2: ECDH, ECDSA, HASH usage depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) -PSA key policy algorithm2 with extended usage: ECDH, ECDSA +PSA key policy algorithm2: ECDH, ECDSA, HASH+MESSAGE usage depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) -PSA key policy algorithm2 with message signature: ECDH, ECDSA +PSA key policy algorithm2: ECDH, ECDSA, MESSAGE usage depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) From 98a3435a10acdee43c07eb6e16345a92ec5e6b39 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 14:05:00 +0200 Subject: [PATCH 0614/1065] Rename function to conform to the library Signed-off-by: gabor-mezei-arm --- tests/include/test/psa_crypto_helpers.h | 2 +- tests/src/psa_crypto_helpers.c | 2 +- tests/suites/test_suite_psa_crypto.function | 37 +++++++++++-------- ..._suite_psa_crypto_slot_management.function | 6 +-- 4 files changed, 26 insertions(+), 21 deletions(-) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 522fbae71f..8a8c37e008 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -192,7 +192,7 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * permissions of other usage policies * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE). */ -psa_key_usage_t update_key_usage_flags( psa_key_usage_t usage_flags ); +psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ); /** Skip a test case if the given key is a 192 bits AES key and the AES * implementation is at least partially provided by an accelerator or diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index 934b76bb84..d9d841abd5 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -114,7 +114,7 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, } #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ -psa_key_usage_t update_key_usage_flags( psa_key_usage_t usage_flags ) +psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ) { psa_key_usage_t updated_usage = usage_flags; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index eee4334052..c5fa389c3e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -323,7 +323,7 @@ void import_with_policy( int type_arg, PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), - update_key_usage_flags( usage ) ); + mbedtls_test_update_key_usage_flags( usage ) ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); ASSERT_NO_SLOT_NUMBER( &got_attributes ); @@ -711,9 +711,9 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - /* Check if all extended usage flags are deployed + /* Check if all implicit usage flags are deployed in the expected usage flags. */ - TEST_EQUAL( expected_usage, update_key_usage_flags( usage ) ); + TEST_EQUAL( expected_usage, mbedtls_test_update_key_usage_flags( usage ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -810,9 +810,10 @@ void mac_key_policy( int policy_usage_arg, psa_status_t expected_status = expected_status_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; - /* Check if all extended usage flags are deployed + /* Check if all implicit usage flags are deployed in the expected usage flags. */ - TEST_EQUAL( expected_usage, update_key_usage_flags( policy_usage ) ); + TEST_EQUAL( expected_usage, + mbedtls_test_update_key_usage_flags( policy_usage ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -869,8 +870,9 @@ void cipher_key_policy( int policy_usage_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - /* Check if no key usage extension is done */ - TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + /* Check if no key usage flag implication is done */ + TEST_EQUAL( policy_usage, + mbedtls_test_update_key_usage_flags( policy_usage ) ); status = psa_cipher_encrypt_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && @@ -927,8 +929,9 @@ void aead_key_policy( int policy_usage_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - /* Check if no key usage extension is done */ - TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + /* Check if no key usage implication is done */ + TEST_EQUAL( policy_usage, + mbedtls_test_update_key_usage_flags( policy_usage ) ); status = psa_aead_encrypt( key, exercise_alg, nonce, nonce_length, @@ -986,8 +989,9 @@ void asymmetric_encryption_key_policy( int policy_usage_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - /* Check if no key usage extension is done */ - TEST_EQUAL( policy_usage, update_key_usage_flags( policy_usage ) ); + /* Check if no key usage implication is done */ + TEST_EQUAL( policy_usage, + mbedtls_test_update_key_usage_flags( policy_usage ) ); PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -1057,9 +1061,10 @@ void asymmetric_signature_key_policy( int policy_usage_arg, unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; - /* Check if all extended usage flags are deployed + /* Check if all implicit usage flags are deployed in the expected usage flags. */ - TEST_EQUAL( expected_usage, update_key_usage_flags( policy_usage ) ); + TEST_EQUAL( expected_usage, + mbedtls_test_update_key_usage_flags( policy_usage ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -1223,8 +1228,8 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - /* Update the usage flags to obtain extended usage flags */ - usage = update_key_usage_flags( usage ); + /* Update the usage flags to obtain implicit usage flags */ + usage = mbedtls_test_update_key_usage_flags( usage ); PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); @@ -5250,7 +5255,7 @@ void persistent_key_load_key_from_storage( data_t *data, TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - update_key_usage_flags( usage_flags ) ); + mbedtls_test_update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); /* Export the key again if permitted by the key policy. */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 8a9e25a194..aa3ce28f24 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -243,7 +243,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - update_key_usage_flags( usage_flags ) ); + mbedtls_test_update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -263,7 +263,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - update_key_usage_flags( usage_flags ) ); + mbedtls_test_update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -296,7 +296,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_get_key_id( &attributes ), psa_get_key_id( &read_attributes ) ) ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - update_key_usage_flags( usage_flags ) ); + mbedtls_test_update_key_usage_flags( usage_flags ) ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), psa_get_key_algorithm( &read_attributes ) ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), From ff8264c348a91b8dc779f9642862396723422530 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 14:36:03 +0200 Subject: [PATCH 0615/1065] Simplify test function Use the updated usage flags as expected. Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 16 ++++++++-------- tests/suites/test_suite_psa_crypto.function | 9 +++------ 2 files changed, 11 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 91d82f79ea..dfaa6b0bef 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -359,35 +359,35 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy: AES ECB depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING +check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING PSA key policy: AES CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING +check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING PSA key policy: ECC SECP256R1, sign_hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign_hash -> sign_hash+message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign_hash+verify_hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign+verify_hash -> sign+verify_hash + sign+verify_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy: ECC SECP256R1, sign+verify_message depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Key attributes initializers zero properly key_attributes_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c5fa389c3e..df2c919dd8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -711,10 +711,6 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - /* Check if all implicit usage flags are deployed - in the expected usage flags. */ - TEST_EQUAL( expected_usage, mbedtls_test_update_key_usage_flags( usage ) ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, usage ); @@ -745,10 +741,11 @@ exit: /* BEGIN_CASE */ void check_key_policy( int type_arg, int bits_arg, - int usage_arg, int expected_usage_arg, int alg_arg ) + int usage_arg, int alg_arg ) { test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg, - usage_arg, expected_usage_arg, + usage_arg, + mbedtls_test_update_key_usage_flags( usage_arg ), alg_arg, alg_arg ); goto exit; } From d851d6872ae0fb07472f4e5636d2a303f6900142 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 14:53:49 +0200 Subject: [PATCH 0616/1065] Remove unneeded test case parameter Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 50 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 4 +- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index dfaa6b0bef..c50bcb6c70 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -634,103 +634,103 @@ asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_K PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign, key usage extension depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature, verify, key usage extension depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify, key usage extension depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong hash algorithm depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, alg=0 in policy depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign but not verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature, verify but not sign depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, neither sign nor verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C -asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:0 +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0 PSA key policy: asymmetric signature for message, sign | verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, wrong algorithm family depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, ECDSA SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, wrong hash algorithm depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, alg=0 in policy depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature for message, sign but not verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_SIGN_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature for message, verify but not sign depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:1:PSA_KEY_USAGE_VERIFY_MESSAGE +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: derive via HKDF, permitted depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index df2c919dd8..815b773485 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1040,7 +1040,6 @@ void asymmetric_signature_key_policy( int policy_usage_arg, data_t *key_data, int exercise_alg, int payload_length_arg, - int hashing_permitted, int expected_usage_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; @@ -1092,7 +1091,8 @@ void asymmetric_signature_key_policy( int policy_usage_arg, else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - if( hashing_permitted ) + if( PSA_ALG_IS_HASH_AND_SIGN( exercise_alg ) && + PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( exercise_alg ) ) ) { status = psa_sign_message( key, exercise_alg, payload, payload_length, From 95180fe808f3c02a17d167b461e470998bf2499c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 14:59:52 +0200 Subject: [PATCH 0617/1065] Fix comment Signed-off-by: gabor-mezei-arm --- library/psa_crypto_slot_management.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index bab2a1aa78..4131e3cc47 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -392,7 +392,7 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_HANDLE; } else - /* Do the key usage policy extension. */ + /* Add implicit usage flags. */ psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage ); return( status ); From 35929ebb72d50bf8bf6cc20dfb8fe582b947e03b Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 15:09:02 +0200 Subject: [PATCH 0618/1065] Simplify code Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 13dbd2f837..9354447cd1 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -364,7 +364,7 @@ class StorageFormat: usage = ' | '.join(usage_flags) if usage_flags else '0' if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) - extra_desc = ' ' + extra_desc if extra_desc is not None and len(extra_desc) > 0 else '' + extra_desc = ' ' + extra_desc if extra_desc else '' description = 'usage' + extra_desc + ': ' + short return self.key_builder.build(version=self.version, id=1, lifetime=0x00000001, @@ -481,14 +481,12 @@ class StorageFormat: # test cases. This allows all required information to be obtained in # one go, which is a significant performance gain as the information # includes numerical values obtained by compiling a C program. - generated_keys = self.generate_all_keys() + keys = self.generate_all_keys() # Skip keys with a non-default location, because they # require a driver and we currently have no mechanism to # determine whether a driver is available. - keys = filter(lambda key: key.location_value() == 0, generated_keys) - - return [self.make_test_case(key) for key in keys] + return [self.make_test_case(key) for key in keys if key.location_value() == 0] class StorageFormatForward(StorageFormat): """Storage format stability test cases for forward compatibility.""" From 8f40510a92f77772dc2200cc06c73bc8c37d1a90 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 16:27:29 +0200 Subject: [PATCH 0619/1065] Add better name for variables Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/psa_storage.py | 12 ++++++------ tests/scripts/generate_psa_tests.py | 16 ++++++++-------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index ff2fdd434e..cde6c80db7 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -101,18 +101,18 @@ class Key: LATEST_VERSION = 0 """The latest version of the storage format.""" - EXTENDABLE_USAGE_FLAGS = { + IMPLICIT_USAGE_FLAGS = { Expr('PSA_KEY_USAGE_SIGN_HASH'): Expr('PSA_KEY_USAGE_SIGN_MESSAGE'), Expr('PSA_KEY_USAGE_VERIFY_HASH'): Expr('PSA_KEY_USAGE_VERIFY_MESSAGE') } #type: Dict[Expr, Expr] - """The extendable usage flags with the corresponding extension flags.""" + """Mapping of usage flags to the flags that they imply.""" - EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION = { + IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION = { 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR', 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*' } #type: Dict[str, str] - """The key type filter for the extendable usage flags. - The filter is a regexp. + """Use a regexp to determine key types for which signature is possible + when using the actual usage flag. """ def __init__(self, *, @@ -137,7 +137,7 @@ class Key: self.material = material #type: bytes if usage_extension: - for flag, extension in self.EXTENDABLE_USAGE_FLAGS.items(): + for flag, extension in self.IMPLICIT_USAGE_FLAGS.items(): if self.original_usage.value() & flag.value() and \ self.original_usage.value() & extension.value() == 0: self.updated_usage = Expr(self.updated_usage.string + diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 9354447cd1..b515003b69 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -526,25 +526,25 @@ class StorageFormatV0(StorageFormat): def keys_for_usage_extension( self, - extendable: psa_storage.Expr, + implyer_usage: psa_storage.Expr, alg: str, key_type: str, params: Optional[Iterable[str]] = None ) -> List[StorageKey]: # pylint: disable=too-many-locals - """Generate test keys for the specified extendable usage flag, + """Generate test keys for the specified implicit usage flag, algorithm and key type combination. """ keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) for bits in kt.sizes_to_test(): - extension = StorageKey.EXTENDABLE_USAGE_FLAGS[extendable] + implicit = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] usage_flags = 'PSA_KEY_USAGE_EXPORT' - material_usage_flags = usage_flags + ' | ' + extendable.string - expected_usage_flags = material_usage_flags + ' | ' + extension.string + material_usage_flags = usage_flags + ' | ' + implyer_usage.string + expected_usage_flags = material_usage_flags + ' | ' + implicit.string alg2 = 0 key_material = kt.key_material(bits) - usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', extendable.string) + usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage.string) alg_expression = re.sub(r'PSA_ALG_', r'', alg) alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', @@ -621,11 +621,11 @@ class StorageFormatV0(StorageFormat): # Generate the keys without usage extension self.key_builder = StorageKeyBuilder(usage_extension=False) alg_with_keys = self.gather_key_types_for_sign_alg() - key_filter = StorageKey.EXTENDABLE_USAGE_FLAGS_KEY_RESTRICTION + key_filter = StorageKey.IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION # Use a lookup for the extendable usage flags to able to sort them usage_lookup = {} #type: Dict[str, psa_storage.Expr] - for usage_flag in StorageKey.EXTENDABLE_USAGE_FLAGS: + for usage_flag in StorageKey.IMPLICIT_USAGE_FLAGS: usage_lookup[usage_flag.string] = usage_flag # Walk through all combintion. The key types must be filtered to fit From d9050a53ac99faa233ca4d94d23bf8f85d69c656 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 16:35:48 +0200 Subject: [PATCH 0620/1065] Remove unnecessary test cases It is enough only one test case for a key type, algorithm pair when testing the implicit usage flags. Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 46 ++++++++++++++--------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b515003b69..798b9ed5ec 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -537,29 +537,29 @@ class StorageFormatV0(StorageFormat): """ keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) - for bits in kt.sizes_to_test(): - implicit = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] - usage_flags = 'PSA_KEY_USAGE_EXPORT' - material_usage_flags = usage_flags + ' | ' + implyer_usage.string - expected_usage_flags = material_usage_flags + ' | ' + implicit.string - alg2 = 0 - key_material = kt.key_material(bits) - usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage.string) - alg_expression = re.sub(r'PSA_ALG_', r'', alg) - alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) - key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', - r'', - kt.expression) - description = 'extend {}: {} {} {}-bit'.format( - usage_expression, alg_expression, key_type_expression, bits) - keys.append(self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=material_usage_flags, - expected_usage=expected_usage_flags, - alg=alg, alg2=alg2, - material=key_material, - description=description)) + bits = kt.sizes_to_test()[0] + implicit = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] + usage_flags = 'PSA_KEY_USAGE_EXPORT' + material_usage_flags = usage_flags + ' | ' + implyer_usage.string + expected_usage_flags = material_usage_flags + ' | ' + implicit.string + alg2 = 0 + key_material = kt.key_material(bits) + usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage.string) + alg_expression = re.sub(r'PSA_ALG_', r'', alg) + alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) + key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', + r'', + kt.expression) + description = 'extend {}: {} {} {}-bit'.format( + usage_expression, alg_expression, key_type_expression, bits) + keys.append(self.key_builder.build(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=material_usage_flags, + expected_usage=expected_usage_flags, + alg=alg, alg2=alg2, + material=key_material, + description=description)) return keys def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: From 2710bb1d82ed0aa98632040bfdea50c703cfa874 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 16:54:11 +0200 Subject: [PATCH 0621/1065] Use string in dict instead of Expr object Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/psa_storage.py | 12 ++++++------ tests/scripts/generate_psa_tests.py | 19 +++++++------------ 2 files changed, 13 insertions(+), 18 deletions(-) diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index cde6c80db7..0a8a0a3dab 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -102,9 +102,9 @@ class Key: """The latest version of the storage format.""" IMPLICIT_USAGE_FLAGS = { - Expr('PSA_KEY_USAGE_SIGN_HASH'): Expr('PSA_KEY_USAGE_SIGN_MESSAGE'), - Expr('PSA_KEY_USAGE_VERIFY_HASH'): Expr('PSA_KEY_USAGE_VERIFY_MESSAGE') - } #type: Dict[Expr, Expr] + 'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE', + 'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE' + } #type: Dict[str, str] """Mapping of usage flags to the flags that they imply.""" IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION = { @@ -138,10 +138,10 @@ class Key: if usage_extension: for flag, extension in self.IMPLICIT_USAGE_FLAGS.items(): - if self.original_usage.value() & flag.value() and \ - self.original_usage.value() & extension.value() == 0: + if self.original_usage.value() & Expr(flag).value() and \ + self.original_usage.value() & Expr(extension).value() == 0: self.updated_usage = Expr(self.updated_usage.string + - ' | ' + extension.string) + ' | ' + extension) MAGIC = b'PSA\000KEY\000' diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 798b9ed5ec..d8748db705 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -526,7 +526,7 @@ class StorageFormatV0(StorageFormat): def keys_for_usage_extension( self, - implyer_usage: psa_storage.Expr, + implyer_usage: str, alg: str, key_type: str, params: Optional[Iterable[str]] = None @@ -538,13 +538,13 @@ class StorageFormatV0(StorageFormat): keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) bits = kt.sizes_to_test()[0] - implicit = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] + implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] usage_flags = 'PSA_KEY_USAGE_EXPORT' - material_usage_flags = usage_flags + ' | ' + implyer_usage.string - expected_usage_flags = material_usage_flags + ' | ' + implicit.string + material_usage_flags = usage_flags + ' | ' + implyer_usage + expected_usage_flags = material_usage_flags + ' | ' + implicit_usage alg2 = 0 key_material = kt.key_material(bits) - usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage.string) + usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage) alg_expression = re.sub(r'PSA_ALG_', r'', alg) alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', @@ -623,18 +623,13 @@ class StorageFormatV0(StorageFormat): alg_with_keys = self.gather_key_types_for_sign_alg() key_filter = StorageKey.IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION - # Use a lookup for the extendable usage flags to able to sort them - usage_lookup = {} #type: Dict[str, psa_storage.Expr] - for usage_flag in StorageKey.IMPLICIT_USAGE_FLAGS: - usage_lookup[usage_flag.string] = usage_flag - # Walk through all combintion. The key types must be filtered to fit # the specific usage flag. keys += [key - for usage in sorted(usage_lookup) + for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str) for alg in sorted(alg_with_keys) for key_type in sorted(alg_with_keys[alg]) if re.match(key_filter[usage], key_type) - for key in self.keys_for_usage_extension(usage_lookup[usage], alg, key_type)] + for key in self.keys_for_usage_extension(usage, alg, key_type)] self.key_builder = prev_builder return keys From 5df1dee0c69b0c42b00f0ff9987ac3115bb19cb3 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 17:40:32 +0200 Subject: [PATCH 0622/1065] Rename variables and funcions Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/psa_storage.py | 4 ++-- tests/scripts/generate_psa_tests.py | 21 ++++++++++----------- 2 files changed, 12 insertions(+), 13 deletions(-) mode change 100755 => 100644 tests/scripts/generate_psa_tests.py diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 0a8a0a3dab..5ff173831b 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -123,7 +123,7 @@ class Key: bits: int, usage: Exprable, alg: Exprable, alg2: Exprable, material: bytes, #pylint: disable=used-before-assignment - usage_extension: bool = True + implicit_usage: bool = True ) -> None: self.version = self.LATEST_VERSION if version is None else version self.id = id #pylint: disable=invalid-name #type: Optional[int] @@ -136,7 +136,7 @@ class Key: self.alg2 = as_expr(alg2) #type: Expr self.material = material #type: bytes - if usage_extension: + if implicit_usage: for flag, extension in self.IMPLICIT_USAGE_FLAGS.items(): if self.original_usage.value() & Expr(flag).value() and \ self.original_usage.value() & Expr(extension).value() == 0: diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100755 new mode 100644 index d8748db705..25d5c9dd9b --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -242,11 +242,10 @@ class StorageKey(psa_storage.Key): """Prepare to generate a key. * `description`: used for the the test case names - * `expected_usage`: the usage flags generated as the expected usage - flags in the test cases. When testing usage - extension the usage flags can differ in the - generated key and the expected usage flags - in the test cases. + * `implicit_usage`: the usage flags generated as the expected usage + flags in the test cases. When testing implicit + usage flags, they can differ in the generated keys + and the expected usage flags in the test cases. """ super().__init__(**kwargs) self.description = description #type: str @@ -259,7 +258,7 @@ class StorageKeyBuilder: self.usage_extension = usage_extension #type: bool def build(self, **kwargs) -> StorageKey: - return StorageKey(usage_extension=self.usage_extension, **kwargs) + return StorageKey(implicit_usage=self.usage_extension, **kwargs) class StorageFormat: """Storage format stability test cases.""" @@ -524,7 +523,7 @@ class StorageFormatV0(StorageFormat): self.key_builder = prev_builder return keys - def keys_for_usage_extension( + def keys_for_implicit_usage( self, implyer_usage: str, alg: str, @@ -550,7 +549,7 @@ class StorageFormatV0(StorageFormat): key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', r'', kt.expression) - description = 'extend {}: {} {} {}-bit'.format( + description = 'implied by {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) keys.append(self.key_builder.build(version=self.version, id=1, lifetime=0x00000001, @@ -610,7 +609,7 @@ class StorageFormatV0(StorageFormat): alg_with_keys[alg] = [key_type] return alg_with_keys - def all_keys_for_usage_extension(self) -> List[StorageKey]: + def all_keys_for_implicit_usage(self) -> List[StorageKey]: """Generate test keys for usage flag extensions.""" # Generate a key type and algorithm pair for each extendable usage # flag to generate a valid key for exercising. The key is generated @@ -629,14 +628,14 @@ class StorageFormatV0(StorageFormat): for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str) for alg in sorted(alg_with_keys) for key_type in sorted(alg_with_keys[alg]) if re.match(key_filter[usage], key_type) - for key in self.keys_for_usage_extension(usage, alg, key_type)] + for key in self.keys_for_implicit_usage(usage, alg, key_type)] self.key_builder = prev_builder return keys def generate_all_keys(self) -> List[StorageKey]: keys = super().generate_all_keys() - keys += self.all_keys_for_usage_extension() + keys += self.all_keys_for_implicit_usage() return keys class TestGenerator: From 340fbf373568db9597790b97ef584bbf3b8d252a Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 19:26:55 +0200 Subject: [PATCH 0623/1065] Refactor key generation Remove the key builder and use iterator instead of lists. Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 231 +++++++++++----------------- 1 file changed, 94 insertions(+), 137 deletions(-) mode change 100644 => 100755 tests/scripts/generate_psa_tests.py diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py old mode 100644 new mode 100755 index 25d5c9dd9b..fe865aee91 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -252,14 +252,6 @@ class StorageKey(psa_storage.Key): self.usage = psa_storage.as_expr(expected_usage) if expected_usage is not None else\ self.original_usage #type: psa_storage.Expr -class StorageKeyBuilder: - # pylint: disable=too-few-public-methods - def __init__(self, usage_extension: bool) -> None: - self.usage_extension = usage_extension #type: bool - - def build(self, **kwargs) -> StorageKey: - return StorageKey(implicit_usage=self.usage_extension, **kwargs) - class StorageFormat: """Storage format stability test cases.""" @@ -276,7 +268,6 @@ class StorageFormat: self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator self.version = version #type: int self.forward = forward #type: bool - self.key_builder = StorageKeyBuilder(usage_extension=True) #type: StorageKeyBuilder def make_test_case(self, key: StorageKey) -> test_case.TestCase: """Construct a storage format test case for the given key. @@ -329,19 +320,17 @@ class StorageFormat: r'', short) short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) description = 'lifetime: ' + short - key = self.key_builder.build(version=self.version, - id=1, lifetime=lifetime, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, - material=b'L', - description=description) - return key + return StorageKey(version=self.version, + id=1, lifetime=lifetime, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + material=b'L', + description=description) - def all_keys_for_lifetimes(self) -> List[StorageKey]: + def all_keys_for_lifetimes(self) -> Iterator[StorageKey]: """Generate test keys covering lifetimes.""" lifetimes = sorted(self.constructors.lifetimes) expressions = self.constructors.generate_expressions(lifetimes) - keys = [] #type List[StorageKey] for lifetime in expressions: # Don't attempt to create or load a volatile key in storage if 'VOLATILE' in lifetime: @@ -350,67 +339,67 @@ class StorageFormat: # but do attempt to load one. if 'READ_ONLY' in lifetime and self.forward: continue - keys.append(self.key_for_lifetime(lifetime)) - return keys + yield self.key_for_lifetime(lifetime) def key_for_usage_flags( self, usage_flags: List[str], short: Optional[str] = None, - extra_desc: Optional[str] = None - ) -> StorageKey: + test_implicit_usage: Optional[bool] = False + ) -> Iterator[StorageKey]: """Construct a test key for the given key usage.""" usage = ' | '.join(usage_flags) if usage_flags else '0' if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) - extra_desc = ' ' + extra_desc if extra_desc else '' + extra_desc = ' with implication' if test_implicit_usage else '' description = 'usage' + extra_desc + ': ' + short - return self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description) + yield StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description, + implicit_usage=True) + if test_implicit_usage: + description = 'usage without implication' + ': ' + short + yield StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description, + implicit_usage=False) - def generate_keys_for_usage_flags( - self, - extra_desc: Optional[str] = None - ) -> List[StorageKey]: + + def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageKey]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) - keys = [] #type List[StorageKey] - keys.append(self.key_for_usage_flags(['0'], extra_desc=extra_desc)) - keys += [self.key_for_usage_flags([usage_flag], extra_desc=extra_desc) - for usage_flag in known_flags] - keys += [self.key_for_usage_flags([flag1, flag2], extra_desc=extra_desc) - for flag1, flag2 in zip(known_flags, - known_flags[1:] + [known_flags[0]])] - return keys + yield from self.key_for_usage_flags(['0'], **kwargs) + for usage_flag in known_flags: + yield from self.key_for_usage_flags([usage_flag], **kwargs) + for flag1, flag2 in zip(known_flags, + known_flags[1:] + [known_flags[0]]): + yield from self.key_for_usage_flags([flag1, flag2], **kwargs) - def generate_key_for_all_usage_flags(self) -> StorageKey: + def generate_key_for_all_usage_flags(self) -> Iterator[StorageKey]: known_flags = sorted(self.constructors.key_usage_flags) - return self.key_for_usage_flags(known_flags, short='all known') + yield from self.key_for_usage_flags(known_flags, short='all known') - def all_keys_for_usage_flags( - self, - extra_desc: Optional[str] = None - ) -> List[StorageKey]: - keys = self.generate_keys_for_usage_flags(extra_desc=extra_desc) - keys.append(self.generate_key_for_all_usage_flags()) - return keys + def all_keys_for_usage_flags(self) -> Iterator[StorageKey]: + yield from self.generate_keys_for_usage_flags() + yield from self.generate_key_for_all_usage_flags() def keys_for_type( self, key_type: str, params: Optional[Iterable[str]] = None - ) -> List[StorageKey]: + ) -> Iterator[StorageKey]: """Generate test keys for the given key type. For key types that depend on a parameter (e.g. elliptic curve family), `param` is the parameter to pass to the constructor. Only a single parameter is supported. """ - keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) for bits in kt.sizes_to_test(): usage_flags = 'PSA_KEY_USAGE_EXPORT' @@ -421,22 +410,20 @@ class StorageFormat: r'', kt.expression) description = 'type: {} {}-bit'.format(short_expression, bits) - keys.append(self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description)) - return keys + yield StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg, alg2=alg2, + material=key_material, + description=description) - def all_keys_for_types(self) -> List[StorageKey]: + def all_keys_for_types(self) -> Iterator[StorageKey]: """Generate test keys covering key types and their representations.""" key_types = sorted(self.constructors.key_types) - return [key - for key_type in self.constructors.generate_expressions(key_types) - for key in self.keys_for_type(key_type)] + for key_type in self.constructors.generate_expressions(key_types): + yield from self.keys_for_type(key_type) - def keys_for_algorithm(self, alg: str) -> List[StorageKey]: + def keys_for_algorithm(self, alg: str) -> Iterator[StorageKey]: """Generate test keys for the specified algorithm.""" # For now, we don't have information on the compatibility of key # types and algorithms. So we just test the encoding of algorithms, @@ -444,26 +431,24 @@ class StorageFormat: descr = re.sub(r'PSA_ALG_', r'', alg) descr = re.sub(r',', r', ', re.sub(r' +', r'', descr)) usage = 'PSA_KEY_USAGE_EXPORT' - key1 = self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=alg, alg2=0, - material=b'K', - description='alg: ' + descr) - key2 = self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=alg, - material=b'L', - description='alg2: ' + descr) - return [key1, key2] + yield StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=alg, alg2=0, + material=b'K', + description='alg: ' + descr) + yield StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=alg, + material=b'L', + description='alg2: ' + descr) - def all_keys_for_algorithms(self) -> List[StorageKey]: + def all_keys_for_algorithms(self) -> Iterator[StorageKey]: """Generate test keys covering algorithm encodings.""" algorithms = sorted(self.constructors.algorithms) - return [key - for alg in self.constructors.generate_expressions(algorithms) - for key in self.keys_for_algorithm(alg)] + for alg in self.constructors.generate_expressions(algorithms): + yield from self.keys_for_algorithm(alg) def generate_all_keys(self) -> List[StorageKey]: """Generate all keys for the test cases.""" @@ -474,18 +459,19 @@ class StorageFormat: keys += self.all_keys_for_algorithms() return keys - def all_test_cases(self) -> List[test_case.TestCase]: + def all_test_cases(self) -> Iterator[test_case.TestCase]: """Generate all storage format test cases.""" # First build a list of all keys, then construct all the corresponding # test cases. This allows all required information to be obtained in # one go, which is a significant performance gain as the information # includes numerical values obtained by compiling a C program. - keys = self.generate_all_keys() - - # Skip keys with a non-default location, because they - # require a driver and we currently have no mechanism to - # determine whether a driver is available. - return [self.make_test_case(key) for key in keys if key.location_value() == 0] + for key in self.generate_all_keys(): + if key.location_value() != 0: + # Skip keys with a non-default location, because they + # require a driver and we currently have no mechanism to + # determine whether a driver is available. + continue + yield self.make_test_case(key) class StorageFormatForward(StorageFormat): """Storage format stability test cases for forward compatibility.""" @@ -499,29 +485,10 @@ class StorageFormatV0(StorageFormat): def __init__(self, info: Information) -> None: super().__init__(info, 0, False) - def all_keys_for_usage_flags( - self, - extra_desc: Optional[str] = None - ) -> List[StorageKey]: + def all_keys_for_usage_flags(self) -> Iterator[StorageKey]: """Generate test keys covering usage flags.""" - # First generate keys without usage policy extension for - # compatibility testing, then generate the keys with extension - # to check the extension is working. Finally generate key for all known - # usage flag which needs to be separted because it is not affected by - # usage extension. - keys = [] #type: List[StorageKey] - prev_builder = self.key_builder - - self.key_builder = StorageKeyBuilder(usage_extension=False) - keys += self.generate_keys_for_usage_flags(extra_desc='without extension') - - self.key_builder = StorageKeyBuilder(usage_extension=True) - keys += self.generate_keys_for_usage_flags(extra_desc='with extension') - - keys.append(self.generate_key_for_all_usage_flags()) - - self.key_builder = prev_builder - return keys + yield from self.generate_keys_for_usage_flags(test_implicit_usage=True) + yield from self.generate_key_for_all_usage_flags() def keys_for_implicit_usage( self, @@ -529,12 +496,11 @@ class StorageFormatV0(StorageFormat): alg: str, key_type: str, params: Optional[Iterable[str]] = None - ) -> List[StorageKey]: + ) -> StorageKey: # pylint: disable=too-many-locals """Generate test keys for the specified implicit usage flag, algorithm and key type combination. """ - keys = [] #type: List[StorageKey] kt = crypto_knowledge.KeyType(key_type, params) bits = kt.sizes_to_test()[0] implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] @@ -551,15 +517,15 @@ class StorageFormatV0(StorageFormat): kt.expression) description = 'implied by {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) - keys.append(self.key_builder.build(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=material_usage_flags, - expected_usage=expected_usage_flags, - alg=alg, alg2=alg2, - material=key_material, - description=description)) - return keys + return StorageKey(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=material_usage_flags, + expected_usage=expected_usage_flags, + alg=alg, alg2=alg2, + material=key_material, + description=description, + implicit_usage=False) def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: # pylint: disable=too-many-locals @@ -609,29 +575,20 @@ class StorageFormatV0(StorageFormat): alg_with_keys[alg] = [key_type] return alg_with_keys - def all_keys_for_implicit_usage(self) -> List[StorageKey]: + def all_keys_for_implicit_usage(self) -> Iterator[StorageKey]: """Generate test keys for usage flag extensions.""" # Generate a key type and algorithm pair for each extendable usage # flag to generate a valid key for exercising. The key is generated # without usage extension to check the extension compatiblity. - keys = [] #type: List[StorageKey] - prev_builder = self.key_builder - - # Generate the keys without usage extension - self.key_builder = StorageKeyBuilder(usage_extension=False) alg_with_keys = self.gather_key_types_for_sign_alg() key_filter = StorageKey.IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION - # Walk through all combintion. The key types must be filtered to fit - # the specific usage flag. - keys += [key - for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str) - for alg in sorted(alg_with_keys) - for key_type in sorted(alg_with_keys[alg]) if re.match(key_filter[usage], key_type) - for key in self.keys_for_implicit_usage(usage, alg, key_type)] - - self.key_builder = prev_builder - return keys + for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str): + for alg in sorted(alg_with_keys): + for key_type in sorted(alg_with_keys[alg]): + # The key types must be filtered to fit the specific usage flag. + if re.match(key_filter[usage], key_type): + yield self.keys_for_implicit_usage(usage, alg, key_type) def generate_all_keys(self) -> List[StorageKey]: keys = super().generate_all_keys() From 2784bfe22692eaa7cad4138513042e8aeca3aaeb Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 20:02:11 +0200 Subject: [PATCH 0624/1065] Move key type validation to crypto_knowledge Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/crypto_knowledge.py | 17 ++++++++++++++++- scripts/mbedtls_dev/psa_storage.py | 8 -------- tests/scripts/generate_psa_tests.py | 18 ++++++++---------- 3 files changed, 24 insertions(+), 19 deletions(-) diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 4b4e2df515..01a8c5dc3a 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -19,7 +19,7 @@ This module is entirely based on the PSA API. # limitations under the License. import re -from typing import Iterable, Optional, Tuple +from typing import Iterable, Optional, Tuple, Dict from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA @@ -138,3 +138,18 @@ class KeyType: return des3[:length] return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) + [self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]]) + + KEY_TYPE_FOR_SIGNATURE = { + 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR', + 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*' + } #type: Dict[str, str] + """Use a regexp to determine key types for which signature is possible + when using the actual usage flag. + """ + def is_valid_for_signature(self, usage: str) -> bool: + """Determine if the key type is compatible with the specified + signitute type. + + """ + # This is just temporaly solution for the implicit usage flags. + return re.match(self.KEY_TYPE_FOR_SIGNATURE[usage], self.name) is not None diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 5ff173831b..88992a6fc5 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -107,14 +107,6 @@ class Key: } #type: Dict[str, str] """Mapping of usage flags to the flags that they imply.""" - IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION = { - 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR', - 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*' - } #type: Dict[str, str] - """Use a regexp to determine key types for which signature is possible - when using the actual usage flag. - """ - def __init__(self, *, version: Optional[int] = None, id: Optional[int] = None, #pylint: disable=redefined-builtin diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index fe865aee91..4e2842c24e 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -494,32 +494,30 @@ class StorageFormatV0(StorageFormat): self, implyer_usage: str, alg: str, - key_type: str, - params: Optional[Iterable[str]] = None + key_type: crypto_knowledge.KeyType ) -> StorageKey: # pylint: disable=too-many-locals """Generate test keys for the specified implicit usage flag, algorithm and key type combination. """ - kt = crypto_knowledge.KeyType(key_type, params) - bits = kt.sizes_to_test()[0] + bits = key_type.sizes_to_test()[0] implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] usage_flags = 'PSA_KEY_USAGE_EXPORT' material_usage_flags = usage_flags + ' | ' + implyer_usage expected_usage_flags = material_usage_flags + ' | ' + implicit_usage alg2 = 0 - key_material = kt.key_material(bits) + key_material = key_type.key_material(bits) usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage) alg_expression = re.sub(r'PSA_ALG_', r'', alg) alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', r'', - kt.expression) + key_type.expression) description = 'implied by {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) return StorageKey(version=self.version, id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, + type=key_type.expression, bits=bits, usage=material_usage_flags, expected_usage=expected_usage_flags, alg=alg, alg2=alg2, @@ -581,14 +579,14 @@ class StorageFormatV0(StorageFormat): # flag to generate a valid key for exercising. The key is generated # without usage extension to check the extension compatiblity. alg_with_keys = self.gather_key_types_for_sign_alg() - key_filter = StorageKey.IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str): for alg in sorted(alg_with_keys): for key_type in sorted(alg_with_keys[alg]): # The key types must be filtered to fit the specific usage flag. - if re.match(key_filter[usage], key_type): - yield self.keys_for_implicit_usage(usage, alg, key_type) + kt = crypto_knowledge.KeyType(key_type) + if kt.is_valid_for_signature(usage): + yield self.keys_for_implicit_usage(usage, alg, kt) def generate_all_keys(self) -> List[StorageKey]: keys = super().generate_all_keys() From 6740c9de770708227095c9bb9a4b110fc0705811 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 28 Jun 2021 20:39:26 +0200 Subject: [PATCH 0625/1065] Add changelog entry Signed-off-by: gabor-mezei-arm --- ChangeLog.d/implicit_key_usage_policy.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/implicit_key_usage_policy.txt diff --git a/ChangeLog.d/implicit_key_usage_policy.txt b/ChangeLog.d/implicit_key_usage_policy.txt new file mode 100644 index 0000000000..2a4213b29c --- /dev/null +++ b/ChangeLog.d/implicit_key_usage_policy.txt @@ -0,0 +1,5 @@ +Changes + * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when + PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag + when PSA_KEY_USAGE_VERIFY_HASH flag is set. This implicit policy flag + setting is also apply when loading a key from storage. From 40d5cd857102132155b325b29297086a2a290a52 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:06:16 +0200 Subject: [PATCH 0626/1065] Remove unneeded test case parameter Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 52 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 10 +--- 2 files changed, 28 insertions(+), 34 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c50bcb6c70..2c077c42a5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -394,107 +394,107 @@ key_attributes_init: PSA key policy: MAC, sign | verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, sign, key usage extension depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, verify, key usage extension depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, sign | verify, key usage extension depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, wrong algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, alg=0 in policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, ANY_HASH in policy is not meaningful depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, sign but not verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, verify but not sign depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: MAC, neither sign nor verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_PERMITTED +mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED PSA key policy: CMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, default tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy used as algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_INVALID_ARGUMENT +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT PSA key policy: HMAC, sign-verify, tag length > exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length = exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED PSA key policy: cipher, encrypt | decrypt depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 815b773485..85999a1c88 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -792,7 +792,6 @@ void mac_key_policy( int policy_usage_arg, int key_type_arg, data_t *key_data, int exercise_alg_arg, - int expected_usage_arg, int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; @@ -802,16 +801,10 @@ void mac_key_policy( int policy_usage_arg, psa_algorithm_t policy_alg = policy_alg_arg; psa_algorithm_t exercise_alg = exercise_alg_arg; psa_key_usage_t policy_usage = policy_usage_arg; - psa_key_usage_t expected_usage = expected_usage_arg; psa_status_t status; psa_status_t expected_status = expected_status_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; - /* Check if all implicit usage flags are deployed - in the expected usage flags. */ - TEST_EQUAL( expected_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, policy_usage ); @@ -821,7 +814,8 @@ void mac_key_policy( int policy_usage_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + mbedtls_test_update_key_usage_flags( policy_usage ) ); status = psa_mac_sign_setup( &operation, key, exercise_alg ); if( ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) == 0 ) From db4522ca8385badd03f21bb1e0e1e3a6e35a9df9 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:07:34 +0200 Subject: [PATCH 0627/1065] Rename test cases Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2c077c42a5..3ab4bae926 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -365,46 +365,46 @@ PSA key policy: AES CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING -PSA key policy: ECC SECP256R1, sign_hash +PSA key policy: ECC SECP256R1, SIGN_HASH depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign_hash -> sign_hash+message +PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign_hash+verify_hash +PSA key policy: ECC SECP256R1, SIGN_HASH+VERIFY_HASH depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign+verify_hash -> sign+verify_hash + sign+verify_message +PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, sign_message +PSA key policy: ECC SECP256R1, SIGN_MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) -PSA key policy: ECC SECP256R1, sign+verify_message +PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Key attributes initializers zero properly key_attributes_init: -PSA key policy: MAC, sign | verify +PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key policy: MAC, sign, key usage extension +PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key policy: MAC, verify, key usage extension +PSA key policy: MAC, VERIFY_HASH -> VERIFY_HASH+MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key policy: MAC, sign | verify, key usage extension +PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS From 335e55647e736c97b9c6d641cffa00149cacfa43 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:08:47 +0200 Subject: [PATCH 0628/1065] Update key policy testing test cases Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 52 ++++++++++++++----------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3ab4bae926..47c5b25bec 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -365,26 +365,30 @@ PSA key policy: AES CBC depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING -PSA key policy: ECC SECP256R1, SIGN_HASH -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY - PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY -PSA key policy: ECC SECP256R1, SIGN_HASH+VERIFY_HASH +PSA key policy: ECC SECP256R1, VERIFY_HASH -> VERIFY_HASH+MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY +PSA key policy: ECC SECP256R1, {SIGN,VERIFY}_{HASH,MESSAGE} +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY + PSA key policy: ECC SECP256R1, SIGN_MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +PSA key policy: ECC SECP256R1, VERIFY_MESSAGE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) @@ -392,10 +396,6 @@ check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY Key attributes initializers zero properly key_attributes_init: -PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE} -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS - PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS @@ -408,6 +408,26 @@ PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE} +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key policy: MAC, SIGN_MESSAGE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key policy: MAC, VERIFY_MESSAGE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key policy: MAC, SIGN+VERIFY_MESSAGE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key policy: MAC, neither sign nor verify +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED + PSA key policy: MAC, wrong algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED @@ -420,18 +440,6 @@ PSA key policy: MAC, ANY_HASH in policy is not meaningful depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED -PSA key policy: MAC, sign but not verify -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS - -PSA key policy: MAC, verify but not sign -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS - -PSA key policy: MAC, neither sign nor verify -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED - PSA key policy: HMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS From 6f7282b09a8c2cb9ea0930ef32e79c94abea86dc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:17:14 +0200 Subject: [PATCH 0629/1065] Keep the imported classes sorted Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/crypto_knowledge.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 01a8c5dc3a..089d4fe1f1 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -19,7 +19,7 @@ This module is entirely based on the PSA API. # limitations under the License. import re -from typing import Iterable, Optional, Tuple, Dict +from typing import Dict, Iterable, Optional, Tuple from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA From f73f896bdf6bf7629fdae7800f392239134aaf16 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:17:54 +0200 Subject: [PATCH 0630/1065] Use regexp pattern instaed of string Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/crypto_knowledge.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 089d4fe1f1..c38955b0ed 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -19,7 +19,7 @@ This module is entirely based on the PSA API. # limitations under the License. import re -from typing import Dict, Iterable, Optional, Tuple +from typing import Dict, Iterable, Optional, Pattern, Tuple from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA @@ -140,9 +140,9 @@ class KeyType: [self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]]) KEY_TYPE_FOR_SIGNATURE = { - 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR', - 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*' - } #type: Dict[str, str] + 'PSA_KEY_USAGE_SIGN_HASH': re.compile('.*KEY_PAIR'), + 'PSA_KEY_USAGE_VERIFY_HASH': re.compile('.*KEY.*') + } #type: Dict[str, Pattern] """Use a regexp to determine key types for which signature is possible when using the actual usage flag. """ From 52176f794a115c3934d6bb6f08dc51c7121c19d9 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 11:21:45 +0200 Subject: [PATCH 0631/1065] Fix changelog entry Signed-off-by: gabor-mezei-arm --- ChangeLog.d/implicit_key_usage_policy.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/implicit_key_usage_policy.txt b/ChangeLog.d/implicit_key_usage_policy.txt index 2a4213b29c..ee33ecb7b6 100644 --- a/ChangeLog.d/implicit_key_usage_policy.txt +++ b/ChangeLog.d/implicit_key_usage_policy.txt @@ -1,5 +1,5 @@ Changes * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag - when PSA_KEY_USAGE_VERIFY_HASH flag is set. This implicit policy flag - setting is also apply when loading a key from storage. + when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension + is also applied when loading a key from storage. From 2a499c0cc5ebf7ad01ad1ef20f414fb0db1c1f5a Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 15:29:24 +0200 Subject: [PATCH 0632/1065] Refactor handlibg of the key usage flags Move implicit usage flags handling to the StorageKey class. Create a subclass for test case data. Signed-off-by: gabor-mezei-arm --- scripts/mbedtls_dev/psa_storage.py | 21 +--- tests/scripts/generate_psa_tests.py | 183 ++++++++++++++++------------ 2 files changed, 111 insertions(+), 93 deletions(-) diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 88992a6fc5..45f0380e7b 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -101,12 +101,6 @@ class Key: LATEST_VERSION = 0 """The latest version of the storage format.""" - IMPLICIT_USAGE_FLAGS = { - 'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE', - 'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE' - } #type: Dict[str, str] - """Mapping of usage flags to the flags that they imply.""" - def __init__(self, *, version: Optional[int] = None, id: Optional[int] = None, #pylint: disable=redefined-builtin @@ -114,27 +108,18 @@ class Key: type: Exprable, #pylint: disable=redefined-builtin bits: int, usage: Exprable, alg: Exprable, alg2: Exprable, - material: bytes, #pylint: disable=used-before-assignment - implicit_usage: bool = True + material: bytes #pylint: disable=used-before-assignment ) -> None: self.version = self.LATEST_VERSION if version is None else version self.id = id #pylint: disable=invalid-name #type: Optional[int] self.lifetime = as_expr(lifetime) #type: Expr self.type = as_expr(type) #type: Expr self.bits = bits #type: int - self.original_usage = as_expr(usage) #type: Expr - self.updated_usage = self.original_usage #type: Expr + self.usage = as_expr(usage) #type: Expr self.alg = as_expr(alg) #type: Expr self.alg2 = as_expr(alg2) #type: Expr self.material = material #type: bytes - if implicit_usage: - for flag, extension in self.IMPLICIT_USAGE_FLAGS.items(): - if self.original_usage.value() & Expr(flag).value() and \ - self.original_usage.value() & Expr(extension).value() == 0: - self.updated_usage = Expr(self.updated_usage.string + - ' | ' + extension) - MAGIC = b'PSA\000KEY\000' @staticmethod @@ -166,7 +151,7 @@ class Key: if self.version == 0: attributes = self.pack('LHHLLL', self.lifetime, self.type, self.bits, - self.updated_usage, self.alg, self.alg2) + self.usage, self.alg, self.alg2) material = self.pack('L', len(self.material)) + self.material else: raise NotImplementedError diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 4e2842c24e..3eb7c4b931 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -233,24 +233,50 @@ class NotSupported: class StorageKey(psa_storage.Key): """Representation of a key for storage format testing.""" + IMPLICIT_USAGE_FLAGS = { + 'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE', + 'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE' + } #type: Dict[str, str] + """Mapping of usage flags to the flags that they imply.""" + + def __init__( + self, + usage: str, + without_implicit_usage: Optional[bool] = False, + **kwargs + ) -> None: + """Prepare to generate a key. + + * `usage` : The usage flags used for the key. + * `without_implicit_usage`: Flag to defide to apply the usage extension + """ + super().__init__(usage=usage,**kwargs) + + if not without_implicit_usage: + for flag, implicit in self.IMPLICIT_USAGE_FLAGS.items(): + if self.usage.value() & psa_storage.Expr(flag).value() and \ + self.usage.value() & psa_storage.Expr(implicit).value() == 0: + self.usage = psa_storage.Expr(self.usage.string + ' | ' + implicit) + +class StorageTestData(StorageKey): + """Representation of test case data for storage format testing.""" + def __init__( self, description: str, expected_usage: Optional[str] = None, **kwargs ) -> None: - """Prepare to generate a key. + """Prepare to generate test data - * `description`: used for the the test case names - * `implicit_usage`: the usage flags generated as the expected usage - flags in the test cases. When testing implicit - usage flags, they can differ in the generated keys - and the expected usage flags in the test cases. + * `description` : used for the the test case names + * `expected_usage`: the usage flags generated as the expected usage flags + in the test cases. CAn differ from the usage flags + stored in the keys because of the usage flags extension. """ super().__init__(**kwargs) self.description = description #type: str - self.usage = psa_storage.as_expr(expected_usage) if expected_usage is not None else\ - self.original_usage #type: psa_storage.Expr + self.expected_usage = expected_usage if expected_usage else self.usage.string #type: str class StorageFormat: """Storage format stability test cases.""" @@ -269,7 +295,7 @@ class StorageFormat: self.version = version #type: int self.forward = forward #type: bool - def make_test_case(self, key: StorageKey) -> test_case.TestCase: + def make_test_case(self, key: StorageTestData) -> test_case.TestCase: """Construct a storage format test case for the given key. If ``forward`` is true, generate a forward compatibility test case: @@ -283,7 +309,7 @@ class StorageFormat: tc.set_description('PSA storage {}: {}'.format(verb, key.description)) dependencies = automatic_dependencies( key.lifetime.string, key.type.string, - key.usage.string, key.alg.string, key.alg2.string, + key.expected_usage, key.alg.string, key.alg2.string, ) dependencies = finish_family_dependencies(dependencies, key.bits) tc.set_dependencies(dependencies) @@ -304,7 +330,7 @@ class StorageFormat: extra_arguments = [' | '.join(flags) if flags else '0'] tc.set_arguments([key.lifetime.string, key.type.string, str(key.bits), - key.usage.string, key.alg.string, key.alg2.string, + key.expected_usage, key.alg.string, key.alg2.string, '"' + key.material.hex() + '"', '"' + key.hex() + '"', *extra_arguments]) @@ -313,21 +339,22 @@ class StorageFormat: def key_for_lifetime( self, lifetime: str, - ) -> StorageKey: + ) -> StorageTestData: """Construct a test key for the given lifetime.""" short = lifetime short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION', r'', short) short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) description = 'lifetime: ' + short - return StorageKey(version=self.version, - id=1, lifetime=lifetime, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, - material=b'L', - description=description) + key = StorageTestData(version=self.version, + id=1, lifetime=lifetime, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + material=b'L', + description=description) + return key - def all_keys_for_lifetimes(self) -> Iterator[StorageKey]: + def all_keys_for_lifetimes(self) -> Iterator[StorageTestData]: """Generate test keys covering lifetimes.""" lifetimes = sorted(self.constructors.lifetimes) expressions = self.constructors.generate_expressions(lifetimes) @@ -346,32 +373,34 @@ class StorageFormat: usage_flags: List[str], short: Optional[str] = None, test_implicit_usage: Optional[bool] = False - ) -> Iterator[StorageKey]: + ) -> Iterator[StorageTestData]: """Construct a test key for the given key usage.""" usage = ' | '.join(usage_flags) if usage_flags else '0' if short is None: short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) extra_desc = ' with implication' if test_implicit_usage else '' description = 'usage' + extra_desc + ': ' + short - yield StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description, - implicit_usage=True) + key1 = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + expected_usage=usage, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description) + yield key1 + if test_implicit_usage: description = 'usage without implication' + ': ' + short - yield StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description, - implicit_usage=False) + key2 = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + without_implicit_usage=True, + usage=usage, alg=0, alg2=0, + material=b'K', + description=description) + yield key2 - - def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageKey]: + def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) yield from self.key_for_usage_flags(['0'], **kwargs) @@ -381,11 +410,11 @@ class StorageFormat: known_flags[1:] + [known_flags[0]]): yield from self.key_for_usage_flags([flag1, flag2], **kwargs) - def generate_key_for_all_usage_flags(self) -> Iterator[StorageKey]: + def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]: known_flags = sorted(self.constructors.key_usage_flags) yield from self.key_for_usage_flags(known_flags, short='all known') - def all_keys_for_usage_flags(self) -> Iterator[StorageKey]: + def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: yield from self.generate_keys_for_usage_flags() yield from self.generate_key_for_all_usage_flags() @@ -393,7 +422,7 @@ class StorageFormat: self, key_type: str, params: Optional[Iterable[str]] = None - ) -> Iterator[StorageKey]: + ) -> Iterator[StorageTestData]: """Generate test keys for the given key type. For key types that depend on a parameter (e.g. elliptic curve family), @@ -410,20 +439,21 @@ class StorageFormat: r'', kt.expression) description = 'type: {} {}-bit'.format(short_expression, bits) - yield StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description) + key = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg, alg2=alg2, + material=key_material, + description=description) + yield key - def all_keys_for_types(self) -> Iterator[StorageKey]: + def all_keys_for_types(self) -> Iterator[StorageTestData]: """Generate test keys covering key types and their representations.""" key_types = sorted(self.constructors.key_types) for key_type in self.constructors.generate_expressions(key_types): yield from self.keys_for_type(key_type) - def keys_for_algorithm(self, alg: str) -> Iterator[StorageKey]: + def keys_for_algorithm(self, alg: str) -> Iterator[StorageTestData]: """Generate test keys for the specified algorithm.""" # For now, we don't have information on the compatibility of key # types and algorithms. So we just test the encoding of algorithms, @@ -431,28 +461,30 @@ class StorageFormat: descr = re.sub(r'PSA_ALG_', r'', alg) descr = re.sub(r',', r', ', re.sub(r' +', r'', descr)) usage = 'PSA_KEY_USAGE_EXPORT' - yield StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=alg, alg2=0, - material=b'K', - description='alg: ' + descr) - yield StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage=usage, alg=0, alg2=alg, - material=b'L', - description='alg2: ' + descr) + key1 = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=alg, alg2=0, + material=b'K', + description='alg: ' + descr) + yield key1 + key2 = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type='PSA_KEY_TYPE_RAW_DATA', bits=8, + usage=usage, alg=0, alg2=alg, + material=b'L', + description='alg2: ' + descr) + yield key2 - def all_keys_for_algorithms(self) -> Iterator[StorageKey]: + def all_keys_for_algorithms(self) -> Iterator[StorageTestData]: """Generate test keys covering algorithm encodings.""" algorithms = sorted(self.constructors.algorithms) for alg in self.constructors.generate_expressions(algorithms): yield from self.keys_for_algorithm(alg) - def generate_all_keys(self) -> List[StorageKey]: + def generate_all_keys(self) -> List[StorageTestData]: """Generate all keys for the test cases.""" - keys = [] #type: List[StorageKey] + keys = [] #type: List[StorageTestData] keys += self.all_keys_for_lifetimes() keys += self.all_keys_for_usage_flags() keys += self.all_keys_for_types() @@ -485,7 +517,7 @@ class StorageFormatV0(StorageFormat): def __init__(self, info: Information) -> None: super().__init__(info, 0, False) - def all_keys_for_usage_flags(self) -> Iterator[StorageKey]: + def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: """Generate test keys covering usage flags.""" yield from self.generate_keys_for_usage_flags(test_implicit_usage=True) yield from self.generate_key_for_all_usage_flags() @@ -495,7 +527,7 @@ class StorageFormatV0(StorageFormat): implyer_usage: str, alg: str, key_type: crypto_knowledge.KeyType - ) -> StorageKey: + ) -> StorageTestData: # pylint: disable=too-many-locals """Generate test keys for the specified implicit usage flag, algorithm and key type combination. @@ -515,15 +547,16 @@ class StorageFormatV0(StorageFormat): key_type.expression) description = 'implied by {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) - return StorageKey(version=self.version, - id=1, lifetime=0x00000001, - type=key_type.expression, bits=bits, - usage=material_usage_flags, - expected_usage=expected_usage_flags, - alg=alg, alg2=alg2, - material=key_material, - description=description, - implicit_usage=False) + key = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type=key_type.expression, bits=bits, + usage=material_usage_flags, + expected_usage=expected_usage_flags, + without_implicit_usage=True, + alg=alg, alg2=alg2, + material=key_material, + description=description) + return key def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: # pylint: disable=too-many-locals @@ -573,7 +606,7 @@ class StorageFormatV0(StorageFormat): alg_with_keys[alg] = [key_type] return alg_with_keys - def all_keys_for_implicit_usage(self) -> Iterator[StorageKey]: + def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]: """Generate test keys for usage flag extensions.""" # Generate a key type and algorithm pair for each extendable usage # flag to generate a valid key for exercising. The key is generated @@ -588,7 +621,7 @@ class StorageFormatV0(StorageFormat): if kt.is_valid_for_signature(usage): yield self.keys_for_implicit_usage(usage, alg, kt) - def generate_all_keys(self) -> List[StorageKey]: + def generate_all_keys(self) -> List[StorageTestData]: keys = super().generate_all_keys() keys += self.all_keys_for_implicit_usage() return keys From 6385780f54b2d1dbe88250a67a995cab1c233840 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 15:39:56 +0200 Subject: [PATCH 0633/1065] Rename function Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 3eb7c4b931..0c10fd6ffd 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -368,7 +368,7 @@ class StorageFormat: continue yield self.key_for_lifetime(lifetime) - def key_for_usage_flags( + def keys_for_usage_flags( self, usage_flags: List[str], short: Optional[str] = None, @@ -403,16 +403,16 @@ class StorageFormat: def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) - yield from self.key_for_usage_flags(['0'], **kwargs) + yield from self.keys_for_usage_flags(['0'], **kwargs) for usage_flag in known_flags: - yield from self.key_for_usage_flags([usage_flag], **kwargs) + yield from self.keys_for_usage_flags([usage_flag], **kwargs) for flag1, flag2 in zip(known_flags, known_flags[1:] + [known_flags[0]]): - yield from self.key_for_usage_flags([flag1, flag2], **kwargs) + yield from self.keys_for_usage_flags([flag1, flag2], **kwargs) def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]: known_flags = sorted(self.constructors.key_usage_flags) - yield from self.key_for_usage_flags(known_flags, short='all known') + yield from self.keys_for_usage_flags(known_flags, short='all known') def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: yield from self.generate_keys_for_usage_flags() From 0c24edd56ac2553f2cb7d146b40a03d33ef8984b Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 15:42:57 +0200 Subject: [PATCH 0634/1065] Return iterator instead of list Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 0c10fd6ffd..97130ea60c 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -482,14 +482,12 @@ class StorageFormat: for alg in self.constructors.generate_expressions(algorithms): yield from self.keys_for_algorithm(alg) - def generate_all_keys(self) -> List[StorageTestData]: + def generate_all_keys(self) -> Iterator[StorageTestData]: """Generate all keys for the test cases.""" - keys = [] #type: List[StorageTestData] - keys += self.all_keys_for_lifetimes() - keys += self.all_keys_for_usage_flags() - keys += self.all_keys_for_types() - keys += self.all_keys_for_algorithms() - return keys + yield from self.all_keys_for_lifetimes() + yield from self.all_keys_for_usage_flags() + yield from self.all_keys_for_types() + yield from self.all_keys_for_algorithms() def all_test_cases(self) -> Iterator[test_case.TestCase]: """Generate all storage format test cases.""" @@ -621,10 +619,9 @@ class StorageFormatV0(StorageFormat): if kt.is_valid_for_signature(usage): yield self.keys_for_implicit_usage(usage, alg, kt) - def generate_all_keys(self) -> List[StorageTestData]: - keys = super().generate_all_keys() - keys += self.all_keys_for_implicit_usage() - return keys + def generate_all_keys(self) -> Iterator[StorageTestData]: + yield from super().generate_all_keys() + yield from self.all_keys_for_implicit_usage() class TestGenerator: """Generate test data.""" From ba0fa75eae8cd6a5b48a6cb36826f972193226b5 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 1 Mar 2021 15:04:24 +0100 Subject: [PATCH 0635/1065] Implement one-shot cipher Implement one-shot cipher APIs, psa_cipher_encrypt and psa_cipher_decrypt, introduced in PSA Crypto API 1.0. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 101 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d089fe0ac1..893258601a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3483,6 +3483,107 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) return( PSA_SUCCESS ); } +psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + size_t iv_length = 0;; + size_t olength; + + status = psa_cipher_encrypt_setup( &operation, key, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + *output_length = 0; + if( operation.iv_required ) + { + status = psa_cipher_generate_iv( &operation, output, + operation.default_iv_length, + &iv_length ); + *output_length += iv_length; + if( status != PSA_SUCCESS ) + goto exit; + } + + olength = 0; + status = psa_cipher_update( &operation, input, input_length, + output + iv_length, output_size - iv_length, + &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + + olength = 0; + status = psa_cipher_finish( &operation, output + *output_length, + output_size - *output_length, &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if ( status == PSA_SUCCESS ) + status = psa_cipher_abort( &operation ); + else + psa_cipher_abort( &operation ); + + return ( status ); +} + +psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + size_t olength; + + status = psa_cipher_decrypt_setup( &operation, key, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + if( operation.iv_required ) + { + status = psa_cipher_set_iv( &operation, input, + operation.default_iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + } + + olength = 0; + status = psa_cipher_update( &operation, input + operation.default_iv_length, + input_length - operation.default_iv_length, + output, output_size, &olength ); + *output_length = olength; + if( status != PSA_SUCCESS ) + goto exit; + + olength = 0; + status = psa_cipher_finish( &operation, output + *output_length, + output_size - *output_length, &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if ( status == PSA_SUCCESS ) + status = psa_cipher_abort( &operation ); + else + psa_cipher_abort( &operation ); + + return ( status ); +} + + /****************************************************************/ /* AEAD */ /****************************************************************/ From f494bcd31347456c58362efa606832de14e8f461 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 1 Mar 2021 15:11:46 +0100 Subject: [PATCH 0636/1065] Add tests for one-shot hash cipher functions Tests for psa_cipher_encrypt and psa_cipher_decrypt functions. The psa_cipher_encrypt function takes no parameter for IV and always generates it therefore there will be a randomness in the calculation and cannot be validated by comparing the actual output with the expected output. The function is tested by: - doing a prtially randomized test with an encryption then a decryption and validating the input with output of the decryption - validating against the multipart encryption The combination of this two methods provides enough coverage like a known answer test. Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 360 ++++++++++++---- tests/suites/test_suite_psa_crypto.function | 442 ++++++++++++++++---- 2 files changed, 638 insertions(+), 164 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1a8bbd6b76..2090a10d0c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1402,125 +1402,317 @@ cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f101112131415 PSA cipher: bad order function calls cipher_bad_order: -PSA symmetric encrypt: AES-ECB, 0 bytes, good +PSA cipher encrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS +cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE -PSA symmetric encrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS +PSA cipher encrypt: invalid key type +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS +PSA cipher encrypt: incompatible key ChaCha20 for CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_encrypt_error:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +PSA cipher encrypt: bad algorithm (unknown cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_error:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS - -PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +PSA cipher encrypt: bad algorithm (not a cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 +cipher_encrypt_error:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_error:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT -PSA symmetric encrypt: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" -PSA symmetric encrypt: AES-CTR, 15 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +PSA symmetric encrypt: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" -PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS - -PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS - -PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS +PSA symmetric encrypt: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" -PSA symmetric decrypt: AES-ECB, 0 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS - -PSA symmetric decrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS - -PSA symmetric decrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS - -PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good +PSA symmetric encrypt sanity: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS +PSA symmetric encrypt sanity: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_sanity:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good +PSA symmetric encrypt sanity: AES-CBC-PKCS#7, 15 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt sanity: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt sanity: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt sanity: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9" + +PSA symmetric encrypt sanity: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9" + +PSA symmetric encrypt sanity: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9" + +PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt validation: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt validation: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9" + +PSA symmetric encrypt validation: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9" + +PSA symmetric encrypt validation: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9" + +PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric encrypt multipart: AES-CBC-nopad, input too short +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS + +PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS + +PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS + +PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS + +PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS + +PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS + +PSA cipher decrypt: without initialization +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE + +PSA cipher decrypt: invalid key type +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: incompatible key ChaCha20 for CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_decrypt_error:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: bad algorithm (unknown cipher algorithm) +cipher_decrypt_error:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: bad algorithm (not a cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 +cipher_decrypt_error:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT - -PSA symmetric decrypt: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt_error:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_error:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"" + +PSA symmetric decrypt: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f" + +PSA symmetric decrypt: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97" + +PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" + +PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric decrypt: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2" PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9" PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9" PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9" PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3" PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3" + +PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS + +PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1698,21 +1890,37 @@ PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 -PSA symmetric encrypt: ChaCha20, K=0 N=0 +PSA symmetric encrypt sanity: ChaCha20, K=0 N=0 depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" -PSA symmetric encrypt: ChaCha20, K=rand N=rand +PSA symmetric encrypt sanity: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + +PSA symmetric encrypt validation: ChaCha20, K=0 N=0 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + +PSA symmetric encrypt validation: ChaCha20, K=rand N=rand +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + +PSA symmetric encrypt multipart: ChaCha20, K=0 N=0 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS + +PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric encryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" -PSA symmetric decrypt: ChaCha20, K=rand N=rand +PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_decrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric decryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 41e29729b5..ad9decf6de 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2413,10 +2413,221 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int expected_status_arg ) +void cipher_encrypt_error( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + if ( PSA_ERROR_BAD_STATE != expected_status ) + { + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, + input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + } + + status = psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ); + + TEST_EQUAL( status, expected_status ); + +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_noiv( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + data_t *expected_output ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_sanity( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + + /* The one-shot cipher encryption uses generated iv so validating + the output is not possible. Only sanity checking is done here. */ +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_validation( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + unsigned char *output1 = NULL; + size_t output1_buffer_size = 0; + size_t output1_length = 0; + unsigned char *output2 = NULL; + size_t output2_buffer_size = 0; + size_t output2_length = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); + ASSERT_ALLOC( output1, output1_buffer_size ); + ASSERT_ALLOC( output2, output2_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length ) ); + TEST_ASSERT( output1_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( output1_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); + + PSA_ASSERT( psa_cipher_update( &operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + output2_length += function_output_length; + + PSA_ASSERT( psa_cipher_finish( &operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + output2_length += function_output_length; + + PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, + output2, output2_length ); + +exit: + psa_cipher_abort( &operation ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_simple_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2446,9 +2657,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); PSA_ASSERT( psa_cipher_update( &operation, @@ -2525,9 +2735,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( first_part_size <= input->len ); @@ -2617,9 +2826,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( first_part_size <= input->len ); @@ -2674,10 +2882,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int expected_status_arg ) +void cipher_decrypt_simple_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2707,9 +2918,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); PSA_ASSERT( psa_cipher_update( &operation, @@ -2750,25 +2960,132 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output( int alg_arg, int key_type_arg, +void cipher_decrypt_error( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + if ( PSA_ERROR_BAD_STATE != expected_status ) + { + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + } + + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + + status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ); + TEST_EQUAL( status, expected_status ); + +exit: + mbedtls_free( input ); + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_decrypt( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); +exit: + mbedtls_free( input ); + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_verify_output( int alg_arg, + int key_type_arg, data_t *key_data, data_t *input ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char iv[16] = {0}; - size_t iv_size = 16; - size_t iv_length = 0; unsigned char *output1 = NULL; size_t output1_size = 0; size_t output1_length = 0; unsigned char *output2 = NULL; size_t output2_size = 0; size_t output2_length = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; - psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2779,82 +3096,31 @@ void cipher_verify_output( int alg_arg, int key_type_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); - - if( alg != PSA_ALG_ECB_NO_PADDING ) - { - PSA_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) ); - } output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output1_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); ASSERT_ALLOC( output1, output1_size ); - PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len, - output1, output1_size, - &output1_length ) ); + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, + output1, output1_size, + &output1_length ) ); TEST_ASSERT( output1_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); TEST_ASSERT( output1_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - - PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, - output1_size - output1_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - - output1_length += function_output_length; - - PSA_ASSERT( psa_cipher_abort( &operation1 ) ); + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); output2_size = output1_length; - TEST_ASSERT( output2_size <= - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_ASSERT( output2_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); ASSERT_ALLOC( output2, output2_size ); - if( iv_length > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) ); - } - - PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length, - output2, output2_size, - &output2_length ) ); + PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length, + output2, output2_size, + &output2_length ) ); TEST_ASSERT( output2_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, output1_length ) ); + PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); TEST_ASSERT( output2_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length ) ); - - function_output_length = 0; - PSA_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_size - output2_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - - output2_length += function_output_length; - - PSA_ASSERT( psa_cipher_abort( &operation2 ) ); + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: - psa_cipher_abort( &operation1 ); - psa_cipher_abort( &operation2 ); mbedtls_free( output1 ); mbedtls_free( output2 ); psa_destroy_key( key ); From a9449a0b07940c7db050359ebd02f51d980a724f Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 25 Mar 2021 11:17:10 +0100 Subject: [PATCH 0637/1065] Dispatch cipher functions through the driver interface Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 115 ++++++++-------- library/psa_crypto_cipher.c | 163 ++++++++++++++++++++++ library/psa_crypto_cipher.h | 120 +++++++++++++++++ library/psa_crypto_driver_wrappers.c | 134 +++++++++++-------- library/psa_crypto_driver_wrappers.h | 8 +- tests/src/drivers/test_driver_cipher.c | 178 ++++++------------------- 6 files changed, 469 insertions(+), 249 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 893258601a..9a4bfb0be8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3492,47 +3492,51 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - size_t iv_length = 0;; - size_t olength; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + psa_key_type_t key_type; + size_t iv_length; - status = psa_cipher_encrypt_setup( &operation, key, alg ); + /* The requested algorithm must be one that can be processed by cipher. */ + if( ! PSA_ALG_IS_CIPHER( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + /* Fetch key material from key storage. */ + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_ENCRYPT, + alg ); if( status != PSA_SUCCESS ) - goto exit; + return( status ); - *output_length = 0; - if( operation.iv_required ) + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + key_type = slot->attr.type; + iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + + if( iv_length > 0 ) { - status = psa_cipher_generate_iv( &operation, output, - operation.default_iv_length, - &iv_length ); - *output_length += iv_length; + if( output_size < iv_length ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + status = psa_generate_random( output, iv_length ); if( status != PSA_SUCCESS ) goto exit; } - olength = 0; - status = psa_cipher_update( &operation, input, input_length, - output + iv_length, output_size - iv_length, - &olength ); - *output_length += olength; - if( status != PSA_SUCCESS ) - goto exit; - - olength = 0; - status = psa_cipher_finish( &operation, output + *output_length, - output_size - *output_length, &olength ); - *output_length += olength; - if( status != PSA_SUCCESS ) - goto exit; + status = psa_driver_wrapper_cipher_encrypt( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + output, output_size, output_length ); exit: - if ( status == PSA_SUCCESS ) - status = psa_cipher_abort( &operation ); - else - psa_cipher_abort( &operation ); + unlock_status = psa_unlock_key_slot( slot ); - return ( status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, @@ -3544,43 +3548,32 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - size_t olength; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; - status = psa_cipher_decrypt_setup( &operation, key, alg ); + /* The requested algorithm must be one that can be processed by cipher. */ + if( ! PSA_ALG_IS_CIPHER( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + /* Fetch key material from key storage. */ + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_DECRYPT, + alg ); if( status != PSA_SUCCESS ) - goto exit; + return( status ); - if( operation.iv_required ) - { - status = psa_cipher_set_iv( &operation, input, - operation.default_iv_length ); - if( status != PSA_SUCCESS ) - goto exit; - } + psa_key_attributes_t attributes = { + .core = slot->attr + }; - olength = 0; - status = psa_cipher_update( &operation, input + operation.default_iv_length, - input_length - operation.default_iv_length, - output, output_size, &olength ); - *output_length = olength; - if( status != PSA_SUCCESS ) - goto exit; + status = psa_driver_wrapper_cipher_decrypt( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + output, output_size, output_length ); - olength = 0; - status = psa_cipher_finish( &operation, output + *output_length, - output_size - *output_length, &olength ); - *output_length += olength; - if( status != PSA_SUCCESS ) - goto exit; + unlock_status = psa_unlock_key_slot( slot ); -exit: - if ( status == PSA_SUCCESS ) - status = psa_cipher_abort( &operation ); - else - psa_cipher_abort( &operation ); - - return ( status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index a65e88492e..b018e2adc4 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -445,6 +445,107 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) return( PSA_SUCCESS ); } + +static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; + size_t olength; + + status = cipher_encrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + *output_length = 0; + if( operation.iv_length > 0 ) + { + status = cipher_set_iv( &operation, output, operation.iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + + *output_length = operation.iv_length; + } + + olength = 0; + status = cipher_update( &operation, input, input_length, + output + *output_length,output_size - *output_length, + &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + + olength = 0; + status = cipher_finish( &operation, output + *output_length, + output_size - *output_length, &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if( status == PSA_SUCCESS ) + status = cipher_abort( &operation ); + else + cipher_abort( &operation ); + return( status ); +} + +static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; + size_t olength; + + status = cipher_decrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + if( operation.iv_length > 0 ) + { + status = cipher_set_iv( &operation, input, operation.iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + } + + olength = 0; + status = cipher_update( &operation, input + operation.iv_length, + input_length - operation.iv_length, + output, output_size, &olength ); + *output_length = olength; + if( status != PSA_SUCCESS ) + goto exit; + + olength = 0; + status = cipher_finish( &operation, output + *output_length, + output_size - *output_length, &olength ); + *output_length += olength; + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if ( status == PSA_SUCCESS ) + status = cipher_abort( &operation ); + else + cipher_abort( &operation ); + return( status ); +} #endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -498,6 +599,36 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation { return( cipher_abort( operation ) ); } + +psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_encrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} + +psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_decrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ /* @@ -553,6 +684,38 @@ psa_status_t mbedtls_transparent_test_driver_cipher_abort( { return( cipher_abort( operation ) ); } + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_encrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_decrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 3e1a7a0dee..2dd333043d 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -199,6 +199,104 @@ psa_status_t mbedtls_psa_cipher_finish( */ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); +/** Encrypt a message using a symmetric cipher. + * + * \note The signature of this function is that of a PSA driver + * cipher_encrypt entry point. This function behaves as a + * cipher_encrypt entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the iv and the plaintext. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[in,out] output Buffer where the output is to be written. + * The IV must be written to this buffer before + * this function is called. + * \param[in] output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + */ +psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +/** Decrypt a message using a symmetric cipher. + * + * \note The signature of this function is that of a PSA driver + * cipher_decrypt entry point. This function behaves as a + * cipher_decrypt entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the iv and the ciphertext. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param[in] output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + */ +psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ @@ -231,6 +329,28 @@ psa_status_t mbedtls_transparent_test_driver_cipher_finish( psa_status_t mbedtls_transparent_test_driver_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 19260c45ef..6bf08d9656 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -737,7 +737,9 @@ psa_status_t psa_driver_wrapper_get_builtin_key( * Cipher functions */ psa_status_t psa_driver_wrapper_cipher_encrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -745,22 +747,20 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t output_size, size_t *output_length ) { -#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime); - psa_key_attributes_t attributes = { - .core = slot->attr - }; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, + status = mbedtls_test_transparent_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -771,14 +771,29 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ - /* Fell through, meaning no accelerator supports this operation */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length ) ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ + return( PSA_ERROR_NOT_SUPPORTED ); + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, + return( mbedtls_test_opaque_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -786,25 +801,27 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: /* Key is declared with a lifetime not known to us */ - return( status ); + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); } -#else /* PSA_CRYPTO_DRIVER_PRESENT */ - (void) slot; - (void) alg; - (void) input; - (void) input_length; - (void) output; - (void) output_size; - (void) output_length; - - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* PSA_CRYPTO_DRIVER_PRESENT */ } psa_status_t psa_driver_wrapper_cipher_decrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -812,22 +829,20 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t output_size, size_t *output_length ) { -#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime); - psa_key_attributes_t attributes = { - .core = slot->attr - }; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, + status = mbedtls_test_transparent_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -838,14 +853,29 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ - /* Fell through, meaning no accelerator supports this operation */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length ) ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ + return( PSA_ERROR_NOT_SUPPORTED ); + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, + return( mbedtls_test_opaque_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -853,21 +883,21 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: /* Key is declared with a lifetime not known to us */ - return( status ); + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); } -#else /* PSA_CRYPTO_DRIVER_PRESENT */ - (void) slot; - (void) alg; - (void) input; - (void) input_length; - (void) output; - (void) output_size; - (void) output_length; - - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* PSA_CRYPTO_DRIVER_PRESENT */ } psa_status_t psa_driver_wrapper_cipher_encrypt_setup( diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 732ed2a7fa..38a6ee82a7 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -98,7 +98,9 @@ psa_status_t psa_driver_wrapper_get_builtin_key( * Cipher functions */ psa_status_t psa_driver_wrapper_cipher_encrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -107,7 +109,9 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t *output_length ); psa_status_t psa_driver_wrapper_cipher_decrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 9c95cc8f8c..89a7b59944 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -35,26 +35,19 @@ mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = MBEDTLS_TEST_DRIVER_CIPHER_INIT; -static psa_status_t mbedtls_test_transparent_cipher_oneshot( - mbedtls_operation_t direction, +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { mbedtls_test_driver_cipher_hooks.hits++; - /* Test driver supports AES-CTR only, to verify operation calls. */ - if( alg != PSA_ALG_CTR || - psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_NOT_SUPPORTED ); - - /* If test driver response code is not SUCCESS, we can return early */ - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); - - /* If test driver output is overridden, we don't need to do actual crypto */ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) @@ -68,133 +61,50 @@ static psa_status_t mbedtls_test_transparent_cipher_oneshot( return( mbedtls_test_driver_cipher_hooks.forced_status ); } - /* Run AES-CTR using the cipher module */ - { - mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); - const mbedtls_cipher_info_t *cipher_info = - mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES, - key_length * 8, - MBEDTLS_MODE_CTR ); - mbedtls_cipher_context_t cipher; - int ret = 0; - uint8_t temp_output_buffer[16] = {0}; - size_t temp_output_length = 0; + psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); - if( direction == MBEDTLS_ENCRYPT ) - { - /* Oneshot encrypt needs to prepend the IV to the output */ - if( output_size < ( input_length + 16 ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - } - else - { - /* Oneshot decrypt has the IV prepended to the input */ - if( output_size < ( input_length - 16 ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - } - - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - - mbedtls_cipher_init( &cipher ); - ret = mbedtls_cipher_setup( &cipher, cipher_info ); - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_setkey( &cipher, - key, - key_length * 8, direction ); - if( ret != 0 ) - goto exit; - - if( direction == MBEDTLS_ENCRYPT ) - { - mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - ret = mbedtls_test_rnd_pseudo_rand( &rnd_info, - temp_output_buffer, - 16 ); - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 ); - } - else - ret = mbedtls_cipher_set_iv( &cipher, input, 16 ); - - if( ret != 0 ) - goto exit; - - if( direction == MBEDTLS_ENCRYPT ) - { - ret = mbedtls_cipher_update( &cipher, - input, input_length, - &output[16], output_length ); - if( ret == 0 ) - { - memcpy( output, temp_output_buffer, 16 ); - *output_length += 16; - } - } - else - ret = mbedtls_cipher_update( &cipher, - &input[16], input_length - 16, - output, output_length ); - - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_finish( &cipher, - temp_output_buffer, - &temp_output_length ); - -exit: - if( ret != 0 ) - { - *output_length = 0; - memset(output, 0, output_size); - } - - mbedtls_cipher_free( &cipher ); - return( mbedtls_to_psa_error( ret ) ); - } -} - -psa_status_t mbedtls_test_transparent_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, - psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) -{ - return ( - mbedtls_test_transparent_cipher_oneshot( - MBEDTLS_ENCRYPT, - attributes, - key, key_length, - alg, - input, input_length, - output, output_size, output_length) ); + return( mbedtls_transparent_test_driver_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); } psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { - return ( - mbedtls_test_transparent_cipher_oneshot( - MBEDTLS_DECRYPT, - attributes, - key, key_length, - alg, - input, input_length, - output, output_size, output_length) ); + mbedtls_test_driver_cipher_hooks.hits++; + + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) + { + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return( mbedtls_test_driver_cipher_hooks.forced_status ); + } + + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); + + return( mbedtls_transparent_test_driver_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( From 9ca3ad73290439aa3ee5b572073bdbafb04a8d00 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 8 Apr 2021 15:31:36 +0200 Subject: [PATCH 0638/1065] Add changelog entry Signed-off-by: gabor-mezei-arm --- ChangeLog.d/one-shot_cipher_functions.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/one-shot_cipher_functions.txt diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt new file mode 100644 index 0000000000..30b8ae5d63 --- /dev/null +++ b/ChangeLog.d/one-shot_cipher_functions.txt @@ -0,0 +1,4 @@ +API changes + * Implement one-shot cipher functions, psa_cipher_encrypt and + psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 + documentation. From 93ad276c2935e6bc549576199e544f4408afbad2 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 12 Apr 2021 15:46:09 +0200 Subject: [PATCH 0639/1065] Add test for one-shot cipher driver wrapper functions Signed-off-by: gabor-mezei-arm --- ...test_suite_psa_crypto_driver_wrappers.data | 76 ++++- ..._suite_psa_crypto_driver_wrappers.function | 267 ++++++++++++++++-- 2 files changed, 313 insertions(+), 30 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index dbc5b1f204..ac91278566 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -117,29 +117,69 @@ export_key private to public through driver: error depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR -PSA symmetric encrypt: AES-CTR, 16 bytes, good +PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"":0:PSA_SUCCESS:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 15 bytes, good +PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"":0:PSA_SUCCESS:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 16 bytes, fallback +PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 15 bytes, fallback +PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 16 bytes, fake +PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 15 bytes, fake +PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt validation: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES @@ -153,6 +193,18 @@ PSA symmetric decrypt: AES-CTR, 16 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS + PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 3a9eff9557..7f2ac914b0 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -422,12 +422,159 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_encrypt_sanity( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t force_status = force_status_arg; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + if( mock_output_arg ) + { + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; + } + + status = psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_EQUAL( status, expected_status ); + if( expected_status == PSA_SUCCESS && mock_output_arg ) + { + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); + } + +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_validation( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + unsigned char *output1 = NULL; + size_t output1_buffer_size = 0; + size_t output1_length = 0; + unsigned char *output2 = NULL; + size_t output2_buffer_size = 0; + size_t output2_length = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); + ASSERT_ALLOC( output1, output1_buffer_size ); + ASSERT_ALLOC( output2, output2_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_update( &operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + output2_length += function_output_length; + PSA_ASSERT( psa_cipher_finish( &operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length ) ); + /* Finish will have called abort as well, so expecting two hits here */ + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + output2_length += function_output_length; + + PSA_ASSERT( psa_cipher_abort( &operation ) ); + // driver function should've been called as part of the finish() core routine + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, + output2, output2_length ); + +exit: + psa_cipher_abort( &operation ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_simple_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -515,11 +662,14 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, +void cipher_encrypt_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, data_t *input, int first_part_size_arg, - int output1_length_arg, int output2_length_arg, + int output1_length_arg, + int output2_length_arg, data_t *expected_output ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; @@ -600,11 +750,14 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, +void cipher_decrypt_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, data_t *input, int first_part_size_arg, - int output1_length_arg, int output2_length_arg, + int output1_length_arg, + int output2_length_arg, data_t *expected_output ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; @@ -687,12 +840,15 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_decrypt_simple_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -778,6 +934,81 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_decrypt( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t force_status = force_status_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + if( mock_output_arg ) + { + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; + } + + status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_EQUAL( status, expected_status ); + + if( expected_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); + } + +exit: + mbedtls_free( input ); + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_entry_points( int alg_arg, int key_type_arg, data_t *key_data, data_t *iv, From 42cdb2a90b12da1e3933fa6090e86931ec662870 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 12 Apr 2021 15:47:35 +0200 Subject: [PATCH 0640/1065] Fix struct initialization Fix initialization of mbedtls_psa_cipher_operation_t by not initializing the mbedtls_cipher_context_t typed field completely. Signed-off-by: gabor-mezei-arm --- include/psa/crypto_builtin_primitives.h | 5 ++++- library/psa_crypto_cipher.c | 26 ++++++++++++------------- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 20451c95e5..260619c9fe 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -104,7 +104,10 @@ typedef struct { psa_algorithm_t MBEDTLS_PRIVATE(alg); uint8_t MBEDTLS_PRIVATE(iv_length); uint8_t MBEDTLS_PRIVATE(block_length); - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); + union { + unsigned int MBEDTLS_PRIVATE(initialised); + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); + } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_cipher_operation_t; #define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index b018e2adc4..6c696df516 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -162,7 +162,7 @@ static psa_status_t cipher_setup( /* Proceed with initializing an mbed TLS cipher context if no driver is * available for the given algorithm & key. */ - mbedtls_cipher_init( &operation->cipher ); + mbedtls_cipher_init( &operation->ctx.cipher ); operation->alg = alg; key_bits = attributes->core.bits; @@ -171,7 +171,7 @@ static psa_status_t cipher_setup( if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - ret = mbedtls_cipher_setup( &operation->cipher, cipher_info ); + ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) goto exit; @@ -182,14 +182,14 @@ static psa_status_t cipher_setup( uint8_t keys[24]; memcpy( keys, key_buffer, 16 ); memcpy( keys + 16, key_buffer, 8 ); - ret = mbedtls_cipher_setkey( &operation->cipher, + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, keys, 192, cipher_operation ); } else #endif { - ret = mbedtls_cipher_setkey( &operation->cipher, key_buffer, + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer, (int) key_bits, cipher_operation ); } if( ret != 0 ) @@ -200,11 +200,11 @@ static psa_status_t cipher_setup( switch( alg ) { case PSA_ALG_CBC_NO_PADDING: - ret = mbedtls_cipher_set_padding_mode( &operation->cipher, + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, MBEDTLS_PADDING_NONE ); break; case PSA_ALG_CBC_PKCS7: - ret = mbedtls_cipher_set_padding_mode( &operation->cipher, + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, MBEDTLS_PADDING_PKCS7 ); break; default: @@ -253,7 +253,7 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, return( PSA_ERROR_INVALID_ARGUMENT ); return( mbedtls_to_psa_error( - mbedtls_cipher_set_iv( &operation->cipher, + mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ) ) ); } @@ -362,7 +362,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, * the last partial block, if any. You get the data that will be * output in this call. */ expected_output_size = - ( operation->cipher.unprocessed_len + input_length ) + ( operation->ctx.cipher.unprocessed_len + input_length ) / operation->block_length * operation->block_length; } else @@ -378,7 +378,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, /* mbedtls_cipher_update has an API inconsistency: it will only * process a single block at a time in ECB mode. Abstract away that * inconsistency here to match the PSA API behaviour. */ - status = psa_cipher_update_ecb( &operation->cipher, + status = psa_cipher_update_ecb( &operation->ctx.cipher, input, input_length, output, @@ -388,7 +388,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, else { status = mbedtls_to_psa_error( - mbedtls_cipher_update( &operation->cipher, input, + mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ) ); } @@ -403,7 +403,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; - if( operation->cipher.unprocessed_len != 0 ) + if( operation->ctx.cipher.unprocessed_len != 0 ) { if( operation->alg == PSA_ALG_ECB_NO_PADDING || operation->alg == PSA_ALG_CBC_NO_PADDING ) @@ -414,7 +414,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, } status = mbedtls_to_psa_error( - mbedtls_cipher_finish( &operation->cipher, + mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, output_length ) ); if( status != PSA_SUCCESS ) @@ -441,7 +441,7 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) return( PSA_ERROR_BAD_STATE ); - mbedtls_cipher_free( &operation->cipher ); + mbedtls_cipher_free( &operation->ctx.cipher ); return( PSA_SUCCESS ); } From 2b231fc81b50beb16b8eef2bd5b309401bc6dbd4 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 12 Apr 2021 17:45:01 +0200 Subject: [PATCH 0641/1065] Test struct initialization Modify tests to test mbedtls_psa_cipher_operation_t, mbedtls_transparent_test_driver_cipher_operation_t and mbedtls_opaque_test_driver_cipher_operation_t struct initialization macros. Signed-off-by: gabor-mezei-arm --- ..._suite_psa_crypto_driver_wrappers.function | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 7f2ac914b0..535d986113 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -600,6 +600,20 @@ void cipher_encrypt_simple_multipart( int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; + + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); mbedtls_test_driver_cipher_hooks.hits = 0; @@ -686,6 +700,20 @@ void cipher_encrypt_multipart( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; + + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -774,6 +802,20 @@ void cipher_decrypt_multipart( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; + + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -865,6 +907,20 @@ void cipher_decrypt_simple_multipart( int alg_arg, mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; + + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); From 9951b50b8a2a28416ec736c1ab0ce2a40374bc70 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 17:20:22 +0200 Subject: [PATCH 0642/1065] Remove comments These comment cannot bring more information than the code does. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9a4bfb0be8..0921f269d9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3246,7 +3246,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; } - /* The requested algorithm must be one that can be processed by cipher. */ if( ! PSA_ALG_IS_CIPHER( alg ) ) { status = PSA_ERROR_INVALID_ARGUMENT; @@ -3497,7 +3496,6 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, psa_key_type_t key_type; size_t iv_length; - /* The requested algorithm must be one that can be processed by cipher. */ if( ! PSA_ALG_IS_CIPHER( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); From 0dfeaaf5c9f7b931b0946f413ed64e359779765d Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 24 Jun 2021 17:24:18 +0200 Subject: [PATCH 0643/1065] Remove confising comments Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0921f269d9..509d53d871 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3252,7 +3252,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; } - /* Fetch key material from key storage. */ status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -3499,7 +3498,6 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, if( ! PSA_ALG_IS_CIPHER( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* Fetch key material from key storage. */ status = psa_get_and_lock_key_slot_with_policy( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); @@ -3549,11 +3547,9 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - /* The requested algorithm must be one that can be processed by cipher. */ if( ! PSA_ALG_IS_CIPHER( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* Fetch key material from key storage. */ status = psa_get_and_lock_key_slot_with_policy( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); From 01e99083a51019a6e403b79680ad4249bb56c908 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:09:40 +0200 Subject: [PATCH 0644/1065] Fix changelog entry Signed-off-by: gabor-mezei-arm --- ChangeLog.d/one-shot_cipher_functions.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt index 30b8ae5d63..3bb85e10dc 100644 --- a/ChangeLog.d/one-shot_cipher_functions.txt +++ b/ChangeLog.d/one-shot_cipher_functions.txt @@ -1,4 +1,4 @@ API changes * Implement one-shot cipher functions, psa_cipher_encrypt and psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 - documentation. + specification. From 6f4e5bbe3735e0152205b7236ecd47acc08f945f Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:21:11 +0200 Subject: [PATCH 0645/1065] Initialize output buffer length to 0 Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 509d53d871..c1517e5c1a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3495,6 +3495,8 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, psa_key_type_t key_type; size_t iv_length; + *output_length = 0; + if( ! PSA_ALG_IS_CIPHER( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -3547,6 +3549,8 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + *output_length = 0; + if( ! PSA_ALG_IS_CIPHER( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); From e5ff8f430c4747801dcedce6558fab0a57ddfdfc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:23:05 +0200 Subject: [PATCH 0646/1065] Use local variable instead of an ouput parameter Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 6c696df516..ed43085bb6 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -458,38 +458,39 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; - size_t olength; + size_t olength, accumulated_length; status = cipher_encrypt_setup( &operation, attributes, key_buffer, key_buffer_size, alg ); if( status != PSA_SUCCESS ) goto exit; - *output_length = 0; + accumulated_length = 0; if( operation.iv_length > 0 ) { status = cipher_set_iv( &operation, output, operation.iv_length ); if( status != PSA_SUCCESS ) goto exit; - *output_length = operation.iv_length; + accumulated_length = operation.iv_length; } - olength = 0; status = cipher_update( &operation, input, input_length, - output + *output_length,output_size - *output_length, + output + operation.iv_length, + output_size - operation.iv_length, &olength ); - *output_length += olength; + accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; - olength = 0; - status = cipher_finish( &operation, output + *output_length, - output_size - *output_length, &olength ); - *output_length += olength; + status = cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, &olength ); + accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; + *output_length = accumulated_length; + exit: if( status == PSA_SUCCESS ) status = cipher_abort( &operation ); @@ -510,7 +511,7 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; - size_t olength; + size_t olength, accumulated_length; status = cipher_decrypt_setup( &operation, attributes, key_buffer, key_buffer_size, alg ); @@ -524,21 +525,21 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, goto exit; } - olength = 0; status = cipher_update( &operation, input + operation.iv_length, input_length - operation.iv_length, output, output_size, &olength ); - *output_length = olength; + accumulated_length = olength; if( status != PSA_SUCCESS ) goto exit; - olength = 0; - status = cipher_finish( &operation, output + *output_length, - output_size - *output_length, &olength ); - *output_length += olength; + status = cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, &olength ); + accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; + *output_length = accumulated_length; + exit: if ( status == PSA_SUCCESS ) status = cipher_abort( &operation ); From 258ae07fb01909a5582001f4d29f4cf2eb5b7265 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:25:38 +0200 Subject: [PATCH 0647/1065] Add checks for buffer size Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 21 +++++++++++++++++++++ library/psa_crypto_cipher.c | 6 ++++++ 2 files changed, 27 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c1517e5c1a..d3f7c2eca9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3513,6 +3513,13 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, key_type = slot->attr.type; iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + if( output_size < PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, + input_length ) ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + if( iv_length > 0 ) { if( output_size < iv_length ) @@ -3564,11 +3571,25 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, .core = slot->attr }; + if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + if( output_size < PSA_CIPHER_DECRYPT_OUTPUT_SIZE( slot->attr.type, alg, + input_length ) ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + status = psa_driver_wrapper_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, output, output_size, output_length ); +exit: unlock_status = psa_unlock_key_slot( slot ); return( ( status == PSA_SUCCESS ) ? unlock_status : status ); diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index ed43085bb6..4d5bf209cc 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -532,6 +532,12 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; + if( output_size < accumulated_length ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + status = cipher_finish( &operation, output + accumulated_length, output_size - accumulated_length, &olength ); accumulated_length += olength; From 90fceea268817d32d62eac385bbcd9458e352c41 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:43:07 +0200 Subject: [PATCH 0648/1065] Update documentation Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.h | 38 ++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 2dd333043d..39e5688c82 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -213,14 +213,26 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * \param[in] alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). - * \param[in] input Buffer containing the iv and the plaintext. + * \param[in] input Buffer containing the message to encrypt. * \param[in] input_length Size of the \p input buffer in bytes. * \param[in,out] output Buffer where the output is to be written. - * The IV must be written to this buffer before - * this function is called. - * \param[in] output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. + * The core has generated and written the IV + * at the beginning of this buffer before + * this function is called. The size of the IV + * is PSA_CIPHER_IV_LENGTH( key_type, alg ) where + * \c key_type is the type of the key identified + * by \p key and \p alg is the cipher algorithm + * to compute. + * \param[in] output_size Size of the \p output buffer in bytes. The core + * has checked that this size is greater or equal to + * PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_length ) + * where \c key_type is the type of the key + * identified by \p key, \p alg is the cipher + * algorithm to compute and \p input_length is the + * size of the \p input buffer. + * \param[out] output_length On success, the number of bytes that make up + * the returned output. Initialized to zero + * by the core. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED @@ -263,12 +275,20 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * \param[in] alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). - * \param[in] input Buffer containing the iv and the ciphertext. + * \param[in] input Buffer containing the iv and the ciphertext. * \param[in] input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param[in] output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. + * The core has checked that this size is + * greater or equal to + * PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_length ) + * where \c key_type is the type of the key + * identified by \p key, \p alg is the cipher + * algorithm to compute and \p input_length is the + * size of the \p input buffer. + * \param[out] output_length On success, the number of bytes that make up + * the returned output. Initialized to zero + * by the core. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED From 0a93b665f7964a440cb01b7a238c51887a42cd61 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:43:32 +0200 Subject: [PATCH 0649/1065] Fix possible unreachable code Signed-off-by: gabor-mezei-arm --- library/psa_crypto_driver_wrappers.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 6bf08d9656..38d0e300e2 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -783,9 +783,9 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( output, output_size, output_length ) ); -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - +#else return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -865,9 +865,9 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( output, output_size, output_length ) ); -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - +#else return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) From 47a8e14bb798b3596af8a03b7d4417ffbdf489aa Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:44:47 +0200 Subject: [PATCH 0650/1065] Typo Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 4d5bf209cc..754345e472 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -460,8 +460,8 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = cipher_encrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, alg ); + status = cipher_encrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, alg ); if( status != PSA_SUCCESS ) goto exit; From 50c86cfe796c329167475f3e4a3efa9e1db8b817 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:47:50 +0200 Subject: [PATCH 0651/1065] Remove duplicated tests Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 40 ------------ tests/suites/test_suite_psa_crypto.function | 44 +------------ ...test_suite_psa_crypto_driver_wrappers.data | 24 -------- ..._suite_psa_crypto_driver_wrappers.function | 61 ------------------- 4 files changed, 2 insertions(+), 167 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2090a10d0c..23d3dedcf1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1450,38 +1450,6 @@ PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" -PSA symmetric encrypt sanity: AES-CBC-nopad, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" - -PSA symmetric encrypt sanity: AES-CBC-PKCS#7, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" - -PSA symmetric encrypt sanity: AES-CBC-PKCS#7, 15 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" - -PSA symmetric encrypt sanity: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" - -PSA symmetric encrypt sanity: AES-CTR, 15 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" - -PSA symmetric encrypt sanity: DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9" - -PSA symmetric encrypt sanity: 2-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9" - -PSA symmetric encrypt sanity: 3-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_sanity:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9" - PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" @@ -1890,14 +1858,6 @@ PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 -PSA symmetric encrypt sanity: ChaCha20, K=0 N=0 -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_sanity:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - -PSA symmetric encrypt sanity: ChaCha20, K=rand N=rand -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_sanity:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - PSA symmetric encrypt validation: ChaCha20, K=0 N=0 depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ad9decf6de..9503fb5c75 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2500,48 +2500,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void cipher_encrypt_sanity( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t output_length = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - ASSERT_ALLOC( output, output_buffer_size ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output, - output_buffer_size, &output_length ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - - /* The one-shot cipher encryption uses generated iv so validating - the output is not possible. Only sanity checking is done here. */ -exit: - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_encrypt_validation( int alg_arg, int key_type_arg, @@ -2577,6 +2535,8 @@ void cipher_encrypt_validation( int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + /* The one-shot cipher encryption uses generated iv so validating + the output is not possible. Validating with multipart encryption. */ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, output1_buffer_size, &output1_length ) ); TEST_ASSERT( output1_length <= diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index ac91278566..70a992e6e7 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -117,30 +117,6 @@ export_key private to public through driver: error depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR -PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"":0:PSA_SUCCESS:PSA_SUCCESS - -PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"":0:PSA_SUCCESS:PSA_SUCCESS - -PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS - -PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS - -PSA symmetric encrypt sanity check: AES-CTR, 16 bytes, fake -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS - -PSA symmetric encrypt sanity check: AES-CTR, 15 bytes, fake -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_sanity:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS - PSA symmetric encrypt validation: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 535d986113..813cf8b3c7 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -421,67 +421,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void cipher_encrypt_sanity( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - psa_status_t expected_status = expected_status_arg; - psa_status_t force_status = force_status_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t output_length = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - mbedtls_test_driver_cipher_hooks.forced_status = force_status; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - ASSERT_ALLOC( output, output_buffer_size ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - if( mock_output_arg ) - { - mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; - mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; - } - - status = psa_cipher_encrypt( key, alg, input->x, input->len, output, - output_buffer_size, &output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - TEST_EQUAL( status, expected_status ); - if( expected_status == PSA_SUCCESS && mock_output_arg ) - { - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); - } - -exit: - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_encrypt_validation( int alg_arg, int key_type_arg, From a56756ed4578b1658069a5b8dc73fc82203471bc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 15:49:14 +0200 Subject: [PATCH 0652/1065] Rename test functions Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 40 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 32 ++++++++--------- 2 files changed, 36 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 23d3dedcf1..62df9961b9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1404,51 +1404,51 @@ cipher_bad_order: PSA cipher encrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE PSA cipher encrypt: invalid key type depends_on:PSA_WANT_ALG_ECB_NO_PADDING -cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED PSA cipher encrypt: incompatible key ChaCha20 for CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here -cipher_encrypt_error:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"":PSA_ERROR_NOT_SUPPORTED +cipher_encrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"":PSA_ERROR_NOT_SUPPORTED PSA cipher encrypt: bad algorithm (unknown cipher algorithm) depends_on:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_error:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED +cipher_encrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED PSA cipher encrypt: bad algorithm (not a cipher algorithm) depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 -cipher_encrypt_error:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_fail:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_error:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" PSA symmetric encrypt: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" PSA symmetric encrypt: AES-ECB, 32 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_noiv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1544,35 +1544,35 @@ cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"0102040 PSA cipher decrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE PSA cipher decrypt: invalid key type depends_on:PSA_WANT_ALG_ECB_NO_PADDING -cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED PSA cipher decrypt: incompatible key ChaCha20 for CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here -cipher_decrypt_error:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED +cipher_decrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED PSA cipher decrypt: bad algorithm (unknown cipher algorithm) -cipher_decrypt_error:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED +cipher_decrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED PSA cipher decrypt: bad algorithm (not a cipher algorithm) depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 -cipher_decrypt_error:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_error:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_error:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_error:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, 0 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9503fb5c75..a380bee0e8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2413,11 +2413,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_error( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - int expected_status_arg ) +void cipher_encrypt_fail( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2458,11 +2458,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_noiv( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - data_t *expected_output ) +void cipher_encrypt_alg_without_iv( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + data_t *expected_output ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2920,12 +2920,12 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_error( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - int expected_status_arg ) +void cipher_decrypt_fail( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; From 95aad8378c4d50a6b6aa1d3dfd125692f0c5f5e8 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 25 Jun 2021 18:21:33 +0200 Subject: [PATCH 0653/1065] Unify multipart cipher operation tester functions Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 144 ++++---- tests/suites/test_suite_psa_crypto.function | 246 +++----------- ...test_suite_psa_crypto_driver_wrappers.data | 54 +-- ..._suite_psa_crypto_driver_wrappers.function | 320 +++++------------- 4 files changed, 235 insertions(+), 529 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 62df9961b9..573d5f00f9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1484,63 +1484,63 @@ cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0 PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":32:32:0:"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:0:0:"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":0:0:0:"":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt multipart: AES-CBC-nopad, input too short depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"64f917b0152f8f05":PSA_SUCCESS PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS PSA cipher decrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1624,63 +1624,63 @@ cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7 PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":16:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":16:0:0:"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:0:"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt_simple_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":8:8:0:"c78e2b38139610e3":PSA_SUCCESS PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt_simple_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":8:8:0:"c78e2b38139610e3":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1704,151 +1704,151 @@ cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4 PSA symmetric encryption multipart: AES-ECB, 16+16 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-ECB, 13+19 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-ECB, 24+12 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 16+16 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 11+21 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 28+4 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1868,23 +1868,23 @@ cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c5 PSA symmetric encrypt multipart: ChaCha20, K=0 N=0 depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric encryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_decrypt_simple_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric decryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" +cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a380bee0e8..0ed803723a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2580,95 +2580,20 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void cipher_encrypt_simple_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - data_t *expected_output, - int expected_status_arg ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - psa_status_t expected_status = expected_status_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - } - - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; - - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - total_output_length += function_output_length; - - TEST_EQUAL( status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - } - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, data_t *key_data, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -2710,36 +2635,44 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, + alg, + input->len - first_part_size ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + total_output_length += function_output_length; + } - PSA_ASSERT( psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); + status = psa_cipher_finish( &operation, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL( status, expected_status ); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); + } exit: psa_cipher_abort( &operation ); @@ -2755,11 +2688,14 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -2802,96 +2738,25 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; - - PSA_ASSERT( psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_decrypt_simple_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - data_t *expected_output, - int expected_status_arg ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - psa_status_t expected_status = expected_status_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - - if( iv->len > 0 ) + if( first_part_size < input->len ) { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, + alg, + input->len - first_part_size ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + total_output_length += function_output_length; } - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; - status = psa_cipher_finish( &operation, ( output_buffer_size == 0 ? NULL : output + total_output_length ), @@ -2907,6 +2772,7 @@ void cipher_decrypt_simple_multipart( int alg_arg, if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 70a992e6e7..ead7a699d2 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -135,27 +135,27 @@ cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf71588 PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES @@ -171,87 +171,87 @@ cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":" PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_simple_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS Cipher driver: negative testing on all entry points depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 813cf8b3c7..6d78ad51a0 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -505,22 +505,28 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_simple_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_encrypt_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; psa_status_t expected_status = expected_status_arg; psa_status_t force_status = force_status_arg; + size_t first_part_size = first_part_size_arg; + size_t output1_length = output1_length_arg; + size_t output2_length = output2_length_arg; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -530,15 +536,6 @@ void cipher_encrypt_simple_multipart( int alg_arg, mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - /* Test operation initialization */ mbedtls_psa_cipher_operation_t mbedtls_operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; @@ -553,6 +550,15 @@ void cipher_encrypt_simple_multipart( int alg_arg, operation.ctx.transparent_test_driver_ctx = tranparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); mbedtls_test_driver_cipher_hooks.hits = 0; @@ -571,36 +577,52 @@ void cipher_encrypt_simple_multipart( int alg_arg, mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, + TEST_ASSERT( first_part_size <= input->len ); + PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; + TEST_ASSERT( function_output_length == output1_length ); + total_output_length += function_output_length; + + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_ASSERT( function_output_length == output2_length ); + total_output_length += function_output_length; + } + if( mock_output_arg ) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - total_output_length += function_output_length; - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish( &operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0; - + mbedtls_test_driver_cipher_hooks.hits = 0 ; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); - // driver function should've been called as part of the finish() core routine TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -614,108 +636,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, - int output2_length_arg, - data_t *expected_output ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - size_t first_part_size = first_part_size_arg; - size_t output1_length = output1_length_arg; - size_t output2_length = output2_length_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - - /* Test operation initialization */ - mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; - - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; - - mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; - - operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; - operation.ctx.opaque_test_driver_ctx = opaque_operation; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - TEST_ASSERT( function_output_length == output1_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - mbedtls_test_driver_cipher_hooks.hits = 0 ; - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, @@ -725,11 +645,17 @@ void cipher_decrypt_multipart( int alg_arg, int first_part_size_arg, int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; + psa_status_t force_status = force_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -740,110 +666,6 @@ void cipher_decrypt_multipart( int alg_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - - /* Test operation initialization */ - mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; - - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; - - mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; - - operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; - operation.ctx.opaque_test_driver_ctx = opaque_operation; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - TEST_ASSERT( function_output_length == output1_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - TEST_ASSERT( function_output_length == output2_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_decrypt_simple_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - psa_status_t expected_status = expected_status_arg; - psa_status_t force_status = force_status_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; /* Test operation initialization */ @@ -887,20 +709,38 @@ void cipher_decrypt_simple_multipart( int alg_arg, mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } + TEST_ASSERT( first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, + input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; + TEST_ASSERT( function_output_length == output1_length ); + total_output_length += function_output_length; + + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_ASSERT( function_output_length == output2_length ); + total_output_length += function_output_length; + } + if( mock_output_arg ) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - total_output_length += function_output_length; status = psa_cipher_finish( &operation, output + total_output_length, output_buffer_size - total_output_length, @@ -908,7 +748,6 @@ void cipher_decrypt_simple_multipart( int alg_arg, /* Finish will have called abort as well, so expecting two hits here */ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; - total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); @@ -916,6 +755,7 @@ void cipher_decrypt_simple_multipart( int alg_arg, { PSA_ASSERT( psa_cipher_abort( &operation ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } From 3f860e4c18a9f26509af6f3340e92bb668253f36 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 16:39:49 +0200 Subject: [PATCH 0654/1065] Remove invalid buffer overflow check Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 14 -------------- library/psa_crypto_cipher.c | 5 ----- library/psa_crypto_cipher.h | 15 +-------------- 3 files changed, 1 insertion(+), 33 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d3f7c2eca9..6e73d12c68 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3513,13 +3513,6 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, key_type = slot->attr.type; iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); - if( output_size < PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, - input_length ) ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } - if( iv_length > 0 ) { if( output_size < iv_length ) @@ -3577,13 +3570,6 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, goto exit; } - if( output_size < PSA_CIPHER_DECRYPT_OUTPUT_SIZE( slot->attr.type, alg, - input_length ) ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } - status = psa_driver_wrapper_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 754345e472..9bb21a0a15 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -532,11 +532,6 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - if( output_size < accumulated_length ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } status = cipher_finish( &operation, output + accumulated_length, output_size - accumulated_length, &olength ); diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 39e5688c82..5971e8d3f0 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -223,13 +223,7 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * \c key_type is the type of the key identified * by \p key and \p alg is the cipher algorithm * to compute. - * \param[in] output_size Size of the \p output buffer in bytes. The core - * has checked that this size is greater or equal to - * PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_length ) - * where \c key_type is the type of the key - * identified by \p key, \p alg is the cipher - * algorithm to compute and \p input_length is the - * size of the \p input buffer. + * \param[in] output_size Size of the \p output buffer in bytes. * \param[out] output_length On success, the number of bytes that make up * the returned output. Initialized to zero * by the core. @@ -279,13 +273,6 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * \param[in] input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param[in] output_size Size of the \p output buffer in bytes. - * The core has checked that this size is - * greater or equal to - * PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_length ) - * where \c key_type is the type of the key - * identified by \p key, \p alg is the cipher - * algorithm to compute and \p input_length is the - * size of the \p input buffer. * \param[out] output_length On success, the number of bytes that make up * the returned output. Initialized to zero * by the core. From 58c17277754fc899a68f7ccd5c262c241b925a5c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 16:41:25 +0200 Subject: [PATCH 0655/1065] Add buffer overflow check Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 9bb21a0a15..3701f72da8 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -390,6 +390,9 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, status = mbedtls_to_psa_error( mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ) ); + + if( *output_length > output_size ) + return PSA_ERROR_CORRUPTION_DETECTED; } return( status ); From 6158e283cc5a171b46bdbef88f5b01f66c4ec2f8 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 16:42:13 +0200 Subject: [PATCH 0656/1065] Check the return status of the functions first Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 3701f72da8..62062375b7 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -482,16 +482,17 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, output + operation.iv_length, output_size - operation.iv_length, &olength ); - accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; + accumulated_length += olength; + status = cipher_finish( &operation, output + accumulated_length, output_size - accumulated_length, &olength ); - accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; + accumulated_length += olength; *output_length = accumulated_length; exit: @@ -531,17 +532,17 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, status = cipher_update( &operation, input + operation.iv_length, input_length - operation.iv_length, output, output_size, &olength ); - accumulated_length = olength; if( status != PSA_SUCCESS ) goto exit; + accumulated_length = olength; status = cipher_finish( &operation, output + accumulated_length, output_size - accumulated_length, &olength ); - accumulated_length += olength; if( status != PSA_SUCCESS ) goto exit; + accumulated_length += olength; *output_length = accumulated_length; exit: From ff0da72d52d649f89d498ff718f1b4f1934470e5 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 18:56:55 +0200 Subject: [PATCH 0657/1065] Restoring the multi-part cipher_verify_output() testing Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 573d5f00f9..099b5c32f6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1850,6 +1850,26 @@ PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 16 bytes +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 15 bytes +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15 + +PSA symmetric encrypt/decrypt multipart: AES-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 From 00e54f1133c05ee49882c86868b37667e782c358 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 19:06:30 +0200 Subject: [PATCH 0658/1065] Fix minor issues Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 62062375b7..36c7e73c61 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -392,7 +392,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, input_length, output, output_length ) ); if( *output_length > output_size ) - return PSA_ERROR_CORRUPTION_DETECTED; + return( PSA_ERROR_CORRUPTION_DETECTED ); } return( status ); @@ -492,8 +492,7 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - accumulated_length += olength; - *output_length = accumulated_length; + *output_length = accumulated_length + olength; exit: if( status == PSA_SUCCESS ) @@ -542,8 +541,7 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - accumulated_length += olength; - *output_length = accumulated_length; + *output_length = accumulated_length + olength; exit: if ( status == PSA_SUCCESS ) From 2bd5799df0194b6103dbde136d393576ab0e70cd Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 19:42:14 +0200 Subject: [PATCH 0659/1065] Fix test case dependency Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 099b5c32f6..4aa17639cf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1395,7 +1395,7 @@ depends_on:MBEDTLS_CIPHER_MODE_CTR cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED PSA cipher setup: incompatible key ChaCha20 for CTR -depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED From 737237fe37ef5a43b8cb2d898c0ee1e3a9032551 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:07:57 +0100 Subject: [PATCH 0660/1065] Fix ECJPAKE test failures Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 674485e4c4..c11507bbd0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5438,7 +5438,7 @@ run_test "ECJPAKE: client not configured" \ -S "ciphersuite mismatch: ecjpake not configured" \ -S "server hello, ecjpake kkpp extension" \ -C "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" + -S "SSL - The handshake negotiation failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: server not configured" \ @@ -5453,7 +5453,7 @@ run_test "ECJPAKE: server not configured" \ -s "ciphersuite mismatch: ecjpake not configured" \ -S "server hello, ecjpake kkpp extension" \ -C "found ecjpake_kkpp extension" \ - -s "None of the common ciphersuites is usable" + -s "SSL - The handshake negotiation failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, TLS" \ @@ -5469,7 +5469,7 @@ run_test "ECJPAKE: working, TLS" \ -S "ciphersuite mismatch: ecjpake not configured" \ -s "server hello, ecjpake kkpp extension" \ -c "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 From bec7cafbe11d4898b591be694f4691b376ab3300 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:05:34 +0100 Subject: [PATCH 0661/1065] Correct required config flag in ECJPAKE tests Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c11507bbd0..236da498fb 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5473,7 +5473,7 @@ run_test "ECJPAKE: working, TLS" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: password mismatch, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bad \ @@ -5482,7 +5482,7 @@ run_test "ECJPAKE: password mismatch, TLS" \ -C "re-using cached ecjpake parameters" \ -s "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -5491,7 +5491,7 @@ run_test "ECJPAKE: working, DTLS" \ -c "re-using cached ecjpake parameters" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS, no cookie" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -5501,7 +5501,7 @@ run_test "ECJPAKE: working, DTLS, no cookie" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: password mismatch, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ @@ -5511,7 +5511,7 @@ run_test "ECJPAKE: password mismatch, DTLS" \ -s "SSL - Verification of the message MAC failed" # for tests with configs/config-thread.h -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS, nolog" \ "$P_SRV dtls=1 ecjpake_pw=bla" \ "$P_CLI dtls=1 ecjpake_pw=bla \ From e5b828cb32ba0cb3f6c3cd56c4e8ff4281a5c3f3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:05:34 +0100 Subject: [PATCH 0662/1065] Fix error string checked for by ssl-opt.sh negative tests Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 236da498fb..e75ff4b011 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -269,7 +269,7 @@ maybe_requires_ciphersuite_enabled() { shift case "$*" in - *"-s SSL - The server has no ciphersuites in common"*) + *"-s SSL - The handshake negotiation failed"*) # This test case expects a ciphersuite mismatch, so it doesn't # require the ciphersuite to be enabled. ;; @@ -5132,7 +5132,7 @@ run_test "PSK callback: psk, no callback" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5146,7 +5146,7 @@ run_test "PSK callback: opaque psk on client, no callback" \ -S "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5160,7 +5160,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ -S "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5174,7 +5174,7 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \ -S "skip PMS generation for opaque PSK"\ -c "session hash for extended master secret"\ -s "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5188,7 +5188,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ -S "skip PMS generation for opaque PSK"\ -c "session hash for extended master secret"\ -s "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5202,7 +5202,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5216,7 +5216,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5231,7 +5231,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5246,7 +5246,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5260,7 +5260,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5274,7 +5274,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5289,7 +5289,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5304,7 +5304,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5318,7 +5318,7 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5332,7 +5332,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5345,7 +5345,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -C "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5358,7 +5358,7 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s -C "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5384,7 +5384,7 @@ run_test "PSK callback: callback overrides other settings" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5393,7 +5393,7 @@ run_test "PSK callback: first id matches" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=dead" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5402,7 +5402,7 @@ run_test "PSK callback: second id matches" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5411,7 +5411,7 @@ run_test "PSK callback: no match" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=ghi psk=beef" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5420,7 +5420,7 @@ run_test "PSK callback: wrong key" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=beef" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -s "SSL - Verification of the message MAC failed" From 2c9e54a063533b1a88adf13cd271bea4bc1be650 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 29 Jun 2021 17:21:21 +0200 Subject: [PATCH 0663/1065] Fix pylint issue Signed-off-by: gabor-mezei-arm --- tests/scripts/generate_psa_tests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 97130ea60c..b59ed749bc 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -250,7 +250,7 @@ class StorageKey(psa_storage.Key): * `usage` : The usage flags used for the key. * `without_implicit_usage`: Flag to defide to apply the usage extension """ - super().__init__(usage=usage,**kwargs) + super().__init__(usage=usage, **kwargs) if not without_implicit_usage: for flag, implicit in self.IMPLICIT_USAGE_FLAGS.items(): From c42409820b3b596d0ed45e60927c287080d0eae3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:53:16 +0100 Subject: [PATCH 0664/1065] Change exceptional case for running negative tests Update maybe_requires_ciphersuite_enabled so that it will not skip the ciphersuite requirement when running a test case where the test expects a ciphersuite mismatch Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e75ff4b011..2b77037b2d 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -257,8 +257,7 @@ requires_ciphersuite_enabled() { # maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...] # If CMD (call to a TLS client or server program) requires a specific # ciphersuite, arrange to only run the test case if this ciphersuite is -# enabled. As an exception, do run the test case if it expects a ciphersuite -# mismatch. +# enabled. maybe_requires_ciphersuite_enabled() { case "$1" in *\ force_ciphersuite=*) :;; @@ -268,15 +267,7 @@ maybe_requires_ciphersuite_enabled() { ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}" shift - case "$*" in - *"-s SSL - The handshake negotiation failed"*) - # This test case expects a ciphersuite mismatch, so it doesn't - # require the ciphersuite to be enabled. - ;; - *) - requires_ciphersuite_enabled "$ciphersuite" - ;; - esac + requires_ciphersuite_enabled "$ciphersuite" unset ciphersuite } From 8cccbe11dffe54e4708a6b2b2adfcbee229694f5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 13:15:50 +0100 Subject: [PATCH 0665/1065] Update the migration guide Signed-off-by: Dave Rodgman --- .../Remove_3DES_ciphersuites.md | 10 - docs/3.0-migration-guide.d/ccm-alt.md | 9 - .../cipher-delayed-output.md | 15 - ..._CID-TLS1_3_PADDING_GRANULARITY_options.md | 14 - .../csr-add-critical-extension.md | 9 - docs/3.0-migration-guide.d/default-curves.md | 25 - docs/3.0-migration-guide.d/gcm-alt.md | 10 - docs/3.0-migration-guide.d/gcm-multipart.md | 12 - docs/3.0-migration-guide.d/key-export.md | 36 - .../mandatory-rng-param.md | 40 - .../max-record-payload-api.md | 11 - ...MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md | 11 - .../modify_SHA384_option_behaviour.md | 12 - ...art_of_timing_module_out_of_the_library.md | 9 - docs/3.0-migration-guide.d/out_size.md | 9 - .../relaxed-psk-semantics.md | 18 - .../remove-enable-weak-ciphersuites.md | 12 - .../remove-max-content-len.md | 10 - .../remove-null-entropy.md | 11 - .../remove-rsa-mode-parameter.md | 21 - .../remove-ssl-get-session_pointer.md | 23 - ...09_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md | 17 - ..._MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md | 18 - .../remove_MD2_MD4_RC4_Blowfish_XTEA.md | 8 - .../remove_SSL_DTLS_BADMAC_LIMIT_option.md | 11 - ...move_deprecated_functions_and_constants.md | 74 -- .../remove_mbedtls_check_params_option.md | 33 - .../remove_ssl_record_checking.md | 13 - ...pp_for_extensions_in_pre-v3_X_509_certs.md | 14 - ...ve_support_for_tls_1.0_1.1_and_dtls_1.0.md | 27 - .../rename_the__ret_functions.md | 43 - .../require-matching-hashlen-rsa.md | 24 - docs/3.0-migration-guide.d/rsa-padding.md | 29 - .../separate_SHA224_from_SHA256.md | 11 - .../session-cache-api.md | 28 - .../sha512-output-type.md | 8 - docs/3.0-migration-guide.d/split_config.md | 20 - .../ssl-error-code-cleanup.md | 39 - docs/3.0-migration-guide.d/ssl-ticket-api.md | 30 - ...NT_PREFERENCE_config_opt_to_runtime_opt.md | 14 - docs/3.0-migration-guide.md | 789 +++++++++++++++++- 41 files changed, 783 insertions(+), 794 deletions(-) delete mode 100644 docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md delete mode 100644 docs/3.0-migration-guide.d/ccm-alt.md delete mode 100644 docs/3.0-migration-guide.d/cipher-delayed-output.md delete mode 100644 docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md delete mode 100644 docs/3.0-migration-guide.d/csr-add-critical-extension.md delete mode 100644 docs/3.0-migration-guide.d/default-curves.md delete mode 100644 docs/3.0-migration-guide.d/gcm-alt.md delete mode 100644 docs/3.0-migration-guide.d/gcm-multipart.md delete mode 100644 docs/3.0-migration-guide.d/key-export.md delete mode 100644 docs/3.0-migration-guide.d/mandatory-rng-param.md delete mode 100644 docs/3.0-migration-guide.d/max-record-payload-api.md delete mode 100644 docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md delete mode 100644 docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md delete mode 100644 docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md delete mode 100644 docs/3.0-migration-guide.d/out_size.md delete mode 100644 docs/3.0-migration-guide.d/relaxed-psk-semantics.md delete mode 100644 docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md delete mode 100644 docs/3.0-migration-guide.d/remove-max-content-len.md delete mode 100644 docs/3.0-migration-guide.d/remove-null-entropy.md delete mode 100644 docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md delete mode 100644 docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md delete mode 100644 docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md delete mode 100644 docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md delete mode 100644 docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md delete mode 100644 docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md delete mode 100644 docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md delete mode 100644 docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md delete mode 100644 docs/3.0-migration-guide.d/remove_ssl_record_checking.md delete mode 100644 docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md delete mode 100644 docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md delete mode 100644 docs/3.0-migration-guide.d/rename_the__ret_functions.md delete mode 100644 docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md delete mode 100644 docs/3.0-migration-guide.d/rsa-padding.md delete mode 100644 docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md delete mode 100644 docs/3.0-migration-guide.d/session-cache-api.md delete mode 100644 docs/3.0-migration-guide.d/sha512-output-type.md delete mode 100644 docs/3.0-migration-guide.d/split_config.md delete mode 100644 docs/3.0-migration-guide.d/ssl-error-code-cleanup.md delete mode 100644 docs/3.0-migration-guide.d/ssl-ticket-api.md delete mode 100644 docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md diff --git a/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md b/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md deleted file mode 100644 index 0863363685..0000000000 --- a/docs/3.0-migration-guide.d/Remove_3DES_ciphersuites.md +++ /dev/null @@ -1,10 +0,0 @@ -Remove 3DES ciphersuites --- - -This change does not affect users using default settings for 3DES in `mbedtls_config.h` -because the 3DES ciphersuites were disabled by that. - -3DES has weaknesses/limitations and there are better alternatives, and more and -more standard bodies are recommending against its use in TLS. - -The migration path here is to chose from the recomended in literature alternatives. diff --git a/docs/3.0-migration-guide.d/ccm-alt.md b/docs/3.0-migration-guide.d/ccm-alt.md deleted file mode 100644 index 1abac7acdf..0000000000 --- a/docs/3.0-migration-guide.d/ccm-alt.md +++ /dev/null @@ -1,9 +0,0 @@ -CCM interface changes: impact for alternative implementations -------------------------------------------------------------- - -The CCM interface has changed with the addition of support for -multi-part operations. Five new API functions have been defined: -mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), -mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). -Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to -implement those additional five API functions. diff --git a/docs/3.0-migration-guide.d/cipher-delayed-output.md b/docs/3.0-migration-guide.d/cipher-delayed-output.md deleted file mode 100644 index 18d327152c..0000000000 --- a/docs/3.0-migration-guide.d/cipher-delayed-output.md +++ /dev/null @@ -1,15 +0,0 @@ -Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations ----------------------------------------------------------------------------- - -This only affects people who use the cipher module to perform AEAD operations -using the multi-part API. - -Previously, the documentation didn't state explicitly if it was OK to call -`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after -the last call to `mbedtls_cipher_update()` - that is, without calling -`mbedtls_cipher_finish()` in-between. If you code was missing that call, -please add it and be prepared to get as much as 15 bytes of output. - -Currently the output is always 0 bytes, but it may be more when alternative -implementations of the underlying primitives are in use, or with future -versions of the library. diff --git a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md b/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md deleted file mode 100644 index c4005cffc8..0000000000 --- a/docs/3.0-migration-guide.d/combine_SSL_CID-TLS1_3_PADDING_GRANULARITY_options.md +++ /dev/null @@ -1,14 +0,0 @@ -Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options --- - -This change affects users who modified the default `mbedtls_config.h` padding granularity -settings, i.e. enabled at least one of the options. - -The `mbedtls_config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and -`MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because -they used exactly the same padding mechanism and hence their respective padding -granularities can be used in exactly the same way. This change simplifies the -code maintenance. - -The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used -for both DTLS-CID and TLS 1.3. diff --git a/docs/3.0-migration-guide.d/csr-add-critical-extension.md b/docs/3.0-migration-guide.d/csr-add-critical-extension.md deleted file mode 100644 index ebcb343caa..0000000000 --- a/docs/3.0-migration-guide.d/csr-add-critical-extension.md +++ /dev/null @@ -1,9 +0,0 @@ -Change the API to allow adding critical extensions to CSRs ------------------------------------------------------------------- - -This affects applications that call the `mbedtls_x509write_csr_set_extension` -function. - -The API is changed to include the parameter `critical` which allow to mark an -extension included in a CSR as critical. To get the previous behaviour pass -`0`. diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md deleted file mode 100644 index 928130d247..0000000000 --- a/docs/3.0-migration-guide.d/default-curves.md +++ /dev/null @@ -1,25 +0,0 @@ -Strengthen default algorithm selection for X.509 and TLS --------------------------------------------------------- - -The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. - -Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. - -The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. - -The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. - -If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: -``` -mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; -my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); -``` - -If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. - -TLS now favors faster curves over larger curves ------------------------------------------------ - -The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. - -If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. diff --git a/docs/3.0-migration-guide.d/gcm-alt.md b/docs/3.0-migration-guide.d/gcm-alt.md deleted file mode 100644 index 388e2bedd5..0000000000 --- a/docs/3.0-migration-guide.d/gcm-alt.md +++ /dev/null @@ -1,10 +0,0 @@ -GCM interface changes: impact for alternative implementations -------------------------------------------------------------- - -The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. -* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: - * Always return the partial output immediately, even if it does not consist of a whole number of blocks. - * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md deleted file mode 100644 index ebc6397fa0..0000000000 --- a/docs/3.0-migration-guide.d/gcm-multipart.md +++ /dev/null @@ -1,12 +0,0 @@ -GCM multipart interface: application changes --------------------------------------------- - -The GCM module now supports arbitrary chunked input in the multipart interface. -This changes the interface for applications using the GCM module directly for multipart operations. -Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. -* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: - * As long as the input remains block-aligned, the output length is exactly the input length, as before. - * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md deleted file mode 100644 index f8b3505b51..0000000000 --- a/docs/3.0-migration-guide.d/key-export.md +++ /dev/null @@ -1,36 +0,0 @@ -SSL key export interface change -------------------------------- - -This affects users of the SSL key export APIs: -``` - mbedtls_ssl_conf_export_keys_cb() - mbedtls_ssl_conf_export_keys_ext_cb() -``` - -Those APIs have been removed and replaced by the new API -`mbedtls_ssl_set_export_keys_cb()`. This API differs from -the previous key export API in the following ways: - -- It is no longer bound to an SSL configuration, but to an - SSL context. This allows users to more easily identify the - connection an exported key belongs to. -- It no longer exports raw keys and IV. -- A secret type parameter has been added to identify which key - is being exported. For TLS 1.2, only the master secret is - exported, but upcoming TLS 1.3 support will add other kinds of keys. -- The callback now specifies a void return type, rather than - returning an error code. It is the responsibility of the application - to handle failures in the key export callback, for example by - shutting down the TLS connection. - -For users which do not rely on raw keys and IV, adjusting to the new -callback type should be straightforward - see the example programs -programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks -for NSSKeylog, EAP-TLS and DTLS-SRTP. - -Users which require access to the raw keys used to secure application -traffic may derive those by hand based on the master secret and the -handshake transcript hashes which can be obtained from the raw data -on the wire. Such users are also encouraged to reach out to the -Mbed TLS team on the mailing list, to let the team know about their -use case. diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md deleted file mode 100644 index f6aba08b11..0000000000 --- a/docs/3.0-migration-guide.d/mandatory-rng-param.md +++ /dev/null @@ -1,40 +0,0 @@ -The RNG parameter is now mandatory for all functions that accept one --------------------------------------------------------------------- - -This change affects all users who called a function accepting a `f_rng` -parameter with `NULL` as the value of this argument; this is no longer -supported. - -The changed functions are: the X.509 CRT and CSR writing functions; the PK and -RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM -and ECDH that compute the shared secret; the scalar multiplication functions in -ECP. - -You now need to pass a properly seeded, cryptographically secure RNG to all -functions that accept a `f_rng` parameter. It is of course still possible to -pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a -context. - -Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` -configuration options) may have their own internal and are free to ignore the -`f_rng` argument but must allow users to pass one anyway. - -Some functions gained an RNG parameter --------------------------------------- - -This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, -`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and -`mbedtls_pk_parse_keyfile()`. - -You now need to pass a properly seeded, cryptographically secure RNG when -calling these functions. It is used for blinding, a counter-measure against -side-channel attacks. - -The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed ------------------------------------------------------------------- - -This doesn't affect users of the default configuration; it only affects people -who were explicitly setting this option. - -This was a trade-off between code size and counter-measures; it is no longer -relevant as the counter-measure is now always on at no cost in code size. diff --git a/docs/3.0-migration-guide.d/max-record-payload-api.md b/docs/3.0-migration-guide.d/max-record-payload-api.md deleted file mode 100644 index 0b34915f40..0000000000 --- a/docs/3.0-migration-guide.d/max-record-payload-api.md +++ /dev/null @@ -1,11 +0,0 @@ -Remove MaximumFragmentLength (MFL) query API ------------------------------------------------------------------ - -This affects users which use the MFL query APIs -`mbedtls_ssl_get_{input,output}_max_frag_len()` to -infer upper bounds on the plaintext size of incoming and -outgoing record. - -Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` -instead, which also provides such upper bounds but takes more factors -than just the MFL configuration into account. diff --git a/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md b/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md deleted file mode 100644 index 91bec7269d..0000000000 --- a/docs/3.0-migration-guide.d/modify_MBEDTLS_ECP_FIXED_POINT_OPTIM_behaviour.md +++ /dev/null @@ -1,11 +0,0 @@ -Change MBEDTLS_ECP_FIXED_POINT_OPTIM behaviour ------------------------------------------------------- - -The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does -not increase peak RAM usage anymore. - -If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` -to `0` in your config file. The impact depends on the number and size of -enabled curves. For example, for P-256 the difference is 1KB; see the documentation -of this option for details. - diff --git a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md deleted file mode 100644 index 68eacfc161..0000000000 --- a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md +++ /dev/null @@ -1,12 +0,0 @@ -Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C ------------------------------------------------------- - -This does not affect users who use the default `mbedtls_config.h`. -MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is -enabled by default. - -If you were using a config file with both MBEDTLS_SHA512_C and -MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. -If you were using a config file with MBEDTLS_SHA512_C and without -MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add -`#define MBEDTLS_SHA384_C` to your config file. diff --git a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md deleted file mode 100644 index fa61e274bd..0000000000 --- a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md +++ /dev/null @@ -1,9 +0,0 @@ -Move part of timing module out of the library --- - -The change affects users who use any of the following functions: -`mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`, -`mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`. - -If you were relying on these functions, you'll now need to change to using your -platform's corresponding functions directly. diff --git a/docs/3.0-migration-guide.d/out_size.md b/docs/3.0-migration-guide.d/out_size.md deleted file mode 100644 index 49d3246a79..0000000000 --- a/docs/3.0-migration-guide.d/out_size.md +++ /dev/null @@ -1,9 +0,0 @@ -Extra parameter for the output buffer size ------------------------------------------- - -The following functions now take an extra parameter indicating the size of the output buffer: - -* `mbedtls_ecdsa_write_signature()`, `mbedtls_ecdsa_write_signature_restartable()` -* `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` - -The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. diff --git a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md deleted file mode 100644 index 6b0e794757..0000000000 --- a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md +++ /dev/null @@ -1,18 +0,0 @@ -Relaxed semantics for PSK configuration ------------------------------------------------------------------ - -This affects users which call the PSK configuration APIs -`mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` -multiple times on the same SSL configuration. - -In Mbed TLS 2.x, users would observe later calls overwriting -the effect of earlier calls, with the prevailing PSK being -the one that has been configured last. In Mbed TLS 3.0, -calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times -will return an error, leaving the first PSK intact. - -To achieve equivalent functionality when migrating to Mbed TLS 3.0, -users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should -remove all but the last call, so that only one call to _either_ -`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` -remains. diff --git a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md deleted file mode 100644 index 917d1ac8a4..0000000000 --- a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md +++ /dev/null @@ -1,12 +0,0 @@ -Remove the configuration to enable weak ciphersuites in SSL / TLS ------------------------------------------------------------------ - -This does not affect users who use the default `mbedtls_config.h`, as this option was -already off by default. - -If you were using a weak cipher, please switch to any of the modern, -recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) -and if your peer doesn't support any, encourage them to upgrade their software. - -If you were using a ciphersuite without encryption, you just have to -enable MBEDTLS_CIPHER_NULL_CIPHER now. diff --git a/docs/3.0-migration-guide.d/remove-max-content-len.md b/docs/3.0-migration-guide.d/remove-max-content-len.md deleted file mode 100644 index 40c7d539fb..0000000000 --- a/docs/3.0-migration-guide.d/remove-max-content-len.md +++ /dev/null @@ -1,10 +0,0 @@ -Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option -------------------------------------------------------------- - -This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to -set the maximum length of incoming and outgoing plaintext fragments, -which can save memory by reducing the size of the TLS I/O buffers. - -This option is replaced by the more fine-grained options -`MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set -the maximum incoming and outgoing plaintext fragment lengths, respectively. diff --git a/docs/3.0-migration-guide.d/remove-null-entropy.md b/docs/3.0-migration-guide.d/remove-null-entropy.md deleted file mode 100644 index c38c93056a..0000000000 --- a/docs/3.0-migration-guide.d/remove-null-entropy.md +++ /dev/null @@ -1,11 +0,0 @@ -Remove the option to build the library without any entropy sources ------------------------------------------------------------------- - -This does not affect users who use the default `mbedtls_config.h`, as this option was -already off by default. - -If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform -doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` -and make sure your device is provisioned with a strong random seed. -Alternatively, for testing purposes only, you can create and register a fake -entropy function. diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md deleted file mode 100644 index d21d5ed85e..0000000000 --- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md +++ /dev/null @@ -1,21 +0,0 @@ -Remove the mode parameter from RSA functions --------------------------------------------- - -This affects all users who use the RSA encryption, decryption, sign and -verify APIs. - -The RSA module no longer supports private-key operations with the public key or -vice versa. As a consequence, RSA operation functions no longer have a mode -parameter. If you were calling RSA operations with the normal mode (public key -for verification or encryption, private key for signature or decryption), remove -the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling -RSA operations with the wrong mode, which rarely makes sense from a security -perspective, this is no longer supported. - -Remove the RNG parameter from RSA verify functions --------------------------------------------------- - -RSA verification functions also no longer take random generator arguments (this -was only needed when using a private key). This affects all applications using -the RSA verify functions. - diff --git a/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md deleted file mode 100644 index a4a4895a8f..0000000000 --- a/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md +++ /dev/null @@ -1,23 +0,0 @@ -Remove the SSL API mbedtls_ssl_get_session_pointer() ------------------------------------------------------------------ - -This affects two classes of users: - -1. Users who manually inspect parts of the current session through - direct structure field access. - -2. Users of session resumption who query the current session - via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting - it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`, - respectively. - -Migration paths: - -1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many - other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no - longer part of the public API in Mbed TLS 3.0, and direct structure field - access is no longer supported. Please see the corresponding migration guide. - -2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by - calls to `mbedtls_ssl_get_session()` as demonstrated in the example - program `programs/ssl/ssl_client2.c`. diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md deleted file mode 100644 index 738fa81fd1..0000000000 --- a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION.md +++ /dev/null @@ -1,17 +0,0 @@ -Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION --------------------------------------------------------------------------- - -This change does not affect users of the default configuration; it only affect -users who enable this option. - -The X.509 standard says that implementations must reject critical extensions that -they don't recognize, and this is what Mbed TLS does by default. This option -allowed to continue parsing those certificates but didn't provide a convenient -way to handle those extensions. - -The migration path from that option is to use the -`mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally -equivalent to `mbedtls_x509_crt_parse_der()`, and/or -`mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every -unsupported certificate extension and additionally the "certificate policies" -extension if it contains any unsupported certificate policies. diff --git a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md b/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md deleted file mode 100644 index ebb4be946f..0000000000 --- a/docs/3.0-migration-guide.d/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options.md +++ /dev/null @@ -1,18 +0,0 @@ -Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` -------------------------------------------------------------------- - -This change affects users who have chosen the configuration options to disable the -library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 -certificates. - -The `MBEDTLS_X509_CHECK_KEY_USAGE` and `MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE` -configuration options are removed and the X509 code now behaves as if they were -always enabled. It is consequently not possible anymore to disable at compile -time the verification of the `keyUsage` and `extendedKeyUsage` fields of X509 -certificates. - -The verification of the `keyUsage` and `extendedKeyUsage` fields is important, -disabling it can cause security issues and it is thus not recommended. If the -verification is for some reason undesirable, it can still be disabled by means -of the verification callback function passed to `mbedtls_x509_crt_verify()` (see -the documentation of this function for more information). diff --git a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md deleted file mode 100644 index d199f2f13f..0000000000 --- a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md +++ /dev/null @@ -1,8 +0,0 @@ -Remove MD2, MD4, RC4, Blowfish and XTEA algorithms --- - -This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. - -They are already niche or obsolete and most of them are weak or broken. For -those reasons possible users should consider switching to modern and safe -alternatives to be found in literature. diff --git a/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md b/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md deleted file mode 100644 index 3c0cbe944a..0000000000 --- a/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md +++ /dev/null @@ -1,11 +0,0 @@ -Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option -------------------------------------------- - -This change does not affect users who used the default `mbedtls_config.h`, as the option -MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. - -This option was a trade-off between functionality and code size: it allowed -users who didn't need that feature to avoid paying the cost in code size, by -disabling it. - -This option is no longer present, but its functionality is now always enabled. diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md deleted file mode 100644 index 31c2ce8621..0000000000 --- a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md +++ /dev/null @@ -1,74 +0,0 @@ -Deprecated functions were removed from AES ------------------------------------------- - -The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were -removed. - -If you're simply using the AES module, you should be calling the higher-level -functions `mbedtls_aes_crypt_xxx()`. - -If you're providing an alternative implementation using -`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be -replacing the removed functions with `mbedtls_internal_aes_encrypt()` and -`mbedtls_internal_aes_decrypt()` respectively. - -Deprecated functions were removed from bignum ---------------------------------------------- - -The function `mbedtls_mpi_is_prime()` was removed. Please use -`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the -number of Miller-Rabin rounds. - -Deprecated functions were removed from cipher ---------------------------------------------- - -The functions `mbedtls_cipher_auth_encrypt()` and -`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by -`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` -respectively which additionally support key wrapping algorithms such as -NIST_KW. - -Deprecated functions were removed from DRBGs --------------------------------------------- - -The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` -were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and -`mbedtls_hmac_drbg_update_ret()` respectively. - -Deprecated functions were removed from ECDSA --------------------------------------------- - -The functions `mbedtls_ecdsa_write_signature_det()` and -`mbedtls_ecdsa_sign_det()` were removed. They were superseded by -`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` -respectively. - -Deprecated functions were removed from SSL ------------------------------------------- - -The function `mbedtls_ssl_conf_dh_param()` was removed. Please use -`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. - -The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use -`mbedtls_ssl_get_max_out_record_payload()` and -`mbedtls_ssl_get_max_in_record_payload()` -instead. - -Deprecated hex-encoded primes were removed from DHM ---------------------------------------------------- - -The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, -`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, -`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, -`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were -removed. The primes from RFC 5114 are deprecated because their derivation is not -documented and therefore their usage constitutes a security risk; they are fully -removed from the library. Please use parameters from RFC3526 (still in the -library, only in binary form) or RFC 7919 (also available in the library) or -other trusted sources instead. - -Deprecated net.h file was removed ---------------------------------- - -The file `include/mbedtls/net.h` was removed because its only function was to -include `mbedtls/net_sockets.h` which now should be included directly. diff --git a/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md b/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md deleted file mode 100644 index 6f43aa37a8..0000000000 --- a/docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md +++ /dev/null @@ -1,33 +0,0 @@ -Remove MBEDTLS_CHECK_PARAMS option ----------------------------------- - -This change does not affect users who use the default configuration; it only -affects users who enabled that option. - -The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enabled certain kinds -of “parameter validation”. It covered two kinds of validations: - -- In some functions that require a valid pointer, “parameter validation” checks -that the pointer is non-null. With the feature disabled, a null pointer is not -treated differently from any other invalid pointer, and typically leads to a -runtime crash. 90% of the uses of the feature are of this kind. -- In some functions that take an enum-like argument, “parameter validation” -checks that the value is a valid one. With the feature disabled, an invalid -value causes a silent default to one of the valid values. - -The default reaction to a failed check was to call a function -`mbedtls_param_failed()` which the application had to provide. If this function -returned, its caller returned an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. - -This feature was only used in some classic (non-PSA) cryptography modules. It was -not used in X.509, TLS or in PSA crypto, and it was not implemented in all -classic crypto modules. - -This feature has been removed. The library no longer checks for NULL pointers; -checks for enum-like arguments will be kept or re-introduced on a case-by-case -basis, but their presence will no longer be dependent on a compile-time option. - -Validation of enum-like values is somewhat useful, but not extremely important, -because the parameters concerned are usually constants in applications. - -For more information see issue #4313. diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md deleted file mode 100644 index 7bee4ae9d2..0000000000 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ /dev/null @@ -1,13 +0,0 @@ -Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default --------------------------------------------------------------------------- - -This change does not affect users who use the default mbedtls_config.h, as the -option MBEDTLS_SSL_RECORD_CHECKING was already on by default. - -This option was added only to control compilation of one function, -mbedtls_ssl_check_record(), which is only useful in some specific cases, so it -was made optional to allow users who don't need it to save some code space. -However, the same effect can be achieve by using link-time garbage collection. - -Users who changed the default setting of the option need to change the config/ -build system to remove that change. diff --git a/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md b/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md deleted file mode 100644 index 4c87f038fc..0000000000 --- a/docs/3.0-migration-guide.d/remove_supp_for_extensions_in_pre-v3_X_509_certs.md +++ /dev/null @@ -1,14 +0,0 @@ -Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option --- - -This change does not affect users who were using the default configuration, as -this option was already disabled by default. Also, it does not affect users who -are working with current V3 X.509 certificates. - -Extensions were added in V3 of the X.509 specification, so pre-V3 certificates -containing extensions were never compliant. Mbed TLS now rejects them with a -parsing error in all configurations, as it did previously in the default -configuration. - -If you are working with the pre-V3 certificates you need to switch to the -current ones. diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md deleted file mode 100644 index 73d621f781..0000000000 --- a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md +++ /dev/null @@ -1,27 +0,0 @@ -Remove suport for TLS 1.0, 1.1 and DTLS 1.0 -------------------------------------------- - -This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. - -These versions have been deprecated by RFC 8996. -Keeping them in the library creates opportunities for misconfiguration -and possibly downgrade attacks. More generally, more code means a larger attack -surface, even if the code is supposedly not used. - -The migration path is to adopt the latest versions of the protocol. - -As a consequence of removing TLS 1.0, support for CBC record splitting was -also removed, as it was a work-around for a weakness in this particular -version. There is no migration path since the feature is no longer relevant. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different version negociation mechanism), support -for fallback SCSV (RFC 7507) was also removed. There is no migration path as -it's no longer useful with TLS 1.2 and later. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different concept of ciphersuites), support for -configuring ciphersuites separately for each version via -`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use -`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS -1.2; in the future a different API will be added for (D)TLS 1.3. diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md deleted file mode 100644 index 875164b25b..0000000000 --- a/docs/3.0-migration-guide.d/rename_the__ret_functions.md +++ /dev/null @@ -1,43 +0,0 @@ -Rename mbedtls_*_ret() cryptography functions whose deprecated variants -have been removed ------------------ - -This change affects users who were using the `mbedtls_*_ret()` cryptography -functions. - -Those functions were created based on now-deprecated functions according to a -requirement that a function needs to return a value. This change brings back the -original names of those functions. The renamed functions are: - -| name before this change | after the change | -|------------------------------|--------------------------| -| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update | -| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update | -| mbedtls_md5_starts_ret | mbedtls_md5_starts | -| mbedtls_md5_update_ret | mbedtls_md5_update | -| mbedtls_md5_finish_ret | mbedtls_md5_finish | -| mbedtls_md5_ret | mbedtls_md5 | -| mbedtls_ripemd160_starts_ret | mbedtls_ripemd160_starts | -| mbedtls_ripemd160_update_ret | mbedtls_ripemd160_update | -| mbedtls_ripemd160_finish_ret | mbedtls_ripemd160_finish | -| mbedtls_ripemd160_ret | mbedtls_ripemd160 | -| mbedtls_sha1_starts_ret | mbedtls_sha1_starts | -| mbedtls_sha1_update_ret | mbedtls_sha1_update | -| mbedtls_sha1_finish_ret | mbedtls_sha1_finish | -| mbedtls_sha1_ret | mbedtls_sha1 | -| mbedtls_sha256_starts_ret | mbedtls_sha256_starts | -| mbedtls_sha256_update_ret | mbedtls_sha256_update | -| mbedtls_sha256_finish_ret | mbedtls_sha256_finish | -| mbedtls_sha256_ret | mbedtls_sha256 | -| mbedtls_sha512_starts_ret | mbedtls_sha512_starts | -| mbedtls_sha512_update_ret | mbedtls_sha512_update | -| mbedtls_sha512_finish_ret | mbedtls_sha512_finish | -| mbedtls_sha512_ret | mbedtls_sha512 | - -To migrate to the this change the user can keep the `*_ret` names in their code -and include the `compat_2.x.h` header file which holds macros with proper -renaming or to rename those function in their code according to the list from -mentioned header file. - - - diff --git a/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md b/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md deleted file mode 100644 index d59a8d397a..0000000000 --- a/docs/3.0-migration-guide.d/require-matching-hashlen-rsa.md +++ /dev/null @@ -1,24 +0,0 @@ -Signature functions now require the hash length to match the expected value ---------------------------------------------------------------------------- - -This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. - -All the functions in the RSA module that accept a `hashlen` parameter used to -ignore it unless the `md_alg` parameter was `MBEDTLS_MD_NONE`, indicating raw -data was signed. The `hashlen` parameter is now always the size that is read -from the `hash` input buffer. This length must be equal to the output size of -the hash algorithm used when signing a hash. (The requirements when signing -raw data are unchanged.) This affects the following functions: - -* `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_pkcs1_verify` -* `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_verify` -* `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_verify` -* `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify_ext` - -The signature functions in the PK module no longer accept 0 as the `hash_len` parameter. The `hash_len` parameter is now always the size that is read from the `hash` input buffer. This affects the following functions: - -* `mbedtls_pk_sign`, `mbedtls_pk_verify` -* `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable` -* `mbedtls_pk_verify_ext` - -The migration path is to pass the correct value to those functions. diff --git a/docs/3.0-migration-guide.d/rsa-padding.md b/docs/3.0-migration-guide.d/rsa-padding.md deleted file mode 100644 index f10ece6f8c..0000000000 --- a/docs/3.0-migration-guide.d/rsa-padding.md +++ /dev/null @@ -1,29 +0,0 @@ -Remove the padding parameters from mbedtls_rsa_init() ------------------------------------------------------ - -This affects all users who use the RSA encryption, decryption, sign and -verify APIs. - -The function mbedtls_rsa_init() no longer supports selecting the PKCS#1 v2.1 -encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If -you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call -to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. - -To choose the padding type when initializing a context, instead of -```C - mbedtls_rsa_init(ctx, padding, hash_id); -``` -, use -```C - mbedtls_rsa_init(ctx); - mbedtls_rsa_set_padding(ctx, padding, hash_id); -``` - -To use PKCS#1 v1.5 padding, instead of -```C - mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); -``` -, just use -```C - mbedtls_rsa_init(ctx); -``` diff --git a/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md b/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md deleted file mode 100644 index f5a8d98739..0000000000 --- a/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md +++ /dev/null @@ -1,11 +0,0 @@ -Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C ------------------------------------------------------------------ - -This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C -was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are -enabled. - -If you were using custom config file with MBEDTLS_SHA256_C enabled, then -you will need to add `#define MBEDTLS_SHA224_C` option your config. -Current version of the library does not support enabling MBEDTLS_SHA256_C -without MBEDTLS_SHA224_C. diff --git a/docs/3.0-migration-guide.d/session-cache-api.md b/docs/3.0-migration-guide.d/session-cache-api.md deleted file mode 100644 index b28ce1946a..0000000000 --- a/docs/3.0-migration-guide.d/session-cache-api.md +++ /dev/null @@ -1,28 +0,0 @@ -Session Cache API Change ------------------------------------------------------------------ - -This affects users who use `mbedtls_ssl_conf_session_cache()` -to configure a custom session cache implementation different -from the one Mbed TLS implements in `library/ssl_cache.c`. - -Those users will need to modify the API of their session cache -implementation to that of a key-value store with keys being -session IDs and values being instances of `mbedtls_ssl_session`: - -``` -typedef int mbedtls_ssl_cache_get_t( void *data, - unsigned char const *session_id, - size_t session_id_len, - mbedtls_ssl_session *session ); -typedef int mbedtls_ssl_cache_set_t( void *data, - unsigned char const *session_id, - size_t session_id_len, - const mbedtls_ssl_session *session ); -``` - -Since the structure of `mbedtls_ssl_session` is no longer public from 3.0 -onwards, portable session cache implementations must not access fields of -`mbedtls_ssl_session`. See the corresponding migration guide. Users that -find themselves unable to migrate their session cache functionality without -accessing fields of `mbedtls_ssl_session` should describe their usecase -on the Mbed TLS mailing list. diff --git a/docs/3.0-migration-guide.d/sha512-output-type.md b/docs/3.0-migration-guide.d/sha512-output-type.md deleted file mode 100644 index c62a881598..0000000000 --- a/docs/3.0-migration-guide.d/sha512-output-type.md +++ /dev/null @@ -1,8 +0,0 @@ -SHA-512 and SHA-256 output type change --------------------------- - -The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. - -This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. - -Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. diff --git a/docs/3.0-migration-guide.d/split_config.md b/docs/3.0-migration-guide.d/split_config.md deleted file mode 100644 index 6f433c5f7f..0000000000 --- a/docs/3.0-migration-guide.d/split_config.md +++ /dev/null @@ -1,20 +0,0 @@ -Introduce a level of indirection and versioning in the config files -------------------------------------------------------------------- - -`config.h` was split into `build_info.h` and `mbedtls_config.h`. - -* In code, use `#include `. Don't include `mbedtls/config.h` and don't refer to `MBEDTLS_CONFIG_FILE`. -* In build tools, edit `mbedtls_config.h`, or edit `MBEDTLS_CONFIG_FILE` as before. -* If you had a tool that parsed the library version from `include/mbedtls/version.h`, this has moved to `include/mbedtls/build_info.h`. From C code, both headers now define the `MBEDTLS_VERSION_xxx` macros. - -Also, if you have a custom configuration file: - -* Don't include `check_config.h` or `config_psa.h` anymore. -* Don't define `MBEDTLS_CONFIG_H` anymore. - -A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. -Defining it to a particular value will ensure that Mbed TLS interprets -the config file in a way that's compatible with the config file format -used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same -value. -The only value supported by Mbed TLS 3.0.0 is `0x03000000`. diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md deleted file mode 100644 index ce795e5d90..0000000000 --- a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md +++ /dev/null @@ -1,39 +0,0 @@ -Changes in the SSL error code space ------------------------------------------------------------------ - -# Removals - -This affects users manually checking for the following error codes: -- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` -- `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` -- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` -- `MBEDTLS_ERR_SSL_BAD_HS_XXX` - -Migration paths: - -- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` - should never be returned from Mbed TLS, and there is no need to check for it. - - Users should simply remove manual checks for those codes, and let the Mbed TLS - team know if -- contrary to the team's understanding -- there is in fact a situation - where one of them was ever returned. - -- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and - `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate - is too large to fit into the output buffers. - - Users should check for - `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their - own certificate against the configured size of the output buffer to understand if - the error is due to an overly large certificate. - -- All `MBEDTLS_ERR_SSL_BAD_HS_XXX` error code have been removed. - - Users should check for the newly introduced generic error codes - * `MBEDTLS_ERR_SSL_DECODE_ERROR` - * `MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER`, - * `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` - * `MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION` - * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` - * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` - instead. diff --git a/docs/3.0-migration-guide.d/ssl-ticket-api.md b/docs/3.0-migration-guide.d/ssl-ticket-api.md deleted file mode 100644 index 23c53d671d..0000000000 --- a/docs/3.0-migration-guide.d/ssl-ticket-api.md +++ /dev/null @@ -1,30 +0,0 @@ -Modified semantics of mbedtls_ssl_{get,set}_session() ------------------------------------------------------------------ - -This affects users who call `mbedtls_ssl_get_session()` or -`mbedtls_ssl_set_session()` multiple times on the same SSL context -representing an established TLS 1.2 connection. -Those users will now observe the second call to fail with -`MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`. - -Migration path: -- Exporting the same TLS 1.2 connection multiple times via - `mbedtls_ssl_get_session()` leads to multiple copies of - the same session. This use of `mbedtls_ssl_get_session()` - is discouraged, and the following should be considered: - * If the various session copies are later loaded into - fresh SSL contexts via `mbedtls_ssl_set_session()`, - export via `mbedtls_ssl_get_session()` only once and - load the same session into different contexts via - `mbedtls_ssl_set_session()`. Since `mbedtls_ssl_set_session()` - makes a copy of the session that's being loaded, this - is functionally equivalent. - * If the various session copies are later serialized - via `mbedtls_ssl_session_save()`, export and serialize - the session only once via `mbedtls_ssl_get_session()` and - `mbedtls_ssl_session_save()` and make copies of the raw - data instead. -- Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x - is not useful since subsequent calls overwrite the effect of previous - calls. Applications achieve equivalent functional behaviour by - issuing only the very last call to `mbedtls_ssl_set_session()`. diff --git a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md b/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md deleted file mode 100644 index 6f5a13acaa..0000000000 --- a/docs/3.0-migration-guide.d/turn_SSL_SRV_RESPECT_CLIENT_PREFERENCE_config_opt_to_runtime_opt.md +++ /dev/null @@ -1,14 +0,0 @@ -Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option --- - -This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE -option in the `mbedtls_config.h` - -This option has been removed and a new function with similar functionality has -been introduced into the SSL API. - -This new function `mbedtls_ssl_conf_preference_order()` can be used to -change the preferred order of ciphersuites on the server to those used on the client, -e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)` -has the same effect as enabling the removed option. The default state is to use -the server order of suites. diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 5fe6ebd7a6..402fc64625 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -24,22 +24,22 @@ Deprecated functions were removed from hashing modules Modules: MD5, SHA1, SHA256, SHA512, MD. -- The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`, - `mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the -function with the same name with `_ret` appended and check the return value. +- The functions `mbedtls_xxx_starts_ret()`, `mbedtls_xxx_update_ret()`, + `mbedtls_xxx_finish_ret()` and `mbedtls_xxx_ret()` were renamed to replace + the corresponding functions without `_ret` appended. Please call the name without `_ret` appended and check the return value. - The function `mbedtls_md_init_ctx()` was removed; please use `mbedtls_md_setup()` instead. - The functions `mbedtls_xxx_process()` were removed. You normally don't need to call that from application code. However if you do (or if you want to -provide your own version of that function), please use -`mbedtls_internal_xxx_process()` instead, and check the return value. + provide your own version of that function), please use + `mbedtls_internal_xxx_process()` instead, and check the return value. Deprecated error codes for hardware failures were removed --------------------------------------------------------- - The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used -instead. + instead. - The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. @@ -194,3 +194,780 @@ and still relied on `compat-1.3.h` in their code. Please use the new names directly in your code; `scripts/rename.pl` (from any of the 2.x releases - no longer included in 3.0) might help you do that. + + +Remove 3DES ciphersuites +-- + +This change does not affect users using default settings for 3DES in `mbedtls_config.h` +because the 3DES ciphersuites were disabled by that. + +3DES has weaknesses/limitations and there are better alternatives, and more and +more standard bodies are recommending against its use in TLS. + +The migration path here is to chose from the recomended in literature alternatives. +CCM interface changes: impact for alternative implementations +------------------------------------------------------------- + +The CCM interface has changed with the addition of support for +multi-part operations. Five new API functions have been defined: +mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), +mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). +Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to +implement those additional five API functions. +Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations +---------------------------------------------------------------------------- + +This only affects people who use the cipher module to perform AEAD operations +using the multi-part API. + +Previously, the documentation didn't state explicitly if it was OK to call +`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after +the last call to `mbedtls_cipher_update()` - that is, without calling +`mbedtls_cipher_finish()` in-between. If you code was missing that call, +please add it and be prepared to get as much as 15 bytes of output. + +Currently the output is always 0 bytes, but it may be more when alternative +implementations of the underlying primitives are in use, or with future +versions of the library. +Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options +-- + +This change affects users who modified the default `mbedtls_config.h` padding granularity +settings, i.e. enabled at least one of the options. + +The `mbedtls_config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and +`MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because +they used exactly the same padding mechanism and hence their respective padding +granularities can be used in exactly the same way. This change simplifies the +code maintenance. + +The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used +for both DTLS-CID and TLS 1.3. +Change the API to allow adding critical extensions to CSRs +------------------------------------------------------------------ + +This affects applications that call the `mbedtls_x509write_csr_set_extension` +function. + +The API is changed to include the parameter `critical` which allow to mark an +extension included in a CSR as critical. To get the previous behaviour pass +`0`. +Strengthen default algorithm selection for X.509 and TLS +-------------------------------------------------------- + +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. + +Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. + +The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. + +The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. + +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: +``` +mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; +my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); +``` + +If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. + +TLS now favors faster curves over larger curves +----------------------------------------------- + +The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. + +If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. +GCM interface changes: impact for alternative implementations +------------------------------------------------------------- + +The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. +* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: + * Always return the partial output immediately, even if it does not consist of a whole number of blocks. + * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. +GCM multipart interface: application changes +-------------------------------------------- + +The GCM module now supports arbitrary chunked input in the multipart interface. +This changes the interface for applications using the GCM module directly for multipart operations. +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. +* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: + * As long as the input remains block-aligned, the output length is exactly the input length, as before. + * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. +SSL key export interface change +------------------------------- + +This affects users of the SSL key export APIs: +``` + mbedtls_ssl_conf_export_keys_cb() + mbedtls_ssl_conf_export_keys_ext_cb() +``` + +Those APIs have been removed and replaced by the new API +`mbedtls_ssl_set_export_keys_cb()`. This API differs from +the previous key export API in the following ways: + +- It is no longer bound to an SSL configuration, but to an + SSL context. This allows users to more easily identify the + connection an exported key belongs to. +- It no longer exports raw keys and IV. +- A secret type parameter has been added to identify which key + is being exported. For TLS 1.2, only the master secret is + exported, but upcoming TLS 1.3 support will add other kinds of keys. +- The callback now specifies a void return type, rather than + returning an error code. It is the responsibility of the application + to handle failures in the key export callback, for example by + shutting down the TLS connection. + +For users which do not rely on raw keys and IV, adjusting to the new +callback type should be straightforward - see the example programs +programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks +for NSSKeylog, EAP-TLS and DTLS-SRTP. + +Users which require access to the raw keys used to secure application +traffic may derive those by hand based on the master secret and the +handshake transcript hashes which can be obtained from the raw data +on the wire. Such users are also encouraged to reach out to the +Mbed TLS team on the mailing list, to let the team know about their +use case. +The RNG parameter is now mandatory for all functions that accept one +-------------------------------------------------------------------- + +This change affects all users who called a function accepting a `f_rng` +parameter with `NULL` as the value of this argument; this is no longer +supported. + +The changed functions are: the X.509 CRT and CSR writing functions; the PK and +RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM +and ECDH that compute the shared secret; the scalar multiplication functions in +ECP. + +You now need to pass a properly seeded, cryptographically secure RNG to all +functions that accept a `f_rng` parameter. It is of course still possible to +pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a +context. + +Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` +configuration options) may have their own internal and are free to ignore the +`f_rng` argument but must allow users to pass one anyway. + +Some functions gained an RNG parameter +-------------------------------------- + +This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, +`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and +`mbedtls_pk_parse_keyfile()`. + +You now need to pass a properly seeded, cryptographically secure RNG when +calling these functions. It is used for blinding, a counter-measure against +side-channel attacks. + +The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed +------------------------------------------------------------------ + +This doesn't affect users of the default configuration; it only affects people +who were explicitly setting this option. + +This was a trade-off between code size and counter-measures; it is no longer +relevant as the counter-measure is now always on at no cost in code size. +Remove MaximumFragmentLength (MFL) query API +----------------------------------------------------------------- + +This affects users which use the MFL query APIs +`mbedtls_ssl_get_{input,output}_max_frag_len()` to +infer upper bounds on the plaintext size of incoming and +outgoing record. + +Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` +instead, which also provides such upper bounds but takes more factors +than just the MFL configuration into account. +Change MBEDTLS_ECP_FIXED_POINT_OPTIM behaviour +------------------------------------------------------ + +The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does +not increase peak RAM usage anymore. + +If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` +to `0` in your config file. The impact depends on the number and size of +enabled curves. For example, for P-256 the difference is 1KB; see the documentation +of this option for details. + +Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C +------------------------------------------------------ + +This does not affect users who use the default `mbedtls_config.h`. +MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is +enabled by default. + +If you were using a config file with both MBEDTLS_SHA512_C and +MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. +If you were using a config file with MBEDTLS_SHA512_C and without +MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add +`#define MBEDTLS_SHA384_C` to your config file. +Move part of timing module out of the library +-- + +The change affects users who use any of the following functions: +`mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`, +`mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`. + +If you were relying on these functions, you'll now need to change to using your +platform's corresponding functions directly. +Extra parameter for the output buffer size +------------------------------------------ + +The following functions now take an extra parameter indicating the size of the output buffer: + +* `mbedtls_ecdsa_write_signature()`, `mbedtls_ecdsa_write_signature_restartable()` +* `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` + +The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. +Relaxed semantics for PSK configuration +----------------------------------------------------------------- + +This affects users which call the PSK configuration APIs +`mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` +multiple times on the same SSL configuration. + +In Mbed TLS 2.x, users would observe later calls overwriting +the effect of earlier calls, with the prevailing PSK being +the one that has been configured last. In Mbed TLS 3.0, +calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times +will return an error, leaving the first PSK intact. + +To achieve equivalent functionality when migrating to Mbed TLS 3.0, +users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should +remove all but the last call, so that only one call to _either_ +`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` +remains. +Remove the configuration to enable weak ciphersuites in SSL / TLS +----------------------------------------------------------------- + +This does not affect users who use the default `mbedtls_config.h`, as this option was +already off by default. + +If you were using a weak cipher, please switch to any of the modern, +recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) +and if your peer doesn't support any, encourage them to upgrade their software. + +If you were using a ciphersuite without encryption, you just have to +enable MBEDTLS_CIPHER_NULL_CIPHER now. +Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option +------------------------------------------------------------- + +This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to +set the maximum length of incoming and outgoing plaintext fragments, +which can save memory by reducing the size of the TLS I/O buffers. + +This option is replaced by the more fine-grained options +`MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set +the maximum incoming and outgoing plaintext fragment lengths, respectively. +Remove the option to build the library without any entropy sources +------------------------------------------------------------------ + +This does not affect users who use the default `mbedtls_config.h`, as this option was +already off by default. + +If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform +doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` +and make sure your device is provisioned with a strong random seed. +Alternatively, for testing purposes only, you can create and register a fake +entropy function. +Remove the mode parameter from RSA functions +-------------------------------------------- + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The RSA module no longer supports private-key operations with the public key or +vice versa. As a consequence, RSA operation functions no longer have a mode +parameter. If you were calling RSA operations with the normal mode (public key +for verification or encryption, private key for signature or decryption), remove +the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling +RSA operations with the wrong mode, which rarely makes sense from a security +perspective, this is no longer supported. + +Remove the RNG parameter from RSA verify functions +-------------------------------------------------- + +RSA verification functions also no longer take random generator arguments (this +was only needed when using a private key). This affects all applications using +the RSA verify functions. + +Remove the SSL API mbedtls_ssl_get_session_pointer() +----------------------------------------------------------------- + +This affects two classes of users: + +1. Users who manually inspect parts of the current session through + direct structure field access. + +2. Users of session resumption who query the current session + via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting + it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`, + respectively. + +Migration paths: + +1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many + other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no + longer part of the public API in Mbed TLS 3.0, and direct structure field + access is no longer supported. Please see the corresponding migration guide. + +2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by + calls to `mbedtls_ssl_get_session()` as demonstrated in the example + program `programs/ssl/ssl_client2.c`. + Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +-------------------------------------------------------------------------- + +This change does not affect users of the default configuration; it only affect +users who enable this option. + +The X.509 standard says that implementations must reject critical extensions that +they don't recognize, and this is what Mbed TLS does by default. This option +allowed to continue parsing those certificates but didn't provide a convenient +way to handle those extensions. + +The migration path from that option is to use the +`mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally +equivalent to `mbedtls_x509_crt_parse_der()`, and/or +`mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every +unsupported certificate extension and additionally the "certificate policies" +extension if it contains any unsupported certificate policies. +Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` +------------------------------------------------------------------- + +This change affects users who have chosen the configuration options to disable the +library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 +certificates. + +The `MBEDTLS_X509_CHECK_KEY_USAGE` and `MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE` +configuration options are removed and the X509 code now behaves as if they were +always enabled. It is consequently not possible anymore to disable at compile +time the verification of the `keyUsage` and `extendedKeyUsage` fields of X509 +certificates. + +The verification of the `keyUsage` and `extendedKeyUsage` fields is important, +disabling it can cause security issues and it is thus not recommended. If the +verification is for some reason undesirable, it can still be disabled by means +of the verification callback function passed to `mbedtls_x509_crt_verify()` (see +the documentation of this function for more information). +Remove MD2, MD4, RC4, Blowfish and XTEA algorithms +-- + +This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. + +They are already niche or obsolete and most of them are weak or broken. For +those reasons possible users should consider switching to modern and safe +alternatives to be found in literature. +Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option +------------------------------------------- + +This change does not affect users who used the default `mbedtls_config.h`, as the option +MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. + +This option was a trade-off between functionality and code size: it allowed +users who didn't need that feature to avoid paying the cost in code size, by +disabling it. + +This option is no longer present, but its functionality is now always enabled. +Deprecated functions were removed from AES +------------------------------------------ + +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were +removed. + +If you're simply using the AES module, you should be calling the higher-level +functions `mbedtls_aes_crypt_xxx()`. + +If you're providing an alternative implementation using +`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be +replacing the removed functions with `mbedtls_internal_aes_encrypt()` and +`mbedtls_internal_aes_decrypt()` respectively. + +Deprecated functions were removed from bignum +--------------------------------------------- + +The function `mbedtls_mpi_is_prime()` was removed. Please use +`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the +number of Miller-Rabin rounds. + +Deprecated functions were removed from cipher +--------------------------------------------- + +The functions `mbedtls_cipher_auth_encrypt()` and +`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by +`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` +respectively which additionally support key wrapping algorithms such as +NIST_KW. + +Deprecated functions were removed from DRBGs +-------------------------------------------- + +The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` +were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and +`mbedtls_hmac_drbg_update_ret()` respectively. + +Deprecated functions were removed from ECDSA +-------------------------------------------- + +The functions `mbedtls_ecdsa_write_signature_det()` and +`mbedtls_ecdsa_sign_det()` were removed. They were superseded by +`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` +respectively. + +Deprecated functions were removed from SSL +------------------------------------------ + +The function `mbedtls_ssl_conf_dh_param()` was removed. Please use +`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. + +The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use +`mbedtls_ssl_get_max_out_record_payload()` and +`mbedtls_ssl_get_max_in_record_payload()` +instead. + +Deprecated hex-encoded primes were removed from DHM +--------------------------------------------------- + +The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, +`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were +removed. The primes from RFC 5114 are deprecated because their derivation is not +documented and therefore their usage constitutes a security risk; they are fully +removed from the library. Please use parameters from RFC3526 (still in the +library, only in binary form) or RFC 7919 (also available in the library) or +other trusted sources instead. + +Deprecated net.h file was removed +--------------------------------- + +The file `include/mbedtls/net.h` was removed because its only function was to +include `mbedtls/net_sockets.h` which now should be included directly. +Remove MBEDTLS_CHECK_PARAMS option +---------------------------------- + +This change does not affect users who use the default configuration; it only +affects users who enabled that option. + +The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enabled certain kinds +of “parameter validation”. It covered two kinds of validations: + +- In some functions that require a valid pointer, “parameter validation” checks +that the pointer is non-null. With the feature disabled, a null pointer is not +treated differently from any other invalid pointer, and typically leads to a +runtime crash. 90% of the uses of the feature are of this kind. +- In some functions that take an enum-like argument, “parameter validation” +checks that the value is a valid one. With the feature disabled, an invalid +value causes a silent default to one of the valid values. + +The default reaction to a failed check was to call a function +`mbedtls_param_failed()` which the application had to provide. If this function +returned, its caller returned an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. + +This feature was only used in some classic (non-PSA) cryptography modules. It was +not used in X.509, TLS or in PSA crypto, and it was not implemented in all +classic crypto modules. + +This feature has been removed. The library no longer checks for NULL pointers; +checks for enum-like arguments will be kept or re-introduced on a case-by-case +basis, but their presence will no longer be dependent on a compile-time option. + +Validation of enum-like values is somewhat useful, but not extremely important, +because the parameters concerned are usually constants in applications. + +For more information see issue #4313. +Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default +-------------------------------------------------------------------------- + +This change does not affect users who use the default mbedtls_config.h, as the +option MBEDTLS_SSL_RECORD_CHECKING was already on by default. + +This option was added only to control compilation of one function, +mbedtls_ssl_check_record(), which is only useful in some specific cases, so it +was made optional to allow users who don't need it to save some code space. +However, the same effect can be achieve by using link-time garbage collection. + +Users who changed the default setting of the option need to change the config/ +build system to remove that change. +Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option +-- + +This change does not affect users who were using the default configuration, as +this option was already disabled by default. Also, it does not affect users who +are working with current V3 X.509 certificates. + +Extensions were added in V3 of the X.509 specification, so pre-V3 certificates +containing extensions were never compliant. Mbed TLS now rejects them with a +parsing error in all configurations, as it did previously in the default +configuration. + +If you are working with the pre-V3 certificates you need to switch to the +current ones. +Remove suport for TLS 1.0, 1.1 and DTLS 1.0 +------------------------------------------- + +This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. + +These versions have been deprecated by RFC 8996. +Keeping them in the library creates opportunities for misconfiguration +and possibly downgrade attacks. More generally, more code means a larger attack +surface, even if the code is supposedly not used. + +The migration path is to adopt the latest versions of the protocol. + +As a consequence of removing TLS 1.0, support for CBC record splitting was +also removed, as it was a work-around for a weakness in this particular +version. There is no migration path since the feature is no longer relevant. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different version negociation mechanism), support +for fallback SCSV (RFC 7507) was also removed. There is no migration path as +it's no longer useful with TLS 1.2 and later. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different concept of ciphersuites), support for +configuring ciphersuites separately for each version via +`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use +`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS +1.2; in the future a different API will be added for (D)TLS 1.3. + +Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed +----------------- + +This change affects users who were using the `mbedtls_*_ret()` cryptography +functions. + +Those functions were created based on now-deprecated functions according to a +requirement that a function needs to return a value. This change brings back the +original names of those functions. The renamed functions are: + +| name before this change | after the change | +|------------------------------|--------------------------| +| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update | +| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update | +| mbedtls_md5_starts_ret | mbedtls_md5_starts | +| mbedtls_md5_update_ret | mbedtls_md5_update | +| mbedtls_md5_finish_ret | mbedtls_md5_finish | +| mbedtls_md5_ret | mbedtls_md5 | +| mbedtls_ripemd160_starts_ret | mbedtls_ripemd160_starts | +| mbedtls_ripemd160_update_ret | mbedtls_ripemd160_update | +| mbedtls_ripemd160_finish_ret | mbedtls_ripemd160_finish | +| mbedtls_ripemd160_ret | mbedtls_ripemd160 | +| mbedtls_sha1_starts_ret | mbedtls_sha1_starts | +| mbedtls_sha1_update_ret | mbedtls_sha1_update | +| mbedtls_sha1_finish_ret | mbedtls_sha1_finish | +| mbedtls_sha1_ret | mbedtls_sha1 | +| mbedtls_sha256_starts_ret | mbedtls_sha256_starts | +| mbedtls_sha256_update_ret | mbedtls_sha256_update | +| mbedtls_sha256_finish_ret | mbedtls_sha256_finish | +| mbedtls_sha256_ret | mbedtls_sha256 | +| mbedtls_sha512_starts_ret | mbedtls_sha512_starts | +| mbedtls_sha512_update_ret | mbedtls_sha512_update | +| mbedtls_sha512_finish_ret | mbedtls_sha512_finish | +| mbedtls_sha512_ret | mbedtls_sha512 | + +To migrate to the this change the user can keep the `*_ret` names in their code +and include the `compat_2.x.h` header file which holds macros with proper +renaming or to rename those function in their code according to the list from +mentioned header file. + + + +Signature functions now require the hash length to match the expected value +--------------------------------------------------------------------------- + +This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. + +All the functions in the RSA module that accept a `hashlen` parameter used to +ignore it unless the `md_alg` parameter was `MBEDTLS_MD_NONE`, indicating raw +data was signed. The `hashlen` parameter is now always the size that is read +from the `hash` input buffer. This length must be equal to the output size of +the hash algorithm used when signing a hash. (The requirements when signing +raw data are unchanged.) This affects the following functions: + +* `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_pkcs1_verify` +* `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_verify` +* `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_verify` +* `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify_ext` + +The signature functions in the PK module no longer accept 0 as the `hash_len` parameter. The `hash_len` parameter is now always the size that is read from the `hash` input buffer. This affects the following functions: + +* `mbedtls_pk_sign`, `mbedtls_pk_verify` +* `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable` +* `mbedtls_pk_verify_ext` + +The migration path is to pass the correct value to those functions. +Remove the padding parameters from mbedtls_rsa_init() +----------------------------------------------------- + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The function mbedtls_rsa_init() no longer supports selecting the PKCS#1 v2.1 +encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If +you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call +to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. + +To choose the padding type when initializing a context, instead of +```C + mbedtls_rsa_init(ctx, padding, hash_id); +``` +, use +```C + mbedtls_rsa_init(ctx); + mbedtls_rsa_set_padding(ctx, padding, hash_id); +``` + +To use PKCS#1 v1.5 padding, instead of +```C + mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); +``` +, just use +```C + mbedtls_rsa_init(ctx); +``` +Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C +----------------------------------------------------------------- + +This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C +was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are +enabled. + +If you were using custom config file with MBEDTLS_SHA256_C enabled, then +you will need to add `#define MBEDTLS_SHA224_C` option your config. +Current version of the library does not support enabling MBEDTLS_SHA256_C +without MBEDTLS_SHA224_C. +Session Cache API Change +----------------------------------------------------------------- + +This affects users who use `mbedtls_ssl_conf_session_cache()` +to configure a custom session cache implementation different +from the one Mbed TLS implements in `library/ssl_cache.c`. + +Those users will need to modify the API of their session cache +implementation to that of a key-value store with keys being +session IDs and values being instances of `mbedtls_ssl_session`: + +``` +typedef int mbedtls_ssl_cache_get_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_session *session ); +typedef int mbedtls_ssl_cache_set_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ); +``` + +Since the structure of `mbedtls_ssl_session` is no longer public from 3.0 +onwards, portable session cache implementations must not access fields of +`mbedtls_ssl_session`. See the corresponding migration guide. Users that +find themselves unable to migrate their session cache functionality without +accessing fields of `mbedtls_ssl_session` should describe their usecase +on the Mbed TLS mailing list. +SHA-512 and SHA-256 output type change +-------------------------- + +The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. + +This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. + +Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. +Introduce a level of indirection and versioning in the config files +------------------------------------------------------------------- + +`config.h` was split into `build_info.h` and `mbedtls_config.h`. + +* In code, use `#include `. Don't include `mbedtls/config.h` and don't refer to `MBEDTLS_CONFIG_FILE`. +* In build tools, edit `mbedtls_config.h`, or edit `MBEDTLS_CONFIG_FILE` as before. +* If you had a tool that parsed the library version from `include/mbedtls/version.h`, this has moved to `include/mbedtls/build_info.h`. From C code, both headers now define the `MBEDTLS_VERSION_xxx` macros. + +Also, if you have a custom configuration file: + +* Don't include `check_config.h` or `config_psa.h` anymore. +* Don't define `MBEDTLS_CONFIG_H` anymore. + +A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. +Defining it to a particular value will ensure that Mbed TLS interprets +the config file in a way that's compatible with the config file format +used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same +value. +The only value supported by Mbed TLS 3.0.0 is `0x03000000`. +Removal of some SSL error codes +----------------------------------------------------------------- + +This affects users manually checking for the following error codes: +- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` +- `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` +- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` +- `MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN` +- `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` +- `MBEDTLS_ERR_SSL_BAD_HS_XXX` + +Migration paths: +- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` + should never be returned from Mbed TLS, and there is no need to check for it. + Users should simply remove manual checks for those codes, and let the Mbed TLS + team know if -- contrary to the team's understanding -- there is in fact a situation + where one of them was ever returned. +- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate + is too large to fit into the output buffers. Users should check for + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their + own certificate against the configured size of the output buffer to understand if + the error is due to an overly large certificate. +-`MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN`, `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` and all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE`. + + Modified semantics of mbedtls_ssl_{get,set}_session() +----------------------------------------------------------------- + +This affects users who call `mbedtls_ssl_get_session()` or +`mbedtls_ssl_set_session()` multiple times on the same SSL context +representing an established TLS 1.2 connection. +Those users will now observe the second call to fail with +`MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`. + +Migration path: +- Exporting the same TLS 1.2 connection multiple times via + `mbedtls_ssl_get_session()` leads to multiple copies of + the same session. This use of `mbedtls_ssl_get_session()` + is discouraged, and the following should be considered: + * If the various session copies are later loaded into + fresh SSL contexts via `mbedtls_ssl_set_session()`, + export via `mbedtls_ssl_get_session()` only once and + load the same session into different contexts via + `mbedtls_ssl_set_session()`. Since `mbedtls_ssl_set_session()` + makes a copy of the session that's being loaded, this + is functionally equivalent. + * If the various session copies are later serialized + via `mbedtls_ssl_session_save()`, export and serialize + the session only once via `mbedtls_ssl_get_session()` and + `mbedtls_ssl_session_save()` and make copies of the raw + data instead. +- Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x + is not useful since subsequent calls overwrite the effect of previous + calls. Applications achieve equivalent functional behaviour by + issuing only the very last call to `mbedtls_ssl_set_session()`. + + Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option + -- + +This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE +option in the `mbedtls_config.h` + +This option has been removed and a new function with similar functionality has +been introduced into the SSL API. + +This new function `mbedtls_ssl_conf_preference_order()` can be used to +change the preferred order of ciphersuites on the server to those used on the client, +e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)` +has the same effect as enabling the removed option. The default state is to use +the server order of suites. From e45e6401afc8473e561b0800d0e00315f8b853b9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 13:21:55 +0100 Subject: [PATCH 0666/1065] Re-order to put some more significant items at the top Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 170 ++++++++++++++++++------------------ 1 file changed, 87 insertions(+), 83 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 402fc64625..7874909155 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -9,15 +9,85 @@ need to change their own code in order to make it work with Mbed TLS 3.0. Here's the list of breaking changes; each entry should help you answer these two questions: (1) am I affected? (2) if yes, what's my migration path? -Some function parameters were made const ----------------------------------------- +Introduce a level of indirection and versioning in the config files +------------------------------------------------------------------- -Various functions in the PK and ASN.1 modules had a `const` qualifier added to -some of their parameters. +`config.h` was split into `build_info.h` and `mbedtls_config.h`. -This normally doesn't affect your code, unless you use pointers to reference -those functions. In this case, you'll need to update the type of your pointers -in order to match the new signature. +* In code, use `#include `. Don't include `mbedtls/config.h` and don't refer to `MBEDTLS_CONFIG_FILE`. +* In build tools, edit `mbedtls_config.h`, or edit `MBEDTLS_CONFIG_FILE` as before. +* If you had a tool that parsed the library version from `include/mbedtls/version.h`, this has moved to `include/mbedtls/build_info.h`. From C code, both headers now define the `MBEDTLS_VERSION_xxx` macros. + +Also, if you have a custom configuration file: + +* Don't include `check_config.h` or `config_psa.h` anymore. +* Don't define `MBEDTLS_CONFIG_H` anymore. + +A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. +Defining it to a particular value will ensure that Mbed TLS interprets +the config file in a way that's compatible with the config file format +used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same +value. +The only value supported by Mbed TLS 3.0.0 is `0x03000000`. + +Remove suport for TLS 1.0, 1.1 and DTLS 1.0 +------------------------------------------- + +This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. + +These versions have been deprecated by RFC 8996. +Keeping them in the library creates opportunities for misconfiguration +and possibly downgrade attacks. More generally, more code means a larger attack +surface, even if the code is supposedly not used. + +The migration path is to adopt the latest versions of the protocol. + +As a consequence of removing TLS 1.0, support for CBC record splitting was +also removed, as it was a work-around for a weakness in this particular +version. There is no migration path since the feature is no longer relevant. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different version negociation mechanism), support +for fallback SCSV (RFC 7507) was also removed. There is no migration path as +it's no longer useful with TLS 1.2 and later. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different concept of ciphersuites), support for +configuring ciphersuites separately for each version via +`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use +`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS +1.2; in the future a different API will be added for (D)TLS 1.3. + +Remove support for SSL 3.0 +-------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` +and relied on that version in order to communicate with peers that are not up +to date. If one of your peers is in that case, please try contacting them and +encouraging them to upgrade their software. +`0`. + +Strengthen default algorithm selection for X.509 and TLS +-------------------------------------------------------- + +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. + +Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. + +The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. + +The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. + +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: +``` +mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; +my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); +``` + +If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. Deprecated functions were removed from hashing modules ------------------------------------------------------ @@ -101,17 +171,6 @@ These days clients are very unlikely to do that. If you have a client that does, please try contacting them and encouraging them to upgrade their software. -Remove support for SSL 3.0 --------------------------- - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` -and relied on that version in order to communicate with peers that are not up -to date. If one of your peers is in that case, please try contacting them and -encouraging them to upgrade their software. - Remove support for truncated HMAC --------------------------------- @@ -252,25 +311,6 @@ function. The API is changed to include the parameter `critical` which allow to mark an extension included in a CSR as critical. To get the previous behaviour pass -`0`. -Strengthen default algorithm selection for X.509 and TLS --------------------------------------------------------- - -The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. - -Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. - -The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. - -The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. - -If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: -``` -mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; -my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); -``` - -If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. TLS now favors faster curves over larger curves ----------------------------------------------- @@ -711,33 +751,6 @@ configuration. If you are working with the pre-V3 certificates you need to switch to the current ones. -Remove suport for TLS 1.0, 1.1 and DTLS 1.0 -------------------------------------------- - -This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. - -These versions have been deprecated by RFC 8996. -Keeping them in the library creates opportunities for misconfiguration -and possibly downgrade attacks. More generally, more code means a larger attack -surface, even if the code is supposedly not used. - -The migration path is to adopt the latest versions of the protocol. - -As a consequence of removing TLS 1.0, support for CBC record splitting was -also removed, as it was a work-around for a weakness in this particular -version. There is no migration path since the feature is no longer relevant. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different version negociation mechanism), support -for fallback SCSV (RFC 7507) was also removed. There is no migration path as -it's no longer useful with TLS 1.2 and later. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different concept of ciphersuites), support for -configuring ciphersuites separately for each version via -`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use -`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS -1.2; in the future a different API will be added for (D)TLS 1.3. Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed ----------------- @@ -881,26 +894,7 @@ The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, ` This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. -Introduce a level of indirection and versioning in the config files -------------------------------------------------------------------- -`config.h` was split into `build_info.h` and `mbedtls_config.h`. - -* In code, use `#include `. Don't include `mbedtls/config.h` and don't refer to `MBEDTLS_CONFIG_FILE`. -* In build tools, edit `mbedtls_config.h`, or edit `MBEDTLS_CONFIG_FILE` as before. -* If you had a tool that parsed the library version from `include/mbedtls/version.h`, this has moved to `include/mbedtls/build_info.h`. From C code, both headers now define the `MBEDTLS_VERSION_xxx` macros. - -Also, if you have a custom configuration file: - -* Don't include `check_config.h` or `config_psa.h` anymore. -* Don't define `MBEDTLS_CONFIG_H` anymore. - -A config file version symbol, `MBEDTLS_CONFIG_VERSION` was introduced. -Defining it to a particular value will ensure that Mbed TLS interprets -the config file in a way that's compatible with the config file format -used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same -value. -The only value supported by Mbed TLS 3.0.0 is `0x03000000`. Removal of some SSL error codes ----------------------------------------------------------------- @@ -971,3 +965,13 @@ change the preferred order of ciphersuites on the server to those used on the cl e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)` has the same effect as enabling the removed option. The default state is to use the server order of suites. + +Some function parameters were made const +---------------------------------------- + +Various functions in the PK and ASN.1 modules had a `const` qualifier added to +some of their parameters. + +This normally doesn't affect your code, unless you use pointers to reference +those functions. In this case, you'll need to update the type of your pointers +in order to match the new signature. From 1aea40427f519b26f7cb088e25b1e30b9a05b4de Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 13:27:15 +0100 Subject: [PATCH 0667/1065] Add a very short summary Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 7874909155..f64b209546 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -9,6 +9,12 @@ need to change their own code in order to make it work with Mbed TLS 3.0. Here's the list of breaking changes; each entry should help you answer these two questions: (1) am I affected? (2) if yes, what's my migration path? +The changes are detailed below, and include: +- Removal of many insecure / obsolete features +- Tidying up of configuration options (including removing some less useful options) +- Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. +- Removal of functions marked as deprecated in 2.x + Introduce a level of indirection and versioning in the config files ------------------------------------------------------------------- From 759c0109f236156119b2fe9878052a8fbdd480f8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 15:55:08 +0100 Subject: [PATCH 0668/1065] Fix errors in migration guide Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 74 +++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 20 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index f64b209546..ef6df7ae5a 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -10,6 +10,7 @@ Here's the list of breaking changes; each entry should help you answer these two questions: (1) am I affected? (2) if yes, what's my migration path? The changes are detailed below, and include: + - Removal of many insecure / obsolete features - Tidying up of configuration options (including removing some less useful options) - Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. @@ -36,7 +37,7 @@ used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. The only value supported by Mbed TLS 3.0.0 is `0x03000000`. -Remove suport for TLS 1.0, 1.1 and DTLS 1.0 +Remove support for TLS 1.0, 1.1 and DTLS 1.0 ------------------------------------------- This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. @@ -53,7 +54,7 @@ also removed, as it was a work-around for a weakness in this particular version. There is no migration path since the feature is no longer relevant. As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different version negociation mechanism), support +future 1.3 which will have a different version negotiation mechanism), support for fallback SCSV (RFC 7507) was also removed. There is no migration path as it's no longer useful with TLS 1.2 and later. @@ -260,7 +261,6 @@ and still relied on `compat-1.3.h` in their code. Please use the new names directly in your code; `scripts/rename.pl` (from any of the 2.x releases - no longer included in 3.0) might help you do that. - Remove 3DES ciphersuites -- @@ -270,7 +270,8 @@ because the 3DES ciphersuites were disabled by that. 3DES has weaknesses/limitations and there are better alternatives, and more and more standard bodies are recommending against its use in TLS. -The migration path here is to chose from the recomended in literature alternatives. +The migration path here is to chose from the recommended in literature alternatives. + CCM interface changes: impact for alternative implementations ------------------------------------------------------------- @@ -280,6 +281,7 @@ mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to implement those additional five API functions. + Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations ---------------------------------------------------------------------------- @@ -295,6 +297,7 @@ please add it and be prepared to get as much as 15 bytes of output. Currently the output is always 0 bytes, but it may be more when alternative implementations of the underlying primitives are in use, or with future versions of the library. + Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options -- @@ -309,6 +312,7 @@ code maintenance. The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used for both DTLS-CID and TLS 1.3. + Change the API to allow adding critical extensions to CSRs ------------------------------------------------------------------ @@ -316,7 +320,7 @@ This affects applications that call the `mbedtls_x509write_csr_set_extension` function. The API is changed to include the parameter `critical` which allow to mark an -extension included in a CSR as critical. To get the previous behaviour pass +extension included in a CSR as critical. To get the previous behavior pass TODO TLS now favors faster curves over larger curves ----------------------------------------------- @@ -324,6 +328,7 @@ TLS now favors faster curves over larger curves The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. + GCM interface changes: impact for alternative implementations ------------------------------------------------------------- @@ -334,6 +339,7 @@ The GCM multipart interface has changed as described in [“GCM multipart interf * Always return the partial output immediately, even if it does not consist of a whole number of blocks. * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. + GCM multipart interface: application changes -------------------------------------------- @@ -346,6 +352,7 @@ Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `ps * As long as the input remains block-aligned, the output length is exactly the input length, as before. * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. + SSL key export interface change ------------------------------- @@ -382,6 +389,7 @@ handshake transcript hashes which can be obtained from the raw data on the wire. Such users are also encouraged to reach out to the Mbed TLS team on the mailing list, to let the team know about their use case. + The RNG parameter is now mandatory for all functions that accept one -------------------------------------------------------------------- @@ -422,6 +430,7 @@ who were explicitly setting this option. This was a trade-off between code size and counter-measures; it is no longer relevant as the counter-measure is now always on at no cost in code size. + Remove MaximumFragmentLength (MFL) query API ----------------------------------------------------------------- @@ -433,7 +442,8 @@ outgoing record. Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` instead, which also provides such upper bounds but takes more factors than just the MFL configuration into account. -Change MBEDTLS_ECP_FIXED_POINT_OPTIM behaviour + +Change MBEDTLS_ECP_FIXED_POINT_OPTIM behavior ------------------------------------------------------ The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does @@ -456,6 +466,7 @@ MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. If you were using a config file with MBEDTLS_SHA512_C and without MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add `#define MBEDTLS_SHA384_C` to your config file. + Move part of timing module out of the library -- @@ -465,6 +476,7 @@ The change affects users who use any of the following functions: If you were relying on these functions, you'll now need to change to using your platform's corresponding functions directly. + Extra parameter for the output buffer size ------------------------------------------ @@ -474,6 +486,7 @@ The following functions now take an extra parameter indicating the size of the o * `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. + Relaxed semantics for PSK configuration ----------------------------------------------------------------- @@ -492,6 +505,7 @@ users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should remove all but the last call, so that only one call to _either_ `mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` remains. + Remove the configuration to enable weak ciphersuites in SSL / TLS ----------------------------------------------------------------- @@ -504,6 +518,7 @@ and if your peer doesn't support any, encourage them to upgrade their software. If you were using a ciphersuite without encryption, you just have to enable MBEDTLS_CIPHER_NULL_CIPHER now. + Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option ------------------------------------------------------------- @@ -514,6 +529,7 @@ which can save memory by reducing the size of the TLS I/O buffers. This option is replaced by the more fine-grained options `MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set the maximum incoming and outgoing plaintext fragment lengths, respectively. + Remove the option to build the library without any entropy sources ------------------------------------------------------------------ @@ -525,6 +541,7 @@ doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` and make sure your device is provisioned with a strong random seed. Alternatively, for testing purposes only, you can create and register a fake entropy function. + Remove the mode parameter from RSA functions -------------------------------------------- @@ -561,7 +578,7 @@ This affects two classes of users: Migration paths: -1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many +1. Mbed TLS 3.0 does not offer a migration path for the use case 1: Like many other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no longer part of the public API in Mbed TLS 3.0, and direct structure field access is no longer supported. Please see the corresponding migration guide. @@ -569,10 +586,11 @@ Migration paths: 2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by calls to `mbedtls_ssl_get_session()` as demonstrated in the example program `programs/ssl/ssl_client2.c`. - Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -------------------------------------------------------------------------- -This change does not affect users of the default configuration; it only affect +This change does not affect users of the default configuration; it only affects users who enable this option. The X.509 standard says that implementations must reject critical extensions that @@ -586,6 +604,7 @@ equivalent to `mbedtls_x509_crt_parse_der()`, and/or `mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every unsupported certificate extension and additionally the "certificate policies" extension if it contains any unsupported certificate policies. + Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` ------------------------------------------------------------------- @@ -604,6 +623,7 @@ disabling it can cause security issues and it is thus not recommended. If the verification is for some reason undesirable, it can still be disabled by means of the verification callback function passed to `mbedtls_x509_crt_verify()` (see the documentation of this function for more information). + Remove MD2, MD4, RC4, Blowfish and XTEA algorithms -- @@ -612,6 +632,7 @@ This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. They are already niche or obsolete and most of them are weak or broken. For those reasons possible users should consider switching to modern and safe alternatives to be found in literature. + Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option ------------------------------------------- @@ -623,6 +644,7 @@ users who didn't need that feature to avoid paying the cost in code size, by disabling it. This option is no longer present, but its functionality is now always enabled. + Deprecated functions were removed from AES ------------------------------------------ @@ -697,6 +719,7 @@ Deprecated net.h file was removed The file `include/mbedtls/net.h` was removed because its only function was to include `mbedtls/net_sockets.h` which now should be included directly. + Remove MBEDTLS_CHECK_PARAMS option ---------------------------------- @@ -730,6 +753,7 @@ Validation of enum-like values is somewhat useful, but not extremely important, because the parameters concerned are usually constants in applications. For more information see issue #4313. + Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default -------------------------------------------------------------------------- @@ -743,6 +767,7 @@ However, the same effect can be achieve by using link-time garbage collection. Users who changed the default setting of the option need to change the config/ build system to remove that change. + Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option -- @@ -798,8 +823,6 @@ and include the `compat_2.x.h` header file which holds macros with proper renaming or to rename those function in their code according to the list from mentioned header file. - - Signature functions now require the hash length to match the expected value --------------------------------------------------------------------------- @@ -824,6 +847,7 @@ The signature functions in the PK module no longer accept 0 as the `hash_len` pa * `mbedtls_pk_verify_ext` The migration path is to pass the correct value to those functions. + Remove the padding parameters from mbedtls_rsa_init() ----------------------------------------------------- @@ -853,6 +877,7 @@ To use PKCS#1 v1.5 padding, instead of ```C mbedtls_rsa_init(ctx); ``` + Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C ----------------------------------------------------------------- @@ -864,6 +889,7 @@ If you were using custom config file with MBEDTLS_SHA256_C enabled, then you will need to add `#define MBEDTLS_SHA224_C` option your config. Current version of the library does not support enabling MBEDTLS_SHA256_C without MBEDTLS_SHA224_C. + Session Cache API Change ----------------------------------------------------------------- @@ -890,8 +916,9 @@ Since the structure of `mbedtls_ssl_session` is no longer public from 3.0 onwards, portable session cache implementations must not access fields of `mbedtls_ssl_session`. See the corresponding migration guide. Users that find themselves unable to migrate their session cache functionality without -accessing fields of `mbedtls_ssl_session` should describe their usecase +accessing fields of `mbedtls_ssl_session` should describe their use case on the Mbed TLS mailing list. + SHA-512 and SHA-256 output type change -------------------------- @@ -905,6 +932,7 @@ Removal of some SSL error codes ----------------------------------------------------------------- This affects users manually checking for the following error codes: + - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` - `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` @@ -915,18 +943,24 @@ This affects users manually checking for the following error codes: Migration paths: - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` should never be returned from Mbed TLS, and there is no need to check for it. + Users should simply remove manual checks for those codes, and let the Mbed TLS team know if -- contrary to the team's understanding -- there is in fact a situation where one of them was ever returned. + - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate - is too large to fit into the output buffers. Users should check for - `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their - own certificate against the configured size of the output buffer to understand if - the error is due to an overly large certificate. --`MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN`, `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` and all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE`. + is too large to fit into the output buffers. + + Users should check for `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially + compare the size of their own certificate against the configured size of the output buffer to + understand if the error is due to an overly large certificate. + +- `MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN` and `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` have been replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` - Modified semantics of mbedtls_ssl_{get,set}_session() +- all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. + +Modified semantics of mbedtls_ssl_{get,set}_session() ----------------------------------------------------------------- This affects users who call `mbedtls_ssl_get_session()` or @@ -954,10 +988,10 @@ Migration path: data instead. - Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x is not useful since subsequent calls overwrite the effect of previous - calls. Applications achieve equivalent functional behaviour by + calls. Applications achieve equivalent functional behavior by issuing only the very last call to `mbedtls_ssl_set_session()`. - Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option +Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option -- This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE From 7b0c4dea59381cbd9048db783ff147585d0896b3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 16:05:28 +0100 Subject: [PATCH 0669/1065] Fix missing part of sentence Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index ef6df7ae5a..bb21dedd80 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -320,7 +320,7 @@ This affects applications that call the `mbedtls_x509write_csr_set_extension` function. The API is changed to include the parameter `critical` which allow to mark an -extension included in a CSR as critical. To get the previous behavior pass TODO +extension included in a CSR as critical. To get the previous behavior pass 0. TLS now favors faster curves over larger curves ----------------------------------------------- From 1cb2331495798254799510a8d0b6ffbd94f6f883 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 16:28:54 +0100 Subject: [PATCH 0670/1065] Remove line that got into the wrong place Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index bb21dedd80..513aba8518 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -75,7 +75,6 @@ This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` and relied on that version in order to communicate with peers that are not up to date. If one of your peers is in that case, please try contacting them and encouraging them to upgrade their software. -`0`. Strengthen default algorithm selection for X.509 and TLS -------------------------------------------------------- From 949c21b3360398a9af01293c535410e8959386d9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 18:05:04 +0100 Subject: [PATCH 0671/1065] Minor updates to migration guide Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 513aba8518..737b4eecc2 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -11,8 +11,8 @@ two questions: (1) am I affected? (2) if yes, what's my migration path? The changes are detailed below, and include: -- Removal of many insecure / obsolete features -- Tidying up of configuration options (including removing some less useful options) +- Removal of many insecure or obsolete features +- Tidying up of configuration options (including removing some less useful options). - Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. - Removal of functions marked as deprecated in 2.x @@ -258,7 +258,7 @@ This only affects people who've been using Mbed TLS since before version 2.0 and still relied on `compat-1.3.h` in their code. Please use the new names directly in your code; `scripts/rename.pl` (from any -of the 2.x releases - no longer included in 3.0) might help you do that. +of the 2.x releases — no longer included in 3.0) might help you do that. Remove 3DES ciphersuites -- @@ -289,7 +289,7 @@ using the multi-part API. Previously, the documentation didn't state explicitly if it was OK to call `mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after -the last call to `mbedtls_cipher_update()` - that is, without calling +the last call to `mbedtls_cipher_update()` — that is, without calling `mbedtls_cipher_finish()` in-between. If you code was missing that call, please add it and be prepared to get as much as 15 bytes of output. @@ -378,8 +378,8 @@ the previous key export API in the following ways: shutting down the TLS connection. For users which do not rely on raw keys and IV, adjusting to the new -callback type should be straightforward - see the example programs -programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks +callback type should be straightforward — see the example programs +`programs/ssl/ssl_client2` and `programs/ssl/ssl_server2` for callbacks for NSSKeylog, EAP-TLS and DTLS-SRTP. Users which require access to the raw keys used to secure application @@ -418,7 +418,7 @@ This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, `mbedtls_pk_parse_keyfile()`. You now need to pass a properly seeded, cryptographically secure RNG when -calling these functions. It is used for blinding, a counter-measure against +calling these functions. It is used for blinding, a countermeasure against side-channel attacks. The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed @@ -427,8 +427,8 @@ The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed This doesn't affect users of the default configuration; it only affects people who were explicitly setting this option. -This was a trade-off between code size and counter-measures; it is no longer -relevant as the counter-measure is now always on at no cost in code size. +This was a trade-off between code size and countermeasures; it is no longer +relevant as the countermeasure is now always on at no cost in code size. Remove MaximumFragmentLength (MFL) query API ----------------------------------------------------------------- @@ -944,7 +944,7 @@ Migration paths: should never be returned from Mbed TLS, and there is no need to check for it. Users should simply remove manual checks for those codes, and let the Mbed TLS - team know if -- contrary to the team's understanding -- there is in fact a situation + team know if — contrary to the team's understanding — there is in fact a situation where one of them was ever returned. - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and From a0e8db09acfe85db8e93c2bafd4d9e1d9b7d649c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 18:05:38 +0100 Subject: [PATCH 0672/1065] Change headings to level 3 to enable use of sections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 207 ++++++++++++------------------------ 1 file changed, 69 insertions(+), 138 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 737b4eecc2..dd94644b55 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -1,5 +1,4 @@ -Migrating from Mbed TLS 2.x to Mbed TLS 3.0 -=========================================== +# Migrating from Mbed TLS 2.x to Mbed TLS 3.0 This guide details the steps required to migrate from Mbed TLS version 2.x to Mbed TLS version 3.0 or greater. Unlike normal releases, Mbed TLS 3.0 breaks @@ -16,8 +15,7 @@ The changes are detailed below, and include: - Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. - Removal of functions marked as deprecated in 2.x -Introduce a level of indirection and versioning in the config files -------------------------------------------------------------------- +### Introduce a level of indirection and versioning in the config files `config.h` was split into `build_info.h` and `mbedtls_config.h`. @@ -37,8 +35,7 @@ used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. The only value supported by Mbed TLS 3.0.0 is `0x03000000`. -Remove support for TLS 1.0, 1.1 and DTLS 1.0 -------------------------------------------- +### Remove support for TLS 1.0, 1.1 and DTLS 1.0 This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. @@ -65,8 +62,7 @@ configuring ciphersuites separately for each version via `mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS 1.2; in the future a different API will be added for (D)TLS 1.3. -Remove support for SSL 3.0 --------------------------- +### Remove support for SSL 3.0 This doesn't affect people using the default configuration as it was already disabled by default. @@ -76,8 +72,7 @@ and relied on that version in order to communicate with peers that are not up to date. If one of your peers is in that case, please try contacting them and encouraging them to upgrade their software. -Strengthen default algorithm selection for X.509 and TLS --------------------------------------------------------- +### Strengthen default algorithm selection for X.509 and TLS The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. @@ -95,8 +90,7 @@ my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. -Deprecated functions were removed from hashing modules ------------------------------------------------------- +### Deprecated functions were removed from hashing modules Modules: MD5, SHA1, SHA256, SHA512, MD. @@ -110,8 +104,7 @@ Modules: MD5, SHA1, SHA256, SHA512, MD. provide your own version of that function), please use `mbedtls_internal_xxx_process()` instead, and check the return value. -Deprecated error codes for hardware failures were removed ---------------------------------------------------------- +### Deprecated error codes for hardware failures were removed - The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used @@ -119,15 +112,13 @@ Deprecated error codes for hardware failures were removed - The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. -Deprecated names for PSA constants and types were removed ---------------------------------------------------------- +### Deprecated names for PSA constants and types were removed Some constants and types that were present in beta versions of the PSA Crypto API were removed from version 1.0 of specification. Please switch to the new names provided by the 1.0 specification instead. -Internal / alt-focused headers were moved to a private location ----------------------------------------------------------------- +### Internal / alt-focused headers were moved to a private location This shouldn't affect users who took care not to include headers that were documented as internal, despite being in the public include directory. @@ -141,8 +132,7 @@ If you're a library user and used to rely on having access to a structure or function that's now in a private header, please reach out on the mailing list and explain your need; we'll consider adding a new API in a future version. -Remove the certs module from the library ----------------------------------------- +### Remove the certs module from the library This should not affect production use of the library, as the certificates and keys included there were never suitable for production use. @@ -152,8 +142,7 @@ that case, please embed your own test certificates in your test code; now that `certs.c` is out of the library there is no longer any stability guaranteed and it may change in incompatible ways at any time. -Remove the HAVEGE module ------------------------- +### Remove the HAVEGE module This doesn't affect people using the default configuration as it was already disabled by default. @@ -166,8 +155,7 @@ file created securely during device provisioning. See for more information. -Remove support for parsing SSLv2 ClientHello --------------------------------------------- +### Remove support for parsing SSLv2 ClientHello This doesn't affect people using the default configuration as it was already disabled by default. @@ -177,8 +165,7 @@ These days clients are very unlikely to do that. If you have a client that does, please try contacting them and encouraging them to upgrade their software. -Remove support for truncated HMAC ---------------------------------- +### Remove support for truncated HMAC This affects users of truncated HMAC, that is, users who called `mbedtls_ssl_conf_truncated_hmac( ..., MBEDTLS_SSL_TRUNC_HMAC_ENABLED)`, @@ -188,8 +175,7 @@ regardless of whether the standard version was used or compatibility version The recommended migration path for people who want minimal overhead is to use a CCM-8 ciphersuite. -Remove support for TLS record-level compression ------------------------------------------------ +### Remove support for TLS record-level compression This doesn't affect people using the default configuration as it was already disabled by default. @@ -201,8 +187,7 @@ no general solution to this problem; application protocols might have their own compression mechanisms and are in a better position than the TLS stack to avoid variants of the CRIME and BREACH attacks. -Remove support for TLS RC4-based ciphersuites ---------------------------------------------- +### Remove support for TLS RC4-based ciphersuites This does not affect people who used the default `mbedtls_config.h` and the default list of ciphersuites, as RC4-based ciphersuites were already not negotiated in @@ -212,8 +197,7 @@ Please switch to any of the modern, recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support any, encourage them to upgrade their software. -Remove support for TLS single-DES ciphersuites ----------------------------------------------- +### Remove support for TLS single-DES ciphersuites This doesn't affect people using the default configuration as it was already disabled by default. @@ -222,8 +206,7 @@ Please switch to any of the modern, recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support any, encourage them to upgrade their software. -Remove support for TLS record-level hardware acceleration ---------------------------------------------------------- +### Remove support for TLS record-level hardware acceleration This doesn't affect people using the default configuration as it was already disabled by default. @@ -232,8 +215,7 @@ This feature had been broken for a while so we doubt anyone still used it. However if you did, please reach out on the mailing list and let us know about your use case. -Remove wrapper for libpkcs11-helper ------------------------------------ +### Remove wrapper for libpkcs11-helper This doesn't affect people using the default configuration as it was already disabled by default. @@ -243,16 +225,14 @@ securely, please have a look at the key management facilities provided by the PSA crypto API. If you have a use case that's not covered yet by this API, please reach out on the mailing list. -Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` ----------------------------------------------------------- +### Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` This doesn't affect people using the default configuration. This option has not had any effect for a long time. Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` instead. -Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 -------------------------------------------------------------------- +### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 This only affects people who've been using Mbed TLS since before version 2.0 and still relied on `compat-1.3.h` in their code. @@ -260,8 +240,7 @@ and still relied on `compat-1.3.h` in their code. Please use the new names directly in your code; `scripts/rename.pl` (from any of the 2.x releases — no longer included in 3.0) might help you do that. -Remove 3DES ciphersuites --- +### Remove 3DES ciphersuites This change does not affect users using default settings for 3DES in `mbedtls_config.h` because the 3DES ciphersuites were disabled by that. @@ -271,8 +250,7 @@ more standard bodies are recommending against its use in TLS. The migration path here is to chose from the recommended in literature alternatives. -CCM interface changes: impact for alternative implementations -------------------------------------------------------------- +### CCM interface changes: impact for alternative implementations The CCM interface has changed with the addition of support for multi-part operations. Five new API functions have been defined: @@ -281,8 +259,7 @@ mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to implement those additional five API functions. -Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations ----------------------------------------------------------------------------- +### Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations This only affects people who use the cipher module to perform AEAD operations using the multi-part API. @@ -297,8 +274,7 @@ Currently the output is always 0 bytes, but it may be more when alternative implementations of the underlying primitives are in use, or with future versions of the library. -Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options --- +### Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options This change affects users who modified the default `mbedtls_config.h` padding granularity settings, i.e. enabled at least one of the options. @@ -312,8 +288,7 @@ code maintenance. The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used for both DTLS-CID and TLS 1.3. -Change the API to allow adding critical extensions to CSRs ------------------------------------------------------------------- +### Change the API to allow adding critical extensions to CSRs This affects applications that call the `mbedtls_x509write_csr_set_extension` function. @@ -321,15 +296,13 @@ function. The API is changed to include the parameter `critical` which allow to mark an extension included in a CSR as critical. To get the previous behavior pass 0. -TLS now favors faster curves over larger curves ------------------------------------------------ +### TLS now favors faster curves over larger curves The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. -GCM interface changes: impact for alternative implementations -------------------------------------------------------------- +### GCM interface changes: impact for alternative implementations The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: @@ -339,8 +312,7 @@ The GCM multipart interface has changed as described in [“GCM multipart interf * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. -GCM multipart interface: application changes --------------------------------------------- +### GCM multipart interface: application changes The GCM module now supports arbitrary chunked input in the multipart interface. This changes the interface for applications using the GCM module directly for multipart operations. @@ -352,8 +324,7 @@ Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `ps * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. -SSL key export interface change -------------------------------- +### SSL key export interface change This affects users of the SSL key export APIs: ``` @@ -389,8 +360,7 @@ on the wire. Such users are also encouraged to reach out to the Mbed TLS team on the mailing list, to let the team know about their use case. -The RNG parameter is now mandatory for all functions that accept one --------------------------------------------------------------------- +### The RNG parameter is now mandatory for all functions that accept one This change affects all users who called a function accepting a `f_rng` parameter with `NULL` as the value of this argument; this is no longer @@ -410,8 +380,7 @@ Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` configuration options) may have their own internal and are free to ignore the `f_rng` argument but must allow users to pass one anyway. -Some functions gained an RNG parameter --------------------------------------- +### Some functions gained an RNG parameter This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, `mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and @@ -421,8 +390,7 @@ You now need to pass a properly seeded, cryptographically secure RNG when calling these functions. It is used for blinding, a countermeasure against side-channel attacks. -The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed ------------------------------------------------------------------- +### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed This doesn't affect users of the default configuration; it only affects people who were explicitly setting this option. @@ -430,8 +398,7 @@ who were explicitly setting this option. This was a trade-off between code size and countermeasures; it is no longer relevant as the countermeasure is now always on at no cost in code size. -Remove MaximumFragmentLength (MFL) query API ------------------------------------------------------------------ +### Remove MaximumFragmentLength (MFL) query API This affects users which use the MFL query APIs `mbedtls_ssl_get_{input,output}_max_frag_len()` to @@ -442,8 +409,7 @@ Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` instead, which also provides such upper bounds but takes more factors than just the MFL configuration into account. -Change MBEDTLS_ECP_FIXED_POINT_OPTIM behavior ------------------------------------------------------- +### Change MBEDTLS_ECP_FIXED_POINT_OPTIM behavior The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does not increase peak RAM usage anymore. @@ -453,8 +419,7 @@ to `0` in your config file. The impact depends on the number and size of enabled curves. For example, for P-256 the difference is 1KB; see the documentation of this option for details. -Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C ------------------------------------------------------- +### Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is @@ -466,8 +431,7 @@ If you were using a config file with MBEDTLS_SHA512_C and without MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add `#define MBEDTLS_SHA384_C` to your config file. -Move part of timing module out of the library --- +### Move part of timing module out of the library The change affects users who use any of the following functions: `mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`, @@ -476,8 +440,7 @@ The change affects users who use any of the following functions: If you were relying on these functions, you'll now need to change to using your platform's corresponding functions directly. -Extra parameter for the output buffer size ------------------------------------------- +### Extra parameter for the output buffer size The following functions now take an extra parameter indicating the size of the output buffer: @@ -486,8 +449,7 @@ The following functions now take an extra parameter indicating the size of the o The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. -Relaxed semantics for PSK configuration ------------------------------------------------------------------ +### Relaxed semantics for PSK configuration This affects users which call the PSK configuration APIs `mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` @@ -505,8 +467,7 @@ remove all but the last call, so that only one call to _either_ `mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` remains. -Remove the configuration to enable weak ciphersuites in SSL / TLS ------------------------------------------------------------------ +### Remove the configuration to enable weak ciphersuites in SSL / TLS This does not affect users who use the default `mbedtls_config.h`, as this option was already off by default. @@ -518,8 +479,7 @@ and if your peer doesn't support any, encourage them to upgrade their software. If you were using a ciphersuite without encryption, you just have to enable MBEDTLS_CIPHER_NULL_CIPHER now. -Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option -------------------------------------------------------------- +### Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to set the maximum length of incoming and outgoing plaintext fragments, @@ -529,8 +489,7 @@ This option is replaced by the more fine-grained options `MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set the maximum incoming and outgoing plaintext fragment lengths, respectively. -Remove the option to build the library without any entropy sources ------------------------------------------------------------------- +### Remove the `MBEDTLS_TEST_NULL_ENTROPY` configuration option This does not affect users who use the default `mbedtls_config.h`, as this option was already off by default. @@ -541,8 +500,7 @@ and make sure your device is provisioned with a strong random seed. Alternatively, for testing purposes only, you can create and register a fake entropy function. -Remove the mode parameter from RSA functions --------------------------------------------- +### Remove the mode parameter from RSA functions This affects all users who use the RSA encryption, decryption, sign and verify APIs. @@ -555,15 +513,13 @@ the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were callin RSA operations with the wrong mode, which rarely makes sense from a security perspective, this is no longer supported. -Remove the RNG parameter from RSA verify functions --------------------------------------------------- +### Remove the RNG parameter from RSA verify functions RSA verification functions also no longer take random generator arguments (this was only needed when using a private key). This affects all applications using the RSA verify functions. -Remove the SSL API mbedtls_ssl_get_session_pointer() ------------------------------------------------------------------ +### Remove the SSL API mbedtls_ssl_get_session_pointer() This affects two classes of users: @@ -586,8 +542,7 @@ Migration paths: calls to `mbedtls_ssl_get_session()` as demonstrated in the example program `programs/ssl/ssl_client2.c`. -Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION --------------------------------------------------------------------------- +### Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION This change does not affect users of the default configuration; it only affects users who enable this option. @@ -604,8 +559,7 @@ equivalent to `mbedtls_x509_crt_parse_der()`, and/or unsupported certificate extension and additionally the "certificate policies" extension if it contains any unsupported certificate policies. -Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` -------------------------------------------------------------------- +### Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` This change affects users who have chosen the configuration options to disable the library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 @@ -623,8 +577,7 @@ verification is for some reason undesirable, it can still be disabled by means of the verification callback function passed to `mbedtls_x509_crt_verify()` (see the documentation of this function for more information). -Remove MD2, MD4, RC4, Blowfish and XTEA algorithms --- +### Remove MD2, MD4, RC4, Blowfish and XTEA algorithms This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. @@ -632,8 +585,7 @@ They are already niche or obsolete and most of them are weak or broken. For those reasons possible users should consider switching to modern and safe alternatives to be found in literature. -Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option -------------------------------------------- +### Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option This change does not affect users who used the default `mbedtls_config.h`, as the option MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. @@ -644,8 +596,7 @@ disabling it. This option is no longer present, but its functionality is now always enabled. -Deprecated functions were removed from AES ------------------------------------------- +### Deprecated functions were removed from AES The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed. @@ -658,15 +609,13 @@ If you're providing an alternative implementation using replacing the removed functions with `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()` respectively. -Deprecated functions were removed from bignum ---------------------------------------------- +### Deprecated functions were removed from bignum The function `mbedtls_mpi_is_prime()` was removed. Please use `mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the number of Miller-Rabin rounds. -Deprecated functions were removed from cipher ---------------------------------------------- +### Deprecated functions were removed from cipher The functions `mbedtls_cipher_auth_encrypt()` and `mbedtls_cipher_auth_decrypt()` were removed. They were superseded by @@ -674,23 +623,20 @@ The functions `mbedtls_cipher_auth_encrypt()` and respectively which additionally support key wrapping algorithms such as NIST_KW. -Deprecated functions were removed from DRBGs --------------------------------------------- +### Deprecated functions were removed from DRBGs The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and `mbedtls_hmac_drbg_update_ret()` respectively. -Deprecated functions were removed from ECDSA --------------------------------------------- +### Deprecated functions were removed from ECDSA The functions `mbedtls_ecdsa_write_signature_det()` and `mbedtls_ecdsa_sign_det()` were removed. They were superseded by `mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` respectively. -Deprecated functions were removed from SSL ------------------------------------------- +### Deprecated functions were removed from SSL The function `mbedtls_ssl_conf_dh_param()` was removed. Please use `mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. @@ -700,8 +646,7 @@ The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use `mbedtls_ssl_get_max_in_record_payload()` instead. -Deprecated hex-encoded primes were removed from DHM ---------------------------------------------------- +### Deprecated hex-encoded primes were removed from DHM The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, `MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, @@ -713,14 +658,12 @@ removed from the library. Please use parameters from RFC3526 (still in the library, only in binary form) or RFC 7919 (also available in the library) or other trusted sources instead. -Deprecated net.h file was removed ---------------------------------- +### Deprecated net.h file was removed The file `include/mbedtls/net.h` was removed because its only function was to include `mbedtls/net_sockets.h` which now should be included directly. -Remove MBEDTLS_CHECK_PARAMS option ----------------------------------- +### Remove MBEDTLS_CHECK_PARAMS option This change does not affect users who use the default configuration; it only affects users who enabled that option. @@ -753,8 +696,7 @@ because the parameters concerned are usually constants in applications. For more information see issue #4313. -Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default --------------------------------------------------------------------------- +### Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default This change does not affect users who use the default mbedtls_config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. @@ -767,8 +709,7 @@ However, the same effect can be achieve by using link-time garbage collection. Users who changed the default setting of the option need to change the config/ build system to remove that change. -Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option --- +### Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option This change does not affect users who were using the default configuration, as this option was already disabled by default. Also, it does not affect users who @@ -782,8 +723,7 @@ configuration. If you are working with the pre-V3 certificates you need to switch to the current ones. -Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed ------------------ +### Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed This change affects users who were using the `mbedtls_*_ret()` cryptography functions. @@ -822,8 +762,7 @@ and include the `compat_2.x.h` header file which holds macros with proper renaming or to rename those function in their code according to the list from mentioned header file. -Signature functions now require the hash length to match the expected value ---------------------------------------------------------------------------- +### Signature functions now require the hash length to match the expected value This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. @@ -847,8 +786,7 @@ The signature functions in the PK module no longer accept 0 as the `hash_len` pa The migration path is to pass the correct value to those functions. -Remove the padding parameters from mbedtls_rsa_init() ------------------------------------------------------ +### Remove the padding parameters from mbedtls_rsa_init() This affects all users who use the RSA encryption, decryption, sign and verify APIs. @@ -877,8 +815,7 @@ To use PKCS#1 v1.5 padding, instead of mbedtls_rsa_init(ctx); ``` -Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C ------------------------------------------------------------------ +### Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are @@ -889,8 +826,7 @@ you will need to add `#define MBEDTLS_SHA224_C` option your config. Current version of the library does not support enabling MBEDTLS_SHA256_C without MBEDTLS_SHA224_C. -Session Cache API Change ------------------------------------------------------------------ +### Session Cache API Change This affects users who use `mbedtls_ssl_conf_session_cache()` to configure a custom session cache implementation different @@ -918,8 +854,7 @@ find themselves unable to migrate their session cache functionality without accessing fields of `mbedtls_ssl_session` should describe their use case on the Mbed TLS mailing list. -SHA-512 and SHA-256 output type change --------------------------- +### SHA-512 and SHA-256 output type change The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. @@ -927,8 +862,7 @@ This makes no difference to a vast majority of applications. If your code takes Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. -Removal of some SSL error codes ------------------------------------------------------------------ +### Removal of some SSL error codes This affects users manually checking for the following error codes: @@ -959,8 +893,7 @@ Migration paths: - all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. -Modified semantics of mbedtls_ssl_{get,set}_session() ------------------------------------------------------------------ +### Modified semantics of mbedtls_ssl_{get,set}_session() This affects users who call `mbedtls_ssl_get_session()` or `mbedtls_ssl_set_session()` multiple times on the same SSL context @@ -990,8 +923,7 @@ Migration path: calls. Applications achieve equivalent functional behavior by issuing only the very last call to `mbedtls_ssl_set_session()`. -Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option - -- +### Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE option in the `mbedtls_config.h` @@ -1005,8 +937,7 @@ e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE has the same effect as enabling the removed option. The default state is to use the server order of suites. -Some function parameters were made const ----------------------------------------- +### Some function parameters were made const Various functions in the PK and ASN.1 modules had a `const` qualifier added to some of their parameters. From d267ec361d413bed20628949ca32ba933fef64b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 21:31:58 +0100 Subject: [PATCH 0673/1065] Add formatting codes to level 3 headings Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index dd94644b55..3911141ae7 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -409,7 +409,7 @@ Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` instead, which also provides such upper bounds but takes more factors than just the MFL configuration into account. -### Change MBEDTLS_ECP_FIXED_POINT_OPTIM behavior +### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does not increase peak RAM usage anymore. @@ -419,7 +419,7 @@ to `0` in your config file. The impact depends on the number and size of enabled curves. For example, for P-256 the difference is 1KB; see the documentation of this option for details. -### Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C +### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is @@ -519,7 +519,7 @@ RSA verification functions also no longer take random generator arguments (this was only needed when using a private key). This affects all applications using the RSA verify functions. -### Remove the SSL API mbedtls_ssl_get_session_pointer() +### Remove the SSL API `mbedtls_ssl_get_session_pointer()` This affects two classes of users: @@ -585,7 +585,7 @@ They are already niche or obsolete and most of them are weak or broken. For those reasons possible users should consider switching to modern and safe alternatives to be found in literature. -### Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option +### Remove `MBEDTLS_SSL_DTLS_BADMAC_LIMIT` option This change does not affect users who used the default `mbedtls_config.h`, as the option MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. @@ -663,7 +663,7 @@ other trusted sources instead. The file `include/mbedtls/net.h` was removed because its only function was to include `mbedtls/net_sockets.h` which now should be included directly. -### Remove MBEDTLS_CHECK_PARAMS option +### Remove `MBEDTLS_CHECK_PARAMS` option This change does not affect users who use the default configuration; it only affects users who enabled that option. @@ -696,7 +696,7 @@ because the parameters concerned are usually constants in applications. For more information see issue #4313. -### Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default +### Remove `MBEDTLS_SSL_RECORD_CHECKING` option and enable its action by default This change does not affect users who use the default mbedtls_config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. @@ -815,7 +815,7 @@ To use PKCS#1 v1.5 padding, instead of mbedtls_rsa_init(ctx); ``` -### Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C +### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are @@ -893,7 +893,7 @@ Migration paths: - all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. -### Modified semantics of mbedtls_ssl_{get,set}_session() +### Modified semantics of `mbedtls_ssl_{get,set}_session()` This affects users who call `mbedtls_ssl_get_session()` or `mbedtls_ssl_set_session()` multiple times on the same SSL context @@ -923,7 +923,7 @@ Migration path: calls. Applications achieve equivalent functional behavior by issuing only the very last call to `mbedtls_ssl_set_session()`. -### Turn MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE configuration option into a runtime option +### Turn `MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE` configuration option into a runtime option This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE option in the `mbedtls_config.h` From 36bb5ff6e3b0fba1a685eab2774ec8ac1b821599 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 21:39:55 +0100 Subject: [PATCH 0674/1065] minor updates Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 3911141ae7..b0903e3daf 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -411,7 +411,7 @@ than just the MFL configuration into account. ### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior -The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increase code size and it does +The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increases code size and it does not increase peak RAM usage anymore. If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` From d8a1017abfa6f806c8b41ad7213e55140b88b8cf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 21:45:24 +0100 Subject: [PATCH 0675/1065] add section headings Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index b0903e3daf..bbb6d8ed54 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -15,6 +15,20 @@ The changes are detailed below, and include: - Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. - Removal of functions marked as deprecated in 2.x +## Low-level crypto + +## High-level crypto + +## PSA + +## The ALT interface + +## X.509 + +## SSL + +## Tooling + ### Introduce a level of indirection and versioning in the config files `config.h` was split into `build_info.h` and `mbedtls_config.h`. From 30dc603958f7756ab7bce6507c3ad463d9aabdce Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 22:20:58 +0100 Subject: [PATCH 0676/1065] Reorder sections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 1333 ++++++++++++++++++----------------- 1 file changed, 676 insertions(+), 657 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index bbb6d8ed54..7f866aa966 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -15,17 +15,7 @@ The changes are detailed below, and include: - Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. - Removal of functions marked as deprecated in 2.x -## Low-level crypto -## High-level crypto - -## PSA - -## The ALT interface - -## X.509 - -## SSL ## Tooling @@ -49,380 +39,6 @@ used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. The only value supported by Mbed TLS 3.0.0 is `0x03000000`. -### Remove support for TLS 1.0, 1.1 and DTLS 1.0 - -This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. - -These versions have been deprecated by RFC 8996. -Keeping them in the library creates opportunities for misconfiguration -and possibly downgrade attacks. More generally, more code means a larger attack -surface, even if the code is supposedly not used. - -The migration path is to adopt the latest versions of the protocol. - -As a consequence of removing TLS 1.0, support for CBC record splitting was -also removed, as it was a work-around for a weakness in this particular -version. There is no migration path since the feature is no longer relevant. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different version negotiation mechanism), support -for fallback SCSV (RFC 7507) was also removed. There is no migration path as -it's no longer useful with TLS 1.2 and later. - -As a consequence of currently supporting only one version of (D)TLS (and in the -future 1.3 which will have a different concept of ciphersuites), support for -configuring ciphersuites separately for each version via -`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use -`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS -1.2; in the future a different API will be added for (D)TLS 1.3. - -### Remove support for SSL 3.0 - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` -and relied on that version in order to communicate with peers that are not up -to date. If one of your peers is in that case, please try contacting them and -encouraging them to upgrade their software. - -### Strengthen default algorithm selection for X.509 and TLS - -The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. - -Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. - -The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. - -The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. - -If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: -``` -mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; -my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); -``` - -If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. - -### Deprecated functions were removed from hashing modules - -Modules: MD5, SHA1, SHA256, SHA512, MD. - -- The functions `mbedtls_xxx_starts_ret()`, `mbedtls_xxx_update_ret()`, - `mbedtls_xxx_finish_ret()` and `mbedtls_xxx_ret()` were renamed to replace - the corresponding functions without `_ret` appended. Please call the name without `_ret` appended and check the return value. -- The function `mbedtls_md_init_ctx()` was removed; please use - `mbedtls_md_setup()` instead. -- The functions `mbedtls_xxx_process()` were removed. You normally don't need - to call that from application code. However if you do (or if you want to - provide your own version of that function), please use - `mbedtls_internal_xxx_process()` instead, and check the return value. - -### Deprecated error codes for hardware failures were removed - -- The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules - were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used - instead. -- The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules - were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. - -### Deprecated names for PSA constants and types were removed - -Some constants and types that were present in beta versions of the PSA Crypto -API were removed from version 1.0 of specification. Please switch to the new -names provided by the 1.0 specification instead. - -### Internal / alt-focused headers were moved to a private location - -This shouldn't affect users who took care not to include headers that -were documented as internal, despite being in the public include directory. - -If you're providing alt implementations of ECP or RSA, you'll need to add our -`library` directory to your include path when building your alt -implementations, and note that `ecp_internal.h` and `rsa_internal.h` have been -renamed to `ecp_internal_alt.h` and `rsa_alt_helpers.h` respectively. - -If you're a library user and used to rely on having access to a structure or -function that's now in a private header, please reach out on the mailing list -and explain your need; we'll consider adding a new API in a future version. - -### Remove the certs module from the library - -This should not affect production use of the library, as the certificates and -keys included there were never suitable for production use. - -However it might affect you if you relied on them for testing purposes. In -that case, please embed your own test certificates in your test code; now that -`certs.c` is out of the library there is no longer any stability guaranteed -and it may change in incompatible ways at any time. - -### Remove the HAVEGE module - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects users who called the HAVEGE modules directly (not -recommended), or users who used it through the entropy module but had it as the -only source of entropy. If you're in that case, please declare OS or hardware -RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed -file created securely during device provisioning. See - for more -information. - -### Remove support for parsing SSLv2 ClientHello - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects TLS servers that have clients who send an SSLv2 ClientHello. -These days clients are very unlikely to do that. If you have a client that -does, please try contacting them and encouraging them to upgrade their -software. - -### Remove support for truncated HMAC - -This affects users of truncated HMAC, that is, users who called -`mbedtls_ssl_conf_truncated_hmac( ..., MBEDTLS_SSL_TRUNC_HMAC_ENABLED)`, -regardless of whether the standard version was used or compatibility version -(`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT`). - -The recommended migration path for people who want minimal overhead is to use a -CCM-8 ciphersuite. - -### Remove support for TLS record-level compression - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This only affects TLS users who enabled `MBEDTLS_ZLIB_SUPPORT`. This will not -cause any failures however if you used to enable TLS record-level compression -you may find that your bandwidth usage increases without compression. There's -no general solution to this problem; application protocols might have their -own compression mechanisms and are in a better position than the TLS stack to -avoid variants of the CRIME and BREACH attacks. - -### Remove support for TLS RC4-based ciphersuites - -This does not affect people who used the default `mbedtls_config.h` and the default -list of ciphersuites, as RC4-based ciphersuites were already not negotiated in -that case. - -Please switch to any of the modern, recommended ciphersuites (based on -AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support -any, encourage them to upgrade their software. - -### Remove support for TLS single-DES ciphersuites - -This doesn't affect people using the default configuration as it was already -disabled by default. - -Please switch to any of the modern, recommended ciphersuites (based on -AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support -any, encourage them to upgrade their software. - -### Remove support for TLS record-level hardware acceleration - -This doesn't affect people using the default configuration as it was already -disabled by default. - -This feature had been broken for a while so we doubt anyone still used it. -However if you did, please reach out on the mailing list and let us know about -your use case. - -### Remove wrapper for libpkcs11-helper - -This doesn't affect people using the default configuration as it was already -disabled by default. - -If you used to rely on this module in order to store your private keys -securely, please have a look at the key management facilities provided by the -PSA crypto API. If you have a use case that's not covered yet by this API, -please reach out on the mailing list. - -### Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` - -This doesn't affect people using the default configuration. - -This option has not had any effect for a long time. Please use the `lifetime` -parameter of `mbedtls_ssl_ticket_setup()` instead. - -### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 - -This only affects people who've been using Mbed TLS since before version 2.0 -and still relied on `compat-1.3.h` in their code. - -Please use the new names directly in your code; `scripts/rename.pl` (from any -of the 2.x releases — no longer included in 3.0) might help you do that. - -### Remove 3DES ciphersuites - -This change does not affect users using default settings for 3DES in `mbedtls_config.h` -because the 3DES ciphersuites were disabled by that. - -3DES has weaknesses/limitations and there are better alternatives, and more and -more standard bodies are recommending against its use in TLS. - -The migration path here is to chose from the recommended in literature alternatives. - -### CCM interface changes: impact for alternative implementations - -The CCM interface has changed with the addition of support for -multi-part operations. Five new API functions have been defined: -mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), -mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). -Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to -implement those additional five API functions. - -### Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations - -This only affects people who use the cipher module to perform AEAD operations -using the multi-part API. - -Previously, the documentation didn't state explicitly if it was OK to call -`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after -the last call to `mbedtls_cipher_update()` — that is, without calling -`mbedtls_cipher_finish()` in-between. If you code was missing that call, -please add it and be prepared to get as much as 15 bytes of output. - -Currently the output is always 0 bytes, but it may be more when alternative -implementations of the underlying primitives are in use, or with future -versions of the library. - -### Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options - -This change affects users who modified the default `mbedtls_config.h` padding granularity -settings, i.e. enabled at least one of the options. - -The `mbedtls_config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and -`MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because -they used exactly the same padding mechanism and hence their respective padding -granularities can be used in exactly the same way. This change simplifies the -code maintenance. - -The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used -for both DTLS-CID and TLS 1.3. - -### Change the API to allow adding critical extensions to CSRs - -This affects applications that call the `mbedtls_x509write_csr_set_extension` -function. - -The API is changed to include the parameter `critical` which allow to mark an -extension included in a CSR as critical. To get the previous behavior pass 0. - -### TLS now favors faster curves over larger curves - -The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. - -If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. - -### GCM interface changes: impact for alternative implementations - -The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. -* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: - * Always return the partial output immediately, even if it does not consist of a whole number of blocks. - * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. - -### GCM multipart interface: application changes - -The GCM module now supports arbitrary chunked input in the multipart interface. -This changes the interface for applications using the GCM module directly for multipart operations. -Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. -* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: - * As long as the input remains block-aligned, the output length is exactly the input length, as before. - * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. - -### SSL key export interface change - -This affects users of the SSL key export APIs: -``` - mbedtls_ssl_conf_export_keys_cb() - mbedtls_ssl_conf_export_keys_ext_cb() -``` - -Those APIs have been removed and replaced by the new API -`mbedtls_ssl_set_export_keys_cb()`. This API differs from -the previous key export API in the following ways: - -- It is no longer bound to an SSL configuration, but to an - SSL context. This allows users to more easily identify the - connection an exported key belongs to. -- It no longer exports raw keys and IV. -- A secret type parameter has been added to identify which key - is being exported. For TLS 1.2, only the master secret is - exported, but upcoming TLS 1.3 support will add other kinds of keys. -- The callback now specifies a void return type, rather than - returning an error code. It is the responsibility of the application - to handle failures in the key export callback, for example by - shutting down the TLS connection. - -For users which do not rely on raw keys and IV, adjusting to the new -callback type should be straightforward — see the example programs -`programs/ssl/ssl_client2` and `programs/ssl/ssl_server2` for callbacks -for NSSKeylog, EAP-TLS and DTLS-SRTP. - -Users which require access to the raw keys used to secure application -traffic may derive those by hand based on the master secret and the -handshake transcript hashes which can be obtained from the raw data -on the wire. Such users are also encouraged to reach out to the -Mbed TLS team on the mailing list, to let the team know about their -use case. - -### The RNG parameter is now mandatory for all functions that accept one - -This change affects all users who called a function accepting a `f_rng` -parameter with `NULL` as the value of this argument; this is no longer -supported. - -The changed functions are: the X.509 CRT and CSR writing functions; the PK and -RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM -and ECDH that compute the shared secret; the scalar multiplication functions in -ECP. - -You now need to pass a properly seeded, cryptographically secure RNG to all -functions that accept a `f_rng` parameter. It is of course still possible to -pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a -context. - -Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` -configuration options) may have their own internal and are free to ignore the -`f_rng` argument but must allow users to pass one anyway. - -### Some functions gained an RNG parameter - -This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, -`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and -`mbedtls_pk_parse_keyfile()`. - -You now need to pass a properly seeded, cryptographically secure RNG when -calling these functions. It is used for blinding, a countermeasure against -side-channel attacks. - -### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed - -This doesn't affect users of the default configuration; it only affects people -who were explicitly setting this option. - -This was a trade-off between code size and countermeasures; it is no longer -relevant as the countermeasure is now always on at no cost in code size. - -### Remove MaximumFragmentLength (MFL) query API - -This affects users which use the MFL query APIs -`mbedtls_ssl_get_{input,output}_max_frag_len()` to -infer upper bounds on the plaintext size of incoming and -outgoing record. - -Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` -instead, which also provides such upper bounds but takes more factors -than just the MFL configuration into account. - ### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increases code size and it does @@ -433,18 +49,6 @@ to `0` in your config file. The impact depends on the number and size of enabled curves. For example, for P-256 the difference is 1KB; see the documentation of this option for details. -### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` - -This does not affect users who use the default `mbedtls_config.h`. -MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is -enabled by default. - -If you were using a config file with both MBEDTLS_SHA512_C and -MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. -If you were using a config file with MBEDTLS_SHA512_C and without -MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add -`#define MBEDTLS_SHA384_C` to your config file. - ### Move part of timing module out of the library The change affects users who use any of the following functions: @@ -454,224 +58,6 @@ The change affects users who use any of the following functions: If you were relying on these functions, you'll now need to change to using your platform's corresponding functions directly. -### Extra parameter for the output buffer size - -The following functions now take an extra parameter indicating the size of the output buffer: - -* `mbedtls_ecdsa_write_signature()`, `mbedtls_ecdsa_write_signature_restartable()` -* `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` - -The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. - -### Relaxed semantics for PSK configuration - -This affects users which call the PSK configuration APIs -`mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` -multiple times on the same SSL configuration. - -In Mbed TLS 2.x, users would observe later calls overwriting -the effect of earlier calls, with the prevailing PSK being -the one that has been configured last. In Mbed TLS 3.0, -calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times -will return an error, leaving the first PSK intact. - -To achieve equivalent functionality when migrating to Mbed TLS 3.0, -users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should -remove all but the last call, so that only one call to _either_ -`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` -remains. - -### Remove the configuration to enable weak ciphersuites in SSL / TLS - -This does not affect users who use the default `mbedtls_config.h`, as this option was -already off by default. - -If you were using a weak cipher, please switch to any of the modern, -recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) -and if your peer doesn't support any, encourage them to upgrade their software. - -If you were using a ciphersuite without encryption, you just have to -enable MBEDTLS_CIPHER_NULL_CIPHER now. - -### Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option - -This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to -set the maximum length of incoming and outgoing plaintext fragments, -which can save memory by reducing the size of the TLS I/O buffers. - -This option is replaced by the more fine-grained options -`MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set -the maximum incoming and outgoing plaintext fragment lengths, respectively. - -### Remove the `MBEDTLS_TEST_NULL_ENTROPY` configuration option - -This does not affect users who use the default `mbedtls_config.h`, as this option was -already off by default. - -If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform -doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` -and make sure your device is provisioned with a strong random seed. -Alternatively, for testing purposes only, you can create and register a fake -entropy function. - -### Remove the mode parameter from RSA functions - -This affects all users who use the RSA encryption, decryption, sign and -verify APIs. - -The RSA module no longer supports private-key operations with the public key or -vice versa. As a consequence, RSA operation functions no longer have a mode -parameter. If you were calling RSA operations with the normal mode (public key -for verification or encryption, private key for signature or decryption), remove -the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling -RSA operations with the wrong mode, which rarely makes sense from a security -perspective, this is no longer supported. - -### Remove the RNG parameter from RSA verify functions - -RSA verification functions also no longer take random generator arguments (this -was only needed when using a private key). This affects all applications using -the RSA verify functions. - -### Remove the SSL API `mbedtls_ssl_get_session_pointer()` - -This affects two classes of users: - -1. Users who manually inspect parts of the current session through - direct structure field access. - -2. Users of session resumption who query the current session - via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting - it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`, - respectively. - -Migration paths: - -1. Mbed TLS 3.0 does not offer a migration path for the use case 1: Like many - other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no - longer part of the public API in Mbed TLS 3.0, and direct structure field - access is no longer supported. Please see the corresponding migration guide. - -2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by - calls to `mbedtls_ssl_get_session()` as demonstrated in the example - program `programs/ssl/ssl_client2.c`. - -### Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -This change does not affect users of the default configuration; it only affects -users who enable this option. - -The X.509 standard says that implementations must reject critical extensions that -they don't recognize, and this is what Mbed TLS does by default. This option -allowed to continue parsing those certificates but didn't provide a convenient -way to handle those extensions. - -The migration path from that option is to use the -`mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally -equivalent to `mbedtls_x509_crt_parse_der()`, and/or -`mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every -unsupported certificate extension and additionally the "certificate policies" -extension if it contains any unsupported certificate policies. - -### Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` - -This change affects users who have chosen the configuration options to disable the -library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 -certificates. - -The `MBEDTLS_X509_CHECK_KEY_USAGE` and `MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE` -configuration options are removed and the X509 code now behaves as if they were -always enabled. It is consequently not possible anymore to disable at compile -time the verification of the `keyUsage` and `extendedKeyUsage` fields of X509 -certificates. - -The verification of the `keyUsage` and `extendedKeyUsage` fields is important, -disabling it can cause security issues and it is thus not recommended. If the -verification is for some reason undesirable, it can still be disabled by means -of the verification callback function passed to `mbedtls_x509_crt_verify()` (see -the documentation of this function for more information). - -### Remove MD2, MD4, RC4, Blowfish and XTEA algorithms - -This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. - -They are already niche or obsolete and most of them are weak or broken. For -those reasons possible users should consider switching to modern and safe -alternatives to be found in literature. - -### Remove `MBEDTLS_SSL_DTLS_BADMAC_LIMIT` option - -This change does not affect users who used the default `mbedtls_config.h`, as the option -MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. - -This option was a trade-off between functionality and code size: it allowed -users who didn't need that feature to avoid paying the cost in code size, by -disabling it. - -This option is no longer present, but its functionality is now always enabled. - -### Deprecated functions were removed from AES - -The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were -removed. - -If you're simply using the AES module, you should be calling the higher-level -functions `mbedtls_aes_crypt_xxx()`. - -If you're providing an alternative implementation using -`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be -replacing the removed functions with `mbedtls_internal_aes_encrypt()` and -`mbedtls_internal_aes_decrypt()` respectively. - -### Deprecated functions were removed from bignum - -The function `mbedtls_mpi_is_prime()` was removed. Please use -`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the -number of Miller-Rabin rounds. - -### Deprecated functions were removed from cipher - -The functions `mbedtls_cipher_auth_encrypt()` and -`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by -`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` -respectively which additionally support key wrapping algorithms such as -NIST_KW. - -### Deprecated functions were removed from DRBGs - -The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` -were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and -`mbedtls_hmac_drbg_update_ret()` respectively. - -### Deprecated functions were removed from ECDSA - -The functions `mbedtls_ecdsa_write_signature_det()` and -`mbedtls_ecdsa_sign_det()` were removed. They were superseded by -`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` -respectively. - -### Deprecated functions were removed from SSL - -The function `mbedtls_ssl_conf_dh_param()` was removed. Please use -`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. - -The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use -`mbedtls_ssl_get_max_out_record_payload()` and -`mbedtls_ssl_get_max_in_record_payload()` -instead. - -### Deprecated hex-encoded primes were removed from DHM - -The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, -`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, -`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, -`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were -removed. The primes from RFC 5114 are deprecated because their derivation is not -documented and therefore their usage constitutes a security risk; they are fully -removed from the library. Please use parameters from RFC3526 (still in the -library, only in binary form) or RFC 7919 (also available in the library) or -other trusted sources instead. - ### Deprecated net.h file was removed The file `include/mbedtls/net.h` was removed because its only function was to @@ -710,32 +96,263 @@ because the parameters concerned are usually constants in applications. For more information see issue #4313. -### Remove `MBEDTLS_SSL_RECORD_CHECKING` option and enable its action by default +### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` -This change does not affect users who use the default mbedtls_config.h, as the -option MBEDTLS_SSL_RECORD_CHECKING was already on by default. +This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C +was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are +enabled. -This option was added only to control compilation of one function, -mbedtls_ssl_check_record(), which is only useful in some specific cases, so it -was made optional to allow users who don't need it to save some code space. -However, the same effect can be achieve by using link-time garbage collection. +If you were using custom config file with MBEDTLS_SHA256_C enabled, then +you will need to add `#define MBEDTLS_SHA224_C` option your config. +Current version of the library does not support enabling MBEDTLS_SHA256_C +without MBEDTLS_SHA224_C. -Users who changed the default setting of the option need to change the config/ -build system to remove that change. +### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` -### Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option +This does not affect users who use the default `mbedtls_config.h`. +MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is +enabled by default. -This change does not affect users who were using the default configuration, as -this option was already disabled by default. Also, it does not affect users who -are working with current V3 X.509 certificates. +If you were using a config file with both MBEDTLS_SHA512_C and +MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. +If you were using a config file with MBEDTLS_SHA512_C and without +MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add +`#define MBEDTLS_SHA384_C` to your config file. -Extensions were added in V3 of the X.509 specification, so pre-V3 certificates -containing extensions were never compliant. Mbed TLS now rejects them with a -parsing error in all configurations, as it did previously in the default -configuration. +### Remove the `MBEDTLS_TEST_NULL_ENTROPY` configuration option -If you are working with the pre-V3 certificates you need to switch to the -current ones. +This does not affect users who use the default `mbedtls_config.h`, as this option was +already off by default. + +If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform +doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` +and make sure your device is provisioned with a strong random seed. +Alternatively, for testing purposes only, you can create and register a fake +entropy function. + +### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed + +This doesn't affect users of the default configuration; it only affects people +who were explicitly setting this option. + +This was a trade-off between code size and countermeasures; it is no longer +relevant as the countermeasure is now always on at no cost in code size. + +### Remove the HAVEGE module + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects users who called the HAVEGE modules directly (not +recommended), or users who used it through the entropy module but had it as the +only source of entropy. If you're in that case, please declare OS or hardware +RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed +file created securely during device provisioning. See + for more +information. + + + +## Low-level crypto + +### The RNG parameter is now mandatory for all functions that accept one + +This change affects all users who called a function accepting a `f_rng` +parameter with `NULL` as the value of this argument; this is no longer +supported. + +The changed functions are: the X.509 CRT and CSR writing functions; the PK and +RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM +and ECDH that compute the shared secret; the scalar multiplication functions in +ECP. + +You now need to pass a properly seeded, cryptographically secure RNG to all +functions that accept a `f_rng` parameter. It is of course still possible to +pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a +context. + +Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` +configuration options) may have their own internal and are free to ignore the +`f_rng` argument but must allow users to pass one anyway. + +### Some functions gained an RNG parameter + +This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, +`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and +`mbedtls_pk_parse_keyfile()`. + +You now need to pass a properly seeded, cryptographically secure RNG when +calling these functions. It is used for blinding, a countermeasure against +side-channel attacks. + +### Deprecated functions were removed from bignum + +The function `mbedtls_mpi_is_prime()` was removed. Please use +`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the +number of Miller-Rabin rounds. + +### Deprecated functions were removed from DRBGs + +The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` +were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and +`mbedtls_hmac_drbg_update_ret()` respectively. + +### Deprecated hex-encoded primes were removed from DHM + +The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, +`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were +removed. The primes from RFC 5114 are deprecated because their derivation is not +documented and therefore their usage constitutes a security risk; they are fully +removed from the library. Please use parameters from RFC3526 (still in the +library, only in binary form) or RFC 7919 (also available in the library) or +other trusted sources instead. + +## High-level crypto + +### Remove wrapper for libpkcs11-helper + +This doesn't affect people using the default configuration as it was already +disabled by default. + +If you used to rely on this module in order to store your private keys +securely, please have a look at the key management facilities provided by the +PSA crypto API. If you have a use case that's not covered yet by this API, +please reach out on the mailing list. + +### Deprecated functions were removed from hashing modules + +Modules: MD5, SHA1, SHA256, SHA512, MD. + +- The functions `mbedtls_xxx_starts_ret()`, `mbedtls_xxx_update_ret()`, + `mbedtls_xxx_finish_ret()` and `mbedtls_xxx_ret()` were renamed to replace + the corresponding functions without `_ret` appended. Please call the name without `_ret` appended and check the return value. +- The function `mbedtls_md_init_ctx()` was removed; please use + `mbedtls_md_setup()` instead. +- The functions `mbedtls_xxx_process()` were removed. You normally don't need + to call that from application code. However if you do (or if you want to + provide your own version of that function), please use + `mbedtls_internal_xxx_process()` instead, and check the return value. + +### Remove 3DES ciphersuites + +This change does not affect users using default settings for 3DES in `mbedtls_config.h` +because the 3DES ciphersuites were disabled by that. + +3DES has weaknesses/limitations and there are better alternatives, and more and +more standard bodies are recommending against its use in TLS. + +The migration path here is to chose from the recommended in literature alternatives. + +### Deprecated error codes for hardware failures were removed + +- The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used + instead. +- The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. + +### Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations + +This only affects people who use the cipher module to perform AEAD operations +using the multi-part API. + +Previously, the documentation didn't state explicitly if it was OK to call +`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after +the last call to `mbedtls_cipher_update()` — that is, without calling +`mbedtls_cipher_finish()` in-between. If you code was missing that call, +please add it and be prepared to get as much as 15 bytes of output. + +Currently the output is always 0 bytes, but it may be more when alternative +implementations of the underlying primitives are in use, or with future +versions of the library. + +### GCM multipart interface: application changes + +The GCM module now supports arbitrary chunked input in the multipart interface. +This changes the interface for applications using the GCM module directly for multipart operations. +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. +* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: + * As long as the input remains block-aligned, the output length is exactly the input length, as before. + * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. + +### GCM interface changes: impact for alternative implementations + +The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. +* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: + * Always return the partial output immediately, even if it does not consist of a whole number of blocks. + * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. + +### Remove the mode parameter from RSA functions + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The RSA module no longer supports private-key operations with the public key or +vice versa. As a consequence, RSA operation functions no longer have a mode +parameter. If you were calling RSA operations with the normal mode (public key +for verification or encryption, private key for signature or decryption), remove +the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling +RSA operations with the wrong mode, which rarely makes sense from a security +perspective, this is no longer supported. + +### Remove the RNG parameter from RSA verify functions + +RSA verification functions also no longer take random generator arguments (this +was only needed when using a private key). This affects all applications using +the RSA verify functions. + +### Remove MD2, MD4, RC4, Blowfish and XTEA algorithms + +This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. + +They are already niche or obsolete and most of them are weak or broken. For +those reasons possible users should consider switching to modern and safe +alternatives to be found in literature. + +### Deprecated functions were removed from AES + +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were +removed. + +If you're simply using the AES module, you should be calling the higher-level +functions `mbedtls_aes_crypt_xxx()`. + +If you're providing an alternative implementation using +`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be +replacing the removed functions with `mbedtls_internal_aes_encrypt()` and +`mbedtls_internal_aes_decrypt()` respectively. + +### Deprecated functions were removed from cipher + +The functions `mbedtls_cipher_auth_encrypt()` and +`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by +`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` +respectively which additionally support key wrapping algorithms such as +NIST_KW. + +### Deprecated functions were removed from ECDSA + +The functions `mbedtls_ecdsa_write_signature_det()` and +`mbedtls_ecdsa_sign_det()` were removed. They were superseded by +`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` +respectively. + +### Extra parameter for the output buffer size + +The following functions now take an extra parameter indicating the size of the output buffer: + +* `mbedtls_ecdsa_write_signature()`, `mbedtls_ecdsa_write_signature_restartable()` +* `mbedtls_pk_sign()`, `mbedtls_pk_sign_restartable()` + +The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. ### Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed @@ -811,34 +428,452 @@ you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. To choose the padding type when initializing a context, instead of + ```C mbedtls_rsa_init(ctx, padding, hash_id); ``` + , use + ```C mbedtls_rsa_init(ctx); mbedtls_rsa_set_padding(ctx, padding, hash_id); ``` To use PKCS#1 v1.5 padding, instead of + ```C mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); ``` + , just use + ```C mbedtls_rsa_init(ctx); ``` -### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` +### SHA-512 and SHA-256 output type change -This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C -was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are -enabled. +The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. -If you were using custom config file with MBEDTLS_SHA256_C enabled, then -you will need to add `#define MBEDTLS_SHA224_C` option your config. -Current version of the library does not support enabling MBEDTLS_SHA256_C -without MBEDTLS_SHA224_C. +This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. + +Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. + +### Some function parameters were made const + +Various functions in the PK and ASN.1 modules had a `const` qualifier added to +some of their parameters. + +This normally doesn't affect your code, unless you use pointers to reference +those functions. In this case, you'll need to update the type of your pointers +in order to match the new signature. + + + +## PSA + +### Deprecated names for PSA constants and types were removed + +Some constants and types that were present in beta versions of the PSA Crypto +API were removed from version 1.0 of specification. Please switch to the new +names provided by the 1.0 specification instead. + + + +## The ALT interface + +### Internal / alt-focused headers were moved to a private location + +This shouldn't affect users who took care not to include headers that +were documented as internal, despite being in the public include directory. + +If you're providing alt implementations of ECP or RSA, you'll need to add our +`library` directory to your include path when building your alt +implementations, and note that `ecp_internal.h` and `rsa_internal.h` have been +renamed to `ecp_internal_alt.h` and `rsa_alt_helpers.h` respectively. + +If you're a library user and used to rely on having access to a structure or +function that's now in a private header, please reach out on the mailing list +and explain your need; we'll consider adding a new API in a future version. + +### CCM interface changes: impact for alternative implementations + +The CCM interface has changed with the addition of support for +multi-part operations. Five new API functions have been defined: +mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), +mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). +Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to +implement those additional five API functions. + + + +## X.509 + +### Strengthen default algorithm selection for X.509 and TLS + +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. + +Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. + +The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. + +The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. + +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: +``` +mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; +my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); +``` + +If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. + +### Remove the certs module from the library + +This should not affect production use of the library, as the certificates and +keys included there were never suitable for production use. + +However it might affect you if you relied on them for testing purposes. In +that case, please embed your own test certificates in your test code; now that +`certs.c` is out of the library there is no longer any stability guaranteed +and it may change in incompatible ways at any time. + +### Change the API to allow adding critical extensions to CSRs + +This affects applications that call the `mbedtls_x509write_csr_set_extension` +function. + +The API is changed to include the parameter `critical` which allow to mark an +extension included in a CSR as critical. To get the previous behavior pass 0. + +### Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +This change does not affect users of the default configuration; it only affects +users who enable this option. + +The X.509 standard says that implementations must reject critical extensions that +they don't recognize, and this is what Mbed TLS does by default. This option +allowed to continue parsing those certificates but didn't provide a convenient +way to handle those extensions. + +The migration path from that option is to use the +`mbedtls_x509_crt_parse_der_with_ext_cb()` function which is functionally +equivalent to `mbedtls_x509_crt_parse_der()`, and/or +`mbedtls_x509_crt_parse_der_nocopy()` but it calls the callback with every +unsupported certificate extension and additionally the "certificate policies" +extension if it contains any unsupported certificate policies. + +### Remove `MBEDTLS_X509_CHECK_*_KEY_USAGE` options from `mbedtls_config.h` + +This change affects users who have chosen the configuration options to disable the +library's verification of the `keyUsage` and `extendedKeyUsage` fields of x509 +certificates. + +The `MBEDTLS_X509_CHECK_KEY_USAGE` and `MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE` +configuration options are removed and the X509 code now behaves as if they were +always enabled. It is consequently not possible anymore to disable at compile +time the verification of the `keyUsage` and `extendedKeyUsage` fields of X509 +certificates. + +The verification of the `keyUsage` and `extendedKeyUsage` fields is important, +disabling it can cause security issues and it is thus not recommended. If the +verification is for some reason undesirable, it can still be disabled by means +of the verification callback function passed to `mbedtls_x509_crt_verify()` (see +the documentation of this function for more information). + +### Remove the `MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3` option + +This change does not affect users who were using the default configuration, as +this option was already disabled by default. Also, it does not affect users who +are working with current V3 X.509 certificates. + +Extensions were added in V3 of the X.509 specification, so pre-V3 certificates +containing extensions were never compliant. Mbed TLS now rejects them with a +parsing error in all configurations, as it did previously in the default +configuration. + +If you are working with the pre-V3 certificates you need to switch to the +current ones. + + + +## SSL + +### Remove support for TLS 1.0, 1.1 and DTLS 1.0 + +This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. + +These versions have been deprecated by RFC 8996. +Keeping them in the library creates opportunities for misconfiguration +and possibly downgrade attacks. More generally, more code means a larger attack +surface, even if the code is supposedly not used. + +The migration path is to adopt the latest versions of the protocol. + +As a consequence of removing TLS 1.0, support for CBC record splitting was +also removed, as it was a work-around for a weakness in this particular +version. There is no migration path since the feature is no longer relevant. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different version negotiation mechanism), support +for fallback SCSV (RFC 7507) was also removed. There is no migration path as +it's no longer useful with TLS 1.2 and later. + +As a consequence of currently supporting only one version of (D)TLS (and in the +future 1.3 which will have a different concept of ciphersuites), support for +configuring ciphersuites separately for each version via +`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use +`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS +1.2; in the future a different API will be added for (D)TLS 1.3. + +### Remove support for SSL 3.0 + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` +and relied on that version in order to communicate with peers that are not up +to date. If one of your peers is in that case, please try contacting them and +encouraging them to upgrade their software. + +### Remove support for parsing SSLv2 ClientHello + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS servers that have clients who send an SSLv2 ClientHello. +These days clients are very unlikely to do that. If you have a client that +does, please try contacting them and encouraging them to upgrade their +software. + +### Remove support for truncated HMAC + +This affects users of truncated HMAC, that is, users who called +`mbedtls_ssl_conf_truncated_hmac( ..., MBEDTLS_SSL_TRUNC_HMAC_ENABLED)`, +regardless of whether the standard version was used or compatibility version +(`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT`). + +The recommended migration path for people who want minimal overhead is to use a +CCM-8 ciphersuite. + +### Remove support for TLS record-level compression + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who enabled `MBEDTLS_ZLIB_SUPPORT`. This will not +cause any failures however if you used to enable TLS record-level compression +you may find that your bandwidth usage increases without compression. There's +no general solution to this problem; application protocols might have their +own compression mechanisms and are in a better position than the TLS stack to +avoid variants of the CRIME and BREACH attacks. + +### Remove support for TLS RC4-based ciphersuites + +This does not affect people who used the default `mbedtls_config.h` and the default +list of ciphersuites, as RC4-based ciphersuites were already not negotiated in +that case. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +### Remove support for TLS single-DES ciphersuites + +This doesn't affect people using the default configuration as it was already +disabled by default. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +### Remove support for TLS record-level hardware acceleration + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This feature had been broken for a while so we doubt anyone still used it. +However if you did, please reach out on the mailing list and let us know about +your use case. + +### Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` + +This doesn't affect people using the default configuration. + +This option has not had any effect for a long time. Please use the `lifetime` +parameter of `mbedtls_ssl_ticket_setup()` instead. + +### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 + +This only affects people who've been using Mbed TLS since before version 2.0 +and still relied on `compat-1.3.h` in their code. + +Please use the new names directly in your code; `scripts/rename.pl` (from any +of the 2.x releases — no longer included in 3.0) might help you do that. + +### Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options + +This change affects users who modified the default `mbedtls_config.h` padding granularity +settings, i.e. enabled at least one of the options. + +The `mbedtls_config.h` options `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and +`MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` were combined into one option because +they used exactly the same padding mechanism and hence their respective padding +granularities can be used in exactly the same way. This change simplifies the +code maintenance. + +The new single option `MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY` can be used +for both DTLS-CID and TLS 1.3. + +### TLS now favors faster curves over larger curves + +The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves. + +If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection. + +### SSL key export interface change + +This affects users of the SSL key export APIs: +``` + mbedtls_ssl_conf_export_keys_cb() + mbedtls_ssl_conf_export_keys_ext_cb() +``` + +Those APIs have been removed and replaced by the new API +`mbedtls_ssl_set_export_keys_cb()`. This API differs from +the previous key export API in the following ways: + +- It is no longer bound to an SSL configuration, but to an + SSL context. This allows users to more easily identify the + connection an exported key belongs to. +- It no longer exports raw keys and IV. +- A secret type parameter has been added to identify which key + is being exported. For TLS 1.2, only the master secret is + exported, but upcoming TLS 1.3 support will add other kinds of keys. +- The callback now specifies a void return type, rather than + returning an error code. It is the responsibility of the application + to handle failures in the key export callback, for example by + shutting down the TLS connection. + +For users which do not rely on raw keys and IV, adjusting to the new +callback type should be straightforward — see the example programs +`programs/ssl/ssl_client2` and `programs/ssl/ssl_server2` for callbacks +for NSSKeylog, EAP-TLS and DTLS-SRTP. + +Users which require access to the raw keys used to secure application +traffic may derive those by hand based on the master secret and the +handshake transcript hashes which can be obtained from the raw data +on the wire. Such users are also encouraged to reach out to the +Mbed TLS team on the mailing list, to let the team know about their +use case. + +### Remove MaximumFragmentLength (MFL) query API + +This affects users which use the MFL query APIs +`mbedtls_ssl_get_{input,output}_max_frag_len()` to +infer upper bounds on the plaintext size of incoming and +outgoing record. + +Users should switch to `mbedtls_ssl_get_max_{in,out}_record_payload()` +instead, which also provides such upper bounds but takes more factors +than just the MFL configuration into account. + +### Relaxed semantics for PSK configuration + +This affects users which call the PSK configuration APIs +`mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` +multiple times on the same SSL configuration. + +In Mbed TLS 2.x, users would observe later calls overwriting +the effect of earlier calls, with the prevailing PSK being +the one that has been configured last. In Mbed TLS 3.0, +calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times +will return an error, leaving the first PSK intact. + +To achieve equivalent functionality when migrating to Mbed TLS 3.0, +users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should +remove all but the last call, so that only one call to _either_ +`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` +remains. + +### Remove the configuration to enable weak ciphersuites in SSL / TLS + +This does not affect users who use the default `mbedtls_config.h`, as this option was +already off by default. + +If you were using a weak cipher, please switch to any of the modern, +recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) +and if your peer doesn't support any, encourage them to upgrade their software. + +If you were using a ciphersuite without encryption, you just have to +enable MBEDTLS_CIPHER_NULL_CIPHER now. + +### Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option + +This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to +set the maximum length of incoming and outgoing plaintext fragments, +which can save memory by reducing the size of the TLS I/O buffers. + +This option is replaced by the more fine-grained options +`MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set +the maximum incoming and outgoing plaintext fragment lengths, respectively. + +### Remove the SSL API `mbedtls_ssl_get_session_pointer()` + +This affects two classes of users: + +1. Users who manually inspect parts of the current session through + direct structure field access. + +2. Users of session resumption who query the current session + via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting + it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`, + respectively. + +Migration paths: + +1. Mbed TLS 3.0 does not offer a migration path for the use case 1: Like many + other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no + longer part of the public API in Mbed TLS 3.0, and direct structure field + access is no longer supported. Please see the corresponding migration guide. + +2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by + calls to `mbedtls_ssl_get_session()` as demonstrated in the example + program `programs/ssl/ssl_client2.c`. + +### Remove `MBEDTLS_SSL_DTLS_BADMAC_LIMIT` option + +This change does not affect users who used the default `mbedtls_config.h`, as the option +MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. + +This option was a trade-off between functionality and code size: it allowed +users who didn't need that feature to avoid paying the cost in code size, by +disabling it. + +This option is no longer present, but its functionality is now always enabled. + +### Deprecated functions were removed from SSL + +The function `mbedtls_ssl_conf_dh_param()` was removed. Please use +`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. + +The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use +`mbedtls_ssl_get_max_out_record_payload()` and +`mbedtls_ssl_get_max_in_record_payload()` +instead. + +### Remove `MBEDTLS_SSL_RECORD_CHECKING` option and enable its action by default + +This change does not affect users who use the default mbedtls_config.h, as the +option MBEDTLS_SSL_RECORD_CHECKING was already on by default. + +This option was added only to control compilation of one function, +mbedtls_ssl_check_record(), which is only useful in some specific cases, so it +was made optional to allow users who don't need it to save some code space. +However, the same effect can be achieve by using link-time garbage collection. + +Users who changed the default setting of the option need to change the config/ +build system to remove that change. ### Session Cache API Change @@ -868,14 +903,6 @@ find themselves unable to migrate their session cache functionality without accessing fields of `mbedtls_ssl_session` should describe their use case on the Mbed TLS mailing list. -### SHA-512 and SHA-256 output type change - -The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. - -This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. - -Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. - ### Removal of some SSL error codes This affects users manually checking for the following error codes: @@ -951,11 +978,3 @@ e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE has the same effect as enabling the removed option. The default state is to use the server order of suites. -### Some function parameters were made const - -Various functions in the PK and ASN.1 modules had a `const` qualifier added to -some of their parameters. - -This normally doesn't affect your code, unless you use pointers to reference -those functions. In this case, you'll need to update the type of your pointers -in order to match the new signature. From 4a5d3c08c66210119a0ac482d2b0cd8eb8d293d8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 22:29:03 +0100 Subject: [PATCH 0677/1065] Fix typo Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 7f866aa966..49b870a171 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -103,7 +103,7 @@ was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are enabled. If you were using custom config file with MBEDTLS_SHA256_C enabled, then -you will need to add `#define MBEDTLS_SHA224_C` option your config. +you will need to add `#define MBEDTLS_SHA224_C` option to your config. Current version of the library does not support enabling MBEDTLS_SHA256_C without MBEDTLS_SHA224_C. From 7078973b7b1d62f0d7766697207993186b45d565 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 09:18:55 +0100 Subject: [PATCH 0678/1065] Improve wording Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 49b870a171..2b20b5ce6e 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -12,9 +12,8 @@ The changes are detailed below, and include: - Removal of many insecure or obsolete features - Tidying up of configuration options (including removing some less useful options). -- Changing function signatures (e.g., adding return codes or extra parameters); introducing const to arguments. -- Removal of functions marked as deprecated in 2.x - +- Changing function signatures, e.g. adding return codes, adding extra parameters, or making some arguments const. +- Removal of functions previously marked as deprecated. ## Tooling From 47060db1995c4d35ee9a4b72f82681cf06380e96 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 30 Jun 2021 10:31:18 +0200 Subject: [PATCH 0679/1065] Give a better name for struct member Signed-off-by: gabor-mezei-arm --- include/psa/crypto_builtin_primitives.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 260619c9fe..31f4aa6d55 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -105,7 +105,7 @@ typedef struct { uint8_t MBEDTLS_PRIVATE(iv_length); uint8_t MBEDTLS_PRIVATE(block_length); union { - unsigned int MBEDTLS_PRIVATE(initialised); + unsigned int MBEDTLS_PRIVATE(dummy); mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_cipher_operation_t; From 5ce25d780678dbefc7bff95d86ead2671945e9a8 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 30 Jun 2021 10:34:28 +0200 Subject: [PATCH 0680/1065] Remove obsolete comment Signed-off-by: gabor-mezei-arm --- library/psa_crypto_cipher.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 36c7e73c61..d8c722bb1b 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -160,8 +160,6 @@ static psa_status_t cipher_setup( (void)key_buffer_size; - /* Proceed with initializing an mbed TLS cipher context if no driver is - * available for the given algorithm & key. */ mbedtls_cipher_init( &operation->ctx.cipher ); operation->alg = alg; From b491b2b051cde5357dd1e9d4caf0c1faf1aa573d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 09:46:07 +0100 Subject: [PATCH 0681/1065] Add SSL error code updates from #4724 Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 2b20b5ce6e..4ac677633a 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -902,7 +902,7 @@ find themselves unable to migrate their session cache functionality without accessing fields of `mbedtls_ssl_session` should describe their use case on the Mbed TLS mailing list. -### Removal of some SSL error codes +### Changes in the SSL error code space This affects users manually checking for the following error codes: @@ -916,11 +916,11 @@ This affects users manually checking for the following error codes: Migration paths: - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` should never be returned from Mbed TLS, and there is no need to check for it. - + Users should simply remove manual checks for those codes, and let the Mbed TLS team know if — contrary to the team's understanding — there is in fact a situation where one of them was ever returned. - + - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate is too large to fit into the output buffers. @@ -928,10 +928,29 @@ Migration paths: Users should check for `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their own certificate against the configured size of the output buffer to understand if the error is due to an overly large certificate. - -- `MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN` and `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` have been replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` -- all codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. +- `MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN` and `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` have been + replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE`. + +- All codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. + + Users should check for the newly introduced generic error codes + + * `MBEDTLS_ERR_SSL_DECODE_ERROR` + * `MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER`, + * `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` + * `MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION` + * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` + * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` + * `MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION` + * `MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL` + + and the pre-existing generic error codes + + * `MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE` + * `MBEDTLS_ERR_SSL_INTERNAL_ERROR` + + instead. ### Modified semantics of `mbedtls_ssl_{get,set}_session()` From e4ec84631b1e6b1553802ac49498203964e31b7d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 09:52:40 +0100 Subject: [PATCH 0682/1065] Fix typos Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 4ac677633a..352c48458c 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -242,7 +242,7 @@ because the 3DES ciphersuites were disabled by that. 3DES has weaknesses/limitations and there are better alternatives, and more and more standard bodies are recommending against its use in TLS. -The migration path here is to chose from the recommended in literature alternatives. +The migration path here is to choose from the recommended in literature alternatives. ### Deprecated error codes for hardware failures were removed @@ -389,7 +389,7 @@ original names of those functions. The renamed functions are: To migrate to the this change the user can keep the `*_ret` names in their code and include the `compat_2.x.h` header file which holds macros with proper -renaming or to rename those function in their code according to the list from +renaming or to rename those functions in their code according to the list from mentioned header file. ### Signature functions now require the hash length to match the expected value @@ -432,7 +432,7 @@ To choose the padding type when initializing a context, instead of mbedtls_rsa_init(ctx, padding, hash_id); ``` -, use +use ```C mbedtls_rsa_init(ctx); @@ -445,7 +445,7 @@ To use PKCS#1 v1.5 padding, instead of mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); ``` -, just use +just use ```C mbedtls_rsa_init(ctx); @@ -869,7 +869,7 @@ option MBEDTLS_SSL_RECORD_CHECKING was already on by default. This option was added only to control compilation of one function, mbedtls_ssl_check_record(), which is only useful in some specific cases, so it was made optional to allow users who don't need it to save some code space. -However, the same effect can be achieve by using link-time garbage collection. +However, the same effect can be achieved by using link-time garbage collection. Users who changed the default setting of the option need to change the config/ build system to remove that change. From a481052407a89c924a29e147346283994f780d39 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 29 Jun 2021 22:45:26 +0200 Subject: [PATCH 0683/1065] Add migration guide and changelog entry for MBEDTLS_PRIVATE We forgot those in #4511. Signed-off-by: Gilles Peskine --- ChangeLog.d/private-fields.txt | 5 +++++ docs/3.0-migration-guide.md | 13 +++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 ChangeLog.d/private-fields.txt diff --git a/ChangeLog.d/private-fields.txt b/ChangeLog.d/private-fields.txt new file mode 100644 index 0000000000..10b9a594af --- /dev/null +++ b/ChangeLog.d/private-fields.txt @@ -0,0 +1,5 @@ +API changes + * Direct access to fields of structures declared in public headers is no + longer supported except for fields that are documented public. Use accessor + functions instead. For more information, see the migration guide entry + "Most structure fields are now private". diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 352c48458c..0ffd919548 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -150,6 +150,19 @@ file created securely during device provisioning. See for more information. +### Most structure fields are now private + +Direct access to fields of structures (`struct` types) declared in public headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of the stable API, and minor versions (3.1, 3.2, etc.) may add, remove, rename, reorder or change the type of structure fields. + +There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the struture inconsistent; check the documentation in each case. + +Attempting to access a private field directly will result in a compilation error. + +If you were accessing structure fields directly, and these fields are not documented as public, you need to change your code. If an accessor (getter/setter) function exists, use that. Direct accessor functions are usually called `mbedtls__{get,set}_` or `mbedtls___{get,set}_`. Accessor functions that change the format may use different verbs, for example `read`/`write` for functions that import/export data from/to a text or byte string. + +If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/ARMmbed/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them the first minor release(s) (3.1, etc.). + +As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. ## Low-level crypto From a5a3cce49b73a925daf25fec0368fa768a02360b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 11:06:58 +0100 Subject: [PATCH 0684/1065] Add link between sections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 0ffd919548..1546f4d1af 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -847,7 +847,7 @@ Migration paths: 1. Mbed TLS 3.0 does not offer a migration path for the use case 1: Like many other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no longer part of the public API in Mbed TLS 3.0, and direct structure field - access is no longer supported. Please see the corresponding migration guide. + access is no longer supported. Please see the [section on private structure fields](#most-structure-fields-are-now-private) for more details. 2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by calls to `mbedtls_ssl_get_session()` as demonstrated in the example From a54c16805e1c592edb0585a77f6d86215ab212ad Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 11:11:07 +0100 Subject: [PATCH 0685/1065] Improve wording relating to removal of MBEDTLS_ERR_SSL_BAD_HS_XXX Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 1546f4d1af..65b868a8dd 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -945,7 +945,7 @@ Migration paths: - `MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN` and `MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE` have been replaced by `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE`. -- All codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives. +- All codes of the form `MBEDTLS_ERR_SSL_BAD_HS_XXX` have been replaced by various alternatives, which give more information about the type of error raised. Users should check for the newly introduced generic error codes From d462ca1f72c30ea490fca4ed2c0857db0c9d15ad Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 11:26:08 +0100 Subject: [PATCH 0686/1065] Fix typos Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 65b868a8dd..0e156b429d 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -154,13 +154,13 @@ information. Direct access to fields of structures (`struct` types) declared in public headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of the stable API, and minor versions (3.1, 3.2, etc.) may add, remove, rename, reorder or change the type of structure fields. -There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the struture inconsistent; check the documentation in each case. +There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the structure inconsistent; check the documentation in each case. Attempting to access a private field directly will result in a compilation error. If you were accessing structure fields directly, and these fields are not documented as public, you need to change your code. If an accessor (getter/setter) function exists, use that. Direct accessor functions are usually called `mbedtls__{get,set}_` or `mbedtls___{get,set}_`. Accessor functions that change the format may use different verbs, for example `read`/`write` for functions that import/export data from/to a text or byte string. -If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/ARMmbed/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them the first minor release(s) (3.1, etc.). +If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/ARMmbed/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them to the first minor release(s) (3.1, etc.). As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. From 4ea5643046c2e53ee0cf512a699dd09f5fe4b6b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 14:16:22 +0100 Subject: [PATCH 0687/1065] Change some section names Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 0e156b429d..b9200ac09f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -16,7 +16,7 @@ The changes are detailed below, and include: - Removal of functions previously marked as deprecated. -## Tooling +## General changes ### Introduce a level of indirection and versioning in the config files @@ -493,7 +493,7 @@ names provided by the 1.0 specification instead. -## The ALT interface +## Changes that only affect alternative implementations ### Internal / alt-focused headers were moved to a private location From a3758208ae818233446c89132835ba74a2028c25 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 14:17:03 +0100 Subject: [PATCH 0688/1065] Move sub-sections to more appropriate places Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 151 ++++++++++++++++++------------------ 1 file changed, 75 insertions(+), 76 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index b9200ac09f..182a3bca63 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -38,16 +38,6 @@ used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. The only value supported by Mbed TLS 3.0.0 is `0x03000000`. -### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior - -The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increases code size and it does -not increase peak RAM usage anymore. - -If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` -to `0` in your config file. The impact depends on the number and size of -enabled curves. For example, for P-256 the difference is 1KB; see the documentation -of this option for details. - ### Move part of timing module out of the library The change affects users who use any of the following functions: @@ -95,29 +85,6 @@ because the parameters concerned are usually constants in applications. For more information see issue #4313. -### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` - -This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C -was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are -enabled. - -If you were using custom config file with MBEDTLS_SHA256_C enabled, then -you will need to add `#define MBEDTLS_SHA224_C` option to your config. -Current version of the library does not support enabling MBEDTLS_SHA256_C -without MBEDTLS_SHA224_C. - -### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` - -This does not affect users who use the default `mbedtls_config.h`. -MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is -enabled by default. - -If you were using a config file with both MBEDTLS_SHA512_C and -MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. -If you were using a config file with MBEDTLS_SHA512_C and without -MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add -`#define MBEDTLS_SHA384_C` to your config file. - ### Remove the `MBEDTLS_TEST_NULL_ENTROPY` configuration option This does not affect users who use the default `mbedtls_config.h`, as this option was @@ -129,14 +96,6 @@ and make sure your device is provisioned with a strong random seed. Alternatively, for testing purposes only, you can create and register a fake entropy function. -### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed - -This doesn't affect users of the default configuration; it only affects people -who were explicitly setting this option. - -This was a trade-off between code size and countermeasures; it is no longer -relevant as the countermeasure is now always on at no cost in code size. - ### Remove the HAVEGE module This doesn't affect people using the default configuration as it was already @@ -164,6 +123,14 @@ If no accessor function exists, please open an [enhancement request against Mbed As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. +### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 + +This only affects people who've been using Mbed TLS since before version 2.0 +and still relied on `compat-1.3.h` in their code. + +Please use the new names directly in your code; `scripts/rename.pl` (from any +of the 2.x releases — no longer included in 3.0) might help you do that. + ## Low-level crypto @@ -221,6 +188,56 @@ removed from the library. Please use parameters from RFC3526 (still in the library, only in binary form) or RFC 7919 (also available in the library) or other trusted sources instead. +### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior + +The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increases code size and it does +not increase peak RAM usage anymore. + +If you are limited by code size, you can define `MBEDTLS_ECP_FIXED_POINT_OPTIM` +to `0` in your config file. The impact depends on the number and size of +enabled curves. For example, for P-256 the difference is 1KB; see the documentation +of this option for details. + +### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` + +This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C +was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are +enabled. + +If you were using custom config file with MBEDTLS_SHA256_C enabled, then +you will need to add `#define MBEDTLS_SHA224_C` option to your config. +Current version of the library does not support enabling MBEDTLS_SHA256_C +without MBEDTLS_SHA224_C. + +### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` + +This does not affect users who use the default `mbedtls_config.h`. +MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is +enabled by default. + +If you were using a config file with both MBEDTLS_SHA512_C and +MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. +If you were using a config file with MBEDTLS_SHA512_C and without +MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add +`#define MBEDTLS_SHA384_C` to your config file. + +### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed + +This doesn't affect users of the default configuration; it only affects people +who were explicitly setting this option. + +This was a trade-off between code size and countermeasures; it is no longer +relevant as the countermeasure is now always on at no cost in code size. + +### SHA-512 and SHA-256 output type change + +The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. + +This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. + +Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. + + ## High-level crypto ### Remove wrapper for libpkcs11-helper @@ -464,14 +481,6 @@ just use mbedtls_rsa_init(ctx); ``` -### SHA-512 and SHA-256 output type change - -The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. - -This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. - -Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. - ### Some function parameters were made const Various functions in the PK and ASN.1 modules had a `const` qualifier added to @@ -482,7 +491,6 @@ those functions. In this case, you'll need to update the type of your pointers in order to match the new signature. - ## PSA ### Deprecated names for PSA constants and types were removed @@ -522,24 +530,6 @@ implement those additional five API functions. ## X.509 -### Strengthen default algorithm selection for X.509 and TLS - -The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. - -Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. - -The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. - -The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. - -If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: -``` -mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; -my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); -``` - -If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. - ### Remove the certs module from the library This should not affect production use of the library, as the certificates and @@ -715,14 +705,6 @@ This doesn't affect people using the default configuration. This option has not had any effect for a long time. Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` instead. -### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 - -This only affects people who've been using Mbed TLS since before version 2.0 -and still relied on `compat-1.3.h` in their code. - -Please use the new names directly in your code; `scripts/rename.pl` (from any -of the 2.x releases — no longer included in 3.0) might help you do that. - ### Combine the `MBEDTLS_SSL_CID_PADDING_GRANULARITY` and `MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY` options This change affects users who modified the default `mbedtls_config.h` padding granularity @@ -1009,3 +991,20 @@ e.g.: `mbedtls_ssl_conf_preference_order(ssl_config, MBEDTLS_SSL_SRV_CIPHERSUITE has the same effect as enabling the removed option. The default state is to use the server order of suites. +### Strengthen default algorithm selection for X.509 and TLS + +The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification. + +Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1. + +The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available. + +The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. + +If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: +``` +mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; +my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); +``` + +If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. From b1c6b4a7a54521561259b0142962e1e1f9b5a363 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 14:17:21 +0100 Subject: [PATCH 0689/1065] Add cross-reference Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 182a3bca63..4d3ae57b19 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -597,7 +597,9 @@ configuration. If you are working with the pre-V3 certificates you need to switch to the current ones. +### Strengthen default algorithm selection for X.509 +This is described in the section (Strengthen default algorithm selection for X.509 and TLS)[strengthen-default-algorithm-selection-for-x.509-and-tls]. ## SSL From c936bbb15a5fb5a50b6e17360fa9dd41270406f7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 14:19:30 +0100 Subject: [PATCH 0690/1065] Make blank lines before sections consistent Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 4d3ae57b19..04eb37f648 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -500,7 +500,6 @@ API were removed from version 1.0 of specification. Please switch to the new names provided by the 1.0 specification instead. - ## Changes that only affect alternative implementations ### Internal / alt-focused headers were moved to a private location @@ -527,7 +526,6 @@ Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to implement those additional five API functions. - ## X.509 ### Remove the certs module from the library @@ -601,6 +599,7 @@ current ones. This is described in the section (Strengthen default algorithm selection for X.509 and TLS)[strengthen-default-algorithm-selection-for-x.509-and-tls]. + ## SSL ### Remove support for TLS 1.0, 1.1 and DTLS 1.0 From 92170cc3e1c725944da553a591c753ef02121e15 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 14:23:27 +0100 Subject: [PATCH 0691/1065] Add general cross-reference for low/high-level crypto Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 04eb37f648..35652c3f3c 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -134,6 +134,9 @@ of the 2.x releases — no longer included in 3.0) might help you do that. ## Low-level crypto +Please also refer to the section [High-level crypto](#high-level-crypto) for +changes that could sit in either cateogry. + ### The RNG parameter is now mandatory for all functions that accept one This change affects all users who called a function accepting a `f_rng` @@ -240,6 +243,9 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f ## High-level crypto +Please also refer to the section [Low-level crypto](#low-level-crypto) for +changes that could sit in either cateogry. + ### Remove wrapper for libpkcs11-helper This doesn't affect people using the default configuration as it was already From 8d91ceb19d67fd144c37c1c1d723c97699bd7357 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 16:56:09 +0100 Subject: [PATCH 0692/1065] Remove empty 3.0-migration-guide.d This is now captured in 3.0-migration-guide.md Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.d/00README | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100644 docs/3.0-migration-guide.d/00README diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README deleted file mode 100644 index a41733e470..0000000000 --- a/docs/3.0-migration-guide.d/00README +++ /dev/null @@ -1,27 +0,0 @@ -Please add your migration guide entries here. Until 3.0 is released, each PR -that makes backwards-incompatible changes should add a file here, with the -extension .md, a descriptive name and the following format: - ----%<------%<------%<------%<------%<------%<------%<------%<--- - -The change that was made ------------------------- - -Who exactly is affected: does this affect users of the default config, of a -particular feature? Remember to contextualise. - -If I'm affected, what's my migration path? How should I change my code if this -is an API change; if a feature was removed what are my alternatives? - ----%<------%<------%<------%<------%<------%<------%<------%<--- - -PRs that make multiple independent changes should include one entry for each -changes or logical groups of changes. You can either add multiple files or put -multiple entries in the same file. - -For examples, have a look a docs/3.0-migration-guide.md (which includes the -top-level header and an intro before the list of entries). - -As part of release preparation, the entries in this directory will be appended -to docs/3.0-migration-guide.md and then re-ordered and reviewed one last time. -The file is then going to be moved to the version-independent docs repo. From 26ad6c7ea7f292bec43267562dc147bbbbf701f9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 17:14:01 +0100 Subject: [PATCH 0693/1065] Fix typo Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 35652c3f3c..081e7bbc7c 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -135,7 +135,7 @@ of the 2.x releases — no longer included in 3.0) might help you do that. ## Low-level crypto Please also refer to the section [High-level crypto](#high-level-crypto) for -changes that could sit in either cateogry. +changes that could sit in either category. ### The RNG parameter is now mandatory for all functions that accept one @@ -244,7 +244,7 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f ## High-level crypto Please also refer to the section [Low-level crypto](#low-level-crypto) for -changes that could sit in either cateogry. +changes that could sit in either category. ### Remove wrapper for libpkcs11-helper From 6753a775b84eb4dccfd95dc37235b349e1063042 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 17:15:28 +0100 Subject: [PATCH 0694/1065] Fix grammatical error Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 081e7bbc7c..8aa9f2faf5 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -549,7 +549,7 @@ and it may change in incompatible ways at any time. This affects applications that call the `mbedtls_x509write_csr_set_extension` function. -The API is changed to include the parameter `critical` which allow to mark an +The API is changed to include the parameter `critical` which enables marking an extension included in a CSR as critical. To get the previous behavior pass 0. ### Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION From 2e1e623d33ba8d8e0bdb03d51141b8998671999d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 17:45:22 +0100 Subject: [PATCH 0695/1065] Correct hyperlink syntax Co-authored-by: Tomasz Rodziewicz <40165497+TRodziewicz@users.noreply.github.com> Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 8aa9f2faf5..03b5890973 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -603,7 +603,7 @@ current ones. ### Strengthen default algorithm selection for X.509 -This is described in the section (Strengthen default algorithm selection for X.509 and TLS)[strengthen-default-algorithm-selection-for-x.509-and-tls]. +This is described in the section [Strengthen default algorithm selection for X.509 and TLS](strengthen-default-algorithm-selection-for-x.509-and-tls). ## SSL From 9d3417845c8bd06b4b5078dbf2533529e6ebf437 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:35:43 +0100 Subject: [PATCH 0696/1065] Add backticks where needed Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 72 ++++++++++++++++++------------------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 03b5890973..d66cb7f694 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -389,7 +389,7 @@ The following functions now take an extra parameter indicating the size of the o The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. -### Rename mbedtls_*_ret() cryptography functions whose deprecated variants have been removed +### Rename `mbedtls_*_ret()` cryptography functions whose deprecated variants have been removed This change affects users who were using the `mbedtls_*_ret()` cryptography functions. @@ -398,30 +398,30 @@ Those functions were created based on now-deprecated functions according to a requirement that a function needs to return a value. This change brings back the original names of those functions. The renamed functions are: -| name before this change | after the change | -|------------------------------|--------------------------| -| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update | -| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update | -| mbedtls_md5_starts_ret | mbedtls_md5_starts | -| mbedtls_md5_update_ret | mbedtls_md5_update | -| mbedtls_md5_finish_ret | mbedtls_md5_finish | -| mbedtls_md5_ret | mbedtls_md5 | -| mbedtls_ripemd160_starts_ret | mbedtls_ripemd160_starts | -| mbedtls_ripemd160_update_ret | mbedtls_ripemd160_update | -| mbedtls_ripemd160_finish_ret | mbedtls_ripemd160_finish | -| mbedtls_ripemd160_ret | mbedtls_ripemd160 | -| mbedtls_sha1_starts_ret | mbedtls_sha1_starts | -| mbedtls_sha1_update_ret | mbedtls_sha1_update | -| mbedtls_sha1_finish_ret | mbedtls_sha1_finish | -| mbedtls_sha1_ret | mbedtls_sha1 | -| mbedtls_sha256_starts_ret | mbedtls_sha256_starts | -| mbedtls_sha256_update_ret | mbedtls_sha256_update | -| mbedtls_sha256_finish_ret | mbedtls_sha256_finish | -| mbedtls_sha256_ret | mbedtls_sha256 | -| mbedtls_sha512_starts_ret | mbedtls_sha512_starts | -| mbedtls_sha512_update_ret | mbedtls_sha512_update | -| mbedtls_sha512_finish_ret | mbedtls_sha512_finish | -| mbedtls_sha512_ret | mbedtls_sha512 | +| name before this change | after the change | +|--------------------------------|----------------------------| +| `mbedtls_ctr_drbg_update_ret` | `mbedtls_ctr_drbg_update` | +| `mbedtls_hmac_drbg_update_ret` | `mbedtls_hmac_drbg_update` | +| `mbedtls_md5_starts_ret` | `mbedtls_md5_starts` | +| `mbedtls_md5_update_ret` | `mbedtls_md5_update` | +| `mbedtls_md5_finish_ret` | `mbedtls_md5_finish` | +| `mbedtls_md5_ret` | `mbedtls_md5` | +| `mbedtls_ripemd160_starts_ret` | `mbedtls_ripemd160_starts` | +| `mbedtls_ripemd160_update_ret` | `mbedtls_ripemd160_update` | +| `mbedtls_ripemd160_finish_ret` | `mbedtls_ripemd160_finish` | +| `mbedtls_ripemd160_ret` | `mbedtls_ripemd160` | +| `mbedtls_sha1_starts_ret` | `mbedtls_sha1_starts` | +| `mbedtls_sha1_update_ret` | `mbedtls_sha1_update` | +| `mbedtls_sha1_finish_ret` | `mbedtls_sha1_finish` | +| `mbedtls_sha1_ret` | `mbedtls_sha1` | +| `mbedtls_sha256_starts_ret` | `mbedtls_sha256_starts` | +| `mbedtls_sha256_update_ret` | `mbedtls_sha256_update` | +| `mbedtls_sha256_finish_ret` | `mbedtls_sha256_finish` | +| `mbedtls_sha256_ret` | `mbedtls_sha256` | +| `mbedtls_sha512_starts_ret` | `mbedtls_sha512_starts` | +| `mbedtls_sha512_update_ret` | `mbedtls_sha512_update` | +| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` | +| `mbedtls_sha512_ret` | `mbedtls_sha512` | To migrate to the this change the user can keep the `*_ret` names in their code and include the `compat_2.x.h` header file which holds macros with proper @@ -452,15 +452,15 @@ The signature functions in the PK module no longer accept 0 as the `hash_len` pa The migration path is to pass the correct value to those functions. -### Remove the padding parameters from mbedtls_rsa_init() +### Remove the padding parameters from `mbedtls_rsa_init()` This affects all users who use the RSA encryption, decryption, sign and verify APIs. -The function mbedtls_rsa_init() no longer supports selecting the PKCS#1 v2.1 +The function `mbedtls_rsa_init()` no longer supports selecting the PKCS#1 v2.1 encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call -to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it. +to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it. To choose the padding type when initializing a context, instead of @@ -526,8 +526,8 @@ and explain your need; we'll consider adding a new API in a future version. The CCM interface has changed with the addition of support for multi-part operations. Five new API functions have been defined: -mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), -mbedtls_ccm_update_ad(), mbedtls_ccm_update() and mbedtls_ccm_finish(). + `mbedtls_ccm_starts()`, `mbedtls_ccm_set_lengths()`, + `mbedtls_ccm_update_ad()`, `mbedtls_ccm_update()` and `mbedtls_ccm_finish()`. Alternative implementations of CCM (`MBEDTLS_CCM_ALT`) have now to implement those additional five API functions. @@ -807,7 +807,7 @@ recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support any, encourage them to upgrade their software. If you were using a ciphersuite without encryption, you just have to -enable MBEDTLS_CIPHER_NULL_CIPHER now. +enable `MBEDTLS_CIPHER_NULL_CIPHER` now. ### Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option @@ -845,7 +845,7 @@ Migration paths: ### Remove `MBEDTLS_SSL_DTLS_BADMAC_LIMIT` option This change does not affect users who used the default `mbedtls_config.h`, as the option -MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. +`MBEDTLS_SSL_DTLS_BADMAC_LIMIT` was already on by default. This option was a trade-off between functionality and code size: it allowed users who didn't need that feature to avoid paying the cost in code size, by @@ -865,11 +865,11 @@ instead. ### Remove `MBEDTLS_SSL_RECORD_CHECKING` option and enable its action by default -This change does not affect users who use the default mbedtls_config.h, as the -option MBEDTLS_SSL_RECORD_CHECKING was already on by default. +This change does not affect users who use the default `mbedtls_config.h`, as the +option `MBEDTLS_SSL_RECORD_CHECKING` was already on by default. This option was added only to control compilation of one function, -mbedtls_ssl_check_record(), which is only useful in some specific cases, so it + `mbedtls_ssl_check_record()`, which is only useful in some specific cases, so it was made optional to allow users who don't need it to save some code space. However, the same effect can be achieved by using link-time garbage collection. @@ -986,7 +986,7 @@ Migration path: ### Turn `MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE` configuration option into a runtime option -This change affects users who were enabling MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE +This change affects users who were enabling `MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE` option in the `mbedtls_config.h` This option has been removed and a new function with similar functionality has From ce53b3afd6a9241772525a1bf8963a5a0e59543d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:37:46 +0100 Subject: [PATCH 0697/1065] Remove reference to removed item Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 7 ------- 1 file changed, 7 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index d66cb7f694..17fe956a4f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -916,13 +916,6 @@ This affects users manually checking for the following error codes: - `MBEDTLS_ERR_SSL_BAD_HS_XXX` Migration paths: -- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` - should never be returned from Mbed TLS, and there is no need to check for it. - - Users should simply remove manual checks for those codes, and let the Mbed TLS - team know if — contrary to the team's understanding — there is in fact a situation - where one of them was ever returned. - - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate is too large to fit into the output buffers. From 28701c63cbb0a74f28b45ba14e72769c7a0751ea Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:38:41 +0100 Subject: [PATCH 0698/1065] Fix grammatical error Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 17fe956a4f..6960bea830 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -278,7 +278,8 @@ because the 3DES ciphersuites were disabled by that. 3DES has weaknesses/limitations and there are better alternatives, and more and more standard bodies are recommending against its use in TLS. -The migration path here is to choose from the recommended in literature alternatives. +The migration path here is to chose from the alternatives recommended in the +literature, such as AES. ### Deprecated error codes for hardware failures were removed From 7018053460ab9363dd0e545e3d98cceb320d386c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:40:24 +0100 Subject: [PATCH 0699/1065] Reorder subsections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 6960bea830..7f09449a29 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -38,6 +38,20 @@ used by the Mbed TLS release whose `MBEDTLS_VERSION_NUMBER` has the same value. The only value supported by Mbed TLS 3.0.0 is `0x03000000`. +### Most structure fields are now private + +Direct access to fields of structures (`struct` types) declared in public headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of the stable API, and minor versions (3.1, 3.2, etc.) may add, remove, rename, reorder or change the type of structure fields. + +There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the structure inconsistent; check the documentation in each case. + +Attempting to access a private field directly will result in a compilation error. + +If you were accessing structure fields directly, and these fields are not documented as public, you need to change your code. If an accessor (getter/setter) function exists, use that. Direct accessor functions are usually called `mbedtls__{get,set}_` or `mbedtls___{get,set}_`. Accessor functions that change the format may use different verbs, for example `read`/`write` for functions that import/export data from/to a text or byte string. + +If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/ARMmbed/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them to the first minor release(s) (3.1, etc.). + +As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. + ### Move part of timing module out of the library The change affects users who use any of the following functions: @@ -109,20 +123,6 @@ file created securely during device provisioning. See for more information. -### Most structure fields are now private - -Direct access to fields of structures (`struct` types) declared in public headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of the stable API, and minor versions (3.1, 3.2, etc.) may add, remove, rename, reorder or change the type of structure fields. - -There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the structure inconsistent; check the documentation in each case. - -Attempting to access a private field directly will result in a compilation error. - -If you were accessing structure fields directly, and these fields are not documented as public, you need to change your code. If an accessor (getter/setter) function exists, use that. Direct accessor functions are usually called `mbedtls__{get,set}_` or `mbedtls___{get,set}_`. Accessor functions that change the format may use different verbs, for example `read`/`write` for functions that import/export data from/to a text or byte string. - -If no accessor function exists, please open an [enhancement request against Mbed TLS](https://github.com/ARMmbed/mbedtls/issues/new?template=feature_request.md) and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them to the first minor release(s) (3.1, etc.). - -As a last resort, you can access the field `foo` of a structure `bar` by writing `bar.MBEDTLS_PRIVATE(foo)`. Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS. - ### Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 This only affects people who've been using Mbed TLS since before version 2.0 From aa1fba2fedadbd0a455fc0bf8bb15719a6222527 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:41:24 +0100 Subject: [PATCH 0700/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 7f09449a29..90d787773d 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -246,16 +246,6 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f Please also refer to the section [Low-level crypto](#low-level-crypto) for changes that could sit in either category. -### Remove wrapper for libpkcs11-helper - -This doesn't affect people using the default configuration as it was already -disabled by default. - -If you used to rely on this module in order to store your private keys -securely, please have a look at the key management facilities provided by the -PSA crypto API. If you have a use case that's not covered yet by this API, -please reach out on the mailing list. - ### Deprecated functions were removed from hashing modules Modules: MD5, SHA1, SHA256, SHA512, MD. @@ -606,6 +596,16 @@ current ones. This is described in the section [Strengthen default algorithm selection for X.509 and TLS](strengthen-default-algorithm-selection-for-x.509-and-tls). +### Remove wrapper for libpkcs11-helper + +This doesn't affect people using the default configuration as it was already +disabled by default. + +If you used to rely on this module in order to store your private keys +securely, please have a look at the key management facilities provided by the +PSA crypto API. If you have a use case that's not covered yet by this API, +please reach out on the mailing list. + ## SSL From 2d05e0f440aa97692b2a109a9a774e1f0862a4e4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:42:34 +0100 Subject: [PATCH 0701/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 90d787773d..1b24c4160f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -191,6 +191,20 @@ removed from the library. Please use parameters from RFC3526 (still in the library, only in binary form) or RFC 7919 (also available in the library) or other trusted sources instead. +### Deprecated functions were removed from hashing modules + +Modules: MD5, SHA1, SHA256, SHA512, MD. + +- The functions `mbedtls_xxx_starts_ret()`, `mbedtls_xxx_update_ret()`, + `mbedtls_xxx_finish_ret()` and `mbedtls_xxx_ret()` were renamed to replace + the corresponding functions without `_ret` appended. Please call the name without `_ret` appended and check the return value. +- The function `mbedtls_md_init_ctx()` was removed; please use + `mbedtls_md_setup()` instead. +- The functions `mbedtls_xxx_process()` were removed. You normally don't need + to call that from application code. However if you do (or if you want to + provide your own version of that function), please use + `mbedtls_internal_xxx_process()` instead, and check the return value. + ### Change `MBEDTLS_ECP_FIXED_POINT_OPTIM` behavior The option `MBEDTLS_ECP_FIXED_POINT_OPTIM` now increases code size and it does @@ -246,20 +260,6 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f Please also refer to the section [Low-level crypto](#low-level-crypto) for changes that could sit in either category. -### Deprecated functions were removed from hashing modules - -Modules: MD5, SHA1, SHA256, SHA512, MD. - -- The functions `mbedtls_xxx_starts_ret()`, `mbedtls_xxx_update_ret()`, - `mbedtls_xxx_finish_ret()` and `mbedtls_xxx_ret()` were renamed to replace - the corresponding functions without `_ret` appended. Please call the name without `_ret` appended and check the return value. -- The function `mbedtls_md_init_ctx()` was removed; please use - `mbedtls_md_setup()` instead. -- The functions `mbedtls_xxx_process()` were removed. You normally don't need - to call that from application code. However if you do (or if you want to - provide your own version of that function), please use - `mbedtls_internal_xxx_process()` instead, and check the return value. - ### Remove 3DES ciphersuites This change does not affect users using default settings for 3DES in `mbedtls_config.h` From 3f66943bddfc8772948d6094f00fff1fe295ba18 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:43:49 +0100 Subject: [PATCH 0702/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 1b24c4160f..2e08640d1d 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -260,17 +260,6 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f Please also refer to the section [Low-level crypto](#low-level-crypto) for changes that could sit in either category. -### Remove 3DES ciphersuites - -This change does not affect users using default settings for 3DES in `mbedtls_config.h` -because the 3DES ciphersuites were disabled by that. - -3DES has weaknesses/limitations and there are better alternatives, and more and -more standard bodies are recommending against its use in TLS. - -The migration path here is to chose from the alternatives recommended in the -literature, such as AES. - ### Deprecated error codes for hardware failures were removed - The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules @@ -1009,3 +998,14 @@ my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); ``` If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists. + +### Remove 3DES ciphersuites + +This change does not affect users using default settings for 3DES in `mbedtls_config.h` +because the 3DES ciphersuites were disabled by that. + +3DES has weaknesses/limitations and there are better alternatives, and more and +more standard bodies are recommending against its use in TLS. + +The migration path here is to chose from the alternatives recommended in the +literature, such as AES. From 897a95f46c1aa15db24fd8cebff5b136cadb40a1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:50:57 +0100 Subject: [PATCH 0703/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 2e08640d1d..09e5bd870d 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -254,12 +254,6 @@ This makes no difference to a vast majority of applications. If your code takes Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. - -## High-level crypto - -Please also refer to the section [Low-level crypto](#low-level-crypto) for -changes that could sit in either category. - ### Deprecated error codes for hardware failures were removed - The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules @@ -268,6 +262,12 @@ changes that could sit in either category. - The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. + +## High-level crypto + +Please also refer to the section [Low-level crypto](#low-level-crypto) for +changes that could sit in either category. + ### Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations This only affects people who use the cipher module to perform AEAD operations From 68547187f6513efbc57b3b280e921696b7bb5ec6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:53:09 +0100 Subject: [PATCH 0704/1065] Move subsections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 44 ++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 09e5bd870d..8a121feb48 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -238,6 +238,28 @@ If you were using a config file with MBEDTLS_SHA512_C and without MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add `#define MBEDTLS_SHA384_C` to your config file. +### GCM multipart interface: application changes + +The GCM module now supports arbitrary chunked input in the multipart interface. +This changes the interface for applications using the GCM module directly for multipart operations. +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. +* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: + * As long as the input remains block-aligned, the output length is exactly the input length, as before. + * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. + +### GCM interface changes: impact for alternative implementations + +The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. +* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: + * Always return the partial output immediately, even if it does not consist of a whole number of blocks. + * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. + ### The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed This doesn't affect users of the default configuration; it only affects people @@ -283,28 +305,6 @@ Currently the output is always 0 bytes, but it may be more when alternative implementations of the underlying primitives are in use, or with future versions of the library. -### GCM multipart interface: application changes - -The GCM module now supports arbitrary chunked input in the multipart interface. -This changes the interface for applications using the GCM module directly for multipart operations. -Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. -* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: - * As long as the input remains block-aligned, the output length is exactly the input length, as before. - * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. - -### GCM interface changes: impact for alternative implementations - -The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: - -* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. -* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: - * Always return the partial output immediately, even if it does not consist of a whole number of blocks. - * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. -* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. - ### Remove the mode parameter from RSA functions This affects all users who use the RSA encryption, decryption, sign and From 507827e75ada6eb2da54fec7ed8eec97430088ec Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:54:35 +0100 Subject: [PATCH 0705/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 8a121feb48..0c7be3060f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -284,6 +284,19 @@ Alternative implementations of the SHA256 and SHA512 modules must adjust their f - The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. +### Remove the mode parameter from RSA functions + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The RSA module no longer supports private-key operations with the public key or +vice versa. As a consequence, RSA operation functions no longer have a mode +parameter. If you were calling RSA operations with the normal mode (public key +for verification or encryption, private key for signature or decryption), remove +the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling +RSA operations with the wrong mode, which rarely makes sense from a security +perspective, this is no longer supported. + ## High-level crypto @@ -305,19 +318,6 @@ Currently the output is always 0 bytes, but it may be more when alternative implementations of the underlying primitives are in use, or with future versions of the library. -### Remove the mode parameter from RSA functions - -This affects all users who use the RSA encryption, decryption, sign and -verify APIs. - -The RSA module no longer supports private-key operations with the public key or -vice versa. As a consequence, RSA operation functions no longer have a mode -parameter. If you were calling RSA operations with the normal mode (public key -for verification or encryption, private key for signature or decryption), remove -the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling -RSA operations with the wrong mode, which rarely makes sense from a security -perspective, this is no longer supported. - ### Remove the RNG parameter from RSA verify functions RSA verification functions also no longer take random generator arguments (this From 715966862d36aacacc6b63c43182ed563f536ae6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:56:20 +0100 Subject: [PATCH 0706/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 0c7be3060f..0d68f0a2be 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -297,6 +297,19 @@ the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were callin RSA operations with the wrong mode, which rarely makes sense from a security perspective, this is no longer supported. +### Deprecated functions were removed from AES + +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were +removed. + +If you're simply using the AES module, you should be calling the higher-level +functions `mbedtls_aes_crypt_xxx()`. + +If you're providing an alternative implementation using +`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be +replacing the removed functions with `mbedtls_internal_aes_encrypt()` and +`mbedtls_internal_aes_decrypt()` respectively. + ## High-level crypto @@ -332,19 +345,6 @@ They are already niche or obsolete and most of them are weak or broken. For those reasons possible users should consider switching to modern and safe alternatives to be found in literature. -### Deprecated functions were removed from AES - -The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were -removed. - -If you're simply using the AES module, you should be calling the higher-level -functions `mbedtls_aes_crypt_xxx()`. - -If you're providing an alternative implementation using -`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be -replacing the removed functions with `mbedtls_internal_aes_encrypt()` and -`mbedtls_internal_aes_decrypt()` respectively. - ### Deprecated functions were removed from cipher The functions `mbedtls_cipher_auth_encrypt()` and From 8128b69ffe0d11166630e1d0aa9f625aa2b658b9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:56:33 +0100 Subject: [PATCH 0707/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 0d68f0a2be..5a4a2da713 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -310,6 +310,13 @@ If you're providing an alternative implementation using replacing the removed functions with `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()` respectively. +### Deprecated functions were removed from ECDSA + +The functions `mbedtls_ecdsa_write_signature_det()` and +`mbedtls_ecdsa_sign_det()` were removed. They were superseded by +`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` +respectively. + ## High-level crypto @@ -353,13 +360,6 @@ The functions `mbedtls_cipher_auth_encrypt()` and respectively which additionally support key wrapping algorithms such as NIST_KW. -### Deprecated functions were removed from ECDSA - -The functions `mbedtls_ecdsa_write_signature_det()` and -`mbedtls_ecdsa_sign_det()` were removed. They were superseded by -`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` -respectively. - ### Extra parameter for the output buffer size The following functions now take an extra parameter indicating the size of the output buffer: From b4d15b155693b82e190924032ef530648d9c2756 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:57:37 +0100 Subject: [PATCH 0708/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 78 ++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 5a4a2da713..b345b9dddb 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -317,6 +317,45 @@ The functions `mbedtls_ecdsa_write_signature_det()` and `mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` respectively. +### Rename `mbedtls_*_ret()` cryptography functions whose deprecated variants have been removed + +This change affects users who were using the `mbedtls_*_ret()` cryptography +functions. + +Those functions were created based on now-deprecated functions according to a +requirement that a function needs to return a value. This change brings back the +original names of those functions. The renamed functions are: + +| name before this change | after the change | +|--------------------------------|----------------------------| +| `mbedtls_ctr_drbg_update_ret` | `mbedtls_ctr_drbg_update` | +| `mbedtls_hmac_drbg_update_ret` | `mbedtls_hmac_drbg_update` | +| `mbedtls_md5_starts_ret` | `mbedtls_md5_starts` | +| `mbedtls_md5_update_ret` | `mbedtls_md5_update` | +| `mbedtls_md5_finish_ret` | `mbedtls_md5_finish` | +| `mbedtls_md5_ret` | `mbedtls_md5` | +| `mbedtls_ripemd160_starts_ret` | `mbedtls_ripemd160_starts` | +| `mbedtls_ripemd160_update_ret` | `mbedtls_ripemd160_update` | +| `mbedtls_ripemd160_finish_ret` | `mbedtls_ripemd160_finish` | +| `mbedtls_ripemd160_ret` | `mbedtls_ripemd160` | +| `mbedtls_sha1_starts_ret` | `mbedtls_sha1_starts` | +| `mbedtls_sha1_update_ret` | `mbedtls_sha1_update` | +| `mbedtls_sha1_finish_ret` | `mbedtls_sha1_finish` | +| `mbedtls_sha1_ret` | `mbedtls_sha1` | +| `mbedtls_sha256_starts_ret` | `mbedtls_sha256_starts` | +| `mbedtls_sha256_update_ret` | `mbedtls_sha256_update` | +| `mbedtls_sha256_finish_ret` | `mbedtls_sha256_finish` | +| `mbedtls_sha256_ret` | `mbedtls_sha256` | +| `mbedtls_sha512_starts_ret` | `mbedtls_sha512_starts` | +| `mbedtls_sha512_update_ret` | `mbedtls_sha512_update` | +| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` | +| `mbedtls_sha512_ret` | `mbedtls_sha512` | + +To migrate to the this change the user can keep the `*_ret` names in their code +and include the `compat_2.x.h` header file which holds macros with proper +renaming or to rename those functions in their code according to the list from +mentioned header file. + ## High-level crypto @@ -369,45 +408,6 @@ The following functions now take an extra parameter indicating the size of the o The requirements for the output buffer have not changed, but passing a buffer that is too small now reliably causes the functions to return an error, rather than overflowing the buffer. -### Rename `mbedtls_*_ret()` cryptography functions whose deprecated variants have been removed - -This change affects users who were using the `mbedtls_*_ret()` cryptography -functions. - -Those functions were created based on now-deprecated functions according to a -requirement that a function needs to return a value. This change brings back the -original names of those functions. The renamed functions are: - -| name before this change | after the change | -|--------------------------------|----------------------------| -| `mbedtls_ctr_drbg_update_ret` | `mbedtls_ctr_drbg_update` | -| `mbedtls_hmac_drbg_update_ret` | `mbedtls_hmac_drbg_update` | -| `mbedtls_md5_starts_ret` | `mbedtls_md5_starts` | -| `mbedtls_md5_update_ret` | `mbedtls_md5_update` | -| `mbedtls_md5_finish_ret` | `mbedtls_md5_finish` | -| `mbedtls_md5_ret` | `mbedtls_md5` | -| `mbedtls_ripemd160_starts_ret` | `mbedtls_ripemd160_starts` | -| `mbedtls_ripemd160_update_ret` | `mbedtls_ripemd160_update` | -| `mbedtls_ripemd160_finish_ret` | `mbedtls_ripemd160_finish` | -| `mbedtls_ripemd160_ret` | `mbedtls_ripemd160` | -| `mbedtls_sha1_starts_ret` | `mbedtls_sha1_starts` | -| `mbedtls_sha1_update_ret` | `mbedtls_sha1_update` | -| `mbedtls_sha1_finish_ret` | `mbedtls_sha1_finish` | -| `mbedtls_sha1_ret` | `mbedtls_sha1` | -| `mbedtls_sha256_starts_ret` | `mbedtls_sha256_starts` | -| `mbedtls_sha256_update_ret` | `mbedtls_sha256_update` | -| `mbedtls_sha256_finish_ret` | `mbedtls_sha256_finish` | -| `mbedtls_sha256_ret` | `mbedtls_sha256` | -| `mbedtls_sha512_starts_ret` | `mbedtls_sha512_starts` | -| `mbedtls_sha512_update_ret` | `mbedtls_sha512_update` | -| `mbedtls_sha512_finish_ret` | `mbedtls_sha512_finish` | -| `mbedtls_sha512_ret` | `mbedtls_sha512` | - -To migrate to the this change the user can keep the `*_ret` names in their code -and include the `compat_2.x.h` header file which holds macros with proper -renaming or to rename those functions in their code according to the list from -mentioned header file. - ### Signature functions now require the hash length to match the expected value This affects users of the PK API as well as users of the low-level API in the RSA module. Users of the PSA API or of the ECDSA module are unaffected. From 2b03457ca5ea49d2fc261d810067a381d2110d53 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:59:49 +0100 Subject: [PATCH 0709/1065] Improve wording Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index b345b9dddb..a6b71f643f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -175,9 +175,9 @@ number of Miller-Rabin rounds. ### Deprecated functions were removed from DRBGs -The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` -were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and -`mbedtls_hmac_drbg_update_ret()` respectively. +The functions `mbedtls_ctr_drbg_update_ret()` and `mbedtls_hmac_drbg_update_ret()` +were renamed to replace the corresponding functions without `_ret` appended. Please call +the name without `_ret` appended and check the return value. ### Deprecated hex-encoded primes were removed from DHM From 2482650483e108b46c0e2b9c64a67039c0d31f14 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 19:00:48 +0100 Subject: [PATCH 0710/1065] Correct hyperlink Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a6b71f643f..e91211a2bc 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -252,7 +252,7 @@ Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `ps ### GCM interface changes: impact for alternative implementations -The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: +The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. * `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: From 7d2ac88f93886271a3b7ed471158beaa9733238c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 19:02:36 +0100 Subject: [PATCH 0711/1065] Correct hyperlink Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index e91211a2bc..0794aba29f 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -583,7 +583,7 @@ current ones. ### Strengthen default algorithm selection for X.509 -This is described in the section [Strengthen default algorithm selection for X.509 and TLS](strengthen-default-algorithm-selection-for-x.509-and-tls). +This is described in the section [Strengthen default algorithm selection for X.509 and TLS](#strengthen-default-algorithm-selection-for-x.509-and-tls). ### Remove wrapper for libpkcs11-helper From a0148317327c1a59b94fe130a4dc252daa8f038b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 19:08:51 +0100 Subject: [PATCH 0712/1065] Add missing backticks Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 0794aba29f..c6e9c74f72 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -217,25 +217,25 @@ of this option for details. ### Separated `MBEDTLS_SHA224_C` and `MBEDTLS_SHA256_C` -This does not affect users who use the default `mbedtls_config.h`. MBEDTLS_SHA256_C -was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are +This does not affect users who use the default `mbedtls_config.h`. `MBEDTLS_SHA256_C` +was enabled by default. Now both `MBEDTLS_SHA256_C` and `MBEDTLS_SHA224_C` are enabled. -If you were using custom config file with MBEDTLS_SHA256_C enabled, then +If you were using custom config file with `MBEDTLS_SHA256_C` enabled, then you will need to add `#define MBEDTLS_SHA224_C` option to your config. -Current version of the library does not support enabling MBEDTLS_SHA256_C -without MBEDTLS_SHA224_C. +Current version of the library does not support enabling `MBEDTLS_SHA256_C` +without `MBEDTLS_SHA224_C`. ### Replaced `MBEDTLS_SHA512_NO_SHA384` with `MBEDTLS_SHA384_C` This does not affect users who use the default `mbedtls_config.h`. -MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is +`MBEDTLS_SHA512_NO_SHA384` was disabled by default, now `MBEDTLS_SHA384_C` is enabled by default. -If you were using a config file with both MBEDTLS_SHA512_C and -MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. -If you were using a config file with MBEDTLS_SHA512_C and without -MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add +If you were using a config file with both `MBEDTLS_SHA512_C` and +MBEDTLS_SHA512_NO_SHA384, then just remove the `MBEDTLS_SHA512_NO_SHA384`. +If you were using a config file with `MBEDTLS_SHA512_C` and without +`MBEDTLS_SHA512_NO_SHA384` and you need the SHA-384 algorithm, then add `#define MBEDTLS_SHA384_C` to your config file. ### GCM multipart interface: application changes @@ -532,7 +532,7 @@ function. The API is changed to include the parameter `critical` which enables marking an extension included in a CSR as critical. To get the previous behavior pass 0. -### Remove the config option MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +### Remove the config option `MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION` This change does not affect users of the default configuration; it only affects users who enable this option. From 10963278e7a14dfdfafd22c864c47a2fb463c771 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 19:11:22 +0100 Subject: [PATCH 0713/1065] Mark all code blocks as C Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index c6e9c74f72..1b673f7ac1 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -725,7 +725,7 @@ If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuri ### SSL key export interface change This affects users of the SSL key export APIs: -``` +```C mbedtls_ssl_conf_export_keys_cb() mbedtls_ssl_conf_export_keys_ext_cb() ``` @@ -876,7 +876,7 @@ Those users will need to modify the API of their session cache implementation to that of a key-value store with keys being session IDs and values being instances of `mbedtls_ssl_session`: -``` +```C typedef int mbedtls_ssl_cache_get_t( void *data, unsigned char const *session_id, size_t session_id_len, @@ -992,7 +992,7 @@ The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `M The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing. If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224: -``` +```C mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ); ``` From 26c12eb52349283eb3534bdb360974d7b646c14c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 19:58:00 +0100 Subject: [PATCH 0714/1065] Remove C from code block Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 1b673f7ac1..9b3a0e9b73 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -725,7 +725,7 @@ If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuri ### SSL key export interface change This affects users of the SSL key export APIs: -```C +``` mbedtls_ssl_conf_export_keys_cb() mbedtls_ssl_conf_export_keys_ext_cb() ``` From b0e6bb54f9191e323363218838c1b24816165d24 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 20:03:55 +0100 Subject: [PATCH 0715/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 9b3a0e9b73..8b3275c09c 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -356,6 +356,12 @@ and include the `compat_2.x.h` header file which holds macros with proper renaming or to rename those functions in their code according to the list from mentioned header file. +### Remove the RNG parameter from RSA verify functions + +RSA verification functions also no longer take random generator arguments (this +was only needed when using a private key). This affects all applications using +the RSA verify functions. + ## High-level crypto @@ -377,12 +383,6 @@ Currently the output is always 0 bytes, but it may be more when alternative implementations of the underlying primitives are in use, or with future versions of the library. -### Remove the RNG parameter from RSA verify functions - -RSA verification functions also no longer take random generator arguments (this -was only needed when using a private key). This affects all applications using -the RSA verify functions. - ### Remove MD2, MD4, RC4, Blowfish and XTEA algorithms This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms. From 9637bd30a38b02c9e5196821bcb47474ce8c9080 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 20:07:57 +0100 Subject: [PATCH 0716/1065] Move subsections Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 60 ++++++++++++++++++------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 8b3275c09c..06f389df76 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -137,36 +137,6 @@ of the 2.x releases — no longer included in 3.0) might help you do that. Please also refer to the section [High-level crypto](#high-level-crypto) for changes that could sit in either category. -### The RNG parameter is now mandatory for all functions that accept one - -This change affects all users who called a function accepting a `f_rng` -parameter with `NULL` as the value of this argument; this is no longer -supported. - -The changed functions are: the X.509 CRT and CSR writing functions; the PK and -RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM -and ECDH that compute the shared secret; the scalar multiplication functions in -ECP. - -You now need to pass a properly seeded, cryptographically secure RNG to all -functions that accept a `f_rng` parameter. It is of course still possible to -pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a -context. - -Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` -configuration options) may have their own internal and are free to ignore the -`f_rng` argument but must allow users to pass one anyway. - -### Some functions gained an RNG parameter - -This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, -`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and -`mbedtls_pk_parse_keyfile()`. - -You now need to pass a properly seeded, cryptographically secure RNG when -calling these functions. It is used for blinding, a countermeasure against -side-channel attacks. - ### Deprecated functions were removed from bignum The function `mbedtls_mpi_is_prime()` was removed. Please use @@ -476,6 +446,36 @@ This normally doesn't affect your code, unless you use pointers to reference those functions. In this case, you'll need to update the type of your pointers in order to match the new signature. +### The RNG parameter is now mandatory for all functions that accept one + +This change affects all users who called a function accepting a `f_rng` +parameter with `NULL` as the value of this argument; this is no longer +supported. + +The changed functions are: the X.509 CRT and CSR writing functions; the PK and +RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM +and ECDH that compute the shared secret; the scalar multiplication functions in +ECP. + +You now need to pass a properly seeded, cryptographically secure RNG to all +functions that accept a `f_rng` parameter. It is of course still possible to +pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a +context. + +Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` +configuration options) may have their own internal and are free to ignore the +`f_rng` argument but must allow users to pass one anyway. + +### Some functions gained an RNG parameter + +This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`, +`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and +`mbedtls_pk_parse_keyfile()`. + +You now need to pass a properly seeded, cryptographically secure RNG when +calling these functions. It is used for blinding, a countermeasure against +side-channel attacks. + ## PSA From 7b743193b09cd2118074d62a3a14af149cb8d630 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 20:10:10 +0100 Subject: [PATCH 0717/1065] Move subsection Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 70 ++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 06f389df76..a814c929c7 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -332,6 +332,41 @@ RSA verification functions also no longer take random generator arguments (this was only needed when using a private key). This affects all applications using the RSA verify functions. +### Remove the padding parameters from `mbedtls_rsa_init()` + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +The function `mbedtls_rsa_init()` no longer supports selecting the PKCS#1 v2.1 +encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If +you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call +to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it. + +To choose the padding type when initializing a context, instead of + +```C + mbedtls_rsa_init(ctx, padding, hash_id); +``` + +use + +```C + mbedtls_rsa_init(ctx); + mbedtls_rsa_set_padding(ctx, padding, hash_id); +``` + +To use PKCS#1 v1.5 padding, instead of + +```C + mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); +``` + +just use + +```C + mbedtls_rsa_init(ctx); +``` + ## High-level crypto @@ -402,41 +437,6 @@ The signature functions in the PK module no longer accept 0 as the `hash_len` pa The migration path is to pass the correct value to those functions. -### Remove the padding parameters from `mbedtls_rsa_init()` - -This affects all users who use the RSA encryption, decryption, sign and -verify APIs. - -The function `mbedtls_rsa_init()` no longer supports selecting the PKCS#1 v2.1 -encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If -you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call -to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it. - -To choose the padding type when initializing a context, instead of - -```C - mbedtls_rsa_init(ctx, padding, hash_id); -``` - -use - -```C - mbedtls_rsa_init(ctx); - mbedtls_rsa_set_padding(ctx, padding, hash_id); -``` - -To use PKCS#1 v1.5 padding, instead of - -```C - mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, ); -``` - -just use - -```C - mbedtls_rsa_init(ctx); -``` - ### Some function parameters were made const Various functions in the PK and ASN.1 modules had a `const` qualifier added to From b1d1c2af737af5439f9c44ae116afa48bc6ee101 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 17:52:53 +0100 Subject: [PATCH 0718/1065] Fix filename on Changelog item Signed-off-by: Dave Rodgman --- .../{rm-ticket-lifetime-option => rm-ticket-lifetime-option.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename ChangeLog.d/{rm-ticket-lifetime-option => rm-ticket-lifetime-option.txt} (100%) diff --git a/ChangeLog.d/rm-ticket-lifetime-option b/ChangeLog.d/rm-ticket-lifetime-option.txt similarity index 100% rename from ChangeLog.d/rm-ticket-lifetime-option rename to ChangeLog.d/rm-ticket-lifetime-option.txt From bb2eece7cf509ab1adbd3d22ff71cac005d9e298 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 18:07:19 +0100 Subject: [PATCH 0719/1065] Create aggregated ChangeLog Signed-off-by: Dave Rodgman --- ChangeLog | 371 +++++++++++++++++- ChangeLog.d/add-cmake-package-config.txt | 2 - ChangeLog.d/add-missing-parenthesis.txt | 3 - ChangeLog.d/aescrypt2.txt | 3 - ChangeLog.d/allow_alt_cmac_without_des.txt | 3 - ChangeLog.d/alt-context-relaxation.txt | 6 - ChangeLog.d/aria-alt.txt | 5 - ChangeLog.d/cipher-delayed-output.txt | 6 - ChangeLog.d/ciphersuite-sha1-sha384-guard.txt | 4 - ChangeLog.d/ciphersuite-sha384-guard.txt | 2 - ChangeLog.d/default-curves.txt | 9 - ChangeLog.d/dhm-fields.txt | 9 - ChangeLog.d/dhm_min_bitlen.txt | 4 - ChangeLog.d/ecdsa-random-leading-zeros.txt | 7 - ChangeLog.d/ecjpake-point_format.txt | 4 - ChangeLog.d/ecp-window-size.txt | 3 - ChangeLog.d/ecp_max_bits.txt | 3 - ChangeLog.d/fix-mingw-build.txt | 5 - ChangeLog.d/fix-pk-parse-key-error-code.txt | 2 - ChangeLog.d/fix-rsa-leak.txt | 6 - ChangeLog.d/fix-ssl-cf-hmac-alt.txt | 5 - ChangeLog.d/fix_tls_alert_codes.txt | 5 - ChangeLog.d/gcm-update.txt | 19 - ChangeLog.d/host_test-int32.txt | 3 - ChangeLog.d/implicit_key_usage_policy.txt | 5 - ChangeLog.d/issue4036.txt | 5 - ChangeLog.d/issue4055.txt | 3 - ChangeLog.d/issue4083.txt | 4 - ChangeLog.d/issue4084.txt | 4 - ChangeLog.d/issue4128.txt | 4 - ChangeLog.d/issue4176.txt | 3 - ChangeLog.d/issue4212.txt | 6 - ChangeLog.d/issue4282.txt | 13 - ChangeLog.d/issue4286.txt | 10 - ChangeLog.d/issue4313.txt | 4 - ChangeLog.d/issue4335.txt | 4 - ChangeLog.d/issue4361.txt | 3 - ChangeLog.d/issue4367.txt | 13 - ChangeLog.d/issue4378.txt | 4 - ChangeLog.d/issue4386.txt | 3 - ChangeLog.d/issue4398.txt | 3 - ChangeLog.d/issue4403.txt | 2 - ChangeLog.d/issue4405.txt | 4 - ChangeLog.d/key-export.txt | 10 - ChangeLog.d/make-generate-tests-python.txt | 3 - ChangeLog.d/mandatory-rng-param.txt | 14 - ChangeLog.d/max-record-payload-api.txt | 9 - ChangeLog.d/mbed-can-do-timing.txt | 3 - ChangeLog.d/mbedtls_debug_print_mpi.txt | 5 - ChangeLog.d/mpi_exp_mod-zero.txt | 7 - ChangeLog.d/mpi_gcd-0.txt | 4 - ChangeLog.d/mpi_random.txt | 3 - ChangeLog.d/mpi_read_zero.txt | 9 - ChangeLog.d/no-generated-files.txt | 7 - ChangeLog.d/one-shot-mac.txt | 3 - ChangeLog.d/one-shot_cipher_functions.txt | 4 - ChangeLog.d/out_size.txt | 5 - ChangeLog.d/posix-define.txt | 6 - ChangeLog.d/private-fields.txt | 5 - .../psa-aead-output-size-macros-1.0.txt | 5 - .../psa-builtin-keys-implementation.txt | 4 - ChangeLog.d/psa-read-only-keys.txt | 5 - ChangeLog.d/psa-rsa-verify-alt-fix.txt | 7 - ChangeLog.d/psa-without-genprime-fix.txt | 5 - .../psa_key_derivation-bad_workflow.txt | 3 - ChangeLog.d/psa_sign_message.txt | 2 - ChangeLog.d/random-range.txt | 4 - ChangeLog.d/reject-low-order-points-early.txt | 6 - ChangeLog.d/relaxed-psk-semantics.txt | 7 - ChangeLog.d/remove-config-psa-crypto.txt | 3 - .../remove-enable-weak-ciphersuites.txt | 2 - ChangeLog.d/remove-max-content-len.txt | 4 - ChangeLog.d/remove-rsa-mode-parameter.txt | 8 - ChangeLog.d/remove_null_entropy.txt | 2 - ChangeLog.d/require-matching-hashlen-rsa.txt | 5 - ChangeLog.d/rm-ecdh-legacy-context-option.txt | 3 - ChangeLog.d/rm-ticket-lifetime-option.txt | 5 - ChangeLog.d/rm-truncated-hmac-ext.txt | 5 - ChangeLog.d/rsa-padding.txt | 5 - ChangeLog.d/session-cache-api.txt | 5 - ChangeLog.d/sha224_sha384.txt | 7 - ChangeLog.d/sha512-output-type.txt | 6 - ChangeLog.d/split-config.txt | 13 - ChangeLog.d/spm_build.txt | 4 - ChangeLog.d/ssl-error-code-cleanup.txt | 6 - ChangeLog.d/tool-versions.txt | 4 - .../undefined_reference_without_psa.txt | 4 - ChangeLog.d/update_ssl_error_codes.txt | 3 - ChangeLog.d/winsock.txt | 4 - ChangeLog.d/x509_remove_info.txt | 6 - 90 files changed, 369 insertions(+), 466 deletions(-) delete mode 100644 ChangeLog.d/add-cmake-package-config.txt delete mode 100644 ChangeLog.d/add-missing-parenthesis.txt delete mode 100644 ChangeLog.d/aescrypt2.txt delete mode 100644 ChangeLog.d/allow_alt_cmac_without_des.txt delete mode 100644 ChangeLog.d/alt-context-relaxation.txt delete mode 100644 ChangeLog.d/aria-alt.txt delete mode 100644 ChangeLog.d/cipher-delayed-output.txt delete mode 100644 ChangeLog.d/ciphersuite-sha1-sha384-guard.txt delete mode 100644 ChangeLog.d/ciphersuite-sha384-guard.txt delete mode 100644 ChangeLog.d/default-curves.txt delete mode 100644 ChangeLog.d/dhm-fields.txt delete mode 100644 ChangeLog.d/dhm_min_bitlen.txt delete mode 100644 ChangeLog.d/ecdsa-random-leading-zeros.txt delete mode 100644 ChangeLog.d/ecjpake-point_format.txt delete mode 100644 ChangeLog.d/ecp-window-size.txt delete mode 100644 ChangeLog.d/ecp_max_bits.txt delete mode 100644 ChangeLog.d/fix-mingw-build.txt delete mode 100644 ChangeLog.d/fix-pk-parse-key-error-code.txt delete mode 100644 ChangeLog.d/fix-rsa-leak.txt delete mode 100644 ChangeLog.d/fix-ssl-cf-hmac-alt.txt delete mode 100644 ChangeLog.d/fix_tls_alert_codes.txt delete mode 100644 ChangeLog.d/gcm-update.txt delete mode 100644 ChangeLog.d/host_test-int32.txt delete mode 100644 ChangeLog.d/implicit_key_usage_policy.txt delete mode 100644 ChangeLog.d/issue4036.txt delete mode 100644 ChangeLog.d/issue4055.txt delete mode 100644 ChangeLog.d/issue4083.txt delete mode 100644 ChangeLog.d/issue4084.txt delete mode 100644 ChangeLog.d/issue4128.txt delete mode 100644 ChangeLog.d/issue4176.txt delete mode 100644 ChangeLog.d/issue4212.txt delete mode 100644 ChangeLog.d/issue4282.txt delete mode 100644 ChangeLog.d/issue4286.txt delete mode 100644 ChangeLog.d/issue4313.txt delete mode 100644 ChangeLog.d/issue4335.txt delete mode 100644 ChangeLog.d/issue4361.txt delete mode 100644 ChangeLog.d/issue4367.txt delete mode 100644 ChangeLog.d/issue4378.txt delete mode 100644 ChangeLog.d/issue4386.txt delete mode 100644 ChangeLog.d/issue4398.txt delete mode 100644 ChangeLog.d/issue4403.txt delete mode 100644 ChangeLog.d/issue4405.txt delete mode 100644 ChangeLog.d/key-export.txt delete mode 100644 ChangeLog.d/make-generate-tests-python.txt delete mode 100644 ChangeLog.d/mandatory-rng-param.txt delete mode 100644 ChangeLog.d/max-record-payload-api.txt delete mode 100644 ChangeLog.d/mbed-can-do-timing.txt delete mode 100644 ChangeLog.d/mbedtls_debug_print_mpi.txt delete mode 100644 ChangeLog.d/mpi_exp_mod-zero.txt delete mode 100644 ChangeLog.d/mpi_gcd-0.txt delete mode 100644 ChangeLog.d/mpi_random.txt delete mode 100644 ChangeLog.d/mpi_read_zero.txt delete mode 100644 ChangeLog.d/no-generated-files.txt delete mode 100644 ChangeLog.d/one-shot-mac.txt delete mode 100644 ChangeLog.d/one-shot_cipher_functions.txt delete mode 100644 ChangeLog.d/out_size.txt delete mode 100644 ChangeLog.d/posix-define.txt delete mode 100644 ChangeLog.d/private-fields.txt delete mode 100644 ChangeLog.d/psa-aead-output-size-macros-1.0.txt delete mode 100644 ChangeLog.d/psa-builtin-keys-implementation.txt delete mode 100644 ChangeLog.d/psa-read-only-keys.txt delete mode 100644 ChangeLog.d/psa-rsa-verify-alt-fix.txt delete mode 100644 ChangeLog.d/psa-without-genprime-fix.txt delete mode 100644 ChangeLog.d/psa_key_derivation-bad_workflow.txt delete mode 100644 ChangeLog.d/psa_sign_message.txt delete mode 100644 ChangeLog.d/random-range.txt delete mode 100644 ChangeLog.d/reject-low-order-points-early.txt delete mode 100644 ChangeLog.d/relaxed-psk-semantics.txt delete mode 100644 ChangeLog.d/remove-config-psa-crypto.txt delete mode 100644 ChangeLog.d/remove-enable-weak-ciphersuites.txt delete mode 100644 ChangeLog.d/remove-max-content-len.txt delete mode 100644 ChangeLog.d/remove-rsa-mode-parameter.txt delete mode 100644 ChangeLog.d/remove_null_entropy.txt delete mode 100644 ChangeLog.d/require-matching-hashlen-rsa.txt delete mode 100644 ChangeLog.d/rm-ecdh-legacy-context-option.txt delete mode 100644 ChangeLog.d/rm-ticket-lifetime-option.txt delete mode 100644 ChangeLog.d/rm-truncated-hmac-ext.txt delete mode 100644 ChangeLog.d/rsa-padding.txt delete mode 100644 ChangeLog.d/session-cache-api.txt delete mode 100644 ChangeLog.d/sha224_sha384.txt delete mode 100644 ChangeLog.d/sha512-output-type.txt delete mode 100644 ChangeLog.d/split-config.txt delete mode 100644 ChangeLog.d/spm_build.txt delete mode 100644 ChangeLog.d/ssl-error-code-cleanup.txt delete mode 100644 ChangeLog.d/tool-versions.txt delete mode 100644 ChangeLog.d/undefined_reference_without_psa.txt delete mode 100644 ChangeLog.d/update_ssl_error_codes.txt delete mode 100644 ChangeLog.d/winsock.txt delete mode 100644 ChangeLog.d/x509_remove_info.txt diff --git a/ChangeLog b/ChangeLog index fcd842708f..5074249437 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= Mbed TLS 3.0.0 branch released 2021-xx-xx += Mbed TLS 3.0.0 branch released 2021-07-07 API changes * Remove HAVEGE module. @@ -36,12 +36,146 @@ API changes * Drop support for RC4 TLS ciphersuites. * Drop support for single-DES ciphersuites. * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. + * Update AEAD output size macros to bring them in line with the PSA Crypto + API version 1.0 spec. This version of the spec parameterizes them on the + key type used, as well as the key bit-size in the case of + PSA_AEAD_TAG_LENGTH. + * Add configuration option MBEDTLS_X509_REMOVE_INFO which + removes the mbedtls_x509_*_info(), mbedtls_debug_print_crt() + as well as other functions and constants only used by + those functions. This reduces the code footprint by + several kB. + * Remove SSL error codes `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` + and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` which are never + returned from the public SSL API. + * Remove `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` and return + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead. + * The output parameter of mbedtls_sha512_finish_ret, mbedtls_sha512_ret, + mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type + rather than array type. This removes spurious warnings in some compilers + when outputting a SHA-384 or SHA-224 hash into a buffer of exactly + the hash size. + * Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388. + * The interface of the GCM module has changed to remove restrictions on + how the input to multipart operations is broken down. mbedtls_gcm_finish() + now takes an extra output parameter for the last partial output block. + mbedtls_gcm_update() now takes extra parameters for the output length. + The software implementation always produces the full output at each + call to mbedtls_gcm_update(), but alternative implementations activated + by MBEDTLS_GCM_ALT may delay partial blocks to the next call to + mbedtls_gcm_update() or mbedtls_gcm_finish(). Furthermore, applications + no longer pass the associated data to mbedtls_gcm_starts(), but to the + new function mbedtls_gcm_update_ad(). + These changes are backward compatible for users of the cipher API. + * Replace MBEDTLS_SHA512_NO_SHA384 config option with MBEDTLS_SHA384_C. + This separates config option enabling the SHA384 algorithm from option + enabling the SHA512 algorithm. Fixes #4034. + * Introduce MBEDTLS_SHA224_C. + This separates config option enabling the SHA224 algorithm from option + enabling SHA256. + * The getter and setter API of the SSL session cache (used for + session-ID based session resumption) has changed to that of + a key-value store with keys being session IDs and values + being opaque instances of `mbedtls_ssl_session`. + * Remove the mode parameter from RSA operation functions. Signature and + decryption functions now always use the private key and verification and + encryption use the public key. Verification functions also no longer have + RNG parameters. + * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: + In Mbed TLS 2.X, the API prescribes that later calls overwrite + the effect of earlier calls. In Mbed TLS 3.0, calling + `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, + leaving the PSK that was configured first intact. + Support for more than one PSK may be added in 3.X. + * The function mbedtls_x509write_csr_set_extension() has an extra parameter + which allows to mark an extension as critical. Fixes #4055. + * For multi-part AEAD operations with the cipher module, calling + mbedtls_cipher_finish() is now mandatory. Previously the documentation + was unclear on this point, and this function happened to never do + anything with the currently implemented AEADs, so in practice it was + possible to skip calling it, which is no longer supported. + * The option MBEDTLS_ECP_FIXED_POINT_OPTIM use pre-computed comb tables + instead of computing tables in runtime. Thus, this option now increase + code size, and it does not increase RAM usage in runtime anymore. + * Remove the SSL APIs mbedtls_ssl_get_input_max_frag_len() and + mbedtls_ssl_get_output_max_frag_len(), and add a new API + mbedtls_ssl_get_max_in_record_payload(), complementing the existing + mbedtls_ssl_get_max_out_record_payload(). + Uses of mbedtls_ssl_get_input_max_frag_len() and + mbedtls_ssl_get_input_max_frag_len() should be replaced by + mbedtls_ssl_get_max_in_record_payload() and + mbedtls_ssl_get_max_out_record_payload(), respectively. + * mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA + key. To use an RSA key with PSS or OAEP, call mbedtls_rsa_set_padding() + after initializing the context. mbedtls_rsa_set_padding() now returns an + error if its parameters are invalid. + * Replace MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE by a runtime + configuration function mbedtls_ssl_conf_preference_order(). Fixes #4398. + * Instead of accessing the len field of a DHM context, which is no longer + supported, use the new function mbedtls_dhm_get_len() . + * In modules that implement cryptographic hash functions, many functions + mbedtls_xxx() now return int instead of void, and the corresponding + function mbedtls_xxx_ret() which was identical except for returning int + has been removed. This also concerns mbedtls_xxx_drbg_update(). See the + migration guide for more information. Fixes #4212. + * For all functions that take a random number generator (RNG) as a + parameter, this parameter is now mandatory (that is, NULL is not an + acceptable value). Functions which previously accepted NULL and now + reject it are: the X.509 CRT and CSR writing functions; the PK and RSA + sign and decrypt function; mbedtls_rsa_private(); the functions + in DHM and ECDH that compute the shared secret; the scalar multiplication + functions in ECP. + * The following functions now require an RNG parameter: + mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(), + mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(). + * mbedtls_ssl_conf_export_keys_ext_cb() and + mbedtls_ssl_conf_export_keys_cb() have been removed and + replaced by a new API mbedtls_ssl_set_export_keys_cb(). + Raw keys and IVs are no longer passed to the callback. + Further, callbacks now receive an additional parameter + indicating the type of secret that's being exported, + paving the way for the larger number of secrets + in TLS 1.3. Finally, the key export callback and + context are now connection-specific. + * Signature functions in the RSA and PK modules now require the hash + length parameter to be the size of the hash input. For RSA signatures + other than raw PKCS#1 v1.5, this must match the output size of the + specified hash algorithm. + * The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(), + mbedtls_ecdsa_write_signature() and + mbedtls_ecdsa_write_signature_restartable() now take an extra parameter + indicating the size of the output buffer for the signature. + * Implement one-shot cipher functions, psa_cipher_encrypt and + psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 + specification. + * Direct access to fields of structures declared in public headers is no + longer supported except for fields that are documented public. Use accessor + functions instead. For more information, see the migration guide entry + "Most structure fields are now private". + +Default behavior changes + * Enable by default the functionalities which have no reason to be disabled. + They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and + Key Wrapping mode as defined in NIST SP 800-38F. Fixes #4036. + * Some default policies for X.509 certificate verification and TLS have + changed: curves and hashes weaker than 255 bits are no longer accepted + by default. The default order in TLS now favors faster curves over larger + curves. Requirement changes * The library now uses the %zu format specifier with the printf() family of functions, so requires a toolchain that supports it. This change does not affect the maintained LTS branches, so when contributing changes please bear this in mind and do not add them to backported code. + * If you build the development version of Mbed TLS, rather than an official + release, some configuration-independent files are now generated at build + time rather than checked into source control. This includes some library + source files as well as the Visual Studio solution. Perl, Python 3 and a + C compiler for the host platform are required. See “Generated source files + in the development branch” in README.md for more information. + * Refresh the minimum supported versions of tools to build the + library. CMake versions older than 3.10.2 and Python older + than 3.6 are no longer supported. Removals * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES @@ -49,7 +183,6 @@ Removals certificates signed with SHA-1 due to the known attacks against SHA-1. If needed, SHA-1 certificates can still be verified by using a custom verification profile. - * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 * Removed deprecated functions from hashing modules. Fixes #4280. * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, @@ -58,12 +191,133 @@ Removals More details on PCKS#11 wrapper removal can be found in the mailing list https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html * Remove deprecated error codes. Fix #4283 + * Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option. Fixes #4416. + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option. This option has been inactive for a long time. + Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` + instead. + * Remove the following deprecated functions and constants of hex-encoded + primes based on RFC 5114 and RFC 3526 from library code and tests: + mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(), + mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(), + mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(), + mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(), + mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(), + MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G, + MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G. + Remove the deprecated file: include/mbedtls/net.h. Fixes #4282. + * Remove MBEDTLS_SSL_MAX_CONTENT_LEN configuration option, since + MBEDTLS_SSL_IN_CONTENT_LEN and MBEDTLS_SSL_OUT_CONTENT_LEN replace + it. Fixes #4362. + * Remove the MBEDTLS_SSL_RECORD_CHECKING option and enable by default its + previous action. Fixes #4361. + * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for + CBC record splitting, fallback SCSV, and the ability to configure + ciphersuites per version, which are no longer relevant. This removes the + configuration options MBEDTLS_SSL_PROTO_TLS1, + MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING and + MBEDTLS_SSL_FALLBACK_SCSV as well as the functions + mbedtls_ssl_conf_cbc_record_splitting(), + mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(), + and mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286. + * The RSA module no longer supports private-key operations with the public + key and vice versa. + * Remove the MBEDTLS_SSL_DTLS_BADMAC_LIMIT config.h option. Fixes #4403. + * Remove all the 3DES ciphersuites: + MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA. Remove the + MBEDTLS_REMOVE_3DES_CIPHERSUITES option which is no longer relevant. + Fixes #4367. + * Remove the MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option and let the code + behave as if it was always disabled. Fixes #4386. + * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for + backward compatibility which is no longer supported. Addresses #4404. + * Remove the following macros: MBEDTLS_CHECK_PARAMS, + MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED, + MBEDTLS_PARAM_FAILED_ALT. Fixes #4313. + * Remove the MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h + option. The mbedtls_x509_crt_parse_der_with_ext_cb() is the way to go for + migration path. Fixes #4378. + * Remove the MBEDTLS_X509_CHECK_KEY_USAGE and + MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code + behave as if they were always enabled. Fixes #4405. + * MBEDTLS_ECP_MAX_BITS is no longer a configuration option because it is + now determined automatically based on supported curves. + * Remove the following functions: mbedtls_timing_self_test(), + mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and + mbedtls_set_alarm(). Fixes #4083. + * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as + it no longer had any effect. + * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the + corresponding modules and all their APIs and related configuration + options. Fixes #4084. + * Remove MBEDTLS_SSL_TRUNCATED_HMAC and also remove + MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by + using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC. + See issue #4341 for more details. + * Remove the compile-time option + MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE. Features * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a signature with a specific salt length. This function allows to validate test cases provided in the NIST's CAVP test suite. Contributed by Cédric Meuter in PR #3183. + * Added support for built-in driver keys through the PSA opaque crypto + driver interface. Refer to the documentation of + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information. + * Implement psa_sign_message() and psa_verify_message(). + * The multi-part GCM interface (mbedtls_gcm_update() or + mbedtls_cipher_update()) no longer requires the size of partial inputs to + be a multiple of 16. + * The multi-part GCM interface now supports chunked associated data through + multiple calls to mbedtls_gcm_update_ad(). + * The new function mbedtls_mpi_random() generates a random value in a + given range uniformly. + * Alternative implementations of the AES, DHM, ECJPAKE, ECP, RSA and timing + modules had undocumented constraints on their context types. These + constraints have been relaxed. + See docs/architecture/alternative-implementations.md for the remaining + constraints. + * The new functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() + query the size of the modulus in a Diffie-Hellman context. + * The new function mbedtls_dhm_get_value() copy a field out of a + Diffie-Hellman context. + * Use the new function mbedtls_ecjpake_set_point_format() to select the + point format for ECJPAKE instead of accessing the point_format field + directly, which is no longer supported. + * Implement psa_mac_compute() and psa_mac_verify() as defined in the + PSA Cryptograpy API 1.0.0 specification. + +Security +* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) + private keys and of blinding values for DHM and elliptic curves (ECP) + computations. Reported by FlorianF89 in #4245. +* Fix a potential side channel vulnerability in ECDSA ephemeral key generation. + An adversary who is capable of very precise timing measurements could + learn partial information about the leading bits of the nonce used for the + signature, allowing the recovery of the private key after observing a + large number of signature operations. This completes a partial fix in + Mbed TLS 2.20.0. + * An adversary with access to precise enough information about memory + accesses (typically, an untrusted operating system attacking a secure + enclave) could recover an RSA private key after observing the victim + performing a single private-key operation. Found and reported by + Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. + * An adversary with access to precise enough timing information (typically, a + co-located process) could recover a Curve25519 or Curve448 static ECDH key + after inputting a chosen public key and observing the victim performing the + corresponding private-key operation. Found and reported by Leila Batina, + Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. Bugfix * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may @@ -87,6 +341,76 @@ Bugfix mbedtls_mpi_read_string() was called on "-0", or when mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of the arguments being negative and the other being 0. Fixes #4643. + * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is + defined. Fixes #4217. + * Fix an incorrect error code when parsing a PKCS#8 private key. + * In a TLS client, enforce the Diffie-Hellman minimum parameter size + set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the + minimum size was rounded down to the nearest multiple of 8. + * In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are + defined to specific values. If the code is used in a context + where these are already defined, this can result in a compilation + error. Instead, assume that if they are defined, the values will + be adequate to build Mbed TLS. + * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built + nonetheless, resulting in undefined reference errors when building a + shared library. Reported by Guillermo Garcia M. in #4411. + * The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available + when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384 + was disabled. Fix the dependency. Fixes #4472. + * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499. + * Fix test suite code on platforms where int32_t is not int, such as + Arm Cortex-M. Fixes #4530. + * Fix some issues affecting MBEDTLS_ARIA_ALT implementations: a misplaced + directive in a header and a missing initialization in the self-test. + * Fix a missing initialization in the Camellia self-test, affecting + MBEDTLS_CAMELLIA_ALT implementations. + * Restore the ability to configure PSA via Mbed TLS options to support RSA + key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME + is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key(). + Fixes #4512. + * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites + (when the encrypt-then-MAC extension is not in use) with some ALT + implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing + the affected side to wrongly reject valid messages. Fixes #4118. + * Remove outdated check-config.h check that prevented implementing the + timing module on Mbed OS. Fixes #4633. + * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive + about missing inputs. + * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with + MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465. + * Fix a resource leak in a test suite with an alternative AES + implementation. Fixes #4176. + * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This + could notably be triggered by setting the TLS debug level to 3 or above + and using a Montgomery curve for the key exchange. Reported by lhuang04 + in #4578. Fixes #4608. + * psa_verify_hash() was relying on implementation-specific behavior of + mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT + implementations. This reliance is now removed. Fixes #3990. + * Disallow inputs of length different from the corresponding hash when + signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates + that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.) + * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with + A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug + could not be triggered by code that constructed A with one of the + mbedtls_mpi_read_xxx functions (including in particular TLS code) since + those always built an mpi object with at least one limb. + Credit to OSS-Fuzz. Fixes #4641. + * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no + effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect + applications that call mbedtls_mpi_gcd() directly. Fixes #4642. + * The PSA API no longer allows the creation or destruction of keys with a + read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY + can now only be used as intended, for keys that cannot be modified through + normal use of the API. + * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included + in all the right places. Include it from crypto_platform.h, which is + the natural place. Fixes #4649. + * Fix which alert is sent in some cases to conform to the + applicable RFC: on an invalid Finished message value, an + invalid max_fragment_length extension, or an + unsupported extension used by the server. Changes * Fix the setting of the read timeout in the DTLS sample programs. @@ -94,6 +418,49 @@ Changes * Fix memsan build false positive in x509_crt.c with clang 11 * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to be released 2021-xx-xx), including various API-breaking changes. + * Alternative implementations of CMAC may now opt to not support 3DES as a + CMAC block cipher, and still pass the CMAC self test. + * Remove the AES sample application programs/aes/aescrypt2 which shows + bad cryptographic practice. Fix #1906. + * Remove configs/config-psa-crypto.h, which no longer had any intended + differences from the default configuration, but had accidentally diverged. + * When building the test suites with GNU make, invoke python3 or python, not + python2, which is no longer supported upstream. + * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on. + When that flag is on, standard GNU C printf format specifiers + should be used. + * Replace MBEDTLS_SSL_CID_PADDING_GRANULARITY and + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a new single unified option + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY. Fixes #4335. + * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage + during ECC operations at a negligible performance cost. + * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and + mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs + when their input has length 0. Note that this is an implementation detail + and can change at any time, so this change should be transparent, but it + may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string() + now writing an empty string where it previously wrote one or more + zero digits when operating from values constructed with an mpi_read + function and some mpi operations. + * Add CMake package config generation for CMake projects consuming Mbed TLS. + * config.h has been split into build_info.h and mbedtls_config.h + build_info.h is intended to be included from C code directly, while + mbedtls_config.h is intended to be edited by end users wishing to + change the build configuration, and should generally only be included from + build_info.h. + * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. + * A config file version symbol, MBEDTLS_CONFIG_VERSION was introduced. + Defining it to a particular value will ensure that Mbed TLS interprets + the config file in a way that's compatible with the config file format + used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same + value. + The only value supported by Mbed TLS 3.0.0 is 0x03000000. + * Various changes to which alert and/or error code may be returned + * during the TLS handshake. + * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when + PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag + when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension + is also applied when loading a key from storage. = mbed TLS 2.26.0 branch released 2021-03-08 diff --git a/ChangeLog.d/add-cmake-package-config.txt b/ChangeLog.d/add-cmake-package-config.txt deleted file mode 100644 index 3b738169b5..0000000000 --- a/ChangeLog.d/add-cmake-package-config.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Add CMake package config generation for CMake projects consuming Mbed TLS. diff --git a/ChangeLog.d/add-missing-parenthesis.txt b/ChangeLog.d/add-missing-parenthesis.txt deleted file mode 100644 index 9576ff3793..0000000000 --- a/ChangeLog.d/add-missing-parenthesis.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is - defined. Fixes #4217. diff --git a/ChangeLog.d/aescrypt2.txt b/ChangeLog.d/aescrypt2.txt deleted file mode 100644 index 7ffa49eaa3..0000000000 --- a/ChangeLog.d/aescrypt2.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Remove the AES sample application programs/aes/aescrypt2 which shows - bad cryptographic practice. Fix #1906. diff --git a/ChangeLog.d/allow_alt_cmac_without_des.txt b/ChangeLog.d/allow_alt_cmac_without_des.txt deleted file mode 100644 index 5193a9e61e..0000000000 --- a/ChangeLog.d/allow_alt_cmac_without_des.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Alternative implementations of CMAC may now opt to not support 3DES as a - CMAC block cipher, and still pass the CMAC self test. diff --git a/ChangeLog.d/alt-context-relaxation.txt b/ChangeLog.d/alt-context-relaxation.txt deleted file mode 100644 index 10fd476192..0000000000 --- a/ChangeLog.d/alt-context-relaxation.txt +++ /dev/null @@ -1,6 +0,0 @@ -Features - * Alternative implementations of the AES, DHM, ECJPAKE, ECP, RSA and timing - modules had undocumented constraints on their context types. These - constraints have been relaxed. - See docs/architecture/alternative-implementations.md for the remaining - constraints. diff --git a/ChangeLog.d/aria-alt.txt b/ChangeLog.d/aria-alt.txt deleted file mode 100644 index 20aaa2b71d..0000000000 --- a/ChangeLog.d/aria-alt.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix some issues affecting MBEDTLS_ARIA_ALT implementations: a misplaced - directive in a header and a missing initialization in the self-test. - * Fix a missing initialization in the Camellia self-test, affecting - MBEDTLS_CAMELLIA_ALT implementations. diff --git a/ChangeLog.d/cipher-delayed-output.txt b/ChangeLog.d/cipher-delayed-output.txt deleted file mode 100644 index 4ca3a0cc0a..0000000000 --- a/ChangeLog.d/cipher-delayed-output.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * For multi-part AEAD operations with the cipher module, calling - mbedtls_cipher_finish() is now mandatory. Previously the documentation - was unclear on this point, and this function happened to never do - anything with the currently implemented AEADs, so in practice it was - possible to skip calling it, which is no longer supported. diff --git a/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt b/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt deleted file mode 100644 index d253f349a5..0000000000 --- a/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available - when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384 - was disabled. Fix the dependency. Fixes #4472. diff --git a/ChangeLog.d/ciphersuite-sha384-guard.txt b/ChangeLog.d/ciphersuite-sha384-guard.txt deleted file mode 100644 index 0ddf463ebc..0000000000 --- a/ChangeLog.d/ciphersuite-sha384-guard.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499. diff --git a/ChangeLog.d/default-curves.txt b/ChangeLog.d/default-curves.txt deleted file mode 100644 index bfb0fd0e03..0000000000 --- a/ChangeLog.d/default-curves.txt +++ /dev/null @@ -1,9 +0,0 @@ -Default behavior changes - * Some default policies for X.509 certificate verification and TLS have - changed: curves and hashes weaker than 255 bits are no longer accepted - by default. The default order in TLS now favors faster curves over larger - curves. - -Removals - * Remove the compile-time option - MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE. diff --git a/ChangeLog.d/dhm-fields.txt b/ChangeLog.d/dhm-fields.txt deleted file mode 100644 index 4d5c751fba..0000000000 --- a/ChangeLog.d/dhm-fields.txt +++ /dev/null @@ -1,9 +0,0 @@ -Features - * The new functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() - query the size of the modulus in a Diffie-Hellman context. - * The new function mbedtls_dhm_get_value() copy a field out of a - Diffie-Hellman context. - -API changes - * Instead of accessing the len field of a DHM context, which is no longer - supported, use the new function mbedtls_dhm_get_len() . diff --git a/ChangeLog.d/dhm_min_bitlen.txt b/ChangeLog.d/dhm_min_bitlen.txt deleted file mode 100644 index e7ea827302..0000000000 --- a/ChangeLog.d/dhm_min_bitlen.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * In a TLS client, enforce the Diffie-Hellman minimum parameter size - set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the - minimum size was rounded down to the nearest multiple of 8. diff --git a/ChangeLog.d/ecdsa-random-leading-zeros.txt b/ChangeLog.d/ecdsa-random-leading-zeros.txt deleted file mode 100644 index cbc674bd48..0000000000 --- a/ChangeLog.d/ecdsa-random-leading-zeros.txt +++ /dev/null @@ -1,7 +0,0 @@ -Security -* Fix a potential side channel vulnerability in ECDSA ephemeral key generation. - An adversary who is capable of very precise timing measurements could - learn partial information about the leading bits of the nonce used for the - signature, allowing the recovery of the private key after observing a - large number of signature operations. This completes a partial fix in - Mbed TLS 2.20.0. diff --git a/ChangeLog.d/ecjpake-point_format.txt b/ChangeLog.d/ecjpake-point_format.txt deleted file mode 100644 index 6e05b23393..0000000000 --- a/ChangeLog.d/ecjpake-point_format.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * Use the new function mbedtls_ecjpake_set_point_format() to select the - point format for ECJPAKE instead of accessing the point_format field - directly, which is no longer supported. diff --git a/ChangeLog.d/ecp-window-size.txt b/ChangeLog.d/ecp-window-size.txt deleted file mode 100644 index 909d4e8a42..0000000000 --- a/ChangeLog.d/ecp-window-size.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage - during ECC operations at a negligible performance cost. diff --git a/ChangeLog.d/ecp_max_bits.txt b/ChangeLog.d/ecp_max_bits.txt deleted file mode 100644 index b952469196..0000000000 --- a/ChangeLog.d/ecp_max_bits.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * MBEDTLS_ECP_MAX_BITS is no longer a configuration option because it is - now determined automatically based on supported curves. diff --git a/ChangeLog.d/fix-mingw-build.txt b/ChangeLog.d/fix-mingw-build.txt deleted file mode 100644 index 383b1c7fd4..0000000000 --- a/ChangeLog.d/fix-mingw-build.txt +++ /dev/null @@ -1,5 +0,0 @@ -Changes - * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on. - When that flag is on, standard GNU C printf format specifiers - should be used. - diff --git a/ChangeLog.d/fix-pk-parse-key-error-code.txt b/ChangeLog.d/fix-pk-parse-key-error-code.txt deleted file mode 100644 index 3aa330b1a5..0000000000 --- a/ChangeLog.d/fix-pk-parse-key-error-code.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix an incorrect error code when parsing a PKCS#8 private key. diff --git a/ChangeLog.d/fix-rsa-leak.txt b/ChangeLog.d/fix-rsa-leak.txt deleted file mode 100644 index b7d3e3e758..0000000000 --- a/ChangeLog.d/fix-rsa-leak.txt +++ /dev/null @@ -1,6 +0,0 @@ -Security - * An adversary with access to precise enough information about memory - accesses (typically, an untrusted operating system attacking a secure - enclave) could recover an RSA private key after observing the victim - performing a single private-key operation. Found and reported by - Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. diff --git a/ChangeLog.d/fix-ssl-cf-hmac-alt.txt b/ChangeLog.d/fix-ssl-cf-hmac-alt.txt deleted file mode 100644 index 57ffa02e2a..0000000000 --- a/ChangeLog.d/fix-ssl-cf-hmac-alt.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites - (when the encrypt-then-MAC extension is not in use) with some ALT - implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing - the affected side to wrongly reject valid messages. Fixes #4118. diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt deleted file mode 100644 index 10235d7bc3..0000000000 --- a/ChangeLog.d/fix_tls_alert_codes.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix which alert is sent in some cases to conform to the - applicable RFC: on an invalid Finished message value, an - invalid max_fragment_length extension, or an - unsupported extension used by the server. diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt deleted file mode 100644 index 858bd0a734..0000000000 --- a/ChangeLog.d/gcm-update.txt +++ /dev/null @@ -1,19 +0,0 @@ -API changes - * The interface of the GCM module has changed to remove restrictions on - how the input to multipart operations is broken down. mbedtls_gcm_finish() - now takes an extra output parameter for the last partial output block. - mbedtls_gcm_update() now takes extra parameters for the output length. - The software implementation always produces the full output at each - call to mbedtls_gcm_update(), but alternative implementations activated - by MBEDTLS_GCM_ALT may delay partial blocks to the next call to - mbedtls_gcm_update() or mbedtls_gcm_finish(). Furthermore, applications - no longer pass the associated data to mbedtls_gcm_starts(), but to the - new function mbedtls_gcm_update_ad(). - These changes are backward compatible for users of the cipher API. - -Features - * The multi-part GCM interface (mbedtls_gcm_update() or - mbedtls_cipher_update()) no longer requires the size of partial inputs to - be a multiple of 16. - * The multi-part GCM interface now supports chunked associated data through - multiple calls to mbedtls_gcm_update_ad(). diff --git a/ChangeLog.d/host_test-int32.txt b/ChangeLog.d/host_test-int32.txt deleted file mode 100644 index 60ef8e9702..0000000000 --- a/ChangeLog.d/host_test-int32.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix test suite code on platforms where int32_t is not int, such as - Arm Cortex-M. Fixes #4530. diff --git a/ChangeLog.d/implicit_key_usage_policy.txt b/ChangeLog.d/implicit_key_usage_policy.txt deleted file mode 100644 index ee33ecb7b6..0000000000 --- a/ChangeLog.d/implicit_key_usage_policy.txt +++ /dev/null @@ -1,5 +0,0 @@ -Changes - * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when - PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag - when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension - is also applied when loading a key from storage. diff --git a/ChangeLog.d/issue4036.txt b/ChangeLog.d/issue4036.txt deleted file mode 100644 index 7009496235..0000000000 --- a/ChangeLog.d/issue4036.txt +++ /dev/null @@ -1,5 +0,0 @@ -Default behavior changes - * Enable by default the functionalities which have no reason to be disabled. - They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and - Key Wrapping mode as defined in NIST SP 800-38F. Fixes #4036. - diff --git a/ChangeLog.d/issue4055.txt b/ChangeLog.d/issue4055.txt deleted file mode 100644 index e9bd1d14e1..0000000000 --- a/ChangeLog.d/issue4055.txt +++ /dev/null @@ -1,3 +0,0 @@ -API changes - * The function mbedtls_x509write_csr_set_extension() has an extra parameter - which allows to mark an extension as critical. Fixes #4055. diff --git a/ChangeLog.d/issue4083.txt b/ChangeLog.d/issue4083.txt deleted file mode 100644 index 845733702f..0000000000 --- a/ChangeLog.d/issue4083.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove the following functions: mbedtls_timing_self_test(), - mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and - mbedtls_set_alarm(). Fixes #4083. diff --git a/ChangeLog.d/issue4084.txt b/ChangeLog.d/issue4084.txt deleted file mode 100644 index 75273c1bdc..0000000000 --- a/ChangeLog.d/issue4084.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the - corresponding modules and all their APIs and related configuration - options. Fixes #4084. diff --git a/ChangeLog.d/issue4128.txt b/ChangeLog.d/issue4128.txt deleted file mode 100644 index bc41874fd4..0000000000 --- a/ChangeLog.d/issue4128.txt +++ /dev/null @@ -1,4 +0,0 @@ -API changes - * The option MBEDTLS_ECP_FIXED_POINT_OPTIM use pre-computed comb tables - instead of computing tables in runtime. Thus, this option now increase - code size, and it does not increase RAM usage in runtime anymore. diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt deleted file mode 100644 index ddca37f9be..0000000000 --- a/ChangeLog.d/issue4176.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a resource leak in a test suite with an alternative AES - implementation. Fixes #4176. diff --git a/ChangeLog.d/issue4212.txt b/ChangeLog.d/issue4212.txt deleted file mode 100644 index 9e72ca9d77..0000000000 --- a/ChangeLog.d/issue4212.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * In modules that implement cryptographic hash functions, many functions - mbedtls_xxx() now return int instead of void, and the corresponding - function mbedtls_xxx_ret() which was identical except for returning int - has been removed. This also concerns mbedtls_xxx_drbg_update(). See the - migration guide for more information. Fixes #4212. diff --git a/ChangeLog.d/issue4282.txt b/ChangeLog.d/issue4282.txt deleted file mode 100644 index 685f64df40..0000000000 --- a/ChangeLog.d/issue4282.txt +++ /dev/null @@ -1,13 +0,0 @@ -Removals - * Remove the following deprecated functions and constants of hex-encoded - primes based on RFC 5114 and RFC 3526 from library code and tests: - mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(), - mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(), - mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(), - mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(), - mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(), - MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G, - MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G, - MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G, - MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G. - Remove the deprecated file: include/mbedtls/net.h. Fixes #4282. diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt deleted file mode 100644 index 75d2f0928f..0000000000 --- a/ChangeLog.d/issue4286.txt +++ /dev/null @@ -1,10 +0,0 @@ -Removals - * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for - CBC record splitting, fallback SCSV, and the ability to configure - ciphersuites per version, which are no longer relevant. This removes the - configuration options MBEDTLS_SSL_PROTO_TLS1, - MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING and - MBEDTLS_SSL_FALLBACK_SCSV as well as the functions - mbedtls_ssl_conf_cbc_record_splitting(), - mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(), - and mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286. diff --git a/ChangeLog.d/issue4313.txt b/ChangeLog.d/issue4313.txt deleted file mode 100644 index 1fb61234be..0000000000 --- a/ChangeLog.d/issue4313.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove the following macros: MBEDTLS_CHECK_PARAMS, - MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED, - MBEDTLS_PARAM_FAILED_ALT. Fixes #4313. diff --git a/ChangeLog.d/issue4335.txt b/ChangeLog.d/issue4335.txt deleted file mode 100644 index fe9b7affa6..0000000000 --- a/ChangeLog.d/issue4335.txt +++ /dev/null @@ -1,4 +0,0 @@ -Changes - * Replace MBEDTLS_SSL_CID_PADDING_GRANULARITY and - MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a new single unified option - MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY. Fixes #4335. diff --git a/ChangeLog.d/issue4361.txt b/ChangeLog.d/issue4361.txt deleted file mode 100644 index f1dbb3f195..0000000000 --- a/ChangeLog.d/issue4361.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * Remove the MBEDTLS_SSL_RECORD_CHECKING option and enable by default its - previous action. Fixes #4361. diff --git a/ChangeLog.d/issue4367.txt b/ChangeLog.d/issue4367.txt deleted file mode 100644 index 9012fc062c..0000000000 --- a/ChangeLog.d/issue4367.txt +++ /dev/null @@ -1,13 +0,0 @@ -Removals - * Remove all the 3DES ciphersuites: - MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA. Remove the - MBEDTLS_REMOVE_3DES_CIPHERSUITES option which is no longer relevant. - Fixes #4367. diff --git a/ChangeLog.d/issue4378.txt b/ChangeLog.d/issue4378.txt deleted file mode 100644 index 9a7522b3ab..0000000000 --- a/ChangeLog.d/issue4378.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove the MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h - option. The mbedtls_x509_crt_parse_der_with_ext_cb() is the way to go for - migration path. Fixes #4378. diff --git a/ChangeLog.d/issue4386.txt b/ChangeLog.d/issue4386.txt deleted file mode 100644 index 9e61fdba23..0000000000 --- a/ChangeLog.d/issue4386.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * Remove the MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option and let the code - behave as if it was always disabled. Fixes #4386. diff --git a/ChangeLog.d/issue4398.txt b/ChangeLog.d/issue4398.txt deleted file mode 100644 index b7f241391e..0000000000 --- a/ChangeLog.d/issue4398.txt +++ /dev/null @@ -1,3 +0,0 @@ -API changes - * Replace MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE by a runtime - configuration function mbedtls_ssl_conf_preference_order(). Fixes #4398. diff --git a/ChangeLog.d/issue4403.txt b/ChangeLog.d/issue4403.txt deleted file mode 100644 index 08ac60e699..0000000000 --- a/ChangeLog.d/issue4403.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Remove the MBEDTLS_SSL_DTLS_BADMAC_LIMIT config.h option. Fixes #4403. diff --git a/ChangeLog.d/issue4405.txt b/ChangeLog.d/issue4405.txt deleted file mode 100644 index c36aefa154..0000000000 --- a/ChangeLog.d/issue4405.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove the MBEDTLS_X509_CHECK_KEY_USAGE and - MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code - behave as if they were always enabled. Fixes #4405. diff --git a/ChangeLog.d/key-export.txt b/ChangeLog.d/key-export.txt deleted file mode 100644 index 2fc01a4c52..0000000000 --- a/ChangeLog.d/key-export.txt +++ /dev/null @@ -1,10 +0,0 @@ -API changes - * mbedtls_ssl_conf_export_keys_ext_cb() and - mbedtls_ssl_conf_export_keys_cb() have been removed and - replaced by a new API mbedtls_ssl_set_export_keys_cb(). - Raw keys and IVs are no longer passed to the callback. - Further, callbacks now receive an additional parameter - indicating the type of secret that's being exported, - paving the way for the larger number of secrets - in TLS 1.3. Finally, the key export callback and - context are now connection-specific. diff --git a/ChangeLog.d/make-generate-tests-python.txt b/ChangeLog.d/make-generate-tests-python.txt deleted file mode 100644 index 4b9009d6f8..0000000000 --- a/ChangeLog.d/make-generate-tests-python.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * When building the test suites with GNU make, invoke python3 or python, not - python2, which is no longer supported upstream. diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt deleted file mode 100644 index 39ee335339..0000000000 --- a/ChangeLog.d/mandatory-rng-param.txt +++ /dev/null @@ -1,14 +0,0 @@ -API changes - * For all functions that take a random number generator (RNG) as a - parameter, this parameter is now mandatory (that is, NULL is not an - acceptable value). Functions which previously accepted NULL and now - reject it are: the X.509 CRT and CSR writing functions; the PK and RSA - sign and decrypt function; mbedtls_rsa_private(); the functions - in DHM and ECDH that compute the shared secret; the scalar multiplication - functions in ECP. - * The following functions now require an RNG parameter: - mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(), - mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(). -Removals - * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as - it no longer had any effect. diff --git a/ChangeLog.d/max-record-payload-api.txt b/ChangeLog.d/max-record-payload-api.txt deleted file mode 100644 index 02b47e4e1b..0000000000 --- a/ChangeLog.d/max-record-payload-api.txt +++ /dev/null @@ -1,9 +0,0 @@ -API changes - * Remove the SSL APIs mbedtls_ssl_get_input_max_frag_len() and - mbedtls_ssl_get_output_max_frag_len(), and add a new API - mbedtls_ssl_get_max_in_record_payload(), complementing the existing - mbedtls_ssl_get_max_out_record_payload(). - Uses of mbedtls_ssl_get_input_max_frag_len() and - mbedtls_ssl_get_input_max_frag_len() should be replaced by - mbedtls_ssl_get_max_in_record_payload() and - mbedtls_ssl_get_max_out_record_payload(), respectively. diff --git a/ChangeLog.d/mbed-can-do-timing.txt b/ChangeLog.d/mbed-can-do-timing.txt deleted file mode 100644 index d83da02432..0000000000 --- a/ChangeLog.d/mbed-can-do-timing.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Remove outdated check-config.h check that prevented implementing the - timing module on Mbed OS. Fixes #4633. diff --git a/ChangeLog.d/mbedtls_debug_print_mpi.txt b/ChangeLog.d/mbedtls_debug_print_mpi.txt deleted file mode 100644 index d1b4f5b415..0000000000 --- a/ChangeLog.d/mbedtls_debug_print_mpi.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This - could notably be triggered by setting the TLS debug level to 3 or above - and using a Montgomery curve for the key exchange. Reported by lhuang04 - in #4578. Fixes #4608. diff --git a/ChangeLog.d/mpi_exp_mod-zero.txt b/ChangeLog.d/mpi_exp_mod-zero.txt deleted file mode 100644 index 9df9031a91..0000000000 --- a/ChangeLog.d/mpi_exp_mod-zero.txt +++ /dev/null @@ -1,7 +0,0 @@ -Bugfix - * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with - A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug - could not be triggered by code that constructed A with one of the - mbedtls_mpi_read_xxx functions (including in particular TLS code) since - those always built an mpi object with at least one limb. - Credit to OSS-Fuzz. Fixes #4641. diff --git a/ChangeLog.d/mpi_gcd-0.txt b/ChangeLog.d/mpi_gcd-0.txt deleted file mode 100644 index 41e11e1f6b..0000000000 --- a/ChangeLog.d/mpi_gcd-0.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no - effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect - applications that call mbedtls_mpi_gcd() directly. Fixes #4642. diff --git a/ChangeLog.d/mpi_random.txt b/ChangeLog.d/mpi_random.txt deleted file mode 100644 index 9e6a416239..0000000000 --- a/ChangeLog.d/mpi_random.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * The new function mbedtls_mpi_random() generates a random value in a - given range uniformly. diff --git a/ChangeLog.d/mpi_read_zero.txt b/ChangeLog.d/mpi_read_zero.txt deleted file mode 100644 index 0c25159d94..0000000000 --- a/ChangeLog.d/mpi_read_zero.txt +++ /dev/null @@ -1,9 +0,0 @@ -Changes - * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and - mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs - when their input has length 0. Note that this is an implementation detail - and can change at any time, so this change should be transparent, but it - may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string() - now writing an empty string where it previously wrote one or more - zero digits when operating from values constructed with an mpi_read - function and some mpi operations. diff --git a/ChangeLog.d/no-generated-files.txt b/ChangeLog.d/no-generated-files.txt deleted file mode 100644 index 0f9648a99e..0000000000 --- a/ChangeLog.d/no-generated-files.txt +++ /dev/null @@ -1,7 +0,0 @@ -Requirement changes - * If you build the development version of Mbed TLS, rather than an official - release, some configuration-independent files are now generated at build - time rather than checked into source control. This includes some library - source files as well as the Visual Studio solution. Perl, Python 3 and a - C compiler for the host platform are required. See “Generated source files - in the development branch” in README.md for more information. diff --git a/ChangeLog.d/one-shot-mac.txt b/ChangeLog.d/one-shot-mac.txt deleted file mode 100644 index 112891decc..0000000000 --- a/ChangeLog.d/one-shot-mac.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * Implement psa_mac_compute() and psa_mac_verify() as defined in the - PSA Cryptograpy API 1.0.0 specification. diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt deleted file mode 100644 index 3bb85e10dc..0000000000 --- a/ChangeLog.d/one-shot_cipher_functions.txt +++ /dev/null @@ -1,4 +0,0 @@ -API changes - * Implement one-shot cipher functions, psa_cipher_encrypt and - psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 - specification. diff --git a/ChangeLog.d/out_size.txt b/ChangeLog.d/out_size.txt deleted file mode 100644 index 721bf6aad6..0000000000 --- a/ChangeLog.d/out_size.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(), - mbedtls_ecdsa_write_signature() and - mbedtls_ecdsa_write_signature_restartable() now take an extra parameter - indicating the size of the output buffer for the signature. diff --git a/ChangeLog.d/posix-define.txt b/ChangeLog.d/posix-define.txt deleted file mode 100644 index 98cf2d0122..0000000000 --- a/ChangeLog.d/posix-define.txt +++ /dev/null @@ -1,6 +0,0 @@ -Bugfix - * In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are - defined to specific values. If the code is used in a context - where these are already defined, this can result in a compilation - error. Instead, assume that if they are defined, the values will - be adequate to build Mbed TLS. diff --git a/ChangeLog.d/private-fields.txt b/ChangeLog.d/private-fields.txt deleted file mode 100644 index 10b9a594af..0000000000 --- a/ChangeLog.d/private-fields.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Direct access to fields of structures declared in public headers is no - longer supported except for fields that are documented public. Use accessor - functions instead. For more information, see the migration guide entry - "Most structure fields are now private". diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt deleted file mode 100644 index 22756f1a5b..0000000000 --- a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Update AEAD output size macros to bring them in line with the PSA Crypto - API version 1.0 spec. This version of the spec parameterizes them on the - key type used, as well as the key bit-size in the case of - PSA_AEAD_TAG_LENGTH. diff --git a/ChangeLog.d/psa-builtin-keys-implementation.txt b/ChangeLog.d/psa-builtin-keys-implementation.txt deleted file mode 100644 index 66ba77d07e..0000000000 --- a/ChangeLog.d/psa-builtin-keys-implementation.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * Added support for built-in driver keys through the PSA opaque crypto - driver interface. Refer to the documentation of - MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information. diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt deleted file mode 100644 index a4a282373f..0000000000 --- a/ChangeLog.d/psa-read-only-keys.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * The PSA API no longer allows the creation or destruction of keys with a - read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY - can now only be used as intended, for keys that cannot be modified through - normal use of the API. diff --git a/ChangeLog.d/psa-rsa-verify-alt-fix.txt b/ChangeLog.d/psa-rsa-verify-alt-fix.txt deleted file mode 100644 index 74804caf7a..0000000000 --- a/ChangeLog.d/psa-rsa-verify-alt-fix.txt +++ /dev/null @@ -1,7 +0,0 @@ -Bugfix - * psa_verify_hash() was relying on implementation-specific behavior of - mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT - implementations. This reliance is now removed. Fixes #3990. - * Disallow inputs of length different from the corresponding hash when - signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates - that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.) diff --git a/ChangeLog.d/psa-without-genprime-fix.txt b/ChangeLog.d/psa-without-genprime-fix.txt deleted file mode 100644 index 8a7153a9cd..0000000000 --- a/ChangeLog.d/psa-without-genprime-fix.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Restore the ability to configure PSA via Mbed TLS options to support RSA - key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME - is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key(). - Fixes #4512. diff --git a/ChangeLog.d/psa_key_derivation-bad_workflow.txt b/ChangeLog.d/psa_key_derivation-bad_workflow.txt deleted file mode 100644 index 7fd03e6c9e..0000000000 --- a/ChangeLog.d/psa_key_derivation-bad_workflow.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive - about missing inputs. diff --git a/ChangeLog.d/psa_sign_message.txt b/ChangeLog.d/psa_sign_message.txt deleted file mode 100644 index 2d77ec054e..0000000000 --- a/ChangeLog.d/psa_sign_message.txt +++ /dev/null @@ -1,2 +0,0 @@ -Features - * Implement psa_sign_message() and psa_verify_message(). diff --git a/ChangeLog.d/random-range.txt b/ChangeLog.d/random-range.txt deleted file mode 100644 index dc35ec6c66..0000000000 --- a/ChangeLog.d/random-range.txt +++ /dev/null @@ -1,4 +0,0 @@ -Security -* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) - private keys and of blinding values for DHM and elliptic curves (ECP) - computations. Reported by FlorianF89 in #4245. diff --git a/ChangeLog.d/reject-low-order-points-early.txt b/ChangeLog.d/reject-low-order-points-early.txt deleted file mode 100644 index eb735697a9..0000000000 --- a/ChangeLog.d/reject-low-order-points-early.txt +++ /dev/null @@ -1,6 +0,0 @@ -Security - * An adversary with access to precise enough timing information (typically, a - co-located process) could recover a Curve25519 or Curve448 static ECDH key - after inputting a chosen public key and observing the victim performing the - corresponding private-key operation. Found and reported by Leila Batina, - Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. diff --git a/ChangeLog.d/relaxed-psk-semantics.txt b/ChangeLog.d/relaxed-psk-semantics.txt deleted file mode 100644 index 418ff6fcb7..0000000000 --- a/ChangeLog.d/relaxed-psk-semantics.txt +++ /dev/null @@ -1,7 +0,0 @@ -API changes - * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: - In Mbed TLS 2.X, the API prescribes that later calls overwrite - the effect of earlier calls. In Mbed TLS 3.0, calling - `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, - leaving the PSK that was configured first intact. - Support for more than one PSK may be added in 3.X. diff --git a/ChangeLog.d/remove-config-psa-crypto.txt b/ChangeLog.d/remove-config-psa-crypto.txt deleted file mode 100644 index eb7cc504c2..0000000000 --- a/ChangeLog.d/remove-config-psa-crypto.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Remove configs/config-psa-crypto.h, which no longer had any intended - differences from the default configuration, but had accidentally diverged. diff --git a/ChangeLog.d/remove-enable-weak-ciphersuites.txt b/ChangeLog.d/remove-enable-weak-ciphersuites.txt deleted file mode 100644 index 97f63ebb8a..0000000000 --- a/ChangeLog.d/remove-enable-weak-ciphersuites.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option. Fixes #4416. diff --git a/ChangeLog.d/remove-max-content-len.txt b/ChangeLog.d/remove-max-content-len.txt deleted file mode 100644 index b7607e6c6b..0000000000 --- a/ChangeLog.d/remove-max-content-len.txt +++ /dev/null @@ -1,4 +0,0 @@ -Removals - * Remove MBEDTLS_SSL_MAX_CONTENT_LEN configuration option, since - MBEDTLS_SSL_IN_CONTENT_LEN and MBEDTLS_SSL_OUT_CONTENT_LEN replace - it. Fixes #4362. diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt deleted file mode 100644 index 2590d3a949..0000000000 --- a/ChangeLog.d/remove-rsa-mode-parameter.txt +++ /dev/null @@ -1,8 +0,0 @@ -Removals - * The RSA module no longer supports private-key operations with the public - key and vice versa. -API changes - * Remove the mode parameter from RSA operation functions. Signature and - decryption functions now always use the private key and verification and - encryption use the public key. Verification functions also no longer have - RNG parameters. diff --git a/ChangeLog.d/remove_null_entropy.txt b/ChangeLog.d/remove_null_entropy.txt deleted file mode 100644 index 3d9674b45f..0000000000 --- a/ChangeLog.d/remove_null_entropy.txt +++ /dev/null @@ -1,2 +0,0 @@ -API changes - * Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388. diff --git a/ChangeLog.d/require-matching-hashlen-rsa.txt b/ChangeLog.d/require-matching-hashlen-rsa.txt deleted file mode 100644 index 096b577b59..0000000000 --- a/ChangeLog.d/require-matching-hashlen-rsa.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Signature functions in the RSA and PK modules now require the hash - length parameter to be the size of the hash input. For RSA signatures - other than raw PKCS#1 v1.5, this must match the output size of the - specified hash algorithm. diff --git a/ChangeLog.d/rm-ecdh-legacy-context-option.txt b/ChangeLog.d/rm-ecdh-legacy-context-option.txt deleted file mode 100644 index d5a527b94a..0000000000 --- a/ChangeLog.d/rm-ecdh-legacy-context-option.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for - backward compatibility which is no longer supported. Addresses #4404. diff --git a/ChangeLog.d/rm-ticket-lifetime-option.txt b/ChangeLog.d/rm-ticket-lifetime-option.txt deleted file mode 100644 index 4851512f87..0000000000 --- a/ChangeLog.d/rm-ticket-lifetime-option.txt +++ /dev/null @@ -1,5 +0,0 @@ -Removals - * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - compile-time option. This option has been inactive for a long time. - Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` - instead. diff --git a/ChangeLog.d/rm-truncated-hmac-ext.txt b/ChangeLog.d/rm-truncated-hmac-ext.txt deleted file mode 100644 index 3739256957..0000000000 --- a/ChangeLog.d/rm-truncated-hmac-ext.txt +++ /dev/null @@ -1,5 +0,0 @@ -Removals - * Remove MBEDTLS_SSL_TRUNCATED_HMAC and also remove - MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by - using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC. - See issue #4341 for more details. diff --git a/ChangeLog.d/rsa-padding.txt b/ChangeLog.d/rsa-padding.txt deleted file mode 100644 index 5f9c11f717..0000000000 --- a/ChangeLog.d/rsa-padding.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA - key. To use an RSA key with PSS or OAEP, call mbedtls_rsa_set_padding() - after initializing the context. mbedtls_rsa_set_padding() now returns an - error if its parameters are invalid. diff --git a/ChangeLog.d/session-cache-api.txt b/ChangeLog.d/session-cache-api.txt deleted file mode 100644 index 75cc9438f8..0000000000 --- a/ChangeLog.d/session-cache-api.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * The getter and setter API of the SSL session cache (used for - session-ID based session resumption) has changed to that of - a key-value store with keys being session IDs and values - being opaque instances of `mbedtls_ssl_session`. diff --git a/ChangeLog.d/sha224_sha384.txt b/ChangeLog.d/sha224_sha384.txt deleted file mode 100644 index f60ea563e7..0000000000 --- a/ChangeLog.d/sha224_sha384.txt +++ /dev/null @@ -1,7 +0,0 @@ -API changes - * Replace MBEDTLS_SHA512_NO_SHA384 config option with MBEDTLS_SHA384_C. - This separates config option enabling the SHA384 algorithm from option - enabling the SHA512 algorithm. Fixes #4034. - * Introduce MBEDTLS_SHA224_C. - This separates config option enabling the SHA224 algorithm from option - enabling SHA256. diff --git a/ChangeLog.d/sha512-output-type.txt b/ChangeLog.d/sha512-output-type.txt deleted file mode 100644 index eabc67df70..0000000000 --- a/ChangeLog.d/sha512-output-type.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * The output parameter of mbedtls_sha512_finish_ret, mbedtls_sha512_ret, - mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type - rather than array type. This removes spurious warnings in some compilers - when outputting a SHA-384 or SHA-224 hash into a buffer of exactly - the hash size. diff --git a/ChangeLog.d/split-config.txt b/ChangeLog.d/split-config.txt deleted file mode 100644 index f66dc93a8e..0000000000 --- a/ChangeLog.d/split-config.txt +++ /dev/null @@ -1,13 +0,0 @@ -Changes - * config.h has been split into build_info.h and mbedtls_config.h - build_info.h is intended to be included from C code directly, while - mbedtls_config.h is intended to be edited by end users wishing to - change the build configuration, and should generally only be included from - build_info.h. - * The handling of MBEDTLS_CONFIG_FILE has been moved into build_info.h. - * A config file version symbol, MBEDTLS_CONFIG_VERSION was introduced. - Defining it to a particular value will ensure that Mbed TLS interprets - the config file in a way that's compatible with the config file format - used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same - value. - The only value supported by Mbed TLS 3.0.0 is 0x03000000. diff --git a/ChangeLog.d/spm_build.txt b/ChangeLog.d/spm_build.txt deleted file mode 100644 index 6016d84e08..0000000000 --- a/ChangeLog.d/spm_build.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included - in all the right places. Include it from crypto_platform.h, which is - the natural place. Fixes #4649. diff --git a/ChangeLog.d/ssl-error-code-cleanup.txt b/ChangeLog.d/ssl-error-code-cleanup.txt deleted file mode 100644 index 768d1905ad..0000000000 --- a/ChangeLog.d/ssl-error-code-cleanup.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * Remove SSL error codes `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` - and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` which are never - returned from the public SSL API. - * Remove `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` and return - `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead. diff --git a/ChangeLog.d/tool-versions.txt b/ChangeLog.d/tool-versions.txt deleted file mode 100644 index b89b384aa3..0000000000 --- a/ChangeLog.d/tool-versions.txt +++ /dev/null @@ -1,4 +0,0 @@ -Requirement changes - * Refresh the minimum supported versions of tools to build the - library. CMake versions older than 3.10.2 and Python older - than 3.6 are no longer supported. diff --git a/ChangeLog.d/undefined_reference_without_psa.txt b/ChangeLog.d/undefined_reference_without_psa.txt deleted file mode 100644 index 4dae53419f..0000000000 --- a/ChangeLog.d/undefined_reference_without_psa.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built - nonetheless, resulting in undefined reference errors when building a - shared library. Reported by Guillermo Garcia M. in #4411. diff --git a/ChangeLog.d/update_ssl_error_codes.txt b/ChangeLog.d/update_ssl_error_codes.txt deleted file mode 100644 index 0630b54759..0000000000 --- a/ChangeLog.d/update_ssl_error_codes.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Various changes to which alert and/or error code may be returned - * during the TLS handshake. diff --git a/ChangeLog.d/winsock.txt b/ChangeLog.d/winsock.txt deleted file mode 100644 index 0b42e691c2..0000000000 --- a/ChangeLog.d/winsock.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with - MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465. - diff --git a/ChangeLog.d/x509_remove_info.txt b/ChangeLog.d/x509_remove_info.txt deleted file mode 100644 index c103b1bd89..0000000000 --- a/ChangeLog.d/x509_remove_info.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * Add configuration option MBEDTLS_X509_REMOVE_INFO which - removes the mbedtls_x509_*_info(), mbedtls_debug_print_crt() - as well as other functions and constants only used by - those functions. This reduces the code footprint by - several kB. From 760165741805da32640189c3fbe0981f6f75337d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 30 Jun 2021 23:08:08 +0100 Subject: [PATCH 0720/1065] Bump library version numbers Signed-off-by: Dave Rodgman --- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- library/CMakeLists.txt | 6 +++--- library/Makefile | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index f879f33310..4ff18a37ce 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -22,7 +22,7 @@ */ /** - * @mainpage mbed TLS v2.26.0 source code documentation + * @mainpage mbed TLS v3.0.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index dd84c2871d..7a214c994e 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.26.0" +PROJECT_NAME = "mbed TLS v3.0.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 14fecff9da..5faae2b63f 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -188,7 +188,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.26.0 SOVERSION 6) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.0.0 SOVERSION 7) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET everest) @@ -196,11 +196,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.26.0 SOVERSION 1) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.0.0 SOVERSION 2) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.26.0 SOVERSION 13) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.0.0 SOVERSION 14) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/library/Makefile b/library/Makefile index 3f54bacb42..06bd09a980 100644 --- a/library/Makefile +++ b/library/Makefile @@ -41,9 +41,9 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS=so.13 -SOEXT_X509=so.1 -SOEXT_CRYPTO=so.6 +SOEXT_TLS=so.14 +SOEXT_X509=so.2 +SOEXT_CRYPTO=so.7 # Set AR_DASH= (empty string) to use an ar implementation that does not accept # the - prefix for command line options (e.g. llvm-ar) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index e4da3d4806..0b5e426bb0 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.26.0" +check_compiletime_version:"3.0.0" Check runtime library version -check_runtime_version:"2.26.0" +check_runtime_version:"3.0.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From 1bc9e934e2b41ff92e996a267e934b45904a9601 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 09:20:13 +0100 Subject: [PATCH 0721/1065] Manual updates to version information This covers a few files that were missed by scripts/bump_version.sh Signed-off-by: Dave Rodgman --- BRANCHES.md | 2 +- CMakeLists.txt | 2 +- include/mbedtls/build_info.h | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index b9926ac9df..a63f070341 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -6,7 +6,7 @@ At any point in time, we have a number of maintained branches consisting of: this always contains the latest release, including all publicly available security fixes. - The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch: - this is where the next major version of Mbed TLS (version 3.0) is being + this is where the current major version of Mbed TLS (version 3.x) is being prepared. It has API changes that make it incompatible with Mbed TLS 2.x, as well as all the new features and bug fixes and security fixes. - The [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) branch: diff --git a/CMakeLists.txt b/CMakeLists.txt index b92e0bb014..cf74af53c4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -312,7 +312,7 @@ configure_package_config_file( write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 2.26.0) + VERSION 3.0.0) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index c7d4cdb6c5..23f85ba01e 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -36,8 +36,8 @@ * The version number x.y.z is split into three parts. * Major, Minor, Patchlevel */ -#define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 26 +#define MBEDTLS_VERSION_MAJOR 3 +#define MBEDTLS_VERSION_MINOR 0 #define MBEDTLS_VERSION_PATCH 0 /** @@ -45,9 +45,9 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x021A0000 -#define MBEDTLS_VERSION_STRING "2.26.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0" +#define MBEDTLS_VERSION_NUMBER 0x03000000 +#define MBEDTLS_VERSION_STRING "3.0.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.0.0" #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 From 3e841871327634991a24c4f3245a17d3f3c94d74 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 09:45:38 +0100 Subject: [PATCH 0722/1065] Add auto-generated files Add files generated by running make generated_files Signed-off-by: Dave Rodgman --- library/error.c | 821 ++++++ library/version_features.c | 755 +++++ programs/psa/psa_constant_names_generated.c | 446 +++ programs/test/query_config.c | 2467 +++++++++++++++++ ...te_psa_crypto_not_supported.generated.data | 1054 +++++++ visualc/VS2010/mbedTLS.sln | 676 +++++ 6 files changed, 6219 insertions(+) create mode 100644 library/error.c create mode 100644 library/version_features.c create mode 100644 programs/psa/psa_constant_names_generated.c create mode 100644 programs/test/query_config.c create mode 100644 tests/suites/test_suite_psa_crypto_not_supported.generated.data create mode 100644 visualc/VS2010/mbedTLS.sln diff --git a/library/error.c b/library/error.c new file mode 100644 index 0000000000..8e3011ea07 --- /dev/null +++ b/library/error.c @@ -0,0 +1,821 @@ +/* + * Error message information + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#include "mbedtls/error.h" + +#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) + +#if defined(MBEDTLS_ERROR_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_snprintf snprintf +#endif + +#include +#include + +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" +#endif + +#if defined(MBEDTLS_ARIA_C) +#include "mbedtls/aria.h" +#endif + +#if defined(MBEDTLS_ASN1_PARSE_C) +#include "mbedtls/asn1.h" +#endif + +#if defined(MBEDTLS_BASE64_C) +#include "mbedtls/base64.h" +#endif + +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" +#endif + +#if defined(MBEDTLS_CAMELLIA_C) +#include "mbedtls/camellia.h" +#endif + +#if defined(MBEDTLS_CCM_C) +#include "mbedtls/ccm.h" +#endif + +#if defined(MBEDTLS_CHACHA20_C) +#include "mbedtls/chacha20.h" +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) +#include "mbedtls/chachapoly.h" +#endif + +#if defined(MBEDTLS_CIPHER_C) +#include "mbedtls/cipher.h" +#endif + +#if defined(MBEDTLS_CTR_DRBG_C) +#include "mbedtls/ctr_drbg.h" +#endif + +#if defined(MBEDTLS_DES_C) +#include "mbedtls/des.h" +#endif + +#if defined(MBEDTLS_DHM_C) +#include "mbedtls/dhm.h" +#endif + +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" +#endif + +#if defined(MBEDTLS_ENTROPY_C) +#include "mbedtls/entropy.h" +#endif + +#if defined(MBEDTLS_ERROR_C) +#include "mbedtls/error.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#endif + +#if defined(MBEDTLS_GCM_C) +#include "mbedtls/gcm.h" +#endif + +#if defined(MBEDTLS_HKDF_C) +#include "mbedtls/hkdf.h" +#endif + +#if defined(MBEDTLS_HMAC_DRBG_C) +#include "mbedtls/hmac_drbg.h" +#endif + +#if defined(MBEDTLS_MD_C) +#include "mbedtls/md.h" +#endif + +#if defined(MBEDTLS_NET_C) +#include "mbedtls/net_sockets.h" +#endif + +#if defined(MBEDTLS_OID_C) +#include "mbedtls/oid.h" +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" +#endif + +#if defined(MBEDTLS_PK_C) +#include "mbedtls/pk.h" +#endif + +#if defined(MBEDTLS_PKCS12_C) +#include "mbedtls/pkcs12.h" +#endif + +#if defined(MBEDTLS_PKCS5_C) +#include "mbedtls/pkcs5.h" +#endif + +#if defined(MBEDTLS_POLY1305_C) +#include "mbedtls/poly1305.h" +#endif + +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "mbedtls/sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "mbedtls/sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "mbedtls/sha512.h" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) +#include "mbedtls/ssl.h" +#endif + +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +#include "mbedtls/x509.h" +#endif + + +const char * mbedtls_high_level_strerr( int error_code ) +{ + int high_level_error_code; + + if( error_code < 0 ) + error_code = -error_code; + + /* Extract the high-level part from the error code. */ + high_level_error_code = error_code & 0xFF80; + + switch( high_level_error_code ) + { + /* Begin Auto-Generated Code. */ +#if defined(MBEDTLS_CIPHER_C) + case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): + return( "CIPHER - The selected feature is not available" ); + case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): + return( "CIPHER - Bad input parameters" ); + case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED): + return( "CIPHER - Failed to allocate memory" ); + case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING): + return( "CIPHER - Input data contains invalid padding and is rejected" ); + case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED): + return( "CIPHER - Decryption of block requires a full block" ); + case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED): + return( "CIPHER - Authentication failed (for AEAD modes)" ); + case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): + return( "CIPHER - The context is invalid. For example, because it was freed" ); +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_DHM_C) + case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA): + return( "DHM - Bad input parameters" ); + case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED): + return( "DHM - Reading of the DHM parameters failed" ); + case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED): + return( "DHM - Making of the DHM parameters failed" ); + case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED): + return( "DHM - Reading of the public values failed" ); + case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED): + return( "DHM - Making of the public value failed" ); + case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED): + return( "DHM - Calculation of the DHM secret failed" ); + case -(MBEDTLS_ERR_DHM_INVALID_FORMAT): + return( "DHM - The ASN.1 data is not formatted correctly" ); + case -(MBEDTLS_ERR_DHM_ALLOC_FAILED): + return( "DHM - Allocation of memory failed" ); + case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR): + return( "DHM - Read or write of file failed" ); + case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED): + return( "DHM - Setting the modulus and generator failed" ); +#endif /* MBEDTLS_DHM_C */ + +#if defined(MBEDTLS_ECP_C) + case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA): + return( "ECP - Bad input parameters to function" ); + case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL): + return( "ECP - The buffer is too small to write to" ); + case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE): + return( "ECP - The requested feature is not available, for example, the requested curve is not supported" ); + case -(MBEDTLS_ERR_ECP_VERIFY_FAILED): + return( "ECP - The signature is not valid" ); + case -(MBEDTLS_ERR_ECP_ALLOC_FAILED): + return( "ECP - Memory allocation failed" ); + case -(MBEDTLS_ERR_ECP_RANDOM_FAILED): + return( "ECP - Generation of random value, such as ephemeral key, failed" ); + case -(MBEDTLS_ERR_ECP_INVALID_KEY): + return( "ECP - Invalid private or public key" ); + case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH): + return( "ECP - The buffer contains a valid signature followed by more data" ); + case -(MBEDTLS_ERR_ECP_IN_PROGRESS): + return( "ECP - Operation in progress, call again with the same parameters to continue" ); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_MD_C) + case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE): + return( "MD - The selected feature is not available" ); + case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA): + return( "MD - Bad input parameters to function" ); + case -(MBEDTLS_ERR_MD_ALLOC_FAILED): + return( "MD - Failed to allocate memory" ); + case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): + return( "MD - Opening or reading of file failed" ); +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) + case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT): + return( "PEM - No PEM header or footer found" ); + case -(MBEDTLS_ERR_PEM_INVALID_DATA): + return( "PEM - PEM string is not as expected" ); + case -(MBEDTLS_ERR_PEM_ALLOC_FAILED): + return( "PEM - Failed to allocate memory" ); + case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV): + return( "PEM - RSA IV is not in hex-format" ); + case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG): + return( "PEM - Unsupported key encryption algorithm" ); + case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED): + return( "PEM - Private key password can't be empty" ); + case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH): + return( "PEM - Given private key password does not allow for correct decryption" ); + case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE): + return( "PEM - Unavailable feature, e.g. hashing/encryption combination" ); + case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA): + return( "PEM - Bad input parameters to function" ); +#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ + +#if defined(MBEDTLS_PK_C) + case -(MBEDTLS_ERR_PK_ALLOC_FAILED): + return( "PK - Memory allocation failed" ); + case -(MBEDTLS_ERR_PK_TYPE_MISMATCH): + return( "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); + case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA): + return( "PK - Bad input parameters to function" ); + case -(MBEDTLS_ERR_PK_FILE_IO_ERROR): + return( "PK - Read/write of file failed" ); + case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION): + return( "PK - Unsupported key version" ); + case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT): + return( "PK - Invalid key tag or value" ); + case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG): + return( "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); + case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED): + return( "PK - Private key password can't be empty" ); + case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH): + return( "PK - Given private key password does not allow for correct decryption" ); + case -(MBEDTLS_ERR_PK_INVALID_PUBKEY): + return( "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); + case -(MBEDTLS_ERR_PK_INVALID_ALG): + return( "PK - The algorithm tag or value is invalid" ); + case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE): + return( "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); + case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE): + return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); + case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): + return( "PK - The buffer contains a valid signature followed by more data" ); + case -(MBEDTLS_ERR_PK_BUFFER_TOO_SMALL): + return( "PK - The output buffer is too small" ); +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_PKCS12_C) + case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA): + return( "PKCS12 - Bad input parameters to function" ); + case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE): + return( "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); + case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT): + return( "PKCS12 - PBE ASN.1 data not as expected" ); + case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH): + return( "PKCS12 - Given private key password does not allow for correct decryption" ); +#endif /* MBEDTLS_PKCS12_C */ + +#if defined(MBEDTLS_PKCS5_C) + case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA): + return( "PKCS5 - Bad input parameters to function" ); + case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT): + return( "PKCS5 - Unexpected ASN.1 data" ); + case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE): + return( "PKCS5 - Requested encryption or digest alg not available" ); + case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH): + return( "PKCS5 - Given private key password does not allow for correct decryption" ); +#endif /* MBEDTLS_PKCS5_C */ + +#if defined(MBEDTLS_RSA_C) + case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA): + return( "RSA - Bad input parameters to function" ); + case -(MBEDTLS_ERR_RSA_INVALID_PADDING): + return( "RSA - Input data contains invalid padding and is rejected" ); + case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED): + return( "RSA - Something failed during generation of a key" ); + case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED): + return( "RSA - Key failed to pass the validity check of the library" ); + case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED): + return( "RSA - The public key operation failed" ); + case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED): + return( "RSA - The private key operation failed" ); + case -(MBEDTLS_ERR_RSA_VERIFY_FAILED): + return( "RSA - The PKCS#1 verification failed" ); + case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE): + return( "RSA - The output buffer for decryption is not large enough" ); + case -(MBEDTLS_ERR_RSA_RNG_FAILED): + return( "RSA - The random generator failed to generate non-zeros" ); +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS): + return( "SSL - A cryptographic operation is in progress. Try again later" ); + case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE): + return( "SSL - The requested feature is not available" ); + case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA): + return( "SSL - Bad input parameters to function" ); + case -(MBEDTLS_ERR_SSL_INVALID_MAC): + return( "SSL - Verification of the message MAC failed" ); + case -(MBEDTLS_ERR_SSL_INVALID_RECORD): + return( "SSL - An invalid SSL record was received" ); + case -(MBEDTLS_ERR_SSL_CONN_EOF): + return( "SSL - The connection indicated an EOF" ); + case -(MBEDTLS_ERR_SSL_DECODE_ERROR): + return( "SSL - A message could not be parsed due to a syntactic error" ); + case -(MBEDTLS_ERR_SSL_NO_RNG): + return( "SSL - No RNG was provided to the SSL module" ); + case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): + return( "SSL - No client certification received from the client, but required by the authentication mode" ); + case -(MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION): + return( "SSL - Client received an extended server hello containing an unsupported extension" ); + case -(MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL): + return( "SSL - No ALPN protocols supported that the client advertises" ); + case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): + return( "SSL - The own private key or pre-shared key is not set, but needed" ); + case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): + return( "SSL - No CA Chain is set, but required to operate" ); + case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE): + return( "SSL - An unexpected message was received from our peer" ); + case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): + return( "SSL - A fatal alert message was received from our peer" ); + case -(MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME): + return( "SSL - No server could be identified matching the client's SNI" ); + case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): + return( "SSL - The peer notified us that the connection is going to be closed" ); + case -(MBEDTLS_ERR_SSL_BAD_CERTIFICATE): + return( "SSL - Processing of the Certificate handshake message failed" ); + case -(MBEDTLS_ERR_SSL_ALLOC_FAILED): + return( "SSL - Memory allocation failed" ); + case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED): + return( "SSL - Hardware acceleration function returned with error" ); + case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH): + return( "SSL - Hardware acceleration function skipped / left alone data" ); + case -(MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION): + return( "SSL - Handshake protocol not within min/max boundaries" ); + case -(MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE): + return( "SSL - The handshake negotiation failed" ); + case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED): + return( "SSL - Session ticket has expired" ); + case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH): + return( "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); + case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY): + return( "SSL - Unknown identity received (eg, PSK identity)" ); + case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR): + return( "SSL - Internal error (eg, unexpected failure in lower-level module)" ); + case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING): + return( "SSL - A counter would wrap (eg, too many messages exchanged)" ); + case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO): + return( "SSL - Unexpected message at ServerHello in renegotiation" ); + case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED): + return( "SSL - DTLS client must retry for hello verification" ); + case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL): + return( "SSL - A buffer is too small to receive or write a message" ); + case -(MBEDTLS_ERR_SSL_WANT_READ): + return( "SSL - No data of requested type currently available on underlying transport" ); + case -(MBEDTLS_ERR_SSL_WANT_WRITE): + return( "SSL - Connection requires a write call" ); + case -(MBEDTLS_ERR_SSL_TIMEOUT): + return( "SSL - The operation timed out" ); + case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT): + return( "SSL - The client initiated a reconnect from the same port" ); + case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD): + return( "SSL - Record header looks valid but is not expected" ); + case -(MBEDTLS_ERR_SSL_NON_FATAL): + return( "SSL - The alert message received indicates a non-fatal error" ); + case -(MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER): + return( "SSL - A field in a message was incorrect or inconsistent with other fields" ); + case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): + return( "SSL - Internal-only message signaling that further message-processing should be done" ); + case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): + return( "SSL - The asynchronous operation is not completed yet" ); + case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE): + return( "SSL - Internal-only message signaling that a message arrived early" ); + case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID): + return( "SSL - An encrypted DTLS-frame with an unexpected CID was received" ); + case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH): + return( "SSL - An operation failed due to an unexpected version or configuration" ); + case -(MBEDTLS_ERR_SSL_BAD_CONFIG): + return( "SSL - Invalid value in SSL config" ); +#endif /* MBEDTLS_SSL_TLS_C */ + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) + case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE): + return( "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); + case -(MBEDTLS_ERR_X509_UNKNOWN_OID): + return( "X509 - Requested OID is unknown" ); + case -(MBEDTLS_ERR_X509_INVALID_FORMAT): + return( "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); + case -(MBEDTLS_ERR_X509_INVALID_VERSION): + return( "X509 - The CRT/CRL/CSR version element is invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_SERIAL): + return( "X509 - The serial tag or value is invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_ALG): + return( "X509 - The algorithm tag or value is invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_NAME): + return( "X509 - The name tag or value is invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_DATE): + return( "X509 - The date tag or value is invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE): + return( "X509 - The signature tag or value invalid" ); + case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS): + return( "X509 - The extension tag or value is invalid" ); + case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION): + return( "X509 - CRT/CRL/CSR has an unsupported version number" ); + case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG): + return( "X509 - Signature algorithm (oid) is unsupported" ); + case -(MBEDTLS_ERR_X509_SIG_MISMATCH): + return( "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); + case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED): + return( "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); + case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT): + return( "X509 - Format not recognized as DER or PEM" ); + case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA): + return( "X509 - Input invalid" ); + case -(MBEDTLS_ERR_X509_ALLOC_FAILED): + return( "X509 - Allocation of memory failed" ); + case -(MBEDTLS_ERR_X509_FILE_IO_ERROR): + return( "X509 - Read/write of file failed" ); + case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL): + return( "X509 - Destination buffer is too small" ); + case -(MBEDTLS_ERR_X509_FATAL_ERROR): + return( "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); +#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ + /* End Auto-Generated Code. */ + + default: + break; + } + + return( NULL ); +} + +const char * mbedtls_low_level_strerr( int error_code ) +{ + int low_level_error_code; + + if( error_code < 0 ) + error_code = -error_code; + + /* Extract the low-level part from the error code. */ + low_level_error_code = error_code & ~0xFF80; + + switch( low_level_error_code ) + { + /* Begin Auto-Generated Code. */ +#if defined(MBEDTLS_AES_C) + case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): + return( "AES - Invalid key length" ); + case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): + return( "AES - Invalid data input length" ); + case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA): + return( "AES - Invalid input data" ); +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_ARIA_C) + case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA): + return( "ARIA - Bad input data" ); + case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH): + return( "ARIA - Invalid data input length" ); +#endif /* MBEDTLS_ARIA_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) + case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA): + return( "ASN1 - Out of data when parsing an ASN1 data structure" ); + case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG): + return( "ASN1 - ASN1 tag was of an unexpected value" ); + case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH): + return( "ASN1 - Error when trying to determine the length or invalid length" ); + case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH): + return( "ASN1 - Actual length differs from expected length" ); + case -(MBEDTLS_ERR_ASN1_INVALID_DATA): + return( "ASN1 - Data is invalid" ); + case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED): + return( "ASN1 - Memory allocation failed" ); + case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL): + return( "ASN1 - Buffer too small when writing ASN.1 data structure" ); +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#if defined(MBEDTLS_BASE64_C) + case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL): + return( "BASE64 - Output buffer too small" ); + case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER): + return( "BASE64 - Invalid character in input" ); +#endif /* MBEDTLS_BASE64_C */ + +#if defined(MBEDTLS_BIGNUM_C) + case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR): + return( "BIGNUM - An error occurred while reading from or writing to a file" ); + case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA): + return( "BIGNUM - Bad input parameters to function" ); + case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER): + return( "BIGNUM - There is an invalid character in the digit string" ); + case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL): + return( "BIGNUM - The buffer is too small to write to" ); + case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE): + return( "BIGNUM - The input arguments are negative or result in illegal output" ); + case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO): + return( "BIGNUM - The input argument for division is zero, which is not allowed" ); + case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE): + return( "BIGNUM - The input arguments are not acceptable" ); + case -(MBEDTLS_ERR_MPI_ALLOC_FAILED): + return( "BIGNUM - Memory allocation failed" ); +#endif /* MBEDTLS_BIGNUM_C */ + +#if defined(MBEDTLS_CAMELLIA_C) + case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA): + return( "CAMELLIA - Bad input data" ); + case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH): + return( "CAMELLIA - Invalid data input length" ); +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_CCM_C) + case -(MBEDTLS_ERR_CCM_BAD_INPUT): + return( "CCM - Bad input parameters to the function" ); + case -(MBEDTLS_ERR_CCM_AUTH_FAILED): + return( "CCM - Authenticated decryption failed" ); +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_CHACHA20_C) + case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA): + return( "CHACHA20 - Invalid input parameter(s)" ); +#endif /* MBEDTLS_CHACHA20_C */ + +#if defined(MBEDTLS_CHACHAPOLY_C) + case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE): + return( "CHACHAPOLY - The requested operation is not permitted in the current state" ); + case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED): + return( "CHACHAPOLY - Authenticated decryption failed: data was not authentic" ); +#endif /* MBEDTLS_CHACHAPOLY_C */ + +#if defined(MBEDTLS_CTR_DRBG_C) + case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED): + return( "CTR_DRBG - The entropy source failed" ); + case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG): + return( "CTR_DRBG - The requested random buffer length is too big" ); + case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG): + return( "CTR_DRBG - The input (entropy + additional data) is too large" ); + case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR): + return( "CTR_DRBG - Read or write error in file" ); +#endif /* MBEDTLS_CTR_DRBG_C */ + +#if defined(MBEDTLS_DES_C) + case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH): + return( "DES - The data input has an invalid length" ); +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ENTROPY_C) + case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED): + return( "ENTROPY - Critical entropy source failure" ); + case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES): + return( "ENTROPY - No more sources can be added" ); + case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED): + return( "ENTROPY - No sources have been added to poll" ); + case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE): + return( "ENTROPY - No strong sources have been added to poll" ); + case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR): + return( "ENTROPY - Read/write error in file" ); +#endif /* MBEDTLS_ENTROPY_C */ + +#if defined(MBEDTLS_ERROR_C) + case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR): + return( "ERROR - Generic error" ); + case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED): + return( "ERROR - This is a bug in the library" ); +#endif /* MBEDTLS_ERROR_C */ + +#if defined(MBEDTLS_PLATFORM_C) + case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): + return( "PLATFORM - Hardware accelerator failed" ); + case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): + return( "PLATFORM - The requested feature is not supported by the platform" ); +#endif /* MBEDTLS_PLATFORM_C */ + +#if defined(MBEDTLS_GCM_C) + case -(MBEDTLS_ERR_GCM_AUTH_FAILED): + return( "GCM - Authenticated decryption failed" ); + case -(MBEDTLS_ERR_GCM_BAD_INPUT): + return( "GCM - Bad input parameters to function" ); +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_HKDF_C) + case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA): + return( "HKDF - Bad input parameters to function" ); +#endif /* MBEDTLS_HKDF_C */ + +#if defined(MBEDTLS_HMAC_DRBG_C) + case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG): + return( "HMAC_DRBG - Too many random requested in single call" ); + case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG): + return( "HMAC_DRBG - Input too large (Entropy + additional)" ); + case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR): + return( "HMAC_DRBG - Read/write error in file" ); + case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED): + return( "HMAC_DRBG - The entropy source failed" ); +#endif /* MBEDTLS_HMAC_DRBG_C */ + +#if defined(MBEDTLS_NET_C) + case -(MBEDTLS_ERR_NET_SOCKET_FAILED): + return( "NET - Failed to open a socket" ); + case -(MBEDTLS_ERR_NET_CONNECT_FAILED): + return( "NET - The connection to the given server / port failed" ); + case -(MBEDTLS_ERR_NET_BIND_FAILED): + return( "NET - Binding of the socket failed" ); + case -(MBEDTLS_ERR_NET_LISTEN_FAILED): + return( "NET - Could not listen on the socket" ); + case -(MBEDTLS_ERR_NET_ACCEPT_FAILED): + return( "NET - Could not accept the incoming connection" ); + case -(MBEDTLS_ERR_NET_RECV_FAILED): + return( "NET - Reading information from the socket failed" ); + case -(MBEDTLS_ERR_NET_SEND_FAILED): + return( "NET - Sending information through the socket failed" ); + case -(MBEDTLS_ERR_NET_CONN_RESET): + return( "NET - Connection was reset by peer" ); + case -(MBEDTLS_ERR_NET_UNKNOWN_HOST): + return( "NET - Failed to get an IP address for the given hostname" ); + case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL): + return( "NET - Buffer is too small to hold the data" ); + case -(MBEDTLS_ERR_NET_INVALID_CONTEXT): + return( "NET - The context is invalid, eg because it was free()ed" ); + case -(MBEDTLS_ERR_NET_POLL_FAILED): + return( "NET - Polling the net context failed" ); + case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA): + return( "NET - Input invalid" ); +#endif /* MBEDTLS_NET_C */ + +#if defined(MBEDTLS_OID_C) + case -(MBEDTLS_ERR_OID_NOT_FOUND): + return( "OID - OID is not found" ); + case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL): + return( "OID - output buffer is too small" ); +#endif /* MBEDTLS_OID_C */ + +#if defined(MBEDTLS_POLY1305_C) + case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA): + return( "POLY1305 - Invalid input parameter(s)" ); +#endif /* MBEDTLS_POLY1305_C */ + +#if defined(MBEDTLS_SHA1_C) + case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA): + return( "SHA1 - SHA-1 input data was malformed" ); +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA): + return( "SHA256 - SHA-256 input data was malformed" ); +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA): + return( "SHA512 - SHA-512 input data was malformed" ); +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_THREADING_C) + case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA): + return( "THREADING - Bad input parameters to function" ); + case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR): + return( "THREADING - Locking / unlocking / free failed with error code" ); +#endif /* MBEDTLS_THREADING_C */ + /* End Auto-Generated Code. */ + + default: + break; + } + + return( NULL ); +} + +void mbedtls_strerror( int ret, char *buf, size_t buflen ) +{ + size_t len; + int use_ret; + const char * high_level_error_description = NULL; + const char * low_level_error_description = NULL; + + if( buflen == 0 ) + return; + + memset( buf, 0x00, buflen ); + + if( ret < 0 ) + ret = -ret; + + if( ret & 0xFF80 ) + { + use_ret = ret & 0xFF80; + + // Translate high level error code. + high_level_error_description = mbedtls_high_level_strerr( ret ); + + if( high_level_error_description == NULL ) + mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); + else + mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); + +#if defined(MBEDTLS_SSL_TLS_C) + // Early return in case of a fatal error - do not try to translate low + // level code. + if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) + return; +#endif /* MBEDTLS_SSL_TLS_C */ + } + + use_ret = ret & ~0xFF80; + + if( use_ret == 0 ) + return; + + // If high level code is present, make a concatenation between both + // error strings. + // + len = strlen( buf ); + + if( len > 0 ) + { + if( buflen - len < 5 ) + return; + + mbedtls_snprintf( buf + len, buflen - len, " : " ); + + buf += len + 3; + buflen -= len + 3; + } + + // Translate low level error code. + low_level_error_description = mbedtls_low_level_strerr( ret ); + + if( low_level_error_description == NULL ) + mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); + else + mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); +} + +#else /* MBEDTLS_ERROR_C */ + +/* + * Provide an non-function in case MBEDTLS_ERROR_C is not defined + */ +void mbedtls_strerror( int ret, char *buf, size_t buflen ) +{ + ((void) ret); + + if( buflen > 0 ) + buf[0] = '\0'; +} + +#endif /* MBEDTLS_ERROR_C */ + +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + +#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/library/version_features.c b/library/version_features.c new file mode 100644 index 0000000000..a5e972e77f --- /dev/null +++ b/library/version_features.c @@ -0,0 +1,755 @@ +/* + * Version feature information + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_VERSION_C) + +#include "mbedtls/version.h" + +#include + +static const char * const features[] = { +#if defined(MBEDTLS_VERSION_FEATURES) +#if defined(MBEDTLS_HAVE_ASM) + "MBEDTLS_HAVE_ASM", +#endif /* MBEDTLS_HAVE_ASM */ +#if defined(MBEDTLS_NO_UDBL_DIVISION) + "MBEDTLS_NO_UDBL_DIVISION", +#endif /* MBEDTLS_NO_UDBL_DIVISION */ +#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) + "MBEDTLS_NO_64BIT_MULTIPLICATION", +#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ +#if defined(MBEDTLS_HAVE_SSE2) + "MBEDTLS_HAVE_SSE2", +#endif /* MBEDTLS_HAVE_SSE2 */ +#if defined(MBEDTLS_HAVE_TIME) + "MBEDTLS_HAVE_TIME", +#endif /* MBEDTLS_HAVE_TIME */ +#if defined(MBEDTLS_HAVE_TIME_DATE) + "MBEDTLS_HAVE_TIME_DATE", +#endif /* MBEDTLS_HAVE_TIME_DATE */ +#if defined(MBEDTLS_PLATFORM_MEMORY) + "MBEDTLS_PLATFORM_MEMORY", +#endif /* MBEDTLS_PLATFORM_MEMORY */ +#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) + "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) + "MBEDTLS_PLATFORM_EXIT_ALT", +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ +#if defined(MBEDTLS_PLATFORM_TIME_ALT) + "MBEDTLS_PLATFORM_TIME_ALT", +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) + "MBEDTLS_PLATFORM_FPRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) + "MBEDTLS_PLATFORM_PRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) + "MBEDTLS_PLATFORM_SNPRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) + "MBEDTLS_PLATFORM_VSNPRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) + "MBEDTLS_PLATFORM_NV_SEED_ALT", +#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ +#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", +#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ +#if defined(MBEDTLS_DEPRECATED_WARNING) + "MBEDTLS_DEPRECATED_WARNING", +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#if defined(MBEDTLS_DEPRECATED_REMOVED) + "MBEDTLS_DEPRECATED_REMOVED", +#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#if defined(MBEDTLS_TIMING_ALT) + "MBEDTLS_TIMING_ALT", +#endif /* MBEDTLS_TIMING_ALT */ +#if defined(MBEDTLS_AES_ALT) + "MBEDTLS_AES_ALT", +#endif /* MBEDTLS_AES_ALT */ +#if defined(MBEDTLS_ARIA_ALT) + "MBEDTLS_ARIA_ALT", +#endif /* MBEDTLS_ARIA_ALT */ +#if defined(MBEDTLS_CAMELLIA_ALT) + "MBEDTLS_CAMELLIA_ALT", +#endif /* MBEDTLS_CAMELLIA_ALT */ +#if defined(MBEDTLS_CCM_ALT) + "MBEDTLS_CCM_ALT", +#endif /* MBEDTLS_CCM_ALT */ +#if defined(MBEDTLS_CHACHA20_ALT) + "MBEDTLS_CHACHA20_ALT", +#endif /* MBEDTLS_CHACHA20_ALT */ +#if defined(MBEDTLS_CHACHAPOLY_ALT) + "MBEDTLS_CHACHAPOLY_ALT", +#endif /* MBEDTLS_CHACHAPOLY_ALT */ +#if defined(MBEDTLS_CMAC_ALT) + "MBEDTLS_CMAC_ALT", +#endif /* MBEDTLS_CMAC_ALT */ +#if defined(MBEDTLS_DES_ALT) + "MBEDTLS_DES_ALT", +#endif /* MBEDTLS_DES_ALT */ +#if defined(MBEDTLS_DHM_ALT) + "MBEDTLS_DHM_ALT", +#endif /* MBEDTLS_DHM_ALT */ +#if defined(MBEDTLS_ECJPAKE_ALT) + "MBEDTLS_ECJPAKE_ALT", +#endif /* MBEDTLS_ECJPAKE_ALT */ +#if defined(MBEDTLS_GCM_ALT) + "MBEDTLS_GCM_ALT", +#endif /* MBEDTLS_GCM_ALT */ +#if defined(MBEDTLS_NIST_KW_ALT) + "MBEDTLS_NIST_KW_ALT", +#endif /* MBEDTLS_NIST_KW_ALT */ +#if defined(MBEDTLS_MD5_ALT) + "MBEDTLS_MD5_ALT", +#endif /* MBEDTLS_MD5_ALT */ +#if defined(MBEDTLS_POLY1305_ALT) + "MBEDTLS_POLY1305_ALT", +#endif /* MBEDTLS_POLY1305_ALT */ +#if defined(MBEDTLS_RIPEMD160_ALT) + "MBEDTLS_RIPEMD160_ALT", +#endif /* MBEDTLS_RIPEMD160_ALT */ +#if defined(MBEDTLS_RSA_ALT) + "MBEDTLS_RSA_ALT", +#endif /* MBEDTLS_RSA_ALT */ +#if defined(MBEDTLS_SHA1_ALT) + "MBEDTLS_SHA1_ALT", +#endif /* MBEDTLS_SHA1_ALT */ +#if defined(MBEDTLS_SHA256_ALT) + "MBEDTLS_SHA256_ALT", +#endif /* MBEDTLS_SHA256_ALT */ +#if defined(MBEDTLS_SHA512_ALT) + "MBEDTLS_SHA512_ALT", +#endif /* MBEDTLS_SHA512_ALT */ +#if defined(MBEDTLS_ECP_ALT) + "MBEDTLS_ECP_ALT", +#endif /* MBEDTLS_ECP_ALT */ +#if defined(MBEDTLS_MD5_PROCESS_ALT) + "MBEDTLS_MD5_PROCESS_ALT", +#endif /* MBEDTLS_MD5_PROCESS_ALT */ +#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) + "MBEDTLS_RIPEMD160_PROCESS_ALT", +#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ +#if defined(MBEDTLS_SHA1_PROCESS_ALT) + "MBEDTLS_SHA1_PROCESS_ALT", +#endif /* MBEDTLS_SHA1_PROCESS_ALT */ +#if defined(MBEDTLS_SHA256_PROCESS_ALT) + "MBEDTLS_SHA256_PROCESS_ALT", +#endif /* MBEDTLS_SHA256_PROCESS_ALT */ +#if defined(MBEDTLS_SHA512_PROCESS_ALT) + "MBEDTLS_SHA512_PROCESS_ALT", +#endif /* MBEDTLS_SHA512_PROCESS_ALT */ +#if defined(MBEDTLS_DES_SETKEY_ALT) + "MBEDTLS_DES_SETKEY_ALT", +#endif /* MBEDTLS_DES_SETKEY_ALT */ +#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) + "MBEDTLS_DES_CRYPT_ECB_ALT", +#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ +#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) + "MBEDTLS_DES3_CRYPT_ECB_ALT", +#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ +#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) + "MBEDTLS_AES_SETKEY_ENC_ALT", +#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ +#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) + "MBEDTLS_AES_SETKEY_DEC_ALT", +#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ +#if defined(MBEDTLS_AES_ENCRYPT_ALT) + "MBEDTLS_AES_ENCRYPT_ALT", +#endif /* MBEDTLS_AES_ENCRYPT_ALT */ +#if defined(MBEDTLS_AES_DECRYPT_ALT) + "MBEDTLS_AES_DECRYPT_ALT", +#endif /* MBEDTLS_AES_DECRYPT_ALT */ +#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) + "MBEDTLS_ECDH_GEN_PUBLIC_ALT", +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ +#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) + "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) + "MBEDTLS_ECDSA_VERIFY_ALT", +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ +#if defined(MBEDTLS_ECDSA_SIGN_ALT) + "MBEDTLS_ECDSA_SIGN_ALT", +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) + "MBEDTLS_ECDSA_GENKEY_ALT", +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ +#if defined(MBEDTLS_ECP_INTERNAL_ALT) + "MBEDTLS_ECP_INTERNAL_ALT", +#endif /* MBEDTLS_ECP_INTERNAL_ALT */ +#if defined(MBEDTLS_ECP_NO_FALLBACK) + "MBEDTLS_ECP_NO_FALLBACK", +#endif /* MBEDTLS_ECP_NO_FALLBACK */ +#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) + "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", +#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ +#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) + "MBEDTLS_ECP_ADD_MIXED_ALT", +#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ +#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) + "MBEDTLS_ECP_DOUBLE_JAC_ALT", +#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) + "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) + "MBEDTLS_ECP_NORMALIZE_JAC_ALT", +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ +#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) + "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", +#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ +#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) + "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", +#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ +#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) + "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", +#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + "MBEDTLS_ENTROPY_HARDWARE_ALT", +#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ +#if defined(MBEDTLS_AES_ROM_TABLES) + "MBEDTLS_AES_ROM_TABLES", +#endif /* MBEDTLS_AES_ROM_TABLES */ +#if defined(MBEDTLS_AES_FEWER_TABLES) + "MBEDTLS_AES_FEWER_TABLES", +#endif /* MBEDTLS_AES_FEWER_TABLES */ +#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) + "MBEDTLS_CAMELLIA_SMALL_MEMORY", +#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) + "MBEDTLS_CIPHER_MODE_CBC", +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CIPHER_MODE_CFB) + "MBEDTLS_CIPHER_MODE_CFB", +#endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_CTR) + "MBEDTLS_CIPHER_MODE_CTR", +#endif /* MBEDTLS_CIPHER_MODE_CTR */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) + "MBEDTLS_CIPHER_MODE_OFB", +#endif /* MBEDTLS_CIPHER_MODE_OFB */ +#if defined(MBEDTLS_CIPHER_MODE_XTS) + "MBEDTLS_CIPHER_MODE_XTS", +#endif /* MBEDTLS_CIPHER_MODE_XTS */ +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + "MBEDTLS_CIPHER_NULL_CIPHER", +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + "MBEDTLS_CIPHER_PADDING_PKCS7", +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) + "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", +#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) + "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) + "MBEDTLS_CIPHER_PADDING_ZEROS", +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) + "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + "MBEDTLS_ECP_DP_SECP192R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + "MBEDTLS_ECP_DP_SECP224R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + "MBEDTLS_ECP_DP_SECP256R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + "MBEDTLS_ECP_DP_SECP384R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + "MBEDTLS_ECP_DP_SECP521R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + "MBEDTLS_ECP_DP_SECP192K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + "MBEDTLS_ECP_DP_SECP224K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + "MBEDTLS_ECP_DP_SECP256K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + "MBEDTLS_ECP_DP_BP256R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + "MBEDTLS_ECP_DP_BP384R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + "MBEDTLS_ECP_DP_BP512R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + "MBEDTLS_ECP_DP_CURVE25519_ENABLED", +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + "MBEDTLS_ECP_DP_CURVE448_ENABLED", +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ +#if defined(MBEDTLS_ECP_NIST_OPTIM) + "MBEDTLS_ECP_NIST_OPTIM", +#endif /* MBEDTLS_ECP_NIST_OPTIM */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + "MBEDTLS_ECP_RESTARTABLE", +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + "MBEDTLS_ECDSA_DETERMINISTIC", +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + "MBEDTLS_PK_PARSE_EC_EXTENDED", +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) + "MBEDTLS_ERROR_STRERROR_DUMMY", +#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ +#if defined(MBEDTLS_GENPRIME) + "MBEDTLS_GENPRIME", +#endif /* MBEDTLS_GENPRIME */ +#if defined(MBEDTLS_FS_IO) + "MBEDTLS_FS_IO", +#endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) + "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", +#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ +#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) + "MBEDTLS_NO_PLATFORM_ENTROPY", +#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ +#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) + "MBEDTLS_ENTROPY_FORCE_SHA256", +#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ +#if defined(MBEDTLS_ENTROPY_NV_SEED) + "MBEDTLS_ENTROPY_NV_SEED", +#endif /* MBEDTLS_ENTROPY_NV_SEED */ +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", +#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ +#if defined(MBEDTLS_MEMORY_DEBUG) + "MBEDTLS_MEMORY_DEBUG", +#endif /* MBEDTLS_MEMORY_DEBUG */ +#if defined(MBEDTLS_MEMORY_BACKTRACE) + "MBEDTLS_MEMORY_BACKTRACE", +#endif /* MBEDTLS_MEMORY_BACKTRACE */ +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) + "MBEDTLS_PK_RSA_ALT_SUPPORT", +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ +#if defined(MBEDTLS_PKCS1_V15) + "MBEDTLS_PKCS1_V15", +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + "MBEDTLS_PKCS1_V21", +#endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + "MBEDTLS_PSA_CRYPTO_CLIENT", +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) + "MBEDTLS_PSA_CRYPTO_DRIVERS", +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", +#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) + "MBEDTLS_PSA_CRYPTO_SPM", +#endif /* MBEDTLS_PSA_CRYPTO_SPM */ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + "MBEDTLS_PSA_INJECT_ENTROPY", +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ +#if defined(MBEDTLS_RSA_NO_CRT) + "MBEDTLS_RSA_NO_CRT", +#endif /* MBEDTLS_RSA_NO_CRT */ +#if defined(MBEDTLS_SELF_TEST) + "MBEDTLS_SELF_TEST", +#endif /* MBEDTLS_SELF_TEST */ +#if defined(MBEDTLS_SHA256_SMALLER) + "MBEDTLS_SHA256_SMALLER", +#endif /* MBEDTLS_SHA256_SMALLER */ +#if defined(MBEDTLS_SHA512_SMALLER) + "MBEDTLS_SHA512_SMALLER", +#endif /* MBEDTLS_SHA512_SMALLER */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + "MBEDTLS_SSL_ALL_ALERT_MESSAGES", +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + "MBEDTLS_SSL_DTLS_CONNECTION_ID", +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + "MBEDTLS_SSL_ASYNC_PRIVATE", +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + "MBEDTLS_SSL_CONTEXT_SERIALIZATION", +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ +#if defined(MBEDTLS_SSL_DEBUG_ALL) + "MBEDTLS_SSL_DEBUG_ALL", +#endif /* MBEDTLS_SSL_DEBUG_ALL */ +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + "MBEDTLS_SSL_ENCRYPT_THEN_MAC", +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + "MBEDTLS_SSL_RENEGOTIATION", +#endif /* MBEDTLS_SSL_RENEGOTIATION */ +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + "MBEDTLS_SSL_PROTO_TLS1_2", +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + "MBEDTLS_SSL_PROTO_DTLS", +#endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_ALPN) + "MBEDTLS_SSL_ALPN", +#endif /* MBEDTLS_SSL_ALPN */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + "MBEDTLS_SSL_DTLS_ANTI_REPLAY", +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + "MBEDTLS_SSL_DTLS_HELLO_VERIFY", +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ +#if defined(MBEDTLS_SSL_DTLS_SRTP) + "MBEDTLS_SSL_DTLS_SRTP", +#endif /* MBEDTLS_SSL_DTLS_SRTP */ +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + "MBEDTLS_SSL_SESSION_TICKETS", +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + "MBEDTLS_SSL_EXPORT_KEYS", +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + "MBEDTLS_SSL_SERVER_NAME_INDICATION", +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) + "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) + "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ +#if defined(MBEDTLS_TEST_HOOKS) + "MBEDTLS_TEST_HOOKS", +#endif /* MBEDTLS_TEST_HOOKS */ +#if defined(MBEDTLS_THREADING_ALT) + "MBEDTLS_THREADING_ALT", +#endif /* MBEDTLS_THREADING_ALT */ +#if defined(MBEDTLS_THREADING_PTHREAD) + "MBEDTLS_THREADING_PTHREAD", +#endif /* MBEDTLS_THREADING_PTHREAD */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + "MBEDTLS_USE_PSA_CRYPTO", +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + "MBEDTLS_PSA_CRYPTO_CONFIG", +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ +#if defined(MBEDTLS_VERSION_FEATURES) + "MBEDTLS_VERSION_FEATURES", +#endif /* MBEDTLS_VERSION_FEATURES */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +#if defined(MBEDTLS_X509_REMOVE_INFO) + "MBEDTLS_X509_REMOVE_INFO", +#endif /* MBEDTLS_X509_REMOVE_INFO */ +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + "MBEDTLS_X509_RSASSA_PSS_SUPPORT", +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#if defined(MBEDTLS_AESNI_C) + "MBEDTLS_AESNI_C", +#endif /* MBEDTLS_AESNI_C */ +#if defined(MBEDTLS_AES_C) + "MBEDTLS_AES_C", +#endif /* MBEDTLS_AES_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) + "MBEDTLS_ASN1_PARSE_C", +#endif /* MBEDTLS_ASN1_PARSE_C */ +#if defined(MBEDTLS_ASN1_WRITE_C) + "MBEDTLS_ASN1_WRITE_C", +#endif /* MBEDTLS_ASN1_WRITE_C */ +#if defined(MBEDTLS_BASE64_C) + "MBEDTLS_BASE64_C", +#endif /* MBEDTLS_BASE64_C */ +#if defined(MBEDTLS_BIGNUM_C) + "MBEDTLS_BIGNUM_C", +#endif /* MBEDTLS_BIGNUM_C */ +#if defined(MBEDTLS_CAMELLIA_C) + "MBEDTLS_CAMELLIA_C", +#endif /* MBEDTLS_CAMELLIA_C */ +#if defined(MBEDTLS_ARIA_C) + "MBEDTLS_ARIA_C", +#endif /* MBEDTLS_ARIA_C */ +#if defined(MBEDTLS_CCM_C) + "MBEDTLS_CCM_C", +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CHACHA20_C) + "MBEDTLS_CHACHA20_C", +#endif /* MBEDTLS_CHACHA20_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) + "MBEDTLS_CHACHAPOLY_C", +#endif /* MBEDTLS_CHACHAPOLY_C */ +#if defined(MBEDTLS_CIPHER_C) + "MBEDTLS_CIPHER_C", +#endif /* MBEDTLS_CIPHER_C */ +#if defined(MBEDTLS_CMAC_C) + "MBEDTLS_CMAC_C", +#endif /* MBEDTLS_CMAC_C */ +#if defined(MBEDTLS_CTR_DRBG_C) + "MBEDTLS_CTR_DRBG_C", +#endif /* MBEDTLS_CTR_DRBG_C */ +#if defined(MBEDTLS_DEBUG_C) + "MBEDTLS_DEBUG_C", +#endif /* MBEDTLS_DEBUG_C */ +#if defined(MBEDTLS_DES_C) + "MBEDTLS_DES_C", +#endif /* MBEDTLS_DES_C */ +#if defined(MBEDTLS_DHM_C) + "MBEDTLS_DHM_C", +#endif /* MBEDTLS_DHM_C */ +#if defined(MBEDTLS_ECDH_C) + "MBEDTLS_ECDH_C", +#endif /* MBEDTLS_ECDH_C */ +#if defined(MBEDTLS_ECDSA_C) + "MBEDTLS_ECDSA_C", +#endif /* MBEDTLS_ECDSA_C */ +#if defined(MBEDTLS_ECJPAKE_C) + "MBEDTLS_ECJPAKE_C", +#endif /* MBEDTLS_ECJPAKE_C */ +#if defined(MBEDTLS_ECP_C) + "MBEDTLS_ECP_C", +#endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_ENTROPY_C) + "MBEDTLS_ENTROPY_C", +#endif /* MBEDTLS_ENTROPY_C */ +#if defined(MBEDTLS_ERROR_C) + "MBEDTLS_ERROR_C", +#endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_GCM_C) + "MBEDTLS_GCM_C", +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_HKDF_C) + "MBEDTLS_HKDF_C", +#endif /* MBEDTLS_HKDF_C */ +#if defined(MBEDTLS_HMAC_DRBG_C) + "MBEDTLS_HMAC_DRBG_C", +#endif /* MBEDTLS_HMAC_DRBG_C */ +#if defined(MBEDTLS_NIST_KW_C) + "MBEDTLS_NIST_KW_C", +#endif /* MBEDTLS_NIST_KW_C */ +#if defined(MBEDTLS_MD_C) + "MBEDTLS_MD_C", +#endif /* MBEDTLS_MD_C */ +#if defined(MBEDTLS_MD5_C) + "MBEDTLS_MD5_C", +#endif /* MBEDTLS_MD5_C */ +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + "MBEDTLS_MEMORY_BUFFER_ALLOC_C", +#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ +#if defined(MBEDTLS_NET_C) + "MBEDTLS_NET_C", +#endif /* MBEDTLS_NET_C */ +#if defined(MBEDTLS_OID_C) + "MBEDTLS_OID_C", +#endif /* MBEDTLS_OID_C */ +#if defined(MBEDTLS_PADLOCK_C) + "MBEDTLS_PADLOCK_C", +#endif /* MBEDTLS_PADLOCK_C */ +#if defined(MBEDTLS_PEM_PARSE_C) + "MBEDTLS_PEM_PARSE_C", +#endif /* MBEDTLS_PEM_PARSE_C */ +#if defined(MBEDTLS_PEM_WRITE_C) + "MBEDTLS_PEM_WRITE_C", +#endif /* MBEDTLS_PEM_WRITE_C */ +#if defined(MBEDTLS_PK_C) + "MBEDTLS_PK_C", +#endif /* MBEDTLS_PK_C */ +#if defined(MBEDTLS_PK_PARSE_C) + "MBEDTLS_PK_PARSE_C", +#endif /* MBEDTLS_PK_PARSE_C */ +#if defined(MBEDTLS_PK_WRITE_C) + "MBEDTLS_PK_WRITE_C", +#endif /* MBEDTLS_PK_WRITE_C */ +#if defined(MBEDTLS_PKCS5_C) + "MBEDTLS_PKCS5_C", +#endif /* MBEDTLS_PKCS5_C */ +#if defined(MBEDTLS_PKCS12_C) + "MBEDTLS_PKCS12_C", +#endif /* MBEDTLS_PKCS12_C */ +#if defined(MBEDTLS_PLATFORM_C) + "MBEDTLS_PLATFORM_C", +#endif /* MBEDTLS_PLATFORM_C */ +#if defined(MBEDTLS_POLY1305_C) + "MBEDTLS_POLY1305_C", +#endif /* MBEDTLS_POLY1305_C */ +#if defined(MBEDTLS_PSA_CRYPTO_C) + "MBEDTLS_PSA_CRYPTO_C", +#endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + "MBEDTLS_PSA_CRYPTO_SE_C", +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + "MBEDTLS_PSA_CRYPTO_STORAGE_C", +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ +#if defined(MBEDTLS_PSA_ITS_FILE_C) + "MBEDTLS_PSA_ITS_FILE_C", +#endif /* MBEDTLS_PSA_ITS_FILE_C */ +#if defined(MBEDTLS_RIPEMD160_C) + "MBEDTLS_RIPEMD160_C", +#endif /* MBEDTLS_RIPEMD160_C */ +#if defined(MBEDTLS_RSA_C) + "MBEDTLS_RSA_C", +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_SHA1_C) + "MBEDTLS_SHA1_C", +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA224_C) + "MBEDTLS_SHA224_C", +#endif /* MBEDTLS_SHA224_C */ +#if defined(MBEDTLS_SHA256_C) + "MBEDTLS_SHA256_C", +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA384_C) + "MBEDTLS_SHA384_C", +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) + "MBEDTLS_SHA512_C", +#endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_SSL_CACHE_C) + "MBEDTLS_SSL_CACHE_C", +#endif /* MBEDTLS_SSL_CACHE_C */ +#if defined(MBEDTLS_SSL_COOKIE_C) + "MBEDTLS_SSL_COOKIE_C", +#endif /* MBEDTLS_SSL_COOKIE_C */ +#if defined(MBEDTLS_SSL_TICKET_C) + "MBEDTLS_SSL_TICKET_C", +#endif /* MBEDTLS_SSL_TICKET_C */ +#if defined(MBEDTLS_SSL_CLI_C) + "MBEDTLS_SSL_CLI_C", +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + "MBEDTLS_SSL_SRV_C", +#endif /* MBEDTLS_SSL_SRV_C */ +#if defined(MBEDTLS_SSL_TLS_C) + "MBEDTLS_SSL_TLS_C", +#endif /* MBEDTLS_SSL_TLS_C */ +#if defined(MBEDTLS_THREADING_C) + "MBEDTLS_THREADING_C", +#endif /* MBEDTLS_THREADING_C */ +#if defined(MBEDTLS_TIMING_C) + "MBEDTLS_TIMING_C", +#endif /* MBEDTLS_TIMING_C */ +#if defined(MBEDTLS_VERSION_C) + "MBEDTLS_VERSION_C", +#endif /* MBEDTLS_VERSION_C */ +#if defined(MBEDTLS_X509_USE_C) + "MBEDTLS_X509_USE_C", +#endif /* MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + "MBEDTLS_X509_CRT_PARSE_C", +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CRL_PARSE_C) + "MBEDTLS_X509_CRL_PARSE_C", +#endif /* MBEDTLS_X509_CRL_PARSE_C */ +#if defined(MBEDTLS_X509_CSR_PARSE_C) + "MBEDTLS_X509_CSR_PARSE_C", +#endif /* MBEDTLS_X509_CSR_PARSE_C */ +#if defined(MBEDTLS_X509_CREATE_C) + "MBEDTLS_X509_CREATE_C", +#endif /* MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_X509_CRT_WRITE_C) + "MBEDTLS_X509_CRT_WRITE_C", +#endif /* MBEDTLS_X509_CRT_WRITE_C */ +#if defined(MBEDTLS_X509_CSR_WRITE_C) + "MBEDTLS_X509_CSR_WRITE_C", +#endif /* MBEDTLS_X509_CSR_WRITE_C */ +#endif /* MBEDTLS_VERSION_FEATURES */ + NULL +}; + +int mbedtls_version_check_feature( const char *feature ) +{ + const char * const *idx = features; + + if( *idx == NULL ) + return( -2 ); + + if( feature == NULL ) + return( -1 ); + + while( *idx != NULL ) + { + if( !strcmp( *idx, feature ) ) + return( 0 ); + idx++; + } + return( -1 ); +} + +#endif /* MBEDTLS_VERSION_C */ diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c new file mode 100644 index 0000000000..192ccb28f1 --- /dev/null +++ b/programs/psa/psa_constant_names_generated.c @@ -0,0 +1,446 @@ +/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ + +static const char *psa_strerror(psa_status_t status) +{ + switch (status) { + case PSA_ERROR_ALREADY_EXISTS: return "PSA_ERROR_ALREADY_EXISTS"; + case PSA_ERROR_BAD_STATE: return "PSA_ERROR_BAD_STATE"; + case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL"; + case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE"; + case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED"; + case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT"; + case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID"; + case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST"; + case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR"; + case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE"; + case PSA_ERROR_INSUFFICIENT_DATA: return "PSA_ERROR_INSUFFICIENT_DATA"; + case PSA_ERROR_INSUFFICIENT_ENTROPY: return "PSA_ERROR_INSUFFICIENT_ENTROPY"; + case PSA_ERROR_INSUFFICIENT_MEMORY: return "PSA_ERROR_INSUFFICIENT_MEMORY"; + case PSA_ERROR_INSUFFICIENT_STORAGE: return "PSA_ERROR_INSUFFICIENT_STORAGE"; + case PSA_ERROR_INVALID_ARGUMENT: return "PSA_ERROR_INVALID_ARGUMENT"; + case PSA_ERROR_INVALID_HANDLE: return "PSA_ERROR_INVALID_HANDLE"; + case PSA_ERROR_INVALID_PADDING: return "PSA_ERROR_INVALID_PADDING"; + case PSA_ERROR_INVALID_SIGNATURE: return "PSA_ERROR_INVALID_SIGNATURE"; + case PSA_ERROR_NOT_PERMITTED: return "PSA_ERROR_NOT_PERMITTED"; + case PSA_ERROR_NOT_SUPPORTED: return "PSA_ERROR_NOT_SUPPORTED"; + case PSA_ERROR_STORAGE_FAILURE: return "PSA_ERROR_STORAGE_FAILURE"; + case PSA_SUCCESS: return "PSA_SUCCESS"; + default: return NULL; + } +} + +static const char *psa_ecc_family_name(psa_ecc_family_t curve) +{ + switch (curve) { + case PSA_ECC_FAMILY_BRAINPOOL_P_R1: return "PSA_ECC_FAMILY_BRAINPOOL_P_R1"; + case PSA_ECC_FAMILY_MONTGOMERY: return "PSA_ECC_FAMILY_MONTGOMERY"; + case PSA_ECC_FAMILY_SECP_K1: return "PSA_ECC_FAMILY_SECP_K1"; + case PSA_ECC_FAMILY_SECP_R1: return "PSA_ECC_FAMILY_SECP_R1"; + case PSA_ECC_FAMILY_SECP_R2: return "PSA_ECC_FAMILY_SECP_R2"; + case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1"; + case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1"; + case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2"; + case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS"; + default: return NULL; + } +} + +static const char *psa_dh_family_name(psa_dh_family_t group) +{ + switch (group) { + case PSA_DH_FAMILY_CUSTOM: return "PSA_DH_FAMILY_CUSTOM"; + case PSA_DH_FAMILY_RFC7919: return "PSA_DH_FAMILY_RFC7919"; + default: return NULL; + } +} + +static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) +{ + switch (hash_alg) { + case PSA_ALG_ANY_HASH: return "PSA_ALG_ANY_HASH"; + case PSA_ALG_CATEGORY_HASH: return "PSA_ALG_CATEGORY_HASH"; + case PSA_ALG_MD5: return "PSA_ALG_MD5"; + case PSA_ALG_RIPEMD160: return "PSA_ALG_RIPEMD160"; + case PSA_ALG_SHA3_224: return "PSA_ALG_SHA3_224"; + case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256"; + case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384"; + case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512"; + case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512"; + case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1"; + case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224"; + case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256"; + case PSA_ALG_SHA_384: return "PSA_ALG_SHA_384"; + case PSA_ALG_SHA_512: return "PSA_ALG_SHA_512"; + case PSA_ALG_SHA_512_224: return "PSA_ALG_SHA_512_224"; + case PSA_ALG_SHA_512_256: return "PSA_ALG_SHA_512_256"; + default: return NULL; + } +} + +static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg) +{ + switch (ka_alg) { + case PSA_ALG_CATEGORY_KEY_AGREEMENT: return "PSA_ALG_CATEGORY_KEY_AGREEMENT"; + case PSA_ALG_ECDH: return "PSA_ALG_ECDH"; + case PSA_ALG_FFDH: return "PSA_ALG_FFDH"; + default: return NULL; + } +} + +static int psa_snprint_key_type(char *buffer, size_t buffer_size, + psa_key_type_t type) +{ + size_t required_size = 0; + switch (type) { + case PSA_KEY_TYPE_AES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_AES", 16); break; + case PSA_KEY_TYPE_CAMELLIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CAMELLIA", 21); break; + case PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_FLAG_PAIR", 31); break; + case PSA_KEY_TYPE_CATEGORY_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_KEY_PAIR", 30); break; + case PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY", 32); break; + case PSA_KEY_TYPE_CATEGORY_RAW: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_RAW", 25); break; + case PSA_KEY_TYPE_CATEGORY_SYMMETRIC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_SYMMETRIC", 31); break; + case PSA_KEY_TYPE_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CHACHA20", 21); break; + case PSA_KEY_TYPE_DERIVE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DERIVE", 19); break; + case PSA_KEY_TYPE_DES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DES", 16); break; + case PSA_KEY_TYPE_DH_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_KEY_PAIR_BASE", 29); break; + case PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE", 31); break; + case PSA_KEY_TYPE_DSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_KEY_PAIR", 25); break; + case PSA_KEY_TYPE_DSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_PUBLIC_KEY", 27); break; + case PSA_KEY_TYPE_ECC_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_KEY_PAIR_BASE", 30); break; + case PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE", 32); break; + case PSA_KEY_TYPE_HMAC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_HMAC", 17); break; + case PSA_KEY_TYPE_NONE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_NONE", 17); break; + case PSA_KEY_TYPE_PASSWORD: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD", 21); break; + case PSA_KEY_TYPE_PASSWORD_HASH: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD_HASH", 26); break; + case PSA_KEY_TYPE_PEPPER: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PEPPER", 19); break; + case PSA_KEY_TYPE_RAW_DATA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RAW_DATA", 21); break; + case PSA_KEY_TYPE_RSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_KEY_PAIR", 25); break; + case PSA_KEY_TYPE_RSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_PUBLIC_KEY", 27); break; + default: + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + append_with_curve(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_ECC_KEY_PAIR", 25, + PSA_KEY_TYPE_ECC_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { + append_with_curve(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_ECC_PUBLIC_KEY", 27, + PSA_KEY_TYPE_ECC_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { + append_with_group(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_DH_KEY_PAIR", 24, + PSA_KEY_TYPE_DH_GET_FAMILY(type)); + } else if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)) { + append_with_group(&buffer, buffer_size, &required_size, + "PSA_KEY_TYPE_DH_PUBLIC_KEY", 26, + PSA_KEY_TYPE_DH_GET_FAMILY(type)); + } else { + return snprintf(buffer, buffer_size, + "0x%04x", (unsigned) type); + } + break; + } + buffer[0] = 0; + return (int) required_size; +} + +#define NO_LENGTH_MODIFIER 0xfffffffflu +static int psa_snprint_algorithm(char *buffer, size_t buffer_size, + psa_algorithm_t alg) +{ + size_t required_size = 0; + psa_algorithm_t core_alg = alg; + unsigned long length_modifier = NO_LENGTH_MODIFIER; + if (PSA_ALG_IS_MAC(alg)) { + core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); + if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33); + length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); + } else if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TRUNCATED_MAC(", 22); + length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); + } + } else if (PSA_ALG_IS_AEAD(alg)) { + core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg); + if (core_alg == 0) { + /* For unknown AEAD algorithms, there is no "default tag length". */ + core_alg = alg; + } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); + } else if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); + } + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && + !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + append(&buffer, buffer_size, &required_size, + "PSA_ALG_KEY_AGREEMENT(", 22); + append_with_alg(&buffer, buffer_size, &required_size, + psa_ka_algorithm_name, + PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)); + append(&buffer, buffer_size, &required_size, ", ", 2); + } + switch (core_alg) { + case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break; + case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break; + case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break; + case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break; + case PSA_ALG_CATEGORY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_HASH", 21); break; + case PSA_ALG_CATEGORY_KEY_AGREEMENT: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_AGREEMENT", 30); break; + case PSA_ALG_CATEGORY_KEY_DERIVATION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_DERIVATION", 31); break; + case PSA_ALG_CATEGORY_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_MAC", 20); break; + case PSA_ALG_CATEGORY_PAKE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_PAKE", 21); break; + case PSA_ALG_CATEGORY_SIGN: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_SIGN", 21); break; + case PSA_ALG_CBC_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_MAC", 15); break; + case PSA_ALG_CBC_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_NO_PADDING", 22); break; + case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break; + case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break; + case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break; + case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break; + case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break; + case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break; + case PSA_ALG_CTR: append(&buffer, buffer_size, &required_size, "PSA_ALG_CTR", 11); break; + case PSA_ALG_DETERMINISTIC_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_DSA_BASE", 30); break; + case PSA_ALG_DETERMINISTIC_ECDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_ECDSA_BASE", 32); break; + case PSA_ALG_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DSA_BASE", 16); break; + case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break; + case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break; + case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break; + case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break; + case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break; + case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break; + case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break; + case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break; + case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break; + case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break; + case PSA_ALG_JPAKE: append(&buffer, buffer_size, &required_size, "PSA_ALG_JPAKE", 13); break; + case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break; + case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break; + case PSA_ALG_PBKDF2_AES_CMAC_PRF_128: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_AES_CMAC_PRF_128", 31); break; + case PSA_ALG_PBKDF2_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_HMAC_BASE", 24); break; + case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break; + case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break; + case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break; + case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break; + case PSA_ALG_RSA_PKCS1V15_SIGN_RAW: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_SIGN_RAW", 29); break; + case PSA_ALG_RSA_PSS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_BASE", 20); break; + case PSA_ALG_SHA3_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_224", 16); break; + case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break; + case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break; + case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break; + case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break; + case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break; + case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break; + case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break; + case PSA_ALG_SHA_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_384", 15); break; + case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break; + case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break; + case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break; + case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break; + case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break; + case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break; + case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break; + default: + if (PSA_ALG_IS_DETERMINISTIC_DSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DETERMINISTIC_DSA(", 25 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_DETERMINISTIC_ECDSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DETERMINISTIC_ECDSA(", 27 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RANDOMIZED_DSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_DSA(", 11 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RANDOMIZED_ECDSA(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_ECDSA(", 13 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_HKDF(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_HKDF(", 12 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_HMAC(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_HMAC(", 12 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_PBKDF2_HMAC(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_PBKDF2_HMAC(", 19 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_OAEP(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_OAEP(", 16 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_PKCS1V15_SIGN(", 25 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_RSA_PSS(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_RSA_PSS(", 15 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_TLS12_PRF(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TLS12_PRF(", 17 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else if (PSA_ALG_IS_TLS12_PSK_TO_MS(core_alg)) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TLS12_PSK_TO_MS(", 23 + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); + } else { + append_integer(&buffer, buffer_size, &required_size, + "0x%08lx", (unsigned long) core_alg); + } + break; + } + if (core_alg != alg) { + if (length_modifier != NO_LENGTH_MODIFIER) { + append(&buffer, buffer_size, &required_size, ", ", 2); + append_integer(&buffer, buffer_size, &required_size, + "%lu", length_modifier); + } + append(&buffer, buffer_size, &required_size, ")", 1); + } + buffer[0] = 0; + return (int) required_size; +} + +static int psa_snprint_key_usage(char *buffer, size_t buffer_size, + psa_key_usage_t usage) +{ + size_t required_size = 0; + if (usage == 0) { + if (buffer_size > 1) { + buffer[0] = '0'; + buffer[1] = 0; + } else if (buffer_size == 1) { + buffer[0] = 0; + } + return 1; + } + if (usage & PSA_KEY_USAGE_COPY) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_COPY", 18); + usage ^= PSA_KEY_USAGE_COPY; + } + if (usage & PSA_KEY_USAGE_DECRYPT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DECRYPT", 21); + usage ^= PSA_KEY_USAGE_DECRYPT; + } + if (usage & PSA_KEY_USAGE_DERIVE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DERIVE", 20); + usage ^= PSA_KEY_USAGE_DERIVE; + } + if (usage & PSA_KEY_USAGE_ENCRYPT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_ENCRYPT", 21); + usage ^= PSA_KEY_USAGE_ENCRYPT; + } + if (usage & PSA_KEY_USAGE_EXPORT) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_EXPORT", 20); + usage ^= PSA_KEY_USAGE_EXPORT; + } + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23); + usage ^= PSA_KEY_USAGE_SIGN_HASH; + } + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26); + usage ^= PSA_KEY_USAGE_SIGN_MESSAGE; + } + if (usage & PSA_KEY_USAGE_VERIFY_DERIVATION) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_DERIVATION", 31); + usage ^= PSA_KEY_USAGE_VERIFY_DERIVATION; + } + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25); + usage ^= PSA_KEY_USAGE_VERIFY_HASH; + } + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28); + usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + if (usage != 0) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append_integer(&buffer, buffer_size, &required_size, + "0x%08lx", (unsigned long) usage); + } else { + buffer[0] = 0; + } + return (int) required_size; +} + +/* End of automatically generated file. */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c new file mode 100644 index 0000000000..9a0d9a095d --- /dev/null +++ b/programs/test/query_config.c @@ -0,0 +1,2467 @@ +/* + * Query Mbed TLS compile time configurations from mbedtls_config.h + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbedtls/build_info.h" + +#include "query_config.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ + +/* + * Include all the headers with public APIs in case they define a macro to its + * default value when that configuration is not set in the mbedtls_config.h. + */ +#include "mbedtls/aes.h" +#include "mbedtls/aria.h" +#include "mbedtls/asn1.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/base64.h" +#include "mbedtls/bignum.h" +#include "mbedtls/camellia.h" +#include "mbedtls/ccm.h" +#include "mbedtls/chacha20.h" +#include "mbedtls/chachapoly.h" +#include "mbedtls/cipher.h" +#include "mbedtls/cmac.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/debug.h" +#include "mbedtls/des.h" +#include "mbedtls/dhm.h" +#include "mbedtls/ecdh.h" +#include "mbedtls/ecdsa.h" +#include "mbedtls/ecjpake.h" +#include "mbedtls/ecp.h" +#include "mbedtls/entropy.h" +#include "mbedtls/error.h" +#include "mbedtls/gcm.h" +#include "mbedtls/hkdf.h" +#include "mbedtls/hmac_drbg.h" +#include "mbedtls/md.h" +#include "mbedtls/md5.h" +#include "mbedtls/memory_buffer_alloc.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/nist_kw.h" +#include "mbedtls/oid.h" +#include "mbedtls/pem.h" +#include "mbedtls/pk.h" +#include "mbedtls/pkcs12.h" +#include "mbedtls/pkcs5.h" +#include "mbedtls/platform_time.h" +#include "mbedtls/platform_util.h" +#include "mbedtls/poly1305.h" +#include "mbedtls/ripemd160.h" +#include "mbedtls/rsa.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_cache.h" +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_ticket.h" +#include "mbedtls/threading.h" +#include "mbedtls/timing.h" +#include "mbedtls/version.h" +#include "mbedtls/x509.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" + +#include + +/* + * Helper macros to convert a macro or its expansion into a string + * WARNING: This does not work for expanding function-like macros. However, + * Mbed TLS does not currently have configuration options used in this fashion. + */ +#define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) +#define MACRO_NAME_TO_STR(macro) \ + mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) + +#if defined(_MSC_VER) +/* + * Visual Studio throws the warning 4003 because many Mbed TLS feature macros + * are defined empty. This means that from the preprocessor's point of view + * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as + * some macros expand to nothing. We suppress that specific warning to get a + * clean build and to ensure that tests treating warnings as errors do not + * fail. + */ +#pragma warning(push) +#pragma warning(disable:4003) +#endif /* _MSC_VER */ + +int query_config( const char *config ) +{ +#if defined(MBEDTLS_CONFIG_VERSION) + if( strcmp( "MBEDTLS_CONFIG_VERSION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CONFIG_VERSION ); + return( 0 ); + } +#endif /* MBEDTLS_CONFIG_VERSION */ + +#if defined(MBEDTLS_HAVE_ASM) + if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM ); + return( 0 ); + } +#endif /* MBEDTLS_HAVE_ASM */ + +#if defined(MBEDTLS_NO_UDBL_DIVISION) + if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION ); + return( 0 ); + } +#endif /* MBEDTLS_NO_UDBL_DIVISION */ + +#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) + if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION ); + return( 0 ); + } +#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ + +#if defined(MBEDTLS_HAVE_SSE2) + if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 ); + return( 0 ); + } +#endif /* MBEDTLS_HAVE_SSE2 */ + +#if defined(MBEDTLS_HAVE_TIME) + if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME ); + return( 0 ); + } +#endif /* MBEDTLS_HAVE_TIME */ + +#if defined(MBEDTLS_HAVE_TIME_DATE) + if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE ); + return( 0 ); + } +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +#if defined(MBEDTLS_PLATFORM_MEMORY) + if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_MEMORY */ + +#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) + if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ + +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) + if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ + +#if defined(MBEDTLS_PLATFORM_TIME_ALT) + if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ + +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) + if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) + if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) + if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) + if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) + if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ + +#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ + +#if defined(MBEDTLS_DEPRECATED_WARNING) + if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING ); + return( 0 ); + } +#endif /* MBEDTLS_DEPRECATED_WARNING */ + +#if defined(MBEDTLS_DEPRECATED_REMOVED) + if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED ); + return( 0 ); + } +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#if defined(MBEDTLS_TIMING_ALT) + if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_TIMING_ALT */ + +#if defined(MBEDTLS_AES_ALT) + if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_AES_ALT */ + +#if defined(MBEDTLS_ARIA_ALT) + if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ARIA_ALT */ + +#if defined(MBEDTLS_CAMELLIA_ALT) + if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_CAMELLIA_ALT */ + +#if defined(MBEDTLS_CCM_ALT) + if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_CCM_ALT */ + +#if defined(MBEDTLS_CHACHA20_ALT) + if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_CHACHA20_ALT */ + +#if defined(MBEDTLS_CHACHAPOLY_ALT) + if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_CHACHAPOLY_ALT */ + +#if defined(MBEDTLS_CMAC_ALT) + if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_CMAC_ALT */ + +#if defined(MBEDTLS_DES_ALT) + if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_DES_ALT */ + +#if defined(MBEDTLS_DHM_ALT) + if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_DHM_ALT */ + +#if defined(MBEDTLS_ECJPAKE_ALT) + if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECJPAKE_ALT */ + +#if defined(MBEDTLS_GCM_ALT) + if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_GCM_ALT */ + +#if defined(MBEDTLS_NIST_KW_ALT) + if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_NIST_KW_ALT */ + +#if defined(MBEDTLS_MD5_ALT) + if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_MD5_ALT */ + +#if defined(MBEDTLS_POLY1305_ALT) + if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_POLY1305_ALT */ + +#if defined(MBEDTLS_RIPEMD160_ALT) + if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_RIPEMD160_ALT */ + +#if defined(MBEDTLS_RSA_ALT) + if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_RSA_ALT */ + +#if defined(MBEDTLS_SHA1_ALT) + if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA1_ALT */ + +#if defined(MBEDTLS_SHA256_ALT) + if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA256_ALT */ + +#if defined(MBEDTLS_SHA512_ALT) + if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_ALT */ + +#if defined(MBEDTLS_ECP_ALT) + if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_ALT */ + +#if defined(MBEDTLS_MD5_PROCESS_ALT) + if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_MD5_PROCESS_ALT */ + +#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) + if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA1_PROCESS_ALT) + if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA1_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA256_PROCESS_ALT) + if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA256_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA512_PROCESS_ALT) + if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_PROCESS_ALT */ + +#if defined(MBEDTLS_DES_SETKEY_ALT) + if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_DES_SETKEY_ALT */ + +#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) + if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ + +#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) + if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ + +#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) + if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ + +#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) + if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ + +#if defined(MBEDTLS_AES_ENCRYPT_ALT) + if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_AES_ENCRYPT_ALT */ + +#if defined(MBEDTLS_AES_DECRYPT_ALT) + if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_AES_DECRYPT_ALT */ + +#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) + if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ + +#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) + if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ + +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) + if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) + if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ + +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) + if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ + +#if defined(MBEDTLS_ECP_INTERNAL_ALT) + if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_INTERNAL_ALT */ + +#if defined(MBEDTLS_ECP_NO_FALLBACK) + if( strcmp( "MBEDTLS_ECP_NO_FALLBACK", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_FALLBACK ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_NO_FALLBACK */ + +#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) + if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) + if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ + +#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) + if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) + if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) + if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) + if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ + +#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) + if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) + if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ + +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ + +#if defined(MBEDTLS_AES_ROM_TABLES) + if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES ); + return( 0 ); + } +#endif /* MBEDTLS_AES_ROM_TABLES */ + +#if defined(MBEDTLS_AES_FEWER_TABLES) + if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES ); + return( 0 ); + } +#endif /* MBEDTLS_AES_FEWER_TABLES */ + +#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) + if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY ); + return( 0 ); + } +#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_CFB */ + +#if defined(MBEDTLS_CIPHER_MODE_CTR) + if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_CTR */ + +#if defined(MBEDTLS_CIPHER_MODE_OFB) + if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + +#if defined(MBEDTLS_CIPHER_MODE_XTS) + if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_XTS */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ + +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) + if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ + +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) + if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ + +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) + if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ + +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) + if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +#if defined(MBEDTLS_ECP_NIST_OPTIM) + if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_NIST_OPTIM */ + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC ); + return( 0 ); + } +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED ); + return( 0 ); + } +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ + +#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) + if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY ); + return( 0 ); + } +#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ + +#if defined(MBEDTLS_GENPRIME) + if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME ); + return( 0 ); + } +#endif /* MBEDTLS_GENPRIME */ + +#if defined(MBEDTLS_FS_IO) + if( strcmp( "MBEDTLS_FS_IO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO ); + return( 0 ); + } +#endif /* MBEDTLS_FS_IO */ + +#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) + if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES ); + return( 0 ); + } +#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ + +#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) + if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY ); + return( 0 ); + } +#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ + +#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) + if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ + +#if defined(MBEDTLS_ENTROPY_NV_SEED) + if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_NV_SEED */ + +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ + +#if defined(MBEDTLS_MEMORY_DEBUG) + if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG ); + return( 0 ); + } +#endif /* MBEDTLS_MEMORY_DEBUG */ + +#if defined(MBEDTLS_MEMORY_BACKTRACE) + if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE ); + return( 0 ); + } +#endif /* MBEDTLS_MEMORY_BACKTRACE */ + +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) + if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT ); + return( 0 ); + } +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ + +#if defined(MBEDTLS_PKCS1_V15) + if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 ); + return( 0 ); + } +#endif /* MBEDTLS_PKCS1_V15 */ + +#if defined(MBEDTLS_PKCS1_V21) + if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 ); + return( 0 ); + } +#endif /* MBEDTLS_PKCS1_V21 */ + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CLIENT ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) + if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_DRIVERS ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ + +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + if( strcmp( "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) + if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SPM */ + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + +#if defined(MBEDTLS_RSA_NO_CRT) + if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT ); + return( 0 ); + } +#endif /* MBEDTLS_RSA_NO_CRT */ + +#if defined(MBEDTLS_SELF_TEST) + if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST ); + return( 0 ); + } +#endif /* MBEDTLS_SELF_TEST */ + +#if defined(MBEDTLS_SHA256_SMALLER) + if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER ); + return( 0 ); + } +#endif /* MBEDTLS_SHA256_SMALLER */ + +#if defined(MBEDTLS_SHA512_SMALLER) + if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_SMALLER */ + +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONTEXT_SERIALIZATION ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DEBUG_ALL */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_ALPN) + if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ALPN */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +#if defined(MBEDTLS_SSL_DTLS_SRTP) + if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_SRTP */ + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if( strcmp( "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ + +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) + if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN ); + return( 0 ); + } +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ + +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) + if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND ); + return( 0 ); + } +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ + +#if defined(MBEDTLS_TEST_HOOKS) + if( strcmp( "MBEDTLS_TEST_HOOKS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_HOOKS ); + return( 0 ); + } +#endif /* MBEDTLS_TEST_HOOKS */ + +#if defined(MBEDTLS_THREADING_ALT) + if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_THREADING_ALT */ + +#if defined(MBEDTLS_THREADING_PTHREAD) + if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD ); + return( 0 ); + } +#endif /* MBEDTLS_THREADING_PTHREAD */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO ); + return( 0 ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + +#if defined(MBEDTLS_VERSION_FEATURES) + if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES ); + return( 0 ); + } +#endif /* MBEDTLS_VERSION_FEATURES */ + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ); + return( 0 ); + } +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_X509_REMOVE_INFO) + if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO ); + return( 0 ); + } +#endif /* MBEDTLS_X509_REMOVE_INFO */ + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT ); + return( 0 ); + } +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + +#if defined(MBEDTLS_AESNI_C) + if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C ); + return( 0 ); + } +#endif /* MBEDTLS_AESNI_C */ + +#if defined(MBEDTLS_AES_C) + if( strcmp( "MBEDTLS_AES_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C ); + return( 0 ); + } +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) + if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#if defined(MBEDTLS_ASN1_WRITE_C) + if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_ASN1_WRITE_C */ + +#if defined(MBEDTLS_BASE64_C) + if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C ); + return( 0 ); + } +#endif /* MBEDTLS_BASE64_C */ + +#if defined(MBEDTLS_BIGNUM_C) + if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C ); + return( 0 ); + } +#endif /* MBEDTLS_BIGNUM_C */ + +#if defined(MBEDTLS_CAMELLIA_C) + if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C ); + return( 0 ); + } +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_ARIA_C) + if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C ); + return( 0 ); + } +#endif /* MBEDTLS_ARIA_C */ + +#if defined(MBEDTLS_CCM_C) + if( strcmp( "MBEDTLS_CCM_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C ); + return( 0 ); + } +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_CHACHA20_C) + if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C ); + return( 0 ); + } +#endif /* MBEDTLS_CHACHA20_C */ + +#if defined(MBEDTLS_CHACHAPOLY_C) + if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C ); + return( 0 ); + } +#endif /* MBEDTLS_CHACHAPOLY_C */ + +#if defined(MBEDTLS_CIPHER_C) + if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C ); + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_CMAC_C) + if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C ); + return( 0 ); + } +#endif /* MBEDTLS_CMAC_C */ + +#if defined(MBEDTLS_CTR_DRBG_C) + if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_C */ + +#if defined(MBEDTLS_DEBUG_C) + if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C ); + return( 0 ); + } +#endif /* MBEDTLS_DEBUG_C */ + +#if defined(MBEDTLS_DES_C) + if( strcmp( "MBEDTLS_DES_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C ); + return( 0 ); + } +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_DHM_C) + if( strcmp( "MBEDTLS_DHM_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C ); + return( 0 ); + } +#endif /* MBEDTLS_DHM_C */ + +#if defined(MBEDTLS_ECDH_C) + if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_C */ + +#if defined(MBEDTLS_ECDSA_C) + if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C ); + return( 0 ); + } +#endif /* MBEDTLS_ECDSA_C */ + +#if defined(MBEDTLS_ECJPAKE_C) + if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C ); + return( 0 ); + } +#endif /* MBEDTLS_ECJPAKE_C */ + +#if defined(MBEDTLS_ECP_C) + if( strcmp( "MBEDTLS_ECP_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_ENTROPY_C) + if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_C */ + +#if defined(MBEDTLS_ERROR_C) + if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C ); + return( 0 ); + } +#endif /* MBEDTLS_ERROR_C */ + +#if defined(MBEDTLS_GCM_C) + if( strcmp( "MBEDTLS_GCM_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C ); + return( 0 ); + } +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_HKDF_C) + if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C ); + return( 0 ); + } +#endif /* MBEDTLS_HKDF_C */ + +#if defined(MBEDTLS_HMAC_DRBG_C) + if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C ); + return( 0 ); + } +#endif /* MBEDTLS_HMAC_DRBG_C */ + +#if defined(MBEDTLS_NIST_KW_C) + if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C ); + return( 0 ); + } +#endif /* MBEDTLS_NIST_KW_C */ + +#if defined(MBEDTLS_MD_C) + if( strcmp( "MBEDTLS_MD_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C ); + return( 0 ); + } +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_MD5_C) + if( strcmp( "MBEDTLS_MD5_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C ); + return( 0 ); + } +#endif /* MBEDTLS_MD5_C */ + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C ); + return( 0 ); + } +#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ + +#if defined(MBEDTLS_NET_C) + if( strcmp( "MBEDTLS_NET_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C ); + return( 0 ); + } +#endif /* MBEDTLS_NET_C */ + +#if defined(MBEDTLS_OID_C) + if( strcmp( "MBEDTLS_OID_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C ); + return( 0 ); + } +#endif /* MBEDTLS_OID_C */ + +#if defined(MBEDTLS_PADLOCK_C) + if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C ); + return( 0 ); + } +#endif /* MBEDTLS_PADLOCK_C */ + +#if defined(MBEDTLS_PEM_PARSE_C) + if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PEM_PARSE_C */ + +#if defined(MBEDTLS_PEM_WRITE_C) + if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PEM_WRITE_C */ + +#if defined(MBEDTLS_PK_C) + if( strcmp( "MBEDTLS_PK_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C ); + return( 0 ); + } +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_PK_PARSE_C) + if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PK_PARSE_C */ + +#if defined(MBEDTLS_PK_WRITE_C) + if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PK_WRITE_C */ + +#if defined(MBEDTLS_PKCS5_C) + if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C ); + return( 0 ); + } +#endif /* MBEDTLS_PKCS5_C */ + +#if defined(MBEDTLS_PKCS12_C) + if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C ); + return( 0 ); + } +#endif /* MBEDTLS_PKCS12_C */ + +#if defined(MBEDTLS_PLATFORM_C) + if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_C */ + +#if defined(MBEDTLS_POLY1305_C) + if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C ); + return( 0 ); + } +#endif /* MBEDTLS_POLY1305_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_C) + if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +#if defined(MBEDTLS_PSA_ITS_FILE_C) + if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_ITS_FILE_C */ + +#if defined(MBEDTLS_RIPEMD160_C) + if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C ); + return( 0 ); + } +#endif /* MBEDTLS_RIPEMD160_C */ + +#if defined(MBEDTLS_RSA_C) + if( strcmp( "MBEDTLS_RSA_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C ); + return( 0 ); + } +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SHA1_C) + if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA224_C) + if( strcmp( "MBEDTLS_SHA224_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA224_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA224_C */ + +#if defined(MBEDTLS_SHA256_C) + if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA384_C) + if( strcmp( "MBEDTLS_SHA384_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA384_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA384_C */ + +#if defined(MBEDTLS_SHA512_C) + if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SSL_CACHE_C) + if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_C */ + +#if defined(MBEDTLS_SSL_COOKIE_C) + if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_COOKIE_C */ + +#if defined(MBEDTLS_SSL_TICKET_C) + if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TICKET_C */ + +#if defined(MBEDTLS_SSL_CLI_C) + if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TLS_C */ + +#if defined(MBEDTLS_THREADING_C) + if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C ); + return( 0 ); + } +#endif /* MBEDTLS_THREADING_C */ + +#if defined(MBEDTLS_TIMING_C) + if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C ); + return( 0 ); + } +#endif /* MBEDTLS_TIMING_C */ + +#if defined(MBEDTLS_VERSION_C) + if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C ); + return( 0 ); + } +#endif /* MBEDTLS_VERSION_C */ + +#if defined(MBEDTLS_X509_USE_C) + if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_USE_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRL_PARSE_C */ + +#if defined(MBEDTLS_X509_CSR_PARSE_C) + if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + +#if defined(MBEDTLS_X509_CREATE_C) + if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CREATE_C */ + +#if defined(MBEDTLS_X509_CRT_WRITE_C) + if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRT_WRITE_C */ + +#if defined(MBEDTLS_X509_CSR_WRITE_C) + if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CSR_WRITE_C */ + +#if defined(MBEDTLS_MPI_WINDOW_SIZE) + if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE ); + return( 0 ); + } +#endif /* MBEDTLS_MPI_WINDOW_SIZE */ + +#if defined(MBEDTLS_MPI_MAX_SIZE) + if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE ); + return( 0 ); + } +#endif /* MBEDTLS_MPI_MAX_SIZE */ + +#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) + if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */ + +#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) + if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT) + if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST) + if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) + if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */ + +#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) + if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL ); + return( 0 ); + } +#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT) + if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT ); + return( 0 ); + } +#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST) + if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST ); + return( 0 ); + } +#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) + if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); + return( 0 ); + } +#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */ + +#if defined(MBEDTLS_ECP_WINDOW_SIZE) + if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_WINDOW_SIZE */ + +#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) + if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM ); + return( 0 ); + } +#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ + +#if defined(MBEDTLS_ENTROPY_MAX_SOURCES) + if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */ + +#if defined(MBEDTLS_ENTROPY_MAX_GATHER) + if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_MAX_GATHER */ + +#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE) + if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE ); + return( 0 ); + } +#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */ + +#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE) + if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE ); + return( 0 ); + } +#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */ + +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) + if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */ + +#if defined(MBEDTLS_PLATFORM_STD_CALLOC) + if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_CALLOC */ + +#if defined(MBEDTLS_PLATFORM_STD_FREE) + if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_FREE */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT) + if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_EXIT */ + +#if defined(MBEDTLS_PLATFORM_STD_TIME) + if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_TIME */ + +#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) + if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_PRINTF) + if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_PRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) + if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) + if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) + if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) + if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) + if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) + if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */ + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */ + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_FREE_MACRO */ + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ + +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ + +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) + if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ + +#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) + if( strcmp( "MBEDTLS_PSA_HMAC_DRBG_MD_TYPE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */ + +#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT) + if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */ + +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) + if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ + +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) + if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ + +#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) + if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX) + if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */ + +#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) + if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ + +#if defined(MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) + if( strcmp( "MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY */ + +#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) + if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) + if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ + +#if defined(MBEDTLS_PSK_MAX_LEN) + if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_PSK_MAX_LEN */ + +#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) + if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ + +#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) + if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA ); + return( 0 ); + } +#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ + +#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) + if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ + +#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) + if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ + +#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) + if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ + +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ + + /* If the symbol is not found, return an error */ + return( 1 ); +} + +#if defined(_MSC_VER) +#pragma warning(pop) +#endif /* _MSC_VER */ diff --git a/tests/suites/test_suite_psa_crypto_not_supported.generated.data b/tests/suites/test_suite_psa_crypto_not_supported.generated.data new file mode 100644 index 0000000000..079381f5c4 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_not_supported.generated.data @@ -0,0 +1,1054 @@ +# Automatically generated by generate_psa_tests.py. Do not edit! + +PSA import AES 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461" + +PSA generate AES 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +generate_not_supported:PSA_KEY_TYPE_AES:128 + +PSA import AES 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a0646174614865726500697320" + +PSA generate AES 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +generate_not_supported:PSA_KEY_TYPE_AES:192 + +PSA import AES 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate AES 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_AES +generate_not_supported:PSA_KEY_TYPE_AES:256 + +PSA import CAMELLIA 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461" + +PSA generate CAMELLIA 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +generate_not_supported:PSA_KEY_TYPE_CAMELLIA:128 + +PSA import CAMELLIA 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a0646174614865726500697320" + +PSA generate CAMELLIA 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +generate_not_supported:PSA_KEY_TYPE_CAMELLIA:192 + +PSA import CAMELLIA 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate CAMELLIA 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA +generate_not_supported:PSA_KEY_TYPE_CAMELLIA:256 + +PSA import CHACHA20 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 +import_not_supported:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate CHACHA20 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 +generate_not_supported:PSA_KEY_TYPE_CHACHA20:256 + +PSA import DES 64-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901" + +PSA generate DES 64-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +generate_not_supported:PSA_KEY_TYPE_DES:64 + +PSA import DES 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902" + +PSA generate DES 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +generate_not_supported:PSA_KEY_TYPE_DES:128 + +PSA import DES 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902644573206b457904" + +PSA generate DES 192-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_DES +generate_not_supported:PSA_KEY_TYPE_DES:192 + +PSA import HMAC 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461" + +PSA generate HMAC 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:128 + +PSA import HMAC 160-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265" + +PSA generate HMAC 160-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:160 + +PSA import HMAC 224-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a0" + +PSA generate HMAC 224-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:224 + +PSA import HMAC 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate HMAC 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:256 + +PSA import HMAC 384-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate HMAC 384-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:384 + +PSA import HMAC 512-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate HMAC 512-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_HMAC +generate_not_supported:PSA_KEY_TYPE_HMAC:512 + +PSA import PASSWORD 48-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PASSWORD:"486572650069" + +PSA generate PASSWORD 48-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PASSWORD:48 + +PSA import PASSWORD 168-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a0646174614865726500" + +PSA generate PASSWORD 168-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PASSWORD:168 + +PSA import PASSWORD 336-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" + +PSA generate PASSWORD 336-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PASSWORD:336 + +PSA import PASSWORD_HASH 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a064617461" + +PSA generate PASSWORD_HASH 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:128 + +PSA import PASSWORD_HASH 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate PASSWORD_HASH 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:256 + +PSA import PEPPER 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a064617461" + +PSA generate PEPPER 128-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PEPPER:128 + +PSA import PEPPER 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA generate PEPPER 256-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_PEPPER:256 + +PSA import RSA_KEY_PAIR 1024-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA generate RSA_KEY_PAIR 1024-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 + +PSA import RSA_KEY_PAIR 1536-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +PSA generate RSA_KEY_PAIR 1536-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1536 + +PSA import RSA_PUBLIC_KEY 1024-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA generate RSA_PUBLIC_KEY 1024-bit never supported +generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024 + +PSA import RSA_PUBLIC_KEY 1536-bit not supported +depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +PSA generate RSA_PUBLIC_KEY 1536-bit never supported +generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 + +PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 + +PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 + +PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 + +PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 + +PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255 + +PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" + +PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448 + +PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_255 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_448 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" + +PSA import ECC_KEY_PAIR(SECP_K1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 + +PSA import ECC_KEY_PAIR(SECP_K1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 + +PSA import ECC_KEY_PAIR(SECP_K1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 + +PSA import ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 + +PSA import ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 + +PSA import ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 + +PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_192 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +PSA generate ECC_PUBLIC_KEY(SECP_K1) 192-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192 + +PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_224 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +PSA generate ECC_PUBLIC_KEY(SECP_K1) 224-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224 + +PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +PSA generate ECC_PUBLIC_KEY(SECP_K1) 256-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256 + +PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_192 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_224 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +PSA import ECC_KEY_PAIR(SECP_R1) 225-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 + +PSA import ECC_KEY_PAIR(SECP_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 + +PSA import ECC_KEY_PAIR(SECP_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 + +PSA import ECC_KEY_PAIR(SECP_R1) 521-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 + +PSA import ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 + +PSA import ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 + +PSA import ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 + +PSA import ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 + +PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +PSA generate ECC_PUBLIC_KEY(SECP_R1) 225-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225 + +PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +PSA generate ECC_PUBLIC_KEY(SECP_R1) 256-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256 + +PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +PSA generate ECC_PUBLIC_KEY(SECP_R1) 384-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384 + +PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +PSA generate ECC_PUBLIC_KEY(SECP_R1) 521-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521 + +PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_256 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_384 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_521 +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +PSA import ECC_KEY_PAIR(SECP_R2) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 + +PSA import ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 + +PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +PSA generate ECC_PUBLIC_KEY(SECP_R2) 160-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160 + +PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +PSA import ECC_KEY_PAIR(SECT_K1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 + +PSA import ECC_KEY_PAIR(SECT_K1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 + +PSA import ECC_KEY_PAIR(SECT_K1) 239-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 + +PSA import ECC_KEY_PAIR(SECT_K1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 + +PSA import ECC_KEY_PAIR(SECT_K1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 + +PSA import ECC_KEY_PAIR(SECT_K1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 + +PSA import ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 + +PSA import ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 + +PSA import ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 + +PSA import ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 + +PSA import ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 + +PSA import ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 163-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 233-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 239-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 283-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 409-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +PSA generate ECC_PUBLIC_KEY(SECT_K1) 571-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571 + +PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +PSA import ECC_KEY_PAIR(SECT_R1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 + +PSA import ECC_KEY_PAIR(SECT_R1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 + +PSA import ECC_KEY_PAIR(SECT_R1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 + +PSA import ECC_KEY_PAIR(SECT_R1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 + +PSA import ECC_KEY_PAIR(SECT_R1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 + +PSA import ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 + +PSA import ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 + +PSA import ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 + +PSA import ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 + +PSA import ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +PSA generate ECC_PUBLIC_KEY(SECT_R1) 163-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +PSA generate ECC_PUBLIC_KEY(SECT_R1) 233-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +PSA generate ECC_PUBLIC_KEY(SECT_R1) 283-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +PSA generate ECC_PUBLIC_KEY(SECT_R1) 409-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +PSA generate ECC_PUBLIC_KEY(SECT_R1) 571-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571 + +PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +PSA import ECC_KEY_PAIR(SECT_R2) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" + +PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 + +PSA import ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" + +PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 + +PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +PSA generate ECC_PUBLIC_KEY(SECT_R2) 163-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163 + +PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 + +PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 + +PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 + +PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 + +PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 + +PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type not supported +depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type never supported +generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 + +PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit curve not supported +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET +import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +# End of automatically generated file. diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln new file mode 100644 index 0000000000..dc3264451e --- /dev/null +++ b/visualc/VS2010/mbedTLS.sln @@ -0,0 +1,676 @@ + +Microsoft Visual Studio Solution File, Format Version 11.00 +# Visual C++ Express 2010 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum.vcxproj", "{D071CCF7-ACA0-21F8-D382-52A759AEA261}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hello", "hello.vcxproj", "{B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdsa", "ecdsa.vcxproj", "{F58142CC-0CC7-0B18-5A0F-53642CFBA18E}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_key", "gen_key.vcxproj", "{BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app", "key_app.vcxproj", "{10AE376F-1A70-0297-0216-1FD01AD15D19}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app_writer", "key_app_writer.vcxproj", "{E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mpi_demo", "mpi_demo.vcxproj", "{A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_decrypt", "pk_decrypt.vcxproj", "{1EC6CBA3-6187-D456-D9B7-A35399395D71}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_encrypt", "pk_encrypt.vcxproj", "{55007179-7746-9CFB-97EC-65102FB272C8}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_sign", "pk_sign.vcxproj", "{F2E8CA55-597F-7FDC-6456-D8650FB970A3}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_verify", "pk_verify.vcxproj", "{C429B336-1B30-119C-3B34-21A186D6744F}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_decrypt", "rsa_decrypt.vcxproj", "{E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_encrypt", "rsa_encrypt.vcxproj", "{D06CF12E-F222-9273-41BF-B8A052FA5527}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_genkey", "rsa_genkey.vcxproj", "{F472475C-F677-0E7F-F127-45BF5B64F622}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign", "rsa_sign.vcxproj", "{10790F49-6887-AAB6-2D86-BCBD516F8D26}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign_pss", "rsa_sign_pss.vcxproj", "{DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify", "rsa_verify.vcxproj", "{689E28CF-89ED-BA38-3A14-78A75D891D46}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify_pss", "rsa_verify_pss.vcxproj", "{95C50864-854C-2A11-4C91-BCE654E344FB}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_entropy", "gen_entropy.vcxproj", "{DE695064-13C3-18B0-378D-8B22672BF3F4}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_ctr_drbg", "gen_random_ctr_drbg.vcxproj", "{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_server", "dtls_server.vcxproj", "{BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client1", "ssl_client1.vcxproj", "{487A2F80-3CA3-678D-88D5-82194872CF08}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client2", "ssl_client2.vcxproj", "{4E590E9D-E28F-87FF-385B-D58736388231}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_context_info", "ssl_context_info.vcxproj", "{017ECC7D-FB6D-46D8-076B-F64172E8E3BC}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork_server.vcxproj", "{918CD402-047D-8467-E11C-E1132053F916}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server", "ssl_server.vcxproj", "{E08E0065-896A-7487-DEA5-D3B80B71F975}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server2", "ssl_server2.vcxproj", "{A4DA7463-1047-BDF5-E1B3-5632CB573F41}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcxproj", "{90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "query_compile_time_config", "query_compile_time_config.vcxproj", "{D6F58AF2-9D80-562A-E2B0-F743281522B9}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "selftest", "selftest.vcxproj", "{7DBC5F77-3DA1-5F73-8421-E693D95FC66A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udp_proxy", "udp_proxy.vcxproj", "{7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zeroize", "zeroize.vcxproj", "{10C01E94-4926-063E-9F56-C84ED190D349}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pem2der", "pem2der.vcxproj", "{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "strerror", "strerror.vcxproj", "{23EF735C-CC4C-3EC4-A75E-903DB340F04A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_app", "cert_app.vcxproj", "{D4D691D4-137C-CBFA-735B-D46636D7E4D8}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_req", "cert_req.vcxproj", "{C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_write", "cert_write.vcxproj", "{35E52E46-3BA9-4361-41D3-53663C2E9B8A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj", "{DB904B85-AD31-B7FB-114F-88760CC485F2}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Win32 = Debug|Win32 + Debug|x64 = Debug|x64 + Release|Win32 = Release|Win32 + Release|x64 = Release|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.ActiveCfg = Debug|Win32 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.Build.0 = Debug|Win32 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.ActiveCfg = Debug|x64 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.Build.0 = Debug|x64 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.ActiveCfg = Release|Win32 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64 + {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.Build.0 = Debug|x64 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.ActiveCfg = Release|Win32 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.Build.0 = Release|Win32 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.ActiveCfg = Release|x64 + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.Build.0 = Release|x64 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.ActiveCfg = Debug|Win32 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.Build.0 = Debug|Win32 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.ActiveCfg = Debug|x64 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.Build.0 = Debug|x64 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.ActiveCfg = Release|Win32 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 + {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.ActiveCfg = Debug|Win32 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.Build.0 = Debug|Win32 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.ActiveCfg = Debug|x64 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.Build.0 = Debug|x64 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.ActiveCfg = Release|Win32 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.Build.0 = Release|Win32 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.ActiveCfg = Release|x64 + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.Build.0 = Release|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.Build.0 = Debug|x64 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.ActiveCfg = Release|Win32 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 + {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.Build.0 = Debug|x64 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.ActiveCfg = Release|Win32 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.Build.0 = Release|Win32 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.ActiveCfg = Release|x64 + {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.Build.0 = Release|x64 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.ActiveCfg = Debug|Win32 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.Build.0 = Debug|Win32 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.ActiveCfg = Debug|x64 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.Build.0 = Debug|x64 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.ActiveCfg = Release|Win32 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.Build.0 = Release|Win32 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.ActiveCfg = Release|x64 + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.Build.0 = Release|x64 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.ActiveCfg = Debug|Win32 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.Build.0 = Debug|Win32 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.ActiveCfg = Debug|x64 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.Build.0 = Debug|x64 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.ActiveCfg = Release|Win32 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.Build.0 = Release|Win32 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.ActiveCfg = Release|x64 + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.Build.0 = Release|x64 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.ActiveCfg = Debug|Win32 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.Build.0 = Debug|Win32 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.ActiveCfg = Debug|x64 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.Build.0 = Debug|x64 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.ActiveCfg = Release|Win32 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.Build.0 = Release|Win32 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.ActiveCfg = Release|x64 + {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.Build.0 = Release|x64 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.ActiveCfg = Debug|Win32 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.Build.0 = Debug|Win32 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.ActiveCfg = Debug|x64 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.Build.0 = Debug|x64 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.ActiveCfg = Release|Win32 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.Build.0 = Release|Win32 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.ActiveCfg = Release|x64 + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.Build.0 = Release|x64 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.ActiveCfg = Debug|Win32 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.Build.0 = Debug|Win32 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.ActiveCfg = Debug|x64 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.Build.0 = Debug|x64 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.ActiveCfg = Release|Win32 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.Build.0 = Release|Win32 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.ActiveCfg = Release|x64 + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.Build.0 = Release|x64 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.ActiveCfg = Debug|Win32 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.Build.0 = Debug|Win32 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.ActiveCfg = Debug|x64 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.Build.0 = Debug|x64 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.ActiveCfg = Release|Win32 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.Build.0 = Release|Win32 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.ActiveCfg = Release|x64 + {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.Build.0 = Release|x64 + {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.ActiveCfg = Debug|Win32 + {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.Build.0 = Debug|Win32 + {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.ActiveCfg = Debug|x64 + {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.Build.0 = Debug|x64 + {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.ActiveCfg = Release|Win32 + {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.Build.0 = Release|Win32 + {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.ActiveCfg = Release|x64 + {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.Build.0 = Release|x64 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.ActiveCfg = Debug|Win32 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.Build.0 = Debug|Win32 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.ActiveCfg = Debug|x64 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.Build.0 = Debug|x64 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.ActiveCfg = Release|Win32 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.Build.0 = Release|Win32 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.ActiveCfg = Release|x64 + {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.Build.0 = Release|x64 + {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.ActiveCfg = Debug|Win32 + {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.Build.0 = Debug|Win32 + {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.ActiveCfg = Debug|x64 + {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.Build.0 = Debug|x64 + {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.ActiveCfg = Release|Win32 + {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.Build.0 = Release|Win32 + {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.ActiveCfg = Release|x64 + {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.Build.0 = Release|x64 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.ActiveCfg = Debug|Win32 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.Build.0 = Debug|Win32 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.ActiveCfg = Debug|x64 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.Build.0 = Debug|x64 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.ActiveCfg = Release|Win32 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.Build.0 = Release|Win32 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.ActiveCfg = Release|x64 + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.Build.0 = Release|x64 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.ActiveCfg = Debug|Win32 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.Build.0 = Debug|Win32 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.ActiveCfg = Debug|x64 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.Build.0 = Debug|x64 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.ActiveCfg = Release|Win32 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.Build.0 = Release|Win32 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.ActiveCfg = Release|x64 + {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.Build.0 = Release|x64 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.ActiveCfg = Debug|Win32 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.Build.0 = Debug|Win32 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.ActiveCfg = Debug|x64 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.Build.0 = Debug|x64 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.ActiveCfg = Release|Win32 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.Build.0 = Release|Win32 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.ActiveCfg = Release|x64 + {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.Build.0 = Release|x64 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.ActiveCfg = Debug|Win32 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.Build.0 = Debug|Win32 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.ActiveCfg = Debug|x64 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.Build.0 = Debug|x64 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.ActiveCfg = Release|Win32 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.Build.0 = Release|Win32 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.ActiveCfg = Release|x64 + {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.Build.0 = Release|x64 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.ActiveCfg = Debug|Win32 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.Build.0 = Debug|Win32 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.ActiveCfg = Debug|x64 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.Build.0 = Debug|x64 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.ActiveCfg = Release|Win32 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.Build.0 = Release|Win32 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.ActiveCfg = Release|x64 + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.Build.0 = Release|x64 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.ActiveCfg = Debug|Win32 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.Build.0 = Debug|Win32 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.ActiveCfg = Debug|x64 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.Build.0 = Debug|x64 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.ActiveCfg = Release|Win32 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.Build.0 = Release|Win32 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.ActiveCfg = Release|x64 + {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.Build.0 = Release|x64 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.ActiveCfg = Debug|Win32 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.Build.0 = Debug|Win32 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.ActiveCfg = Debug|x64 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.Build.0 = Debug|x64 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.ActiveCfg = Release|Win32 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64 + {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.ActiveCfg = Debug|Win32 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.Build.0 = Debug|Win32 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.ActiveCfg = Debug|x64 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.Build.0 = Debug|x64 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.ActiveCfg = Release|Win32 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.Build.0 = Release|Win32 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.ActiveCfg = Release|x64 + {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.Build.0 = Release|x64 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.ActiveCfg = Debug|Win32 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.Build.0 = Debug|Win32 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.ActiveCfg = Debug|x64 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.Build.0 = Debug|x64 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.ActiveCfg = Release|Win32 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64 + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.Build.0 = Debug|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.ActiveCfg = Release|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.Build.0 = Release|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.ActiveCfg = Release|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.Build.0 = Release|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.ActiveCfg = Debug|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.Build.0 = Debug|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.ActiveCfg = Debug|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.Build.0 = Debug|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.ActiveCfg = Release|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.Build.0 = Release|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.ActiveCfg = Release|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.Build.0 = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.ActiveCfg = Debug|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.Build.0 = Debug|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.ActiveCfg = Debug|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.Build.0 = Debug|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.ActiveCfg = Release|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.Build.0 = Release|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.ActiveCfg = Release|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.Build.0 = Release|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.ActiveCfg = Debug|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.Build.0 = Debug|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.ActiveCfg = Debug|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.Build.0 = Debug|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.ActiveCfg = Release|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.Build.0 = Release|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.ActiveCfg = Release|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.Build.0 = Release|x64 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.ActiveCfg = Debug|Win32 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.Build.0 = Debug|Win32 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.ActiveCfg = Debug|x64 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.Build.0 = Debug|x64 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.ActiveCfg = Release|Win32 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.Build.0 = Release|Win32 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.ActiveCfg = Release|x64 + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.Build.0 = Release|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.ActiveCfg = Debug|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.Build.0 = Debug|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.ActiveCfg = Debug|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.Build.0 = Debug|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.ActiveCfg = Release|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.Build.0 = Debug|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.ActiveCfg = Release|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.Build.0 = Release|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.ActiveCfg = Release|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.Build.0 = Release|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.ActiveCfg = Debug|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.Build.0 = Debug|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.ActiveCfg = Debug|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.Build.0 = Debug|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.ActiveCfg = Release|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.Build.0 = Release|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.ActiveCfg = Release|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.Build.0 = Release|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.ActiveCfg = Debug|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.Build.0 = Debug|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.ActiveCfg = Debug|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.Build.0 = Debug|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.ActiveCfg = Release|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.Build.0 = Release|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.ActiveCfg = Release|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.Build.0 = Release|x64 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.ActiveCfg = Debug|Win32 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.Build.0 = Debug|Win32 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.ActiveCfg = Debug|x64 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.Build.0 = Debug|x64 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.ActiveCfg = Release|Win32 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.Build.0 = Release|Win32 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.ActiveCfg = Release|x64 + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.Build.0 = Release|x64 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.ActiveCfg = Debug|Win32 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.Build.0 = Debug|Win32 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.ActiveCfg = Debug|x64 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.Build.0 = Debug|x64 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.ActiveCfg = Release|Win32 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.Build.0 = Release|Win32 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.ActiveCfg = Release|x64 + {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.Build.0 = Release|x64 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.ActiveCfg = Debug|Win32 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.Build.0 = Debug|Win32 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.ActiveCfg = Debug|x64 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.Build.0 = Debug|x64 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.ActiveCfg = Release|Win32 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.Build.0 = Release|Win32 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.ActiveCfg = Release|x64 + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.Build.0 = Release|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.ActiveCfg = Debug|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.Build.0 = Debug|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.ActiveCfg = Debug|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.Build.0 = Debug|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.ActiveCfg = Release|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.Build.0 = Release|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.ActiveCfg = Release|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.Build.0 = Release|x64 + {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.ActiveCfg = Debug|Win32 + {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.Build.0 = Debug|Win32 + {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.ActiveCfg = Debug|x64 + {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.Build.0 = Debug|x64 + {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.ActiveCfg = Release|Win32 + {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.Build.0 = Release|Win32 + {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.ActiveCfg = Release|x64 + {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.Build.0 = Release|x64 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.ActiveCfg = Debug|Win32 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.Build.0 = Debug|Win32 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.ActiveCfg = Debug|x64 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.Build.0 = Debug|x64 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.ActiveCfg = Release|Win32 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.Build.0 = Release|Win32 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.ActiveCfg = Release|x64 + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.Build.0 = Release|x64 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.ActiveCfg = Debug|Win32 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.Build.0 = Debug|Win32 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.ActiveCfg = Debug|x64 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.Build.0 = Debug|x64 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.ActiveCfg = Release|Win32 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.Build.0 = Release|Win32 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.ActiveCfg = Release|x64 + {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.Build.0 = Release|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.ActiveCfg = Debug|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.Build.0 = Debug|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.ActiveCfg = Debug|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.Build.0 = Debug|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.ActiveCfg = Release|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.Build.0 = Release|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.ActiveCfg = Release|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.Build.0 = Release|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.ActiveCfg = Debug|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.Build.0 = Debug|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.ActiveCfg = Debug|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.Build.0 = Debug|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.ActiveCfg = Release|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.Build.0 = Release|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.ActiveCfg = Release|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.Build.0 = Release|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.ActiveCfg = Debug|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.Build.0 = Debug|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.ActiveCfg = Debug|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.Build.0 = Debug|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.ActiveCfg = Release|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.Build.0 = Release|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.ActiveCfg = Release|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.Build.0 = Release|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.ActiveCfg = Debug|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.Build.0 = Debug|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.ActiveCfg = Debug|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.Build.0 = Debug|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.ActiveCfg = Release|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.Build.0 = Debug|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.ActiveCfg = Release|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.Build.0 = Release|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.ActiveCfg = Release|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.Build.0 = Release|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal From 2a9c783625fc161839086ca5887ef615fad4cc94 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 09:57:20 +0100 Subject: [PATCH 0723/1065] Add additional generated files Signed-off-by: Dave Rodgman --- ...ite_psa_crypto_storage_format.current.data | 1779 ++++++++++++++ ...st_suite_psa_crypto_storage_format.v0.data | 2111 +++++++++++++++++ visualc/VS2010/benchmark.vcxproj | 167 ++ visualc/VS2010/cert_app.vcxproj | 167 ++ visualc/VS2010/cert_req.vcxproj | 167 ++ visualc/VS2010/cert_write.vcxproj | 167 ++ visualc/VS2010/crl_app.vcxproj | 167 ++ visualc/VS2010/crypt_and_hash.vcxproj | 167 ++ visualc/VS2010/crypto_examples.vcxproj | 167 ++ visualc/VS2010/dh_client.vcxproj | 167 ++ visualc/VS2010/dh_genprime.vcxproj | 167 ++ visualc/VS2010/dh_server.vcxproj | 167 ++ visualc/VS2010/dtls_client.vcxproj | 167 ++ visualc/VS2010/dtls_server.vcxproj | 167 ++ visualc/VS2010/ecdh_curve25519.vcxproj | 167 ++ visualc/VS2010/ecdsa.vcxproj | 167 ++ visualc/VS2010/gen_entropy.vcxproj | 167 ++ visualc/VS2010/gen_key.vcxproj | 167 ++ visualc/VS2010/gen_random_ctr_drbg.vcxproj | 167 ++ visualc/VS2010/generic_sum.vcxproj | 167 ++ visualc/VS2010/hello.vcxproj | 167 ++ visualc/VS2010/key_app.vcxproj | 167 ++ visualc/VS2010/key_app_writer.vcxproj | 167 ++ visualc/VS2010/key_ladder_demo.vcxproj | 167 ++ visualc/VS2010/mbedTLS.vcxproj | 392 +++ visualc/VS2010/mini_client.vcxproj | 167 ++ visualc/VS2010/mpi_demo.vcxproj | 167 ++ visualc/VS2010/pem2der.vcxproj | 167 ++ visualc/VS2010/pk_decrypt.vcxproj | 167 ++ visualc/VS2010/pk_encrypt.vcxproj | 167 ++ visualc/VS2010/pk_sign.vcxproj | 167 ++ visualc/VS2010/pk_verify.vcxproj | 167 ++ visualc/VS2010/psa_constant_names.vcxproj | 167 ++ .../VS2010/query_compile_time_config.vcxproj | 168 ++ visualc/VS2010/req_app.vcxproj | 167 ++ visualc/VS2010/rsa_decrypt.vcxproj | 167 ++ visualc/VS2010/rsa_encrypt.vcxproj | 167 ++ visualc/VS2010/rsa_genkey.vcxproj | 167 ++ visualc/VS2010/rsa_sign.vcxproj | 167 ++ visualc/VS2010/rsa_sign_pss.vcxproj | 167 ++ visualc/VS2010/rsa_verify.vcxproj | 167 ++ visualc/VS2010/rsa_verify_pss.vcxproj | 167 ++ visualc/VS2010/selftest.vcxproj | 167 ++ visualc/VS2010/ssl_client1.vcxproj | 167 ++ visualc/VS2010/ssl_client2.vcxproj | 169 ++ visualc/VS2010/ssl_context_info.vcxproj | 167 ++ visualc/VS2010/ssl_fork_server.vcxproj | 167 ++ visualc/VS2010/ssl_mail_client.vcxproj | 167 ++ visualc/VS2010/ssl_server.vcxproj | 167 ++ visualc/VS2010/ssl_server2.vcxproj | 169 ++ visualc/VS2010/strerror.vcxproj | 167 ++ visualc/VS2010/udp_proxy.vcxproj | 167 ++ visualc/VS2010/zeroize.vcxproj | 167 ++ 53 files changed, 12637 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_storage_format.current.data create mode 100644 tests/suites/test_suite_psa_crypto_storage_format.v0.data create mode 100644 visualc/VS2010/benchmark.vcxproj create mode 100644 visualc/VS2010/cert_app.vcxproj create mode 100644 visualc/VS2010/cert_req.vcxproj create mode 100644 visualc/VS2010/cert_write.vcxproj create mode 100644 visualc/VS2010/crl_app.vcxproj create mode 100644 visualc/VS2010/crypt_and_hash.vcxproj create mode 100644 visualc/VS2010/crypto_examples.vcxproj create mode 100644 visualc/VS2010/dh_client.vcxproj create mode 100644 visualc/VS2010/dh_genprime.vcxproj create mode 100644 visualc/VS2010/dh_server.vcxproj create mode 100644 visualc/VS2010/dtls_client.vcxproj create mode 100644 visualc/VS2010/dtls_server.vcxproj create mode 100644 visualc/VS2010/ecdh_curve25519.vcxproj create mode 100644 visualc/VS2010/ecdsa.vcxproj create mode 100644 visualc/VS2010/gen_entropy.vcxproj create mode 100644 visualc/VS2010/gen_key.vcxproj create mode 100644 visualc/VS2010/gen_random_ctr_drbg.vcxproj create mode 100644 visualc/VS2010/generic_sum.vcxproj create mode 100644 visualc/VS2010/hello.vcxproj create mode 100644 visualc/VS2010/key_app.vcxproj create mode 100644 visualc/VS2010/key_app_writer.vcxproj create mode 100644 visualc/VS2010/key_ladder_demo.vcxproj create mode 100644 visualc/VS2010/mbedTLS.vcxproj create mode 100644 visualc/VS2010/mini_client.vcxproj create mode 100644 visualc/VS2010/mpi_demo.vcxproj create mode 100644 visualc/VS2010/pem2der.vcxproj create mode 100644 visualc/VS2010/pk_decrypt.vcxproj create mode 100644 visualc/VS2010/pk_encrypt.vcxproj create mode 100644 visualc/VS2010/pk_sign.vcxproj create mode 100644 visualc/VS2010/pk_verify.vcxproj create mode 100644 visualc/VS2010/psa_constant_names.vcxproj create mode 100644 visualc/VS2010/query_compile_time_config.vcxproj create mode 100644 visualc/VS2010/req_app.vcxproj create mode 100644 visualc/VS2010/rsa_decrypt.vcxproj create mode 100644 visualc/VS2010/rsa_encrypt.vcxproj create mode 100644 visualc/VS2010/rsa_genkey.vcxproj create mode 100644 visualc/VS2010/rsa_sign.vcxproj create mode 100644 visualc/VS2010/rsa_sign_pss.vcxproj create mode 100644 visualc/VS2010/rsa_verify.vcxproj create mode 100644 visualc/VS2010/rsa_verify_pss.vcxproj create mode 100644 visualc/VS2010/selftest.vcxproj create mode 100644 visualc/VS2010/ssl_client1.vcxproj create mode 100644 visualc/VS2010/ssl_client2.vcxproj create mode 100644 visualc/VS2010/ssl_context_info.vcxproj create mode 100644 visualc/VS2010/ssl_fork_server.vcxproj create mode 100644 visualc/VS2010/ssl_mail_client.vcxproj create mode 100644 visualc/VS2010/ssl_server.vcxproj create mode 100644 visualc/VS2010/ssl_server2.vcxproj create mode 100644 visualc/VS2010/strerror.vcxproj create mode 100644 visualc/VS2010/udp_proxy.vcxproj create mode 100644 visualc/VS2010/zeroize.vcxproj diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data new file mode 100644 index 0000000000..3369c3ed18 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_storage_format.current.data @@ -0,0 +1,1779 @@ +# Automatically generated by generate_psa_tests.py. Do not edit! + +PSA storage save: lifetime: (DEFAULT, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" + +PSA storage save: lifetime: (2, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c" + +PSA storage save: lifetime: (254, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c" + +PSA storage save: lifetime: PERSISTENT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" + +PSA storage save: usage: 0 +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b" + +PSA storage save: usage: COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b" + +PSA storage save: usage: DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b" + +PSA storage save: usage: DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b" + +PSA storage save: usage: ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b" + +PSA storage save: usage: EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b" + +PSA storage save: usage: SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" + +PSA storage save: usage: SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b" + +PSA storage save: usage: VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b" + +PSA storage save: usage: VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" + +PSA storage save: usage: VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b" + +PSA storage save: usage: COPY | DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b" + +PSA storage save: usage: DECRYPT | DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b" + +PSA storage save: usage: DERIVE | ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b" + +PSA storage save: usage: ENCRYPT | EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b" + +PSA storage save: usage: EXPORT | SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b" + +PSA storage save: usage: SIGN_HASH | SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" + +PSA storage save: usage: SIGN_MESSAGE | VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b" + +PSA storage save: usage: VERIFY_DERIVATION | VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a800000000000000000000010000004b" + +PSA storage save: usage: VERIFY_HASH | VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" + +PSA storage save: usage: VERIFY_MESSAGE | COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b" + +PSA storage save: usage: all known +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003ff00000000000000000000010000004b" + +PSA storage save: type: AES 128-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: AES 192-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" + +PSA storage save: type: AES 256-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: CAMELLIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: CAMELLIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" + +PSA storage save: type: CAMELLIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: CHACHA20 256-bit +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: DERIVE 120-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174" + +PSA storage save: type: DERIVE 128-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: DES 64-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901" + +PSA storage save: type: DES 128-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902" + +PSA storage save: type: DES 192-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +PSA storage save: type: ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +PSA storage save: type: ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +PSA storage save: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +PSA storage save: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +PSA storage save: type: HMAC 128-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: HMAC 160-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265" + +PSA storage save: type: HMAC 224-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +PSA storage save: type: HMAC 256-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: HMAC 384-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: HMAC 512-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: PASSWORD 48-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069" + +PSA storage save: type: PASSWORD 168-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500" + +PSA storage save: type: PASSWORD 336-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" + +PSA storage save: type: PASSWORD_HASH 128-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH +key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: PASSWORD_HASH 256-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH +key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: PEPPER 128-bit +depends_on:PSA_WANT_KEY_TYPE_PEPPER +key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: PEPPER 256-bit +depends_on:PSA_WANT_KEY_TYPE_PEPPER +key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +PSA storage save: type: RAW_DATA 8-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048" + +PSA storage save: type: RAW_DATA 40-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500" + +PSA storage save: type: RAW_DATA 128-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461" + +PSA storage save: type: RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA storage save: type: RSA_KEY_PAIR 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +PSA storage save: type: RSA_PUBLIC_KEY 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA storage save: type: RSA_PUBLIC_KEY 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c" + +PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c" + +PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c" + +PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c" + +PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c" + +PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c" + +PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c" + +PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b" + +PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c" + +PSA storage save: alg: ANY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b" + +PSA storage save: alg2: ANY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c" + +PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b" + +PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c" + +PSA storage save: alg: CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b" + +PSA storage save: alg2: CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c" + +PSA storage save: alg: CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b" + +PSA storage save: alg2: CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c" + +PSA storage save: alg: CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b" + +PSA storage save: alg2: CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c" + +PSA storage save: alg: CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b" + +PSA storage save: alg2: CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c" + +PSA storage save: alg: CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b" + +PSA storage save: alg2: CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c" + +PSA storage save: alg: CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b" + +PSA storage save: alg2: CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c" + +PSA storage save: alg: CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b" + +PSA storage save: alg2: CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c" + +PSA storage save: alg: CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b" + +PSA storage save: alg2: CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c" + +PSA storage save: alg: DETERMINISTIC_DSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_DSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c" + +PSA storage save: alg: DETERMINISTIC_ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b" + +PSA storage save: alg2: DETERMINISTIC_ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c" + +PSA storage save: alg: DSA(MD5) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b" + +PSA storage save: alg2: DSA(MD5) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c" + +PSA storage save: alg: DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b" + +PSA storage save: alg2: DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c" + +PSA storage save: alg: DSA(SHA_1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b" + +PSA storage save: alg2: DSA(SHA_1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c" + +PSA storage save: alg: DSA(SHA_224) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b" + +PSA storage save: alg2: DSA(SHA_224) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c" + +PSA storage save: alg: DSA(SHA_256) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b" + +PSA storage save: alg2: DSA(SHA_256) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c" + +PSA storage save: alg: DSA(SHA_384) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b" + +PSA storage save: alg2: DSA(SHA_384) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c" + +PSA storage save: alg: DSA(SHA_512) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b" + +PSA storage save: alg2: DSA(SHA_512) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c" + +PSA storage save: alg: ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b" + +PSA storage save: alg2: ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c" + +PSA storage save: alg: ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b" + +PSA storage save: alg2: ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c" + +PSA storage save: alg: ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b" + +PSA storage save: alg2: ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c" + +PSA storage save: alg: ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b" + +PSA storage save: alg2: ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c" + +PSA storage save: alg: ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b" + +PSA storage save: alg2: ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c" + +PSA storage save: alg: ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b" + +PSA storage save: alg2: ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c" + +PSA storage save: alg: ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b" + +PSA storage save: alg2: ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c" + +PSA storage save: alg: ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b" + +PSA storage save: alg2: ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c" + +PSA storage save: alg: ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b" + +PSA storage save: alg2: ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c" + +PSA storage save: alg: ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b" + +PSA storage save: alg2: ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c" + +PSA storage save: alg: ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b" + +PSA storage save: alg2: ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c" + +PSA storage save: alg: ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b" + +PSA storage save: alg2: ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c" + +PSA storage save: alg: ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b" + +PSA storage save: alg2: ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c" + +PSA storage save: alg: FFDH +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b" + +PSA storage save: alg2: FFDH +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c" + +PSA storage save: alg: GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b" + +PSA storage save: alg2: GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c" + +PSA storage save: alg: HKDF(MD5) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b" + +PSA storage save: alg2: HKDF(MD5) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c" + +PSA storage save: alg: HKDF(RIPEMD160) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b" + +PSA storage save: alg2: HKDF(RIPEMD160) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c" + +PSA storage save: alg: HKDF(SHA_1) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b" + +PSA storage save: alg2: HKDF(SHA_1) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c" + +PSA storage save: alg: HKDF(SHA_224) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b" + +PSA storage save: alg2: HKDF(SHA_224) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c" + +PSA storage save: alg: HKDF(SHA_256) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b" + +PSA storage save: alg2: HKDF(SHA_256) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c" + +PSA storage save: alg: HKDF(SHA_384) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b" + +PSA storage save: alg2: HKDF(SHA_384) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c" + +PSA storage save: alg: HKDF(SHA_512) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b" + +PSA storage save: alg2: HKDF(SHA_512) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c" + +PSA storage save: alg: HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b" + +PSA storage save: alg2: HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c" + +PSA storage save: alg: HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b" + +PSA storage save: alg2: HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c" + +PSA storage save: alg: HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b" + +PSA storage save: alg2: HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c" + +PSA storage save: alg: HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b" + +PSA storage save: alg2: HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c" + +PSA storage save: alg: HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b" + +PSA storage save: alg2: HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c" + +PSA storage save: alg: HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b" + +PSA storage save: alg2: HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c" + +PSA storage save: alg: HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b" + +PSA storage save: alg2: HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c" + +PSA storage save: alg: JPAKE +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_JPAKE:0x0000:"4b":"505341004b455900000000000100000001100800010000000001000a00000000010000004b" + +PSA storage save: alg2: JPAKE +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_JPAKE:"4c":"505341004b45590000000000010000000110080001000000000000000001000a010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c" + +PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b" + +PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c" + +PSA storage save: alg: MD5 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b" + +PSA storage save: alg2: MD5 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c" + +PSA storage save: alg: OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b" + +PSA storage save: alg2: OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c" + +PSA storage save: alg: PBKDF2_AES_CMAC_PRF_128 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b" + +PSA storage save: alg2: PBKDF2_AES_CMAC_PRF_128 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(SHA_1) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(SHA_1) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(SHA_224) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(SHA_224) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(SHA_256) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(SHA_256) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(SHA_384) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(SHA_384) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a018008010000004c" + +PSA storage save: alg: PBKDF2_HMAC(SHA_512) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01800800000000010000004b" + +PSA storage save: alg2: PBKDF2_HMAC(SHA_512) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b018008010000004c" + +PSA storage save: alg: PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b" + +PSA storage save: alg2: PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c" + +PSA storage save: alg: RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b" + +PSA storage save: alg2: RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c" + +PSA storage save: alg: RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c" + +PSA storage save: alg: RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c" + +PSA storage save: alg: RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c" + +PSA storage save: alg: RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c" + +PSA storage save: alg: RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c" + +PSA storage save: alg: RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c" + +PSA storage save: alg: RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b" + +PSA storage save: alg2: RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c" + +PSA storage save: alg: RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c" + +PSA storage save: alg: RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b" + +PSA storage save: alg2: RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c" + +PSA storage save: alg: RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c" + +PSA storage save: alg: RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c" + +PSA storage save: alg: RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c" + +PSA storage save: alg: RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c" + +PSA storage save: alg: RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c" + +PSA storage save: alg: RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c" + +PSA storage save: alg: RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c" + +PSA storage save: alg: RSA_PSS(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b" + +PSA storage save: alg2: RSA_PSS(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c" + +PSA storage save: alg: SHA3_224 +depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b" + +PSA storage save: alg2: SHA3_224 +depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c" + +PSA storage save: alg: SHA3_256 +depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b" + +PSA storage save: alg2: SHA3_256 +depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c" + +PSA storage save: alg: SHA3_384 +depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b" + +PSA storage save: alg2: SHA3_384 +depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c" + +PSA storage save: alg: SHA3_512 +depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b" + +PSA storage save: alg2: SHA3_512 +depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c" + +PSA storage save: alg: SHAKE256_512 +depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b" + +PSA storage save: alg2: SHAKE256_512 +depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c" + +PSA storage save: alg: SHA_1 +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b" + +PSA storage save: alg2: SHA_1 +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c" + +PSA storage save: alg: SHA_224 +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b" + +PSA storage save: alg2: SHA_224 +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c" + +PSA storage save: alg: SHA_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b" + +PSA storage save: alg2: SHA_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c" + +PSA storage save: alg: SHA_384 +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b" + +PSA storage save: alg2: SHA_384 +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c" + +PSA storage save: alg: SHA_512 +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b" + +PSA storage save: alg2: SHA_512 +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c" + +PSA storage save: alg: SHA_512_224 +depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b" + +PSA storage save: alg2: SHA_512_224 +depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c" + +PSA storage save: alg: SHA_512_256 +depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b" + +PSA storage save: alg2: SHA_512_256 +depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c" + +PSA storage save: alg: STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b" + +PSA storage save: alg2: STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c" + +PSA storage save: alg: TLS12_PRF(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c" + +PSA storage save: alg: TLS12_PRF(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c" + +PSA storage save: alg: TLS12_PRF(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c" + +PSA storage save: alg: TLS12_PRF(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c" + +PSA storage save: alg: TLS12_PRF(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c" + +PSA storage save: alg: TLS12_PRF(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c" + +PSA storage save: alg: TLS12_PRF(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b" + +PSA storage save: alg2: TLS12_PRF(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c" + +PSA storage save: alg: TLS12_PSK_TO_MS(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b" + +PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c" + +PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c" + +PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b" + +PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c" + +PSA storage save: alg: XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b" + +PSA storage save: alg2: XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c" + +# End of automatically generated file. diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data new file mode 100644 index 0000000000..e4b990767b --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_storage_format.v0.data @@ -0,0 +1,2111 @@ +# Automatically generated by generate_psa_tests.py. Do not edit! + +PSA storage read: lifetime: (DEFAULT, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 + +PSA storage read: lifetime: (READ_ONLY, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY + +PSA storage read: lifetime: (2, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0 + +PSA storage read: lifetime: (254, LOCAL_STORAGE) +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0 + +PSA storage read: lifetime: PERSISTENT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 + +PSA storage read: usage with implication: 0 +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 + +PSA storage read: usage without implication: 0 +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 + +PSA storage read: usage with implication: COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 + +PSA storage read: usage without implication: COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 + +PSA storage read: usage with implication: DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 + +PSA storage read: usage without implication: DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 + +PSA storage read: usage with implication: DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 + +PSA storage read: usage without implication: DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 + +PSA storage read: usage with implication: ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 + +PSA storage read: usage without implication: ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 + +PSA storage read: usage with implication: EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 + +PSA storage read: usage without implication: EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 + +PSA storage read: usage with implication: SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 + +PSA storage read: usage without implication: SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0 + +PSA storage read: usage with implication: SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 + +PSA storage read: usage without implication: SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 + +PSA storage read: usage with implication: COPY | DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 + +PSA storage read: usage without implication: COPY | DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 + +PSA storage read: usage with implication: DECRYPT | DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 + +PSA storage read: usage without implication: DECRYPT | DERIVE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 + +PSA storage read: usage with implication: DERIVE | ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 + +PSA storage read: usage without implication: DERIVE | ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 + +PSA storage read: usage with implication: ENCRYPT | EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 + +PSA storage read: usage without implication: ENCRYPT | EXPORT +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 + +PSA storage read: usage with implication: EXPORT | SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0 + +PSA storage read: usage without implication: EXPORT | SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0 + +PSA storage read: usage with implication: SIGN_HASH | SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 + +PSA storage read: usage without implication: SIGN_HASH | SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 + +PSA storage read: usage with implication: SIGN_MESSAGE | VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b":0 + +PSA storage read: usage without implication: SIGN_MESSAGE | VERIFY_DERIVATION +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_DERIVATION | VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a800000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_DERIVATION | VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a000000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_HASH | VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_HASH | VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 + +PSA storage read: usage with implication: VERIFY_MESSAGE | COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 + +PSA storage read: usage without implication: VERIFY_MESSAGE | COPY +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 + +PSA storage read: usage: all known +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003ff00000000000000000000010000004b":0 + +PSA storage read: type: AES 128-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: AES 192-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +PSA storage read: type: AES 256-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: CAMELLIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: CAMELLIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +PSA storage read: type: CAMELLIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: CHACHA20 256-bit +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: DERIVE 120-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE + +PSA storage read: type: DERIVE 128-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: DES 64-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE + +PSA storage read: type: DES 128-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE + +PSA storage read: type: DES 192-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 128-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 160-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 224-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 256-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 384-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: HMAC 512-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: PASSWORD 48-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069":TEST_FLAG_EXERCISE + +PSA storage read: type: PASSWORD 168-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500":TEST_FLAG_EXERCISE + +PSA storage read: type: PASSWORD 336-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD +key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":TEST_FLAG_EXERCISE + +PSA storage read: type: PASSWORD_HASH 128-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH +key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: PASSWORD_HASH 256-bit +depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH +key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: PEPPER 128-bit +depends_on:PSA_WANT_KEY_TYPE_PEPPER +key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: PEPPER 256-bit +depends_on:PSA_WANT_KEY_TYPE_PEPPER +key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: type: RAW_DATA 8-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0 + +PSA storage read: type: RAW_DATA 40-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0 + +PSA storage read: type: RAW_DATA 128-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0 + +PSA storage read: type: RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +PSA storage read: type: RSA_KEY_PAIR 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +PSA storage read: type: RSA_PUBLIC_KEY 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE + +PSA storage read: type: RSA_PUBLIC_KEY 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE + +PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c":0 + +PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c":0 + +PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c":0 + +PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c":0 + +PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c":0 + +PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c":0 + +PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c":0 + +PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b":0 + +PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c":0 + +PSA storage read: alg: ANY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0 + +PSA storage read: alg2: ANY_HASH +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c":0 + +PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b":0 + +PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c":0 + +PSA storage read: alg: CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0 + +PSA storage read: alg2: CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0 + +PSA storage read: alg: CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0 + +PSA storage read: alg2: CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0 + +PSA storage read: alg: CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0 + +PSA storage read: alg2: CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0 + +PSA storage read: alg: CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0 + +PSA storage read: alg2: CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0 + +PSA storage read: alg: CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0 + +PSA storage read: alg2: CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0 + +PSA storage read: alg: CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0 + +PSA storage read: alg2: CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0 + +PSA storage read: alg: CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0 + +PSA storage read: alg2: CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0 + +PSA storage read: alg: CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0 + +PSA storage read: alg2: CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_DSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_DSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c":0 + +PSA storage read: alg: DETERMINISTIC_ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b":0 + +PSA storage read: alg2: DETERMINISTIC_ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c":0 + +PSA storage read: alg: DSA(MD5) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b":0 + +PSA storage read: alg2: DSA(MD5) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c":0 + +PSA storage read: alg: DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b":0 + +PSA storage read: alg2: DSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c":0 + +PSA storage read: alg: DSA(SHA_1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b":0 + +PSA storage read: alg2: DSA(SHA_1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c":0 + +PSA storage read: alg: DSA(SHA_224) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b":0 + +PSA storage read: alg2: DSA(SHA_224) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c":0 + +PSA storage read: alg: DSA(SHA_256) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b":0 + +PSA storage read: alg2: DSA(SHA_256) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c":0 + +PSA storage read: alg: DSA(SHA_384) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b":0 + +PSA storage read: alg2: DSA(SHA_384) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c":0 + +PSA storage read: alg: DSA(SHA_512) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b":0 + +PSA storage read: alg2: DSA(SHA_512) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c":0 + +PSA storage read: alg: ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0 + +PSA storage read: alg2: ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0 + +PSA storage read: alg: ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0 + +PSA storage read: alg2: ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0 + +PSA storage read: alg: ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c":0 + +PSA storage read: alg: ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c":0 + +PSA storage read: alg: ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c":0 + +PSA storage read: alg: ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c":0 + +PSA storage read: alg: ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c":0 + +PSA storage read: alg: ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c":0 + +PSA storage read: alg: ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c":0 + +PSA storage read: alg: ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b":0 + +PSA storage read: alg2: ECDSA(ANY_HASH) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c":0 + +PSA storage read: alg: ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0 + +PSA storage read: alg2: ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0 + +PSA storage read: alg: ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0 + +PSA storage read: alg2: ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0 + +PSA storage read: alg: ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0 + +PSA storage read: alg2: ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0 + +PSA storage read: alg: FFDH +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0 + +PSA storage read: alg2: FFDH +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0 + +PSA storage read: alg: GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0 + +PSA storage read: alg2: GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0 + +PSA storage read: alg: HKDF(MD5) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b":0 + +PSA storage read: alg2: HKDF(MD5) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c":0 + +PSA storage read: alg: HKDF(RIPEMD160) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b":0 + +PSA storage read: alg2: HKDF(RIPEMD160) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c":0 + +PSA storage read: alg: HKDF(SHA_1) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b":0 + +PSA storage read: alg2: HKDF(SHA_1) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c":0 + +PSA storage read: alg: HKDF(SHA_224) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b":0 + +PSA storage read: alg2: HKDF(SHA_224) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c":0 + +PSA storage read: alg: HKDF(SHA_256) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b":0 + +PSA storage read: alg2: HKDF(SHA_256) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c":0 + +PSA storage read: alg: HKDF(SHA_384) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b":0 + +PSA storage read: alg2: HKDF(SHA_384) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c":0 + +PSA storage read: alg: HKDF(SHA_512) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b":0 + +PSA storage read: alg2: HKDF(SHA_512) +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c":0 + +PSA storage read: alg: HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b":0 + +PSA storage read: alg2: HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c":0 + +PSA storage read: alg: HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b":0 + +PSA storage read: alg2: HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c":0 + +PSA storage read: alg: HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b":0 + +PSA storage read: alg2: HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c":0 + +PSA storage read: alg: HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b":0 + +PSA storage read: alg2: HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c":0 + +PSA storage read: alg: HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b":0 + +PSA storage read: alg2: HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c":0 + +PSA storage read: alg: HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b":0 + +PSA storage read: alg2: HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c":0 + +PSA storage read: alg: HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b":0 + +PSA storage read: alg2: HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c":0 + +PSA storage read: alg: JPAKE +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_JPAKE:0x0000:"4b":"505341004b455900000000000100000001100800010000000001000a00000000010000004b":0 + +PSA storage read: alg2: JPAKE +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_JPAKE:"4c":"505341004b45590000000000010000000110080001000000000000000001000a010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c":0 + +PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b":0 + +PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c":0 + +PSA storage read: alg: MD5 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0 + +PSA storage read: alg2: MD5 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0 + +PSA storage read: alg: OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0 + +PSA storage read: alg2: OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0 + +PSA storage read: alg: PBKDF2_AES_CMAC_PRF_128 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_AES_CMAC_PRF_128 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(SHA_1) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(SHA_1) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(SHA_224) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(SHA_224) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(SHA_256) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(SHA_256) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(SHA_384) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(SHA_384) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a018008010000004c":0 + +PSA storage read: alg: PBKDF2_HMAC(SHA_512) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01800800000000010000004b":0 + +PSA storage read: alg2: PBKDF2_HMAC(SHA_512) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b018008010000004c":0 + +PSA storage read: alg: PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0 + +PSA storage read: alg2: PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0 + +PSA storage read: alg: RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0 + +PSA storage read: alg2: RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0 + +PSA storage read: alg: RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c":0 + +PSA storage read: alg: RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b":0 + +PSA storage read: alg2: RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c":0 + +PSA storage read: alg: RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0 + +PSA storage read: alg2: RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0 + +PSA storage read: alg: RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c":0 + +PSA storage read: alg: RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c":0 + +PSA storage read: alg: RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c":0 + +PSA storage read: alg: RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c":0 + +PSA storage read: alg: RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c":0 + +PSA storage read: alg: RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c":0 + +PSA storage read: alg: RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c":0 + +PSA storage read: alg: RSA_PSS(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b":0 + +PSA storage read: alg2: RSA_PSS(ANY_HASH) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c":0 + +PSA storage read: alg: SHA3_224 +depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0 + +PSA storage read: alg2: SHA3_224 +depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0 + +PSA storage read: alg: SHA3_256 +depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0 + +PSA storage read: alg2: SHA3_256 +depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0 + +PSA storage read: alg: SHA3_384 +depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0 + +PSA storage read: alg2: SHA3_384 +depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0 + +PSA storage read: alg: SHA3_512 +depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0 + +PSA storage read: alg2: SHA3_512 +depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0 + +PSA storage read: alg: SHAKE256_512 +depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0 + +PSA storage read: alg2: SHAKE256_512 +depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0 + +PSA storage read: alg: SHA_1 +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0 + +PSA storage read: alg2: SHA_1 +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0 + +PSA storage read: alg: SHA_224 +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0 + +PSA storage read: alg2: SHA_224 +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0 + +PSA storage read: alg: SHA_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0 + +PSA storage read: alg2: SHA_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0 + +PSA storage read: alg: SHA_384 +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0 + +PSA storage read: alg2: SHA_384 +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0 + +PSA storage read: alg: SHA_512 +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0 + +PSA storage read: alg2: SHA_512 +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0 + +PSA storage read: alg: SHA_512_224 +depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0 + +PSA storage read: alg2: SHA_512_224 +depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0 + +PSA storage read: alg: SHA_512_256 +depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0 + +PSA storage read: alg2: SHA_512_256 +depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0 + +PSA storage read: alg: STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0 + +PSA storage read: alg2: STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0 + +PSA storage read: alg: TLS12_PRF(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c":0 + +PSA storage read: alg: TLS12_PRF(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PRF(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_1) +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_224) +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_256) +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_384) +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c":0 + +PSA storage read: alg: TLS12_PSK_TO_MS(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b":0 + +PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_512) +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(CMAC, 1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD5), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c":0 + +PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b":0 + +PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 63) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c":0 + +PSA storage read: alg: XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0 + +PSA storage read: alg2: XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0 + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +PSA storage read: implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: ED448PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUBLIC_KEY 1024-bit +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUBLIC_KEY 1024-bit +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE + +# End of automatically generated file. diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj new file mode 100644 index 0000000000..0be32fc5aa --- /dev/null +++ b/visualc/VS2010/benchmark.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA} + Win32Proj + benchmark + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj new file mode 100644 index 0000000000..3fbcb52a52 --- /dev/null +++ b/visualc/VS2010/cert_app.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D4D691D4-137C-CBFA-735B-D46636D7E4D8} + Win32Proj + cert_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj new file mode 100644 index 0000000000..41fdf31a3b --- /dev/null +++ b/visualc/VS2010/cert_req.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE} + Win32Proj + cert_req + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj new file mode 100644 index 0000000000..f1f93ea371 --- /dev/null +++ b/visualc/VS2010/cert_write.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {35E52E46-3BA9-4361-41D3-53663C2E9B8A} + Win32Proj + cert_write + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj new file mode 100644 index 0000000000..4b8b2168f4 --- /dev/null +++ b/visualc/VS2010/crl_app.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {DB904B85-AD31-B7FB-114F-88760CC485F2} + Win32Proj + crl_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj new file mode 100644 index 0000000000..885935bdff --- /dev/null +++ b/visualc/VS2010/crypt_and_hash.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7} + Win32Proj + crypt_and_hash + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj new file mode 100644 index 0000000000..3899f0ec32 --- /dev/null +++ b/visualc/VS2010/crypto_examples.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {020C31BD-C4DF-BABA-E537-F517C4E98537} + Win32Proj + crypto_examples + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj new file mode 100644 index 0000000000..043ab1afc1 --- /dev/null +++ b/visualc/VS2010/dh_client.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} + Win32Proj + dh_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj new file mode 100644 index 0000000000..f0366cb248 --- /dev/null +++ b/visualc/VS2010/dh_genprime.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {718960D9-5DA6-7B56-39AD-637E81076C71} + Win32Proj + dh_genprime + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj new file mode 100644 index 0000000000..5a986bc57c --- /dev/null +++ b/visualc/VS2010/dh_server.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {8D91B804-E2CE-142D-8E06-FBB037ED1F65} + Win32Proj + dh_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj new file mode 100644 index 0000000000..3fd65456de --- /dev/null +++ b/visualc/VS2010/dtls_client.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5} + Win32Proj + dtls_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj new file mode 100644 index 0000000000..b10ec4df5e --- /dev/null +++ b/visualc/VS2010/dtls_server.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317} + Win32Proj + dtls_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj new file mode 100644 index 0000000000..578e43b626 --- /dev/null +++ b/visualc/VS2010/ecdh_curve25519.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {82EE497E-12CC-7C5B-A072-665678ACB43E} + Win32Proj + ecdh_curve25519 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj new file mode 100644 index 0000000000..f7ad2e9227 --- /dev/null +++ b/visualc/VS2010/ecdsa.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {F58142CC-0CC7-0B18-5A0F-53642CFBA18E} + Win32Proj + ecdsa + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj new file mode 100644 index 0000000000..b7e45f9789 --- /dev/null +++ b/visualc/VS2010/gen_entropy.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {DE695064-13C3-18B0-378D-8B22672BF3F4} + Win32Proj + gen_entropy + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj new file mode 100644 index 0000000000..fa026141cf --- /dev/null +++ b/visualc/VS2010/gen_key.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52} + Win32Proj + gen_key + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj new file mode 100644 index 0000000000..a385841a06 --- /dev/null +++ b/visualc/VS2010/gen_random_ctr_drbg.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E} + Win32Proj + gen_random_ctr_drbg + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj new file mode 100644 index 0000000000..faad77596a --- /dev/null +++ b/visualc/VS2010/generic_sum.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D071CCF7-ACA0-21F8-D382-52A759AEA261} + Win32Proj + generic_sum + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj new file mode 100644 index 0000000000..6a81d914e9 --- /dev/null +++ b/visualc/VS2010/hello.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D} + Win32Proj + hello + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj new file mode 100644 index 0000000000..bba584170a --- /dev/null +++ b/visualc/VS2010/key_app.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {10AE376F-1A70-0297-0216-1FD01AD15D19} + Win32Proj + key_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj new file mode 100644 index 0000000000..0d7013796d --- /dev/null +++ b/visualc/VS2010/key_app_writer.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8} + Win32Proj + key_app_writer + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj new file mode 100644 index 0000000000..8584aee758 --- /dev/null +++ b/visualc/VS2010/key_ladder_demo.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {778777A0-393D-45E8-83C1-EAF487236F1F} + Win32Proj + key_ladder_demo + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj new file mode 100644 index 0000000000..0a72e8d2f8 --- /dev/null +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -0,0 +1,392 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {46CF2D25-6A36-4189-B59C-E4815388E554} + Win32Proj + mbedTLS + + + + StaticLibrary + true + Unicode + + + StaticLibrary + true + Unicode + + + StaticLibrary + false + true + Unicode + + + StaticLibrary + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + +../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + CompileAsC + + + Windows + true + + + + + Level3 + Disabled + _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + +../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + CompileAsC + + + Windows + true + + + + + Level3 + MaxSpeed + true + true + NDEBUG;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + +../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Windows + true + true + true + + + + + Level3 + MaxSpeed + true + true + WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + +../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Windows + true + true + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj new file mode 100644 index 0000000000..e4ee166bf7 --- /dev/null +++ b/visualc/VS2010/mini_client.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {C4FE29EA-266D-5295-4840-976B9B5B3843} + Win32Proj + mini_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj new file mode 100644 index 0000000000..b0fee89c37 --- /dev/null +++ b/visualc/VS2010/mpi_demo.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE} + Win32Proj + mpi_demo + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj new file mode 100644 index 0000000000..84c2e8c0aa --- /dev/null +++ b/visualc/VS2010/pem2der.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D3C6FBD6-D78E-7180-8345-5E09B492DBEC} + Win32Proj + pem2der + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj new file mode 100644 index 0000000000..da3e8d8e09 --- /dev/null +++ b/visualc/VS2010/pk_decrypt.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {1EC6CBA3-6187-D456-D9B7-A35399395D71} + Win32Proj + pk_decrypt + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj new file mode 100644 index 0000000000..829e072344 --- /dev/null +++ b/visualc/VS2010/pk_encrypt.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {55007179-7746-9CFB-97EC-65102FB272C8} + Win32Proj + pk_encrypt + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj new file mode 100644 index 0000000000..d93d11469f --- /dev/null +++ b/visualc/VS2010/pk_sign.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {F2E8CA55-597F-7FDC-6456-D8650FB970A3} + Win32Proj + pk_sign + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj new file mode 100644 index 0000000000..5933b92587 --- /dev/null +++ b/visualc/VS2010/pk_verify.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {C429B336-1B30-119C-3B34-21A186D6744F} + Win32Proj + pk_verify + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj new file mode 100644 index 0000000000..d35dd19a14 --- /dev/null +++ b/visualc/VS2010/psa_constant_names.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117} + Win32Proj + psa_constant_names + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj new file mode 100644 index 0000000000..d0e0a6df6f --- /dev/null +++ b/visualc/VS2010/query_compile_time_config.vcxproj @@ -0,0 +1,168 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D6F58AF2-9D80-562A-E2B0-F743281522B9} + Win32Proj + query_compile_time_config + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj new file mode 100644 index 0000000000..900e415fb1 --- /dev/null +++ b/visualc/VS2010/req_app.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3} + Win32Proj + req_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj new file mode 100644 index 0000000000..188b17efda --- /dev/null +++ b/visualc/VS2010/rsa_decrypt.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9} + Win32Proj + rsa_decrypt + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj new file mode 100644 index 0000000000..a44f676d70 --- /dev/null +++ b/visualc/VS2010/rsa_encrypt.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D06CF12E-F222-9273-41BF-B8A052FA5527} + Win32Proj + rsa_encrypt + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj new file mode 100644 index 0000000000..35b27b7a38 --- /dev/null +++ b/visualc/VS2010/rsa_genkey.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {F472475C-F677-0E7F-F127-45BF5B64F622} + Win32Proj + rsa_genkey + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj new file mode 100644 index 0000000000..90a7ac8cb8 --- /dev/null +++ b/visualc/VS2010/rsa_sign.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {10790F49-6887-AAB6-2D86-BCBD516F8D26} + Win32Proj + rsa_sign + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj new file mode 100644 index 0000000000..5d2ac82081 --- /dev/null +++ b/visualc/VS2010/rsa_sign_pss.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D} + Win32Proj + rsa_sign_pss + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj new file mode 100644 index 0000000000..a413ba8ca7 --- /dev/null +++ b/visualc/VS2010/rsa_verify.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {689E28CF-89ED-BA38-3A14-78A75D891D46} + Win32Proj + rsa_verify + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj new file mode 100644 index 0000000000..369b14514c --- /dev/null +++ b/visualc/VS2010/rsa_verify_pss.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {95C50864-854C-2A11-4C91-BCE654E344FB} + Win32Proj + rsa_verify_pss + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj new file mode 100644 index 0000000000..6feb5936f3 --- /dev/null +++ b/visualc/VS2010/selftest.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {7DBC5F77-3DA1-5F73-8421-E693D95FC66A} + Win32Proj + selftest + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj new file mode 100644 index 0000000000..860334e4a4 --- /dev/null +++ b/visualc/VS2010/ssl_client1.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {487A2F80-3CA3-678D-88D5-82194872CF08} + Win32Proj + ssl_client1 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj new file mode 100644 index 0000000000..9884f23702 --- /dev/null +++ b/visualc/VS2010/ssl_client2.vcxproj @@ -0,0 +1,169 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {4E590E9D-E28F-87FF-385B-D58736388231} + Win32Proj + ssl_client2 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj new file mode 100644 index 0000000000..1c98d34bf7 --- /dev/null +++ b/visualc/VS2010/ssl_context_info.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {017ECC7D-FB6D-46D8-076B-F64172E8E3BC} + Win32Proj + ssl_context_info + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj new file mode 100644 index 0000000000..6d44ef0795 --- /dev/null +++ b/visualc/VS2010/ssl_fork_server.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {918CD402-047D-8467-E11C-E1132053F916} + Win32Proj + ssl_fork_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj new file mode 100644 index 0000000000..e2253c665e --- /dev/null +++ b/visualc/VS2010/ssl_mail_client.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD} + Win32Proj + ssl_mail_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj new file mode 100644 index 0000000000..23ad7ecc87 --- /dev/null +++ b/visualc/VS2010/ssl_server.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {E08E0065-896A-7487-DEA5-D3B80B71F975} + Win32Proj + ssl_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj new file mode 100644 index 0000000000..d8f3e592dc --- /dev/null +++ b/visualc/VS2010/ssl_server2.vcxproj @@ -0,0 +1,169 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {A4DA7463-1047-BDF5-E1B3-5632CB573F41} + Win32Proj + ssl_server2 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj new file mode 100644 index 0000000000..9e70decd97 --- /dev/null +++ b/visualc/VS2010/strerror.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {23EF735C-CC4C-3EC4-A75E-903DB340F04A} + Win32Proj + strerror + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj new file mode 100644 index 0000000000..69678f635d --- /dev/null +++ b/visualc/VS2010/udp_proxy.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A} + Win32Proj + udp_proxy + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj new file mode 100644 index 0000000000..9e0746de9a --- /dev/null +++ b/visualc/VS2010/zeroize.vcxproj @@ -0,0 +1,167 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {10C01E94-4926-063E-9F56-C84ED190D349} + Win32Proj + zeroize + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + Disabled + %(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + MaxSpeed + true + true + NDEBUG;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + From 716b973fb75e74e67f6ae2b1a171617f9d859129 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:10:15 +0200 Subject: [PATCH 0724/1065] Stop on errors Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index df629e9243..56270e7684 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -24,6 +24,8 @@ # [ -v | --verbose ] [ -h | --help ] # +set -e + VERSION="" SOVERSION="" From aa4862a5e63dedbd26a1bcc32f25dc3d70a92d08 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:10:29 +0200 Subject: [PATCH 0725/1065] Bump the version number in CMakeLists.txt Added in d259e347e6e3a630acfc1a811709ca05e5d3b92e (#4259) Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 56270e7684..d139251b60 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -81,6 +81,10 @@ then exit 1 fi +[ $VERBOSE ] && echo "Bumping VERSION in CMakeLists.txt" +sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < CMakeLists.txt > tmp +mv tmp CMakeLists.txt + [ $VERBOSE ] && echo "Bumping VERSION in library/CMakeLists.txt" sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < library/CMakeLists.txt > tmp mv tmp library/CMakeLists.txt From 494678a405c08da3e4dd5f184a622360c590efb2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:11:30 +0200 Subject: [PATCH 0726/1065] The version was moved from version.h to build_info.h Moved in 04982f7b6bacc7ef552dc5afafc3c3adb980813e (#4589) Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index d139251b60..6a4a69d8dd 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -122,10 +122,10 @@ then mv tmp library/Makefile fi -[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/version.h" +[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/build_info.h" read MAJOR MINOR PATCH <<<$(IFS="."; echo $VERSION) VERSION_NR="$( printf "0x%02X%02X%02X00" $MAJOR $MINOR $PATCH )" -cat include/mbedtls/version.h | \ +cat include/mbedtls/build_info.h | \ sed -e "s/_VERSION_MAJOR .\{1,\}/_VERSION_MAJOR $MAJOR/" | \ sed -e "s/_VERSION_MINOR .\{1,\}/_VERSION_MINOR $MINOR/" | \ sed -e "s/_VERSION_PATCH .\{1,\}/_VERSION_PATCH $PATCH/" | \ @@ -133,7 +133,7 @@ cat include/mbedtls/version.h | \ sed -e "s/_VERSION_STRING .\{1,\}/_VERSION_STRING \"$VERSION\"/" | \ sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL \"mbed TLS $VERSION\"/" \ > tmp -mv tmp include/mbedtls/version.h +mv tmp include/mbedtls/build_info.h [ $VERBOSE ] && echo "Bumping version in tests/suites/test_suite_version.data" sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tests/suites/test_suite_version.data > tmp From 1fe01acfc38abde8bd24d83ff5ee54c0530cf6d4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Jul 2021 11:13:29 +0200 Subject: [PATCH 0727/1065] Add option to list the generated files and exit This is useful during the release process, when we want to commit the generated files. Signed-off-by: Gilles Peskine --- tests/scripts/check-generated-files.sh | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index a2c285fad5..0399484d5f 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -23,12 +23,13 @@ set -eu if [ $# -ne 0 ] && [ "$1" = "--help" ]; then cat < Date: Thu, 1 Jul 2021 16:59:13 +0100 Subject: [PATCH 0728/1065] Update changelog to cover #4720 Signed-off-by: Dave Rodgman --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 5074249437..019e8fa38d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -58,7 +58,7 @@ API changes * Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388. * The interface of the GCM module has changed to remove restrictions on how the input to multipart operations is broken down. mbedtls_gcm_finish() - now takes an extra output parameter for the last partial output block. + now takes extra output parameters for the last partial output block. mbedtls_gcm_update() now takes extra parameters for the output length. The software implementation always produces the full output at each call to mbedtls_gcm_update(), but alternative implementations activated From 9bd038907b0a3a563d61b81b1ff945eab1a9961b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 16:59:49 +0100 Subject: [PATCH 0729/1065] Update changelog to cover #4517 Signed-off-by: Dave Rodgman --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index 019e8fa38d..d10bd37453 100644 --- a/ChangeLog +++ b/ChangeLog @@ -152,6 +152,9 @@ API changes longer supported except for fields that are documented public. Use accessor functions instead. For more information, see the migration guide entry "Most structure fields are now private". + * mbedtls_ssl_get_session_pointer() has been removed, and + mbedtls_ssl_{set,get}_session() may now only be called once for any given + SSL context. Default behavior changes * Enable by default the functionalities which have no reason to be disabled. From aa6a9b17257a9e5c7d5d06ad6e1ce680c8f5a451 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 17:00:06 +0100 Subject: [PATCH 0730/1065] Update changelog to cover #4488 Signed-off-by: Dave Rodgman --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index d10bd37453..dc03d48b92 100644 --- a/ChangeLog +++ b/ChangeLog @@ -155,6 +155,9 @@ API changes * mbedtls_ssl_get_session_pointer() has been removed, and mbedtls_ssl_{set,get}_session() may now only be called once for any given SSL context. + * The mode parameter has been removed from the RSA decrypt functions + mbedtls_pk_rsa_alt_decrypt_func(), mbedtls_rsa_pkcs1_decrypt(), + mbedtls_rsa_pkcs1_decrypt(), mbedtls_rsa_rsaes_oaep_decrypt(). Default behavior changes * Enable by default the functionalities which have no reason to be disabled. From 0eb215f4a40ff4c944f8fab9a1776224f87898cb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 17:00:38 +0100 Subject: [PATCH 0731/1065] Update changelog to cover #4246 and #4158 Signed-off-by: Dave Rodgman --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index dc03d48b92..042c2572ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -303,6 +303,10 @@ Features directly, which is no longer supported. * Implement psa_mac_compute() and psa_mac_verify() as defined in the PSA Cryptograpy API 1.0.0 specification. + * Introduce PSA_WANT_ECC_XXX for ECC curves, and PSA_WANT_CCM/GCM/CMAC, + which are used to decide at build time which cryptographic mechanisms to + include in the PSA Cryptography interface. For more information, please see + (https://github.com/ARMmbed/mbedtls/blob/development/docs/proposed/psa-conditional-inclusion-c.md). Security * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) From a84a8eb5458691a861ec15f75bc08c0dcb470e0d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 17:01:04 +0100 Subject: [PATCH 0732/1065] Update changelog to cover #4197 Signed-off-by: Dave Rodgman --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 042c2572ca..8b13268587 100644 --- a/ChangeLog +++ b/ChangeLog @@ -421,6 +421,8 @@ Bugfix applicable RFC: on an invalid Finished message value, an invalid max_fragment_length extension, or an unsupported extension used by the server. + * Correct (change from 12 to 13 bytes) the value of the macro describing the + maximum nonce length returned by psa_aead_generate_nonce(). Changes * Fix the setting of the read timeout in the DTLS sample programs. From 0703f694b882cd1252e5a784c94a3d383a5e4059 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 17:06:26 +0100 Subject: [PATCH 0733/1065] Remove warning of development instability from README Signed-off-by: Dave Rodgman --- README.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README.md b/README.md index a469f8fa2d..b80ee115aa 100644 --- a/README.md +++ b/README.md @@ -5,11 +5,6 @@ Mbed TLS is a C library that implements cryptographic primitives, X.509 certific Mbed TLS includes a reference implementation of the [PSA Cryptography API](#psa-cryptography-api). This is currently a preview for evaluation purposes only. -Stability ---------- - -**Warning: the [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch of Mbed TLS currently has an unstable API.** It is where work is happening on the next major release of Mbed TLS. Until Mbed TLS 3.0 is released, if you need a stable API, please use the branch [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) instead. - Configuration ------------- From 83f6a3b02c0ad0fb32f74614d8a3d9545fc15451 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Jul 2021 17:28:56 +0100 Subject: [PATCH 0734/1065] Remove not-required Changelog entries Signed-off-by: Dave Rodgman --- ChangeLog | 7 ------- 1 file changed, 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8b13268587..536065a9bb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -155,9 +155,6 @@ API changes * mbedtls_ssl_get_session_pointer() has been removed, and mbedtls_ssl_{set,get}_session() may now only be called once for any given SSL context. - * The mode parameter has been removed from the RSA decrypt functions - mbedtls_pk_rsa_alt_decrypt_func(), mbedtls_rsa_pkcs1_decrypt(), - mbedtls_rsa_pkcs1_decrypt(), mbedtls_rsa_rsaes_oaep_decrypt(). Default behavior changes * Enable by default the functionalities which have no reason to be disabled. @@ -303,10 +300,6 @@ Features directly, which is no longer supported. * Implement psa_mac_compute() and psa_mac_verify() as defined in the PSA Cryptograpy API 1.0.0 specification. - * Introduce PSA_WANT_ECC_XXX for ECC curves, and PSA_WANT_CCM/GCM/CMAC, - which are used to decide at build time which cryptographic mechanisms to - include in the PSA Cryptography interface. For more information, please see - (https://github.com/ARMmbed/mbedtls/blob/development/docs/proposed/psa-conditional-inclusion-c.md). Security * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) From 814b099501fd01f44dfdaaa0456056b1c4380422 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 2 Jul 2021 12:11:14 +0100 Subject: [PATCH 0735/1065] Remove obsolete reference to _ret Signed-off-by: Dave Rodgman --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 536065a9bb..43db247288 100644 --- a/ChangeLog +++ b/ChangeLog @@ -50,8 +50,8 @@ API changes returned from the public SSL API. * Remove `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` and return `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead. - * The output parameter of mbedtls_sha512_finish_ret, mbedtls_sha512_ret, - mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type + * The output parameter of mbedtls_sha512_finish, mbedtls_sha512, + mbedtls_sha256_finish and mbedtls_sha256 now has a pointer type rather than array type. This removes spurious warnings in some compilers when outputting a SHA-384 or SHA-224 hash into a buffer of exactly the hash size. From 8e5020deade1ce688fefe7892d963137f69a62b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 2 Jul 2021 12:16:03 +0100 Subject: [PATCH 0736/1065] Remove obsolete reference to _ret in migration guide Signed-off-by: Dave Rodgman --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index a814c929c7..12cff493fb 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -240,7 +240,7 @@ relevant as the countermeasure is now always on at no cost in code size. ### SHA-512 and SHA-256 output type change -The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. +The output parameter of `mbedtls_sha256_finish()`, `mbedtls_sha256()`, `mbedtls_sha512_finish()`, `mbedtls_sha512()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. From 527b82a34c0ed7a6778c500ee695e5963f7fcead Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 2 Jul 2021 15:19:38 +0100 Subject: [PATCH 0737/1065] Bump .so version numbers to stay ahead of 2.x Signed-off-by: Dave Rodgman --- library/CMakeLists.txt | 6 +++--- library/Makefile | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 5faae2b63f..1cd5589cd1 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -188,7 +188,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.0.0 SOVERSION 7) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.0.0 SOVERSION 10) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET everest) @@ -196,11 +196,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.0.0 SOVERSION 2) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.0.0 SOVERSION 4) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.0.0 SOVERSION 14) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.0.0 SOVERSION 16) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/library/Makefile b/library/Makefile index 06bd09a980..0ee6e4f36f 100644 --- a/library/Makefile +++ b/library/Makefile @@ -41,9 +41,9 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS=so.14 -SOEXT_X509=so.2 -SOEXT_CRYPTO=so.7 +SOEXT_TLS=so.16 +SOEXT_X509=so.4 +SOEXT_CRYPTO=so.10 # Set AR_DASH= (empty string) to use an ar implementation that does not accept # the - prefix for command line options (e.g. llvm-ar) From 0509fea3b2b62b063459e6ea1cb5848390c773bb Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Mon, 21 Jun 2021 19:43:33 +0100 Subject: [PATCH 0738/1065] Remove hard exit in ssh-opt.sh, replace with `requires` functions - Replace calls to config.py for MAX_IN_LEN and MAX_OUT_LEN with `get_config_value_or_default` - Remove hard exit when MAX_IN/OUT_LEN < 4096, replace with `requires_config_value_at_least` Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 56 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0729755f0e..355e712bd4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -366,9 +366,10 @@ requires_not_i686() { # Calculate the input & output maximum content lengths set in the config MAX_CONTENT_LEN=16384 -MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") -MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") +MAX_IN_LEN=$(get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN") +MAX_OUT_LEN=$(get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN") +# Calculate the maximum content length that fits both if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then MAX_CONTENT_LEN="$MAX_IN_LEN" fi @@ -2748,18 +2749,8 @@ run_test "Session resume using cache, DTLS: openssl server" \ # Tests for Max Fragment Length extension -if [ "$MAX_IN_LEN" -lt "4096" ]; then - printf '%s defines MBEDTLS_SSL_IN_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" - exit 1 -fi - -if [ "$MAX_OUT_LEN" -lt "4096" ]; then - printf '%s defines MBEDTLS_SSL_OUT_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" - exit 1 -fi - if [ $MAX_CONTENT_LEN -ne 16384 ]; then - echo "Using non-default maximum content length $MAX_CONTENT_LEN" + echo "Using non-default maximum content length $MAX_CONTENT_LEN instead of 16384 " fi requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH @@ -2826,7 +2817,7 @@ run_test "Max fragment length: disabled, larger message" \ -s "1 bytes read" requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length DTLS: disabled, larger message" \ +run_test "Max fragment length, DTLS: disabled, larger message" \ "$P_SRV debug_level=3 dtls=1" \ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 1 \ @@ -2836,6 +2827,9 @@ run_test "Max fragment length DTLS: disabled, larger message" \ -S "Maximum outgoing record payload length is 16384" \ -c "fragment larger than.*maximum " +# Make sure it was compiled with lengths over 4096 +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by client" \ "$P_SRV debug_level=3" \ @@ -2850,6 +2844,8 @@ run_test "Max fragment length: used by client" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2864,6 +2860,8 @@ run_test "Max fragment length: client 512, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2878,6 +2876,8 @@ run_test "Max fragment length: client 512, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2892,6 +2892,8 @@ run_test "Max fragment length: client 512, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2906,6 +2908,8 @@ run_test "Max fragment length: client 1024, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2920,6 +2924,8 @@ run_test "Max fragment length: client 1024, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2934,6 +2940,8 @@ run_test "Max fragment length: client 1024, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2948,6 +2956,8 @@ run_test "Max fragment length: client 2048, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2962,6 +2972,8 @@ run_test "Max fragment length: client 2048, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2976,6 +2988,8 @@ run_test "Max fragment length: client 2048, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2990,6 +3004,8 @@ run_test "Max fragment length: client 4096, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -3004,6 +3020,8 @@ run_test "Max fragment length: client 4096, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -3018,6 +3036,8 @@ run_test "Max fragment length: client 4096, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by server" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -3032,6 +3052,8 @@ run_test "Max fragment length: used by server" \ -S "server hello, max_fragment_length extension" \ -C "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_gnutls run_test "Max fragment length: gnutls server" \ @@ -3043,6 +3065,8 @@ run_test "Max fragment length: gnutls server" \ -c "client hello, adding max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, message just fits" \ "$P_SRV debug_level=3" \ @@ -3059,6 +3083,8 @@ run_test "Max fragment length: client, message just fits" \ -c "2048 bytes written in 1 fragments" \ -s "2048 bytes read" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, larger message" \ "$P_SRV debug_level=3" \ @@ -3076,6 +3102,8 @@ run_test "Max fragment length: client, larger message" \ -s "2048 bytes read" \ -s "297 bytes read" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: DTLS client, larger message" \ "$P_SRV debug_level=3 dtls=1" \ From e43556b6bf96f970c5d69a3a91f701ac60704b33 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Mon, 21 Jun 2021 20:07:12 +0100 Subject: [PATCH 0739/1065] Remove hard exit with MAX_INTERMEDIATE_CA in ssl-opt.sh - Replace last remaining dependency on config.py with query_config - Replace hard exit with `requires_config_value_at_least` and `requires_config_value_at_most` to maintain the same effect Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 355e712bd4..ac10b26f05 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3899,24 +3899,14 @@ run_test "Authentication: client no cert, openssl server required" \ -c "skip write certificate verify" \ -c "! mbedtls_ssl_handshake returned" -# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its -# default value (8) +# config.h contains a value for MBEDTLS_X509_MAX_INTERMEDIATE_CA that is +# different from the script's assumed default value (below). +# Relevant tests are skipped if they do not match. MAX_IM_CA='8' -MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA) - -if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then - cat < Date: Tue, 22 Jun 2021 06:08:11 +0100 Subject: [PATCH 0740/1065] Add MAX_IM_CA requirement to int_max+1 chain as well Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ac10b26f05..f102183b77 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3915,6 +3915,8 @@ run_test "Authentication: server max_int chain, client default" \ 0 \ -C "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3923,6 +3925,8 @@ run_test "Authentication: server max_int+1 chain, client default" \ 1 \ -c "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client optional" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3932,6 +3936,8 @@ run_test "Authentication: server max_int+1 chain, client optional" \ 1 \ -c "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client none" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3941,6 +3947,8 @@ run_test "Authentication: server max_int+1 chain, client none" \ 0 \ -C "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server default" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ @@ -3949,6 +3957,8 @@ run_test "Authentication: client max_int+1 chain, server default" \ 0 \ -S "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server optional" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ @@ -3957,6 +3967,8 @@ run_test "Authentication: client max_int+1 chain, server optional" \ 1 \ -s "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ @@ -4156,6 +4168,8 @@ run_test "Authentication, CA callback: server max_int chain, client default" -c "use CA callback for X.509 CRT verification" \ -C "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: server max_int+1 chain, client default" \ @@ -4166,6 +4180,8 @@ run_test "Authentication, CA callback: server max_int+1 chain, client default -c "use CA callback for X.509 CRT verification" \ -c "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: server max_int+1 chain, client optional" \ @@ -4177,6 +4193,8 @@ run_test "Authentication, CA callback: server max_int+1 chain, client optiona -c "use CA callback for X.509 CRT verification" \ -c "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client max_int+1 chain, server optional" \ @@ -4187,6 +4205,8 @@ run_test "Authentication, CA callback: client max_int+1 chain, server optiona -s "use CA callback for X.509 CRT verification" \ -s "X509 - A fatal error occurred" +requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client max_int+1 chain, server required" \ From 2be6f1ac5b307fc97235cac1738ac22a79516573 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Tue, 22 Jun 2021 07:16:40 +0100 Subject: [PATCH 0741/1065] Add space between command substitution braces and content Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f102183b77..a38c4dd535 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -366,8 +366,8 @@ requires_not_i686() { # Calculate the input & output maximum content lengths set in the config MAX_CONTENT_LEN=16384 -MAX_IN_LEN=$(get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN") -MAX_OUT_LEN=$(get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN") +MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" ) +MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" ) # Calculate the maximum content length that fits both if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then From b0a1c5b0217a07d3542b37d131a2652d66e86175 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Fri, 2 Jul 2021 10:10:49 +0100 Subject: [PATCH 0742/1065] Use `requires_max_content_len`, add check in Renegotiation - Abstract out repetitive checks for IN and OUT content lens - Remove unclear comment and redundant echo - Add content length constraints in Renegotiation with fragment length test Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 66 ++++++++++++++++++------------------------------ 1 file changed, 25 insertions(+), 41 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index a38c4dd535..bc38a39859 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -287,6 +287,12 @@ requires_openssl_with_fallback_scsv() { fi } +# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value +requires_max_content_len() { + requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1 + requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1 +} + # skip next test if GnuTLS isn't available requires_gnutls() { if [ -z "${GNUTLS_AVAILABLE:-}" ]; then @@ -2749,10 +2755,6 @@ run_test "Session resume using cache, DTLS: openssl server" \ # Tests for Max Fragment Length extension -if [ $MAX_CONTENT_LEN -ne 16384 ]; then - echo "Using non-default maximum content length $MAX_CONTENT_LEN instead of 16384 " -fi - requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: enabled, default" \ "$P_SRV debug_level=3" \ @@ -2827,9 +2829,7 @@ run_test "Max fragment length, DTLS: disabled, larger message" \ -S "Maximum outgoing record payload length is 16384" \ -c "fragment larger than.*maximum " -# Make sure it was compiled with lengths over 4096 -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by client" \ "$P_SRV debug_level=3" \ @@ -2844,8 +2844,7 @@ run_test "Max fragment length: used by client" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 +requires_max_content_len 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2860,8 +2859,7 @@ run_test "Max fragment length: client 512, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2876,8 +2874,7 @@ run_test "Max fragment length: client 512, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2892,8 +2889,7 @@ run_test "Max fragment length: client 512, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 +requires_max_content_len 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2908,8 +2904,7 @@ run_test "Max fragment length: client 1024, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2924,8 +2919,7 @@ run_test "Max fragment length: client 1024, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2940,8 +2934,7 @@ run_test "Max fragment length: client 1024, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2956,8 +2949,7 @@ run_test "Max fragment length: client 2048, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2972,8 +2964,7 @@ run_test "Max fragment length: client 2048, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2988,8 +2979,7 @@ run_test "Max fragment length: client 2048, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -3004,8 +2994,7 @@ run_test "Max fragment length: client 4096, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -3020,8 +3009,7 @@ run_test "Max fragment length: client 4096, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -3036,8 +3024,7 @@ run_test "Max fragment length: client 4096, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by server" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -3052,8 +3039,7 @@ run_test "Max fragment length: used by server" \ -S "server hello, max_fragment_length extension" \ -C "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 +requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_gnutls run_test "Max fragment length: gnutls server" \ @@ -3065,8 +3051,7 @@ run_test "Max fragment length: gnutls server" \ -c "client hello, adding max_fragment_length extension" \ -c "found max_fragment_length extension" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, message just fits" \ "$P_SRV debug_level=3" \ @@ -3083,8 +3068,7 @@ run_test "Max fragment length: client, message just fits" \ -c "2048 bytes written in 1 fragments" \ -s "2048 bytes read" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, larger message" \ "$P_SRV debug_level=3" \ @@ -3102,8 +3086,7 @@ run_test "Max fragment length: client, larger message" \ -s "2048 bytes read" \ -s "297 bytes read" -requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 -requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 +requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: DTLS client, larger message" \ "$P_SRV debug_level=3 dtls=1" \ @@ -3215,6 +3198,7 @@ run_test "Renegotiation: double" \ requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "Renegotiation with max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ From 02485820333eca1dd0c1d4e36f9a1552e986a021 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Fri, 2 Jul 2021 13:05:15 +0100 Subject: [PATCH 0743/1065] Reword and add explanatory comments for MAX_IM_CA tests - Reword the comment on config.h to suggest that `MAX_INTERMEDIATE_CA` may not exist in the config. - Add a comment explaining why the tests are more restrictive than necessary. Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index bc38a39859..ee7d869573 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3883,12 +3883,16 @@ run_test "Authentication: client no cert, openssl server required" \ -c "skip write certificate verify" \ -c "! mbedtls_ssl_handshake returned" -# config.h contains a value for MBEDTLS_X509_MAX_INTERMEDIATE_CA that is -# different from the script's assumed default value (below). -# Relevant tests are skipped if they do not match. +# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default +# value, defined here as MAX_IM_CA. Some test cases will be skipped if the +# library is configured with a different value. MAX_IM_CA='8' +# The tests for the max_int tests can pass with any number higher than MAX_IM_CA +# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1 +# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions +# are in place so that the semantics are consistent with the test description. requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer From 6f6574381e0d771828c86e9d8153e8b98f3045cc Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Fri, 2 Jul 2021 13:10:41 +0100 Subject: [PATCH 0744/1065] Move repetitive equality check to `requires_config_value_equals` Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 53 +++++++++++++++++++++++------------------------- 1 file changed, 25 insertions(+), 28 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ee7d869573..8131413e2e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -242,6 +242,17 @@ requires_config_value_at_most() { fi } +requires_config_value_equals() { + VAL=$( get_config_value_or_default "$1" ) + if [ -z "$VAL" ]; then + # Should never happen + echo "Mbed TLS configuration $1 is not defined" + exit 1 + elif [ "$VAL" -ne "$2" ]; then + SKIP_NEXT="YES" + fi +} + # Space-separated list of ciphersuites supported by this build of # Mbed TLS. P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null | @@ -3893,8 +3904,7 @@ MAX_IM_CA='8' # because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1 # tests can pass with any number less than MAX_IM_CA. However, stricter preconditions # are in place so that the semantics are consistent with the test description. -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ @@ -3903,8 +3913,7 @@ run_test "Authentication: server max_int chain, client default" \ 0 \ -C "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3913,8 +3922,7 @@ run_test "Authentication: server max_int+1 chain, client default" \ 1 \ -c "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client optional" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3924,8 +3932,7 @@ run_test "Authentication: server max_int+1 chain, client optional" \ 1 \ -c "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: server max_int+1 chain, client none" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ @@ -3935,8 +3942,7 @@ run_test "Authentication: server max_int+1 chain, client none" \ 0 \ -C "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server default" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ @@ -3945,8 +3951,7 @@ run_test "Authentication: client max_int+1 chain, server default" \ 0 \ -S "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server optional" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ @@ -3955,8 +3960,7 @@ run_test "Authentication: client max_int+1 chain, server optional" \ 1 \ -s "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int+1 chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ @@ -3965,8 +3969,7 @@ run_test "Authentication: client max_int+1 chain, server required" \ 1 \ -s "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer run_test "Authentication: client max_int chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ @@ -4144,8 +4147,7 @@ run_test "Authentication, CA callback: client badcert, server optional" \ -C "! mbedtls_ssl_handshake returned" \ -S "X509 - Certificate verification failed" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: server max_int chain, client default" \ @@ -4156,8 +4158,7 @@ run_test "Authentication, CA callback: server max_int chain, client default" -c "use CA callback for X.509 CRT verification" \ -C "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: server max_int+1 chain, client default" \ @@ -4168,8 +4169,7 @@ run_test "Authentication, CA callback: server max_int+1 chain, client default -c "use CA callback for X.509 CRT verification" \ -c "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: server max_int+1 chain, client optional" \ @@ -4181,8 +4181,7 @@ run_test "Authentication, CA callback: server max_int+1 chain, client optiona -c "use CA callback for X.509 CRT verification" \ -c "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client max_int+1 chain, server optional" \ @@ -4193,8 +4192,7 @@ run_test "Authentication, CA callback: client max_int+1 chain, server optiona -s "use CA callback for X.509 CRT verification" \ -s "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client max_int+1 chain, server required" \ @@ -4205,8 +4203,7 @@ run_test "Authentication, CA callback: client max_int+1 chain, server require -s "use CA callback for X.509 CRT verification" \ -s "X509 - A fatal error occurred" -requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA -requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA +requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client max_int chain, server required" \ From 053b99b90b243f87dbba5a9ce439fc6499f9ed2d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 2 Jul 2021 18:08:10 +0200 Subject: [PATCH 0745/1065] Re-introduction of key slot chekcs Signed-off-by: TRodziewicz --- include/mbedtls/error.h | 1 + include/mbedtls/mbedtls_config.h | 2 +- library/psa_crypto.c | 4 ++++ library/psa_crypto_slot_management.c | 8 ++++++++ scripts/data_files/error.fmt | 1 + tests/include/test/helpers.h | 9 +++++++++ tests/src/helpers.c | 10 ++++++++++ tests/suites/main_test.function | 1 + 8 files changed, 35 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 9a8690dc1a..d2d31a82ab 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -129,6 +129,7 @@ extern "C" { * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +extern void (*mbedtls_test_hook_value)( int test, const char * file, int line ); #endif /** diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a60db7e930..1ab0aded19 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1683,7 +1683,7 @@ * * Uncomment to enable invasive tests. */ -//#define MBEDTLS_TEST_HOOKS +#define MBEDTLS_TEST_HOOKS /** * \def MBEDTLS_THREADING_ALT diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6e73d12c68..c7186af970 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1002,6 +1002,10 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) if( slot->lock_count != 1 ) { +#if defined(MBEDTLS_TEST_HOOKS) + if( *mbedtls_test_hook_value != NULL ) + ( *mbedtls_test_hook_value )( slot->lock_count == 1, __FILE__, __LINE__ ); +#endif status = PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4131e3cc47..256408dfde 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -34,6 +34,7 @@ #include #include +#include "mbedtls/error.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -412,6 +413,13 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } + slot->lock_count = 1; + +#if defined(MBEDTLS_TEST_HOOKS) + if( *mbedtls_test_hook_value != NULL ) + ( *mbedtls_test_hook_value )( slot->lock_count > 0, __FILE__, __LINE__ ); +#endif + return( PSA_ERROR_CORRUPTION_DETECTED ); } diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 3be94bd2c4..c2b4b0877c 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -164,6 +164,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +void (*mbedtls_test_hook_value)( int, const char *, int ); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 27e5599ed1..40fcb03dd9 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -231,4 +231,13 @@ void mbedtls_test_err_add_check( int high, int low, int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ); #endif /* MBEDTLS_BIGNUM_C */ +/** + * \brief Check value in first parameter. + * + * \note If the check fails, fail the test currently being run. + */ +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_test_hook_value_check( int test, const char * file, int line ); +#endif + #endif /* TEST_HELPERS_H */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 4d3d53da50..bf25f21ad5 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -274,3 +274,13 @@ int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ) return( mbedtls_mpi_read_string( X, radix, s ) ); } #endif + +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_test_hook_value_check( int test, const char * file, int line ) +{ + if ( !test ) + { + mbedtls_test_fail( "Wrong value in test", line, file ); + } +} +#endif diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 52b586eaad..9ac5a4a31f 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -239,6 +239,7 @@ int main( int argc, const char *argv[] ) { #if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; + mbedtls_test_hook_value = &mbedtls_test_hook_value_check; #endif int ret = mbedtls_test_platform_setup(); From d9be65277d84dd2ebcd66976d80984f0310a9def Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 5 Jul 2021 15:16:00 +0200 Subject: [PATCH 0746/1065] Corrections to the new functions names and error message wording Signed-off-by: TRodziewicz --- include/mbedtls/error.h | 2 +- include/mbedtls/mbedtls_config.h | 2 +- library/psa_crypto.c | 4 ++-- library/psa_crypto_slot_management.c | 4 ++-- scripts/data_files/error.fmt | 2 +- tests/include/test/helpers.h | 2 +- tests/src/helpers.c | 4 ++-- tests/suites/main_test.function | 6 +++++- 8 files changed, 15 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d2d31a82ab..49a641614f 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -129,7 +129,7 @@ extern "C" { * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -extern void (*mbedtls_test_hook_value)( int test, const char * file, int line ); +extern void (*mbedtls_test_hook_assert_test)( int test, const char * file, int line ); #endif /** diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 1ab0aded19..a60db7e930 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1683,7 +1683,7 @@ * * Uncomment to enable invasive tests. */ -#define MBEDTLS_TEST_HOOKS +//#define MBEDTLS_TEST_HOOKS /** * \def MBEDTLS_THREADING_ALT diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c7186af970..f5a879361d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1003,8 +1003,8 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) if( slot->lock_count != 1 ) { #if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_value != NULL ) - ( *mbedtls_test_hook_value )( slot->lock_count == 1, __FILE__, __LINE__ ); + if( *mbedtls_test_hook_assert_test != NULL ) + ( *mbedtls_test_hook_assert_test )( slot->lock_count == 1, __FILE__, __LINE__ ); #endif status = PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 256408dfde..4a0763f006 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -416,8 +416,8 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) slot->lock_count = 1; #if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_value != NULL ) - ( *mbedtls_test_hook_value )( slot->lock_count > 0, __FILE__, __LINE__ ); + if( *mbedtls_test_hook_assert_test != NULL ) + ( *mbedtls_test_hook_assert_test )( slot->lock_count > 0, __FILE__, __LINE__ ); #endif return( PSA_ERROR_CORRUPTION_DETECTED ); diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index c2b4b0877c..8651a7b39e 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -164,7 +164,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -void (*mbedtls_test_hook_value)( int, const char *, int ); +void (*mbedtls_test_hook_assert_test)( int, const char *, int ); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 40fcb03dd9..8ee6996684 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -237,7 +237,7 @@ int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ); * \note If the check fails, fail the test currently being run. */ #if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_hook_value_check( int test, const char * file, int line ); +void mbedtls_test_assert_test( int test, const char * file, int line ); #endif #endif /* TEST_HELPERS_H */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index bf25f21ad5..e35ed62d60 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -276,11 +276,11 @@ int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ) #endif #if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_hook_value_check( int test, const char * file, int line ) +void mbedtls_test_assert_test( int test, const char * file, int line ) { if ( !test ) { - mbedtls_test_fail( "Wrong value in test", line, file ); + mbedtls_test_fail( "Test hook - test assertion failed.", line, file ); } } #endif diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 9ac5a4a31f..f34c1bd2f5 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -239,9 +239,13 @@ int main( int argc, const char *argv[] ) { #if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; - mbedtls_test_hook_value = &mbedtls_test_hook_value_check; #endif +#if defined(MBEDTLS_TEST_HOOKS) + mbedtls_test_hook_assert_test = &mbedtls_test_assert_test; +#endif + + int ret = mbedtls_test_platform_setup(); if( ret != 0 ) { From 5f58dfc9d94d1615c45fa2d24050cbc6abd7843f Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 5 Jul 2021 15:33:27 +0200 Subject: [PATCH 0747/1065] Addition of the changelog file. Signed-off-by: TRodziewicz --- ChangeLog.d/issue4680.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/issue4680.txt diff --git a/ChangeLog.d/issue4680.txt b/ChangeLog.d/issue4680.txt new file mode 100644 index 0000000000..e37e4142c9 --- /dev/null +++ b/ChangeLog.d/issue4680.txt @@ -0,0 +1,2 @@ +Changes + * Re-introduce extended checks for psa unlock/wipe key slot. Fixes #4680. From 16d802ed25f069872335ebf65a9481844a3f31ce Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 5 Jul 2021 15:40:35 +0100 Subject: [PATCH 0748/1065] Remove obsolete entry from Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 2 -- 1 file changed, 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 43db247288..2dc8c098f0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -421,8 +421,6 @@ Changes * Fix the setting of the read timeout in the DTLS sample programs. * Add extra printf compiler warning flags to builds. * Fix memsan build false positive in x509_crt.c with clang 11 - * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to - be released 2021-xx-xx), including various API-breaking changes. * Alternative implementations of CMAC may now opt to not support 3DES as a CMAC block cipher, and still pass the CMAC self test. * Remove the AES sample application programs/aes/aescrypt2 which shows From 302ed2bf7da50790eaf9c99aab9280f3b77c3c17 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 5 Jul 2021 16:55:27 +0200 Subject: [PATCH 0749/1065] Reverting the TLS 1.3 compatibility Signed-off-by: TRodziewicz --- library/ssl_msg.c | 4 ++-- library/ssl_tls.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 5008ddb97c..1d314c2984 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -643,7 +643,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; @@ -5169,7 +5169,7 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { if( ( ret = mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_WARNING, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5a23894309..259ff564ef 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -948,7 +948,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { /* For HMAC-based ciphersuites, initialize the HMAC transforms. For AEAD-based ciphersuites, there is nothing to do here. */ From 5b13f60aa34128462fe8c60655100da3935c9734 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 5 Jul 2021 18:09:16 +0100 Subject: [PATCH 0750/1065] Fix indentation Signed-off-by: Dave Rodgman --- ChangeLog | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2dc8c098f0..2ec0d8c8ac 100644 --- a/ChangeLog +++ b/ChangeLog @@ -302,15 +302,15 @@ Features PSA Cryptograpy API 1.0.0 specification. Security -* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) - private keys and of blinding values for DHM and elliptic curves (ECP) - computations. Reported by FlorianF89 in #4245. -* Fix a potential side channel vulnerability in ECDSA ephemeral key generation. - An adversary who is capable of very precise timing measurements could - learn partial information about the leading bits of the nonce used for the - signature, allowing the recovery of the private key after observing a - large number of signature operations. This completes a partial fix in - Mbed TLS 2.20.0. + * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM) + private keys and of blinding values for DHM and elliptic curves (ECP) + computations. Reported by FlorianF89 in #4245. + * Fix a potential side channel vulnerability in ECDSA ephemeral key generation. + An adversary who is capable of very precise timing measurements could + learn partial information about the leading bits of the nonce used for the + signature, allowing the recovery of the private key after observing a + large number of signature operations. This completes a partial fix in + Mbed TLS 2.20.0. * An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) could recover an RSA private key after observing the victim From 745e3587bebd56c1e310b04620f2bd18bd6dc97c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 5 Jul 2021 18:53:31 +0100 Subject: [PATCH 0751/1065] Fix Changelog indentation Signed-off-by: Dave Rodgman --- ChangeLog | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2ec0d8c8ac..ebf8a36add 100644 --- a/ChangeLog +++ b/ChangeLog @@ -73,20 +73,20 @@ API changes * Introduce MBEDTLS_SHA224_C. This separates config option enabling the SHA224 algorithm from option enabling SHA256. - * The getter and setter API of the SSL session cache (used for - session-ID based session resumption) has changed to that of - a key-value store with keys being session IDs and values - being opaque instances of `mbedtls_ssl_session`. + * The getter and setter API of the SSL session cache (used for + session-ID based session resumption) has changed to that of + a key-value store with keys being session IDs and values + being opaque instances of `mbedtls_ssl_session`. * Remove the mode parameter from RSA operation functions. Signature and decryption functions now always use the private key and verification and encryption use the public key. Verification functions also no longer have RNG parameters. - * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: - In Mbed TLS 2.X, the API prescribes that later calls overwrite - the effect of earlier calls. In Mbed TLS 3.0, calling - `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, - leaving the PSK that was configured first intact. - Support for more than one PSK may be added in 3.X. + * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: + In Mbed TLS 2.X, the API prescribes that later calls overwrite + the effect of earlier calls. In Mbed TLS 3.0, calling + `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, + leaving the PSK that was configured first intact. + Support for more than one PSK may be added in 3.X. * The function mbedtls_x509write_csr_set_extension() has an extra parameter which allows to mark an extension as critical. Fixes #4055. * For multi-part AEAD operations with the cipher module, calling @@ -109,8 +109,8 @@ API changes key. To use an RSA key with PSS or OAEP, call mbedtls_rsa_set_padding() after initializing the context. mbedtls_rsa_set_padding() now returns an error if its parameters are invalid. - * Replace MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE by a runtime - configuration function mbedtls_ssl_conf_preference_order(). Fixes #4398. + * Replace MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE by a runtime + configuration function mbedtls_ssl_conf_preference_order(). Fixes #4398. * Instead of accessing the len field of a DHM context, which is no longer supported, use the new function mbedtls_dhm_get_len() . * In modules that implement cryptographic hash functions, many functions @@ -250,19 +250,19 @@ Removals * Remove the MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h option. The mbedtls_x509_crt_parse_der_with_ext_cb() is the way to go for migration path. Fixes #4378. - * Remove the MBEDTLS_X509_CHECK_KEY_USAGE and - MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code - behave as if they were always enabled. Fixes #4405. + * Remove the MBEDTLS_X509_CHECK_KEY_USAGE and + MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code + behave as if they were always enabled. Fixes #4405. * MBEDTLS_ECP_MAX_BITS is no longer a configuration option because it is now determined automatically based on supported curves. - * Remove the following functions: mbedtls_timing_self_test(), - mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and - mbedtls_set_alarm(). Fixes #4083. + * Remove the following functions: mbedtls_timing_self_test(), + mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and + mbedtls_set_alarm(). Fixes #4083. * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as it no longer had any effect. - * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the - corresponding modules and all their APIs and related configuration - options. Fixes #4084. + * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the + corresponding modules and all their APIs and related configuration + options. Fixes #4084. * Remove MBEDTLS_SSL_TRUNCATED_HMAC and also remove MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC. From f37bbe53a01a8a41aa0313accddb721d16c1617c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 6 Jul 2021 10:42:54 +0100 Subject: [PATCH 0752/1065] Extend psa_crypto_metadata tests to check for powers of 2 Add a check to ensure the block_size is or is not a power of 2 Add a new parameter to verify the expected pass/fail when a block_size is or is not a power of 2. Add new sets of input data to verify these tests Fixes #4228 Signed-off-by: Joe Subbiani --- .../test_suite_psa_crypto_metadata.data | 18 +++++++++++--- .../test_suite_psa_crypto_metadata.function | 24 +++++++++++++++++-- 2 files changed, 37 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index a3668fcc94..f5f6327200 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -293,15 +293,27 @@ key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED Block cipher key type: AES depends_on:PSA_WANT_KEY_TYPE_AES -block_cipher_key_type:PSA_KEY_TYPE_AES:16 +block_cipher_key_type:PSA_KEY_TYPE_AES:16:0 Block cipher key type: DES depends_on:PSA_WANT_KEY_TYPE_DES -block_cipher_key_type:PSA_KEY_TYPE_DES:8 +block_cipher_key_type:PSA_KEY_TYPE_DES:8:0 Block cipher key type: Camellia depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16 +block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16:0 + +Block cipher key type: AES +depends_on:PSA_WANT_KEY_TYPE_AES +block_cipher_key_type:PSA_KEY_TYPE_AES:24:1 + +Block cipher key type: AES +depends_on:PSA_WANT_KEY_TYPE_AES +block_cipher_key_type:PSA_KEY_TYPE_AES:12:1 + +Block cipher key type: DES +depends_on:PSA_WANT_KEY_TYPE_DES +block_cipher_key_type:PSA_KEY_TYPE_DES:24:1 Stream cipher key type: ChaCha20 depends_on:PSA_WANT_KEY_TYPE_CHACHA20 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 4790be6de1..fbcc83a260 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -619,7 +619,7 @@ void key_type( int type_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void block_cipher_key_type( int type_arg, int block_size_arg ) +void block_cipher_key_type( int type_arg, int block_size_arg, int expecting_power_2 ) { psa_key_type_t type = type_arg; size_t block_size = block_size_arg; @@ -628,7 +628,27 @@ void block_cipher_key_type( int type_arg, int block_size_arg ) TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); + + if (expecting_power_2 == 0) + TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); + + /* PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h + * Requires block sizes to be a power of 2. The following test ensures + * the block sizes are indeed powers of 2. + */ + int check = 0; + + while( block_size > 1) + { + if ( block_size % 2 != 0 ) + { + check = 1; + break; + } + block_size = block_size / 2; + } + /* expecting_power_2 should be 0 if true (e.g 16, 32 etc.) or 1 otherwise */ + TEST_EQUAL( check, expecting_power_2 ); } /* END_CASE */ From 69c10a41c72d00dc1e1b3c7a938a52e13eeafad8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 6 Jul 2021 12:05:23 +0200 Subject: [PATCH 0753/1065] Fix memory leak on failure path in test code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_test_common_source.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index d30c36ea56..7b85c7633f 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -167,7 +167,8 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, if( ret != ret_repeated ) { mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" ); - return( -1 ); + ret = -1; + goto cleanup; } switch( ret ) @@ -178,29 +179,34 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, case MBEDTLS_ERR_SSL_INVALID_RECORD: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" ); + ret = 0; break; case MBEDTLS_ERR_SSL_INVALID_MAC: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" ); + ret = 0; break; case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" ); + ret = 0; break; default: mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret ); - return( -1 ); + ret = -1; + goto cleanup; } /* Regardless of the outcome, forward the record to the stack. */ } +cleanup: mbedtls_free( tmp_buf ); - return( 0 ); + return( ret ); } int recv_cb( void *ctx, unsigned char *buf, size_t len ) From 71ce4ef9814386a12a152bae97669a0e5b3b83ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 6 Jul 2021 12:39:43 +0200 Subject: [PATCH 0754/1065] Fix bug with UDP proxy not forwarding enough MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We previously introduced a safety check ensuring that if a datagram had already been dropped twice, it would no longer be dropped or delayed after that. This missed an edge case: if a datagram is dropped once, it can be delayed any number of times. Since "delay" is not defined in terms of time (x seconds) but in terms of ordering with respect to other messages (will be forwarded after the next message is forwarded), depending on the RNG results this could result in an endless loop where all messages are delayed until the next, which is itself delayed, etc. and no message is ever forwarded. The probability of this happening n times in a row is (1/d)^n, where d is the value passed as delay=d, so for delay=5 and n=5 it's around 0.03% which seems small but we still happened on such an occurrence in real life: tests/ssl-opt.sh --seed 1625061502 -f 'DTLS proxy: 3d, min handshake, resumption$' results (according to debug statements added for the investigation) in the ClientHello of the second handshake being dropped once then delayed 5 times, after which the client stops re-trying and the test fails for no interesting reason. Make sure this doesn't happen again by putting a cap on the number of times we fail to forward a given datagram immediately. Signed-off-by: Manuel Pégourié-Gonnard --- programs/test/udp_proxy.c | 40 ++++++++++++++++++--------------------- 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 307fc74260..6546e8fd0a 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -681,26 +681,21 @@ int send_delayed() } /* - * Avoid dropping or delaying a packet that was already dropped twice: this - * only results in uninteresting timeouts. We can't rely on type to identify - * packets, since during renegotiation they're all encrypted. So, rely on - * size mod 2048 (which is usually just size). - */ -static unsigned char dropped[2048] = { 0 }; -#define DROP_MAX 2 - -/* We only drop packets at the level of entire datagrams, not at the level + * Avoid dropping or delaying a packet that was already dropped or delayed + * ("held") twice: this only results in uninteresting timeouts. We can't rely + * on type to identify packets, since during renegotiation they're all + * encrypted. So, rely on size mod 2048 (which is usually just size). + * + * We only hold packets at the level of entire datagrams, not at the level * of records. In particular, if the peer changes the way it packs multiple * records into a single datagram, we don't necessarily count the number of - * times a record has been dropped correctly. However, the only known reason + * times a record has been held correctly. However, the only known reason * why a peer would change datagram packing is disabling the latter on - * retransmission, in which case we'd drop involved records at most - * DROP_MAX + 1 times. */ -void update_dropped( const packet *p ) -{ - size_t id = p->len % sizeof( dropped ); - ++dropped[id]; -} + * retransmission, in which case we'd hold involved records at most + * HOLD_MAX + 1 times. + */ +static unsigned char held[2048] = { 0 }; +#define HOLD_MAX 2 int handle_message( const char *way, mbedtls_net_context *dst, @@ -727,7 +722,7 @@ int handle_message( const char *way, cur.dst = dst; print_packet( &cur, NULL ); - id = cur.len % sizeof( dropped ); + id = cur.len % sizeof( held ); if( strcmp( way, "S <- C" ) == 0 ) { @@ -769,10 +764,10 @@ int handle_message( const char *way, ! ( opt.protect_hvr && strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && cur.len != (size_t) opt.protect_len && - dropped[id] < DROP_MAX && + held[id] < HOLD_MAX && rand() % opt.drop == 0 ) ) { - update_dropped( &cur ); + ++held[id]; } else if( ( opt.delay_ccs == 1 && strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) || @@ -782,9 +777,10 @@ int handle_message( const char *way, ! ( opt.protect_hvr && strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && cur.len != (size_t) opt.protect_len && - dropped[id] < DROP_MAX && + held[id] < HOLD_MAX && rand() % opt.delay == 0 ) ) { + ++held[id]; delay_packet( &cur ); } else @@ -895,7 +891,7 @@ accept: * 3. Forward packets forever (kill the process to terminate it) */ clear_pending(); - memset( dropped, 0, sizeof( dropped ) ); + memset( held, 0, sizeof( held ) ); nb_fds = client_fd.fd; if( nb_fds < server_fd.fd ) From 345165c1f788317960ab96767098f1a3df531ede Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 6 Jul 2021 13:42:11 +0200 Subject: [PATCH 0755/1065] Reverting deleted macros Signed-off-by: TRodziewicz --- library/ssl_cli.c | 2 +- library/ssl_misc.h | 10 ++++ library/ssl_msg.c | 111 +++++++++++++++++---------------------------- library/ssl_tls.c | 19 ++------ 4 files changed, 57 insertions(+), 85 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 7d04a6ee51..30e64c4843 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1878,7 +1878,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) * even is lower than our min version. */ if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MAJOR_VERSION_3 - 1 || + minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || major_ver > ssl->conf->max_major_ver || minor_ver > ssl->conf->max_minor_ver ) { diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 147530d494..ce95432374 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -65,6 +65,16 @@ #define inline __inline #endif +/* Legacy minor version numbers as defined by: + * - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0 + * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 + * + * We no longer support these versions, but some code still references those + * constants, for keep them for now until we clean up that code. + */ +#define MBEDTLS_SSL_MINOR_VERSION_1 1 +#define MBEDTLS_SSL_MINOR_VERSION_2 2 + /* Determine minimum supported version */ #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 1d314c2984..2359cfe56b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -643,28 +643,19 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) - { - unsigned char mac[MBEDTLS_SSL_MAC_ADD]; + unsigned char mac[MBEDTLS_SSL_MAC_ADD]; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record( add_data, &add_data_len, rec, + transform->minor_ver ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, - add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - mbedtls_md_hmac_reset( &transform->md_ctx_enc ); + mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, + add_data_len ); + mbedtls_md_hmac_update( &transform->md_ctx_enc, data, rec->data_len ); + mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); + mbedtls_md_hmac_reset( &transform->md_ctx_enc ); - memcpy( data + rec->data_len, mac, transform->maclen ); - } - else + memcpy( data + rec->data_len, mac, transform->maclen ); #endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", data + rec->data_len, transform->maclen ); @@ -837,31 +828,26 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Prepend per-record IV for block cipher in TLS v1.2 as per * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) + if( f_rng == NULL ) { - if( f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "No PRNG provided to encrypt_record routine" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - if( rec->data_offset < transform->ivlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - /* - * Generate IV - */ - ret = f_rng( p_rng, transform->iv_enc, transform->ivlen ); - if( ret != 0 ) - return( ret ); - - memcpy( data - transform->ivlen, transform->iv_enc, - transform->ivlen ); - + MBEDTLS_SSL_DEBUG_MSG( 1, ( "No PRNG provided to encrypt_record routine" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } + + if( rec->data_offset < transform->ivlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + /* + * Generate IV + */ + ret = f_rng( p_rng, transform->iv_enc, transform->ivlen ); + if( ret != 0 ) + return( ret ); + + memcpy( data - transform->ivlen, transform->iv_enc, transform->ivlen ); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " @@ -1369,11 +1355,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Check immediate ciphertext sanity */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* The ciphertext is prefixed with the CBC IV. */ - minlen += transform->ivlen; - } + /* The ciphertext is prefixed with the CBC IV. */ + minlen += transform->ivlen; #endif /* Size considerations: @@ -1478,15 +1461,12 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* * Initialize for prepended IV for block cipher in TLS v1.2 */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */ - memcpy( transform->iv_dec, data, transform->ivlen ); + /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */ + memcpy( transform->iv_dec, data, transform->ivlen ); - data += transform->ivlen; - rec->data_offset += transform->ivlen; - rec->data_len -= transform->ivlen; - } + data += transform->ivlen; + rec->data_offset += transform->ivlen; + rec->data_len -= transform->ivlen; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */ @@ -5026,8 +5006,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) /* For TLS 1.2 or higher, an explicit IV is added * after the record header. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) - transform_expansion += block_size; + transform_expansion += block_size; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ break; @@ -5169,21 +5148,13 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); - } + return( ret ); } - else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } } return( 0 ); @@ -5607,7 +5578,7 @@ void mbedtls_ssl_write_version( int major, int minor, int transport, #if defined(MBEDTLS_SSL_PROTO_DTLS) if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - if( minor == MBEDTLS_SSL_MINOR_VERSION_3 - 1 ) + if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ ver[0] = (unsigned char)( 255 - ( major - 2 ) ); @@ -5632,7 +5603,7 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport, *major = 255 - ver[0] + 2; *minor = 255 - ver[1] + 1; - if( *minor == MBEDTLS_SSL_MINOR_VERSION_3 - 2 ) + if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ } else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 259ff564ef..0fe8b96a45 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -948,23 +948,14 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) + /* For HMAC-based ciphersuites, initialize the HMAC transforms. + For AEAD-based ciphersuites, there is nothing to do here. */ + if( mac_key_len != 0 ) { - /* For HMAC-based ciphersuites, initialize the HMAC transforms. - For AEAD-based ciphersuites, there is nothing to do here. */ - if( mac_key_len != 0 ) - { - mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); - mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); - } + mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); + mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); } - else #endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto end; - } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ((void) mac_dec); From fc463187923d27bc1851ceeab01607c97a989fbc Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 6 Jul 2021 14:44:20 +0100 Subject: [PATCH 0756/1065] Change test suite duplicate descriptions tests/scripts/check_test_cases.py located duplicate descriptions for the negative tests checking that the check fails when a block size is not a power of 2 Signed-off-by: Joe Subbiani --- tests/suites/test_suite_psa_crypto_metadata.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index f5f6327200..4e47e0c578 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -303,15 +303,15 @@ Block cipher key type: Camellia depends_on:PSA_WANT_KEY_TYPE_CAMELLIA block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16:0 -Block cipher key type: AES +Block cipher key type: AES non power 2 block_size (24) depends_on:PSA_WANT_KEY_TYPE_AES block_cipher_key_type:PSA_KEY_TYPE_AES:24:1 -Block cipher key type: AES +Block cipher key type: AES non power 2 block_size (12) depends_on:PSA_WANT_KEY_TYPE_AES block_cipher_key_type:PSA_KEY_TYPE_AES:12:1 -Block cipher key type: DES +Block cipher key type: DES non power 2 block_size (24) depends_on:PSA_WANT_KEY_TYPE_DES block_cipher_key_type:PSA_KEY_TYPE_DES:24:1 From 8a3b232f5720876304f391b74ca926278eef9c7e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Jul 2021 20:44:54 +0100 Subject: [PATCH 0757/1065] Revert "Add additional generated files" This reverts commit 2a9c783625fc161839086ca5887ef615fad4cc94. --- ...ite_psa_crypto_storage_format.current.data | 1779 -------------- ...st_suite_psa_crypto_storage_format.v0.data | 2111 ----------------- visualc/VS2010/benchmark.vcxproj | 167 -- visualc/VS2010/cert_app.vcxproj | 167 -- visualc/VS2010/cert_req.vcxproj | 167 -- visualc/VS2010/cert_write.vcxproj | 167 -- visualc/VS2010/crl_app.vcxproj | 167 -- visualc/VS2010/crypt_and_hash.vcxproj | 167 -- visualc/VS2010/crypto_examples.vcxproj | 167 -- visualc/VS2010/dh_client.vcxproj | 167 -- visualc/VS2010/dh_genprime.vcxproj | 167 -- visualc/VS2010/dh_server.vcxproj | 167 -- visualc/VS2010/dtls_client.vcxproj | 167 -- visualc/VS2010/dtls_server.vcxproj | 167 -- visualc/VS2010/ecdh_curve25519.vcxproj | 167 -- visualc/VS2010/ecdsa.vcxproj | 167 -- visualc/VS2010/gen_entropy.vcxproj | 167 -- visualc/VS2010/gen_key.vcxproj | 167 -- visualc/VS2010/gen_random_ctr_drbg.vcxproj | 167 -- visualc/VS2010/generic_sum.vcxproj | 167 -- visualc/VS2010/hello.vcxproj | 167 -- visualc/VS2010/key_app.vcxproj | 167 -- visualc/VS2010/key_app_writer.vcxproj | 167 -- visualc/VS2010/key_ladder_demo.vcxproj | 167 -- visualc/VS2010/mbedTLS.vcxproj | 392 --- visualc/VS2010/mini_client.vcxproj | 167 -- visualc/VS2010/mpi_demo.vcxproj | 167 -- visualc/VS2010/pem2der.vcxproj | 167 -- visualc/VS2010/pk_decrypt.vcxproj | 167 -- visualc/VS2010/pk_encrypt.vcxproj | 167 -- visualc/VS2010/pk_sign.vcxproj | 167 -- visualc/VS2010/pk_verify.vcxproj | 167 -- visualc/VS2010/psa_constant_names.vcxproj | 167 -- .../VS2010/query_compile_time_config.vcxproj | 168 -- visualc/VS2010/req_app.vcxproj | 167 -- visualc/VS2010/rsa_decrypt.vcxproj | 167 -- visualc/VS2010/rsa_encrypt.vcxproj | 167 -- visualc/VS2010/rsa_genkey.vcxproj | 167 -- visualc/VS2010/rsa_sign.vcxproj | 167 -- visualc/VS2010/rsa_sign_pss.vcxproj | 167 -- visualc/VS2010/rsa_verify.vcxproj | 167 -- visualc/VS2010/rsa_verify_pss.vcxproj | 167 -- visualc/VS2010/selftest.vcxproj | 167 -- visualc/VS2010/ssl_client1.vcxproj | 167 -- visualc/VS2010/ssl_client2.vcxproj | 169 -- visualc/VS2010/ssl_context_info.vcxproj | 167 -- visualc/VS2010/ssl_fork_server.vcxproj | 167 -- visualc/VS2010/ssl_mail_client.vcxproj | 167 -- visualc/VS2010/ssl_server.vcxproj | 167 -- visualc/VS2010/ssl_server2.vcxproj | 169 -- visualc/VS2010/strerror.vcxproj | 167 -- visualc/VS2010/udp_proxy.vcxproj | 167 -- visualc/VS2010/zeroize.vcxproj | 167 -- 53 files changed, 12637 deletions(-) delete mode 100644 tests/suites/test_suite_psa_crypto_storage_format.current.data delete mode 100644 tests/suites/test_suite_psa_crypto_storage_format.v0.data delete mode 100644 visualc/VS2010/benchmark.vcxproj delete mode 100644 visualc/VS2010/cert_app.vcxproj delete mode 100644 visualc/VS2010/cert_req.vcxproj delete mode 100644 visualc/VS2010/cert_write.vcxproj delete mode 100644 visualc/VS2010/crl_app.vcxproj delete mode 100644 visualc/VS2010/crypt_and_hash.vcxproj delete mode 100644 visualc/VS2010/crypto_examples.vcxproj delete mode 100644 visualc/VS2010/dh_client.vcxproj delete mode 100644 visualc/VS2010/dh_genprime.vcxproj delete mode 100644 visualc/VS2010/dh_server.vcxproj delete mode 100644 visualc/VS2010/dtls_client.vcxproj delete mode 100644 visualc/VS2010/dtls_server.vcxproj delete mode 100644 visualc/VS2010/ecdh_curve25519.vcxproj delete mode 100644 visualc/VS2010/ecdsa.vcxproj delete mode 100644 visualc/VS2010/gen_entropy.vcxproj delete mode 100644 visualc/VS2010/gen_key.vcxproj delete mode 100644 visualc/VS2010/gen_random_ctr_drbg.vcxproj delete mode 100644 visualc/VS2010/generic_sum.vcxproj delete mode 100644 visualc/VS2010/hello.vcxproj delete mode 100644 visualc/VS2010/key_app.vcxproj delete mode 100644 visualc/VS2010/key_app_writer.vcxproj delete mode 100644 visualc/VS2010/key_ladder_demo.vcxproj delete mode 100644 visualc/VS2010/mbedTLS.vcxproj delete mode 100644 visualc/VS2010/mini_client.vcxproj delete mode 100644 visualc/VS2010/mpi_demo.vcxproj delete mode 100644 visualc/VS2010/pem2der.vcxproj delete mode 100644 visualc/VS2010/pk_decrypt.vcxproj delete mode 100644 visualc/VS2010/pk_encrypt.vcxproj delete mode 100644 visualc/VS2010/pk_sign.vcxproj delete mode 100644 visualc/VS2010/pk_verify.vcxproj delete mode 100644 visualc/VS2010/psa_constant_names.vcxproj delete mode 100644 visualc/VS2010/query_compile_time_config.vcxproj delete mode 100644 visualc/VS2010/req_app.vcxproj delete mode 100644 visualc/VS2010/rsa_decrypt.vcxproj delete mode 100644 visualc/VS2010/rsa_encrypt.vcxproj delete mode 100644 visualc/VS2010/rsa_genkey.vcxproj delete mode 100644 visualc/VS2010/rsa_sign.vcxproj delete mode 100644 visualc/VS2010/rsa_sign_pss.vcxproj delete mode 100644 visualc/VS2010/rsa_verify.vcxproj delete mode 100644 visualc/VS2010/rsa_verify_pss.vcxproj delete mode 100644 visualc/VS2010/selftest.vcxproj delete mode 100644 visualc/VS2010/ssl_client1.vcxproj delete mode 100644 visualc/VS2010/ssl_client2.vcxproj delete mode 100644 visualc/VS2010/ssl_context_info.vcxproj delete mode 100644 visualc/VS2010/ssl_fork_server.vcxproj delete mode 100644 visualc/VS2010/ssl_mail_client.vcxproj delete mode 100644 visualc/VS2010/ssl_server.vcxproj delete mode 100644 visualc/VS2010/ssl_server2.vcxproj delete mode 100644 visualc/VS2010/strerror.vcxproj delete mode 100644 visualc/VS2010/udp_proxy.vcxproj delete mode 100644 visualc/VS2010/zeroize.vcxproj diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data deleted file mode 100644 index 3369c3ed18..0000000000 --- a/tests/suites/test_suite_psa_crypto_storage_format.current.data +++ /dev/null @@ -1,1779 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA storage save: lifetime: (DEFAULT, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" - -PSA storage save: lifetime: (2, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c" - -PSA storage save: lifetime: (254, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c" - -PSA storage save: lifetime: PERSISTENT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" - -PSA storage save: usage: 0 -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b" - -PSA storage save: usage: COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b" - -PSA storage save: usage: DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b" - -PSA storage save: usage: DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b" - -PSA storage save: usage: ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b" - -PSA storage save: usage: EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b" - -PSA storage save: usage: SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" - -PSA storage save: usage: SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b" - -PSA storage save: usage: VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b" - -PSA storage save: usage: VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" - -PSA storage save: usage: VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b" - -PSA storage save: usage: COPY | DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b" - -PSA storage save: usage: DECRYPT | DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b" - -PSA storage save: usage: DERIVE | ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b" - -PSA storage save: usage: ENCRYPT | EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b" - -PSA storage save: usage: EXPORT | SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b" - -PSA storage save: usage: SIGN_HASH | SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" - -PSA storage save: usage: SIGN_MESSAGE | VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b" - -PSA storage save: usage: VERIFY_DERIVATION | VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a800000000000000000000010000004b" - -PSA storage save: usage: VERIFY_HASH | VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" - -PSA storage save: usage: VERIFY_MESSAGE | COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b" - -PSA storage save: usage: all known -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003ff00000000000000000000010000004b" - -PSA storage save: type: AES 128-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: AES 192-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" - -PSA storage save: type: AES 256-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" - -PSA storage save: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174" - -PSA storage save: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901" - -PSA storage save: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902" - -PSA storage save: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -PSA storage save: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265" - -PSA storage save: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" - -PSA storage save: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: PASSWORD 48-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069" - -PSA storage save: type: PASSWORD 168-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500" - -PSA storage save: type: PASSWORD 336-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" - -PSA storage save: type: PASSWORD_HASH 128-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: PASSWORD_HASH 256-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: PEPPER 128-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: PEPPER 256-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048" - -PSA storage save: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500" - -PSA storage save: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA storage save: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" - -PSA storage save: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" - -PSA storage save: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" - -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c" - -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c" - -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c" - -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c" - -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c" - -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c" - -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c" - -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b" - -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c" - -PSA storage save: alg: ANY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b" - -PSA storage save: alg2: ANY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c" - -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b" - -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c" - -PSA storage save: alg: CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b" - -PSA storage save: alg2: CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c" - -PSA storage save: alg: CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b" - -PSA storage save: alg2: CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c" - -PSA storage save: alg: CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b" - -PSA storage save: alg2: CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c" - -PSA storage save: alg: CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b" - -PSA storage save: alg2: CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c" - -PSA storage save: alg: CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b" - -PSA storage save: alg2: CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c" - -PSA storage save: alg: CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b" - -PSA storage save: alg2: CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c" - -PSA storage save: alg: CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b" - -PSA storage save: alg2: CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c" - -PSA storage save: alg: CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b" - -PSA storage save: alg2: CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c" - -PSA storage save: alg: DETERMINISTIC_DSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c" - -PSA storage save: alg: DETERMINISTIC_ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b" - -PSA storage save: alg2: DETERMINISTIC_ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c" - -PSA storage save: alg: DSA(MD5) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b" - -PSA storage save: alg2: DSA(MD5) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c" - -PSA storage save: alg: DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b" - -PSA storage save: alg2: DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c" - -PSA storage save: alg: DSA(SHA_1) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b" - -PSA storage save: alg2: DSA(SHA_1) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c" - -PSA storage save: alg: DSA(SHA_224) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b" - -PSA storage save: alg2: DSA(SHA_224) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c" - -PSA storage save: alg: DSA(SHA_256) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b" - -PSA storage save: alg2: DSA(SHA_256) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c" - -PSA storage save: alg: DSA(SHA_384) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b" - -PSA storage save: alg2: DSA(SHA_384) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c" - -PSA storage save: alg: DSA(SHA_512) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b" - -PSA storage save: alg2: DSA(SHA_512) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c" - -PSA storage save: alg: ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b" - -PSA storage save: alg2: ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c" - -PSA storage save: alg: ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b" - -PSA storage save: alg2: ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c" - -PSA storage save: alg: ECDSA(MD5) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b" - -PSA storage save: alg2: ECDSA(MD5) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c" - -PSA storage save: alg: ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b" - -PSA storage save: alg2: ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c" - -PSA storage save: alg: ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b" - -PSA storage save: alg2: ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c" - -PSA storage save: alg: ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b" - -PSA storage save: alg2: ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c" - -PSA storage save: alg: ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b" - -PSA storage save: alg2: ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c" - -PSA storage save: alg: ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b" - -PSA storage save: alg2: ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c" - -PSA storage save: alg: ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b" - -PSA storage save: alg2: ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c" - -PSA storage save: alg: ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b" - -PSA storage save: alg2: ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c" - -PSA storage save: alg: ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b" - -PSA storage save: alg2: ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c" - -PSA storage save: alg: ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b" - -PSA storage save: alg2: ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c" - -PSA storage save: alg: ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b" - -PSA storage save: alg2: ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c" - -PSA storage save: alg: FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b" - -PSA storage save: alg2: FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c" - -PSA storage save: alg: GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b" - -PSA storage save: alg2: GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c" - -PSA storage save: alg: HKDF(MD5) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b" - -PSA storage save: alg2: HKDF(MD5) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c" - -PSA storage save: alg: HKDF(RIPEMD160) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b" - -PSA storage save: alg2: HKDF(RIPEMD160) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c" - -PSA storage save: alg: HKDF(SHA_1) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b" - -PSA storage save: alg2: HKDF(SHA_1) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c" - -PSA storage save: alg: HKDF(SHA_224) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b" - -PSA storage save: alg2: HKDF(SHA_224) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c" - -PSA storage save: alg: HKDF(SHA_256) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b" - -PSA storage save: alg2: HKDF(SHA_256) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c" - -PSA storage save: alg: HKDF(SHA_384) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b" - -PSA storage save: alg2: HKDF(SHA_384) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c" - -PSA storage save: alg: HKDF(SHA_512) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b" - -PSA storage save: alg2: HKDF(SHA_512) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c" - -PSA storage save: alg: HMAC(MD5) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b" - -PSA storage save: alg2: HMAC(MD5) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c" - -PSA storage save: alg: HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b" - -PSA storage save: alg2: HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c" - -PSA storage save: alg: HMAC(SHA_1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b" - -PSA storage save: alg2: HMAC(SHA_1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c" - -PSA storage save: alg: HMAC(SHA_224) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b" - -PSA storage save: alg2: HMAC(SHA_224) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c" - -PSA storage save: alg: HMAC(SHA_256) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b" - -PSA storage save: alg2: HMAC(SHA_256) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c" - -PSA storage save: alg: HMAC(SHA_384) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b" - -PSA storage save: alg2: HMAC(SHA_384) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c" - -PSA storage save: alg: HMAC(SHA_512) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b" - -PSA storage save: alg2: HMAC(SHA_512) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c" - -PSA storage save: alg: JPAKE -depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_JPAKE:0x0000:"4b":"505341004b455900000000000100000001100800010000000001000a00000000010000004b" - -PSA storage save: alg2: JPAKE -depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_JPAKE:"4c":"505341004b45590000000000010000000110080001000000000000000001000a010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c" - -PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b" - -PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c" - -PSA storage save: alg: MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b" - -PSA storage save: alg2: MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c" - -PSA storage save: alg: OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b" - -PSA storage save: alg2: OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c" - -PSA storage save: alg: PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b" - -PSA storage save: alg2: PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(SHA_1) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(SHA_1) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(SHA_224) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(SHA_224) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(SHA_256) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(SHA_256) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(SHA_384) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(SHA_384) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a018008010000004c" - -PSA storage save: alg: PBKDF2_HMAC(SHA_512) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01800800000000010000004b" - -PSA storage save: alg2: PBKDF2_HMAC(SHA_512) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b018008010000004c" - -PSA storage save: alg: PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b" - -PSA storage save: alg2: PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c" - -PSA storage save: alg: RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b" - -PSA storage save: alg2: RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c" - -PSA storage save: alg: RSA_OAEP(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c" - -PSA storage save: alg: RSA_OAEP(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c" - -PSA storage save: alg: RSA_OAEP(SHA_1) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(SHA_1) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c" - -PSA storage save: alg: RSA_OAEP(SHA_224) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(SHA_224) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c" - -PSA storage save: alg: RSA_OAEP(SHA_256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(SHA_256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c" - -PSA storage save: alg: RSA_OAEP(SHA_384) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(SHA_384) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c" - -PSA storage save: alg: RSA_OAEP(SHA_512) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b" - -PSA storage save: alg2: RSA_OAEP(SHA_512) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c" - -PSA storage save: alg: RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c" - -PSA storage save: alg: RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b" - -PSA storage save: alg2: RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c" - -PSA storage save: alg: RSA_PSS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c" - -PSA storage save: alg: RSA_PSS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c" - -PSA storage save: alg: RSA_PSS(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c" - -PSA storage save: alg: RSA_PSS(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c" - -PSA storage save: alg: RSA_PSS(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c" - -PSA storage save: alg: RSA_PSS(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c" - -PSA storage save: alg: RSA_PSS(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c" - -PSA storage save: alg: RSA_PSS(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b" - -PSA storage save: alg2: RSA_PSS(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c" - -PSA storage save: alg: SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b" - -PSA storage save: alg2: SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c" - -PSA storage save: alg: SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b" - -PSA storage save: alg2: SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c" - -PSA storage save: alg: SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b" - -PSA storage save: alg2: SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c" - -PSA storage save: alg: SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b" - -PSA storage save: alg2: SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c" - -PSA storage save: alg: SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b" - -PSA storage save: alg2: SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c" - -PSA storage save: alg: SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b" - -PSA storage save: alg2: SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c" - -PSA storage save: alg: SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b" - -PSA storage save: alg2: SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c" - -PSA storage save: alg: SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b" - -PSA storage save: alg2: SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c" - -PSA storage save: alg: SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b" - -PSA storage save: alg2: SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c" - -PSA storage save: alg: SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b" - -PSA storage save: alg2: SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c" - -PSA storage save: alg: SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b" - -PSA storage save: alg2: SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c" - -PSA storage save: alg: SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b" - -PSA storage save: alg2: SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c" - -PSA storage save: alg: STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b" - -PSA storage save: alg2: STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c" - -PSA storage save: alg: TLS12_PRF(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c" - -PSA storage save: alg: TLS12_PRF(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c" - -PSA storage save: alg: TLS12_PRF(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c" - -PSA storage save: alg: TLS12_PRF(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c" - -PSA storage save: alg: TLS12_PRF(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c" - -PSA storage save: alg: TLS12_PRF(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c" - -PSA storage save: alg: TLS12_PRF(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b" - -PSA storage save: alg2: TLS12_PRF(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c" - -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b" - -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c" - -PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c" - -PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b" - -PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c" - -PSA storage save: alg: XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b" - -PSA storage save: alg2: XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c" - -# End of automatically generated file. diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data deleted file mode 100644 index e4b990767b..0000000000 --- a/tests/suites/test_suite_psa_crypto_storage_format.v0.data +++ /dev/null @@ -1,2111 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA storage read: lifetime: (DEFAULT, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 - -PSA storage read: lifetime: (READ_ONLY, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY - -PSA storage read: lifetime: (2, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0 - -PSA storage read: lifetime: (254, LOCAL_STORAGE) -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0 - -PSA storage read: lifetime: PERSISTENT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 - -PSA storage read: usage with implication: 0 -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 - -PSA storage read: usage without implication: 0 -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 - -PSA storage read: usage with implication: COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 - -PSA storage read: usage without implication: COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 - -PSA storage read: usage with implication: DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 - -PSA storage read: usage without implication: DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 - -PSA storage read: usage with implication: DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 - -PSA storage read: usage without implication: DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 - -PSA storage read: usage with implication: ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 - -PSA storage read: usage without implication: ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 - -PSA storage read: usage with implication: EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 - -PSA storage read: usage without implication: EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 - -PSA storage read: usage with implication: SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 - -PSA storage read: usage without implication: SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0 - -PSA storage read: usage with implication: SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 - -PSA storage read: usage without implication: SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 - -PSA storage read: usage with implication: COPY | DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 - -PSA storage read: usage without implication: COPY | DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 - -PSA storage read: usage with implication: DECRYPT | DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 - -PSA storage read: usage without implication: DECRYPT | DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 - -PSA storage read: usage with implication: DERIVE | ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 - -PSA storage read: usage without implication: DERIVE | ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 - -PSA storage read: usage with implication: ENCRYPT | EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 - -PSA storage read: usage without implication: ENCRYPT | EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 - -PSA storage read: usage with implication: EXPORT | SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0 - -PSA storage read: usage without implication: EXPORT | SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0 - -PSA storage read: usage with implication: SIGN_HASH | SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 - -PSA storage read: usage without implication: SIGN_HASH | SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 - -PSA storage read: usage with implication: SIGN_MESSAGE | VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b":0 - -PSA storage read: usage without implication: SIGN_MESSAGE | VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008400000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_DERIVATION | VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a800000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_DERIVATION | VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a000000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_HASH | VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_HASH | VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 - -PSA storage read: usage with implication: VERIFY_MESSAGE | COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 - -PSA storage read: usage without implication: VERIFY_MESSAGE | COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 - -PSA storage read: usage: all known -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003ff00000000000000000000010000004b":0 - -PSA storage read: type: AES 128-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: AES 192-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE - -PSA storage read: type: AES 256-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE - -PSA storage read: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE - -PSA storage read: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE - -PSA storage read: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE - -PSA storage read: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE - -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: PASSWORD 48-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069":TEST_FLAG_EXERCISE - -PSA storage read: type: PASSWORD 168-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500":TEST_FLAG_EXERCISE - -PSA storage read: type: PASSWORD 336-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":TEST_FLAG_EXERCISE - -PSA storage read: type: PASSWORD_HASH 128-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: PASSWORD_HASH 256-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: PEPPER 128-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: PEPPER 256-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0 - -PSA storage read: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0 - -PSA storage read: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0 - -PSA storage read: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE - -PSA storage read: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE - -PSA storage read: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE - -PSA storage read: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE - -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c":0 - -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c":0 - -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c":0 - -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c":0 - -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c":0 - -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c":0 - -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c":0 - -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b":0 - -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c":0 - -PSA storage read: alg: ANY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0 - -PSA storage read: alg2: ANY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c":0 - -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b":0 - -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c":0 - -PSA storage read: alg: CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0 - -PSA storage read: alg2: CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0 - -PSA storage read: alg: CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0 - -PSA storage read: alg2: CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0 - -PSA storage read: alg: CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0 - -PSA storage read: alg2: CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0 - -PSA storage read: alg: CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0 - -PSA storage read: alg2: CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0 - -PSA storage read: alg: CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0 - -PSA storage read: alg2: CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0 - -PSA storage read: alg: CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0 - -PSA storage read: alg2: CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0 - -PSA storage read: alg: CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0 - -PSA storage read: alg2: CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0 - -PSA storage read: alg: CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0 - -PSA storage read: alg2: CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_DSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(MD5) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c":0 - -PSA storage read: alg: DETERMINISTIC_ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b":0 - -PSA storage read: alg2: DETERMINISTIC_ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c":0 - -PSA storage read: alg: DSA(MD5) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b":0 - -PSA storage read: alg2: DSA(MD5) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c":0 - -PSA storage read: alg: DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b":0 - -PSA storage read: alg2: DSA(RIPEMD160) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c":0 - -PSA storage read: alg: DSA(SHA_1) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b":0 - -PSA storage read: alg2: DSA(SHA_1) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c":0 - -PSA storage read: alg: DSA(SHA_224) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b":0 - -PSA storage read: alg2: DSA(SHA_224) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c":0 - -PSA storage read: alg: DSA(SHA_256) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b":0 - -PSA storage read: alg2: DSA(SHA_256) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c":0 - -PSA storage read: alg: DSA(SHA_384) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b":0 - -PSA storage read: alg2: DSA(SHA_384) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c":0 - -PSA storage read: alg: DSA(SHA_512) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b":0 - -PSA storage read: alg2: DSA(SHA_512) -depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c":0 - -PSA storage read: alg: ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0 - -PSA storage read: alg2: ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0 - -PSA storage read: alg: ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0 - -PSA storage read: alg2: ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0 - -PSA storage read: alg: ECDSA(MD5) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(MD5) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c":0 - -PSA storage read: alg: ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(RIPEMD160) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c":0 - -PSA storage read: alg: ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(SHA_1) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c":0 - -PSA storage read: alg: ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(SHA_224) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c":0 - -PSA storage read: alg: ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(SHA_256) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c":0 - -PSA storage read: alg: ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(SHA_384) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c":0 - -PSA storage read: alg: ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(SHA_512) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c":0 - -PSA storage read: alg: ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b":0 - -PSA storage read: alg2: ECDSA(ANY_HASH) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c":0 - -PSA storage read: alg: ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0 - -PSA storage read: alg2: ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0 - -PSA storage read: alg: ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0 - -PSA storage read: alg2: ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0 - -PSA storage read: alg: ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0 - -PSA storage read: alg2: ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0 - -PSA storage read: alg: FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0 - -PSA storage read: alg2: FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0 - -PSA storage read: alg: GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0 - -PSA storage read: alg2: GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0 - -PSA storage read: alg: HKDF(MD5) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b":0 - -PSA storage read: alg2: HKDF(MD5) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c":0 - -PSA storage read: alg: HKDF(RIPEMD160) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b":0 - -PSA storage read: alg2: HKDF(RIPEMD160) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c":0 - -PSA storage read: alg: HKDF(SHA_1) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b":0 - -PSA storage read: alg2: HKDF(SHA_1) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c":0 - -PSA storage read: alg: HKDF(SHA_224) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b":0 - -PSA storage read: alg2: HKDF(SHA_224) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c":0 - -PSA storage read: alg: HKDF(SHA_256) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b":0 - -PSA storage read: alg2: HKDF(SHA_256) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c":0 - -PSA storage read: alg: HKDF(SHA_384) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b":0 - -PSA storage read: alg2: HKDF(SHA_384) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c":0 - -PSA storage read: alg: HKDF(SHA_512) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b":0 - -PSA storage read: alg2: HKDF(SHA_512) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c":0 - -PSA storage read: alg: HMAC(MD5) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b":0 - -PSA storage read: alg2: HMAC(MD5) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c":0 - -PSA storage read: alg: HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b":0 - -PSA storage read: alg2: HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c":0 - -PSA storage read: alg: HMAC(SHA_1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b":0 - -PSA storage read: alg2: HMAC(SHA_1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c":0 - -PSA storage read: alg: HMAC(SHA_224) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b":0 - -PSA storage read: alg2: HMAC(SHA_224) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c":0 - -PSA storage read: alg: HMAC(SHA_256) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b":0 - -PSA storage read: alg2: HMAC(SHA_256) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c":0 - -PSA storage read: alg: HMAC(SHA_384) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b":0 - -PSA storage read: alg2: HMAC(SHA_384) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c":0 - -PSA storage read: alg: HMAC(SHA_512) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b":0 - -PSA storage read: alg2: HMAC(SHA_512) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c":0 - -PSA storage read: alg: JPAKE -depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_JPAKE:0x0000:"4b":"505341004b455900000000000100000001100800010000000001000a00000000010000004b":0 - -PSA storage read: alg2: JPAKE -depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_JPAKE:"4c":"505341004b45590000000000010000000110080001000000000000000001000a010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c":0 - -PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b":0 - -PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c":0 - -PSA storage read: alg: MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0 - -PSA storage read: alg2: MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0 - -PSA storage read: alg: OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0 - -PSA storage read: alg2: OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0 - -PSA storage read: alg: PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(RIPEMD160) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(SHA_1) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(SHA_1) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(SHA_224) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(SHA_224) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(SHA_256) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(SHA_256) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(SHA_384) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(SHA_384) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a018008010000004c":0 - -PSA storage read: alg: PBKDF2_HMAC(SHA_512) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01800800000000010000004b":0 - -PSA storage read: alg2: PBKDF2_HMAC(SHA_512) -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b018008010000004c":0 - -PSA storage read: alg: PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0 - -PSA storage read: alg2: PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0 - -PSA storage read: alg: RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0 - -PSA storage read: alg2: RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0 - -PSA storage read: alg: RSA_OAEP(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(SHA_1) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(SHA_1) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(SHA_224) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(SHA_224) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(SHA_256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(SHA_256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(SHA_384) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(SHA_384) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c":0 - -PSA storage read: alg: RSA_OAEP(SHA_512) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b":0 - -PSA storage read: alg2: RSA_OAEP(SHA_512) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c":0 - -PSA storage read: alg: RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0 - -PSA storage read: alg2: RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0 - -PSA storage read: alg: RSA_PSS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c":0 - -PSA storage read: alg: RSA_PSS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c":0 - -PSA storage read: alg: RSA_PSS(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(SHA_1) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c":0 - -PSA storage read: alg: RSA_PSS(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(SHA_224) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c":0 - -PSA storage read: alg: RSA_PSS(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(SHA_256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c":0 - -PSA storage read: alg: RSA_PSS(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(SHA_384) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c":0 - -PSA storage read: alg: RSA_PSS(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(SHA_512) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c":0 - -PSA storage read: alg: RSA_PSS(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b":0 - -PSA storage read: alg2: RSA_PSS(ANY_HASH) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c":0 - -PSA storage read: alg: SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0 - -PSA storage read: alg2: SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0 - -PSA storage read: alg: SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0 - -PSA storage read: alg2: SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0 - -PSA storage read: alg: SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0 - -PSA storage read: alg2: SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0 - -PSA storage read: alg: SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0 - -PSA storage read: alg2: SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0 - -PSA storage read: alg: SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0 - -PSA storage read: alg2: SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0 - -PSA storage read: alg: SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0 - -PSA storage read: alg2: SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0 - -PSA storage read: alg: SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0 - -PSA storage read: alg2: SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0 - -PSA storage read: alg: SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0 - -PSA storage read: alg2: SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0 - -PSA storage read: alg: SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0 - -PSA storage read: alg2: SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0 - -PSA storage read: alg: SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0 - -PSA storage read: alg2: SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0 - -PSA storage read: alg: SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0 - -PSA storage read: alg2: SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0 - -PSA storage read: alg: SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0 - -PSA storage read: alg2: SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0 - -PSA storage read: alg: STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0 - -PSA storage read: alg2: STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0 - -PSA storage read: alg: TLS12_PRF(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c":0 - -PSA storage read: alg: TLS12_PRF(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PRF(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(MD5) -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(RIPEMD160) -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_1) -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_224) -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_256) -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_384) -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c":0 - -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b":0 - -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_512) -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 1) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(CMAC, 1) -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD5), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c":0 - -PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b":0 - -PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 63) -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c":0 - -PSA storage read: alg: XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0 - -PSA storage read: alg2: XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0 - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE - -PSA storage read: implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: ED448PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE - -PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE - -# End of automatically generated file. diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj deleted file mode 100644 index 0be32fc5aa..0000000000 --- a/visualc/VS2010/benchmark.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA} - Win32Proj - benchmark - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj deleted file mode 100644 index 3fbcb52a52..0000000000 --- a/visualc/VS2010/cert_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D4D691D4-137C-CBFA-735B-D46636D7E4D8} - Win32Proj - cert_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj deleted file mode 100644 index 41fdf31a3b..0000000000 --- a/visualc/VS2010/cert_req.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE} - Win32Proj - cert_req - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj deleted file mode 100644 index f1f93ea371..0000000000 --- a/visualc/VS2010/cert_write.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {35E52E46-3BA9-4361-41D3-53663C2E9B8A} - Win32Proj - cert_write - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj deleted file mode 100644 index 4b8b2168f4..0000000000 --- a/visualc/VS2010/crl_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DB904B85-AD31-B7FB-114F-88760CC485F2} - Win32Proj - crl_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj deleted file mode 100644 index 885935bdff..0000000000 --- a/visualc/VS2010/crypt_and_hash.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7} - Win32Proj - crypt_and_hash - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj deleted file mode 100644 index 3899f0ec32..0000000000 --- a/visualc/VS2010/crypto_examples.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {020C31BD-C4DF-BABA-E537-F517C4E98537} - Win32Proj - crypto_examples - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj deleted file mode 100644 index 043ab1afc1..0000000000 --- a/visualc/VS2010/dh_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} - Win32Proj - dh_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj deleted file mode 100644 index f0366cb248..0000000000 --- a/visualc/VS2010/dh_genprime.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {718960D9-5DA6-7B56-39AD-637E81076C71} - Win32Proj - dh_genprime - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj deleted file mode 100644 index 5a986bc57c..0000000000 --- a/visualc/VS2010/dh_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {8D91B804-E2CE-142D-8E06-FBB037ED1F65} - Win32Proj - dh_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj deleted file mode 100644 index 3fd65456de..0000000000 --- a/visualc/VS2010/dtls_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5} - Win32Proj - dtls_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj deleted file mode 100644 index b10ec4df5e..0000000000 --- a/visualc/VS2010/dtls_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317} - Win32Proj - dtls_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj deleted file mode 100644 index 578e43b626..0000000000 --- a/visualc/VS2010/ecdh_curve25519.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {82EE497E-12CC-7C5B-A072-665678ACB43E} - Win32Proj - ecdh_curve25519 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj deleted file mode 100644 index f7ad2e9227..0000000000 --- a/visualc/VS2010/ecdsa.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E} - Win32Proj - ecdsa - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj deleted file mode 100644 index b7e45f9789..0000000000 --- a/visualc/VS2010/gen_entropy.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DE695064-13C3-18B0-378D-8B22672BF3F4} - Win32Proj - gen_entropy - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj deleted file mode 100644 index fa026141cf..0000000000 --- a/visualc/VS2010/gen_key.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52} - Win32Proj - gen_key - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj deleted file mode 100644 index a385841a06..0000000000 --- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E} - Win32Proj - gen_random_ctr_drbg - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj deleted file mode 100644 index faad77596a..0000000000 --- a/visualc/VS2010/generic_sum.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D071CCF7-ACA0-21F8-D382-52A759AEA261} - Win32Proj - generic_sum - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj deleted file mode 100644 index 6a81d914e9..0000000000 --- a/visualc/VS2010/hello.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D} - Win32Proj - hello - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj deleted file mode 100644 index bba584170a..0000000000 --- a/visualc/VS2010/key_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10AE376F-1A70-0297-0216-1FD01AD15D19} - Win32Proj - key_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj deleted file mode 100644 index 0d7013796d..0000000000 --- a/visualc/VS2010/key_app_writer.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8} - Win32Proj - key_app_writer - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj deleted file mode 100644 index 8584aee758..0000000000 --- a/visualc/VS2010/key_ladder_demo.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {778777A0-393D-45E8-83C1-EAF487236F1F} - Win32Proj - key_ladder_demo - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj deleted file mode 100644 index 0a72e8d2f8..0000000000 --- a/visualc/VS2010/mbedTLS.vcxproj +++ /dev/null @@ -1,392 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - {46CF2D25-6A36-4189-B59C-E4815388E554} - Win32Proj - mbedTLS - - - - StaticLibrary - true - Unicode - - - StaticLibrary - true - Unicode - - - StaticLibrary - false - true - Unicode - - - StaticLibrary - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - CompileAsC - - - Windows - true - - - - - Level3 - Disabled - _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - CompileAsC - - - Windows - true - - - - - Level3 - MaxSpeed - true - true - NDEBUG;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Windows - true - true - true - - - - - Level3 - MaxSpeed - true - true - WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Windows - true - true - true - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj deleted file mode 100644 index e4ee166bf7..0000000000 --- a/visualc/VS2010/mini_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C4FE29EA-266D-5295-4840-976B9B5B3843} - Win32Proj - mini_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj deleted file mode 100644 index b0fee89c37..0000000000 --- a/visualc/VS2010/mpi_demo.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE} - Win32Proj - mpi_demo - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj deleted file mode 100644 index 84c2e8c0aa..0000000000 --- a/visualc/VS2010/pem2der.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC} - Win32Proj - pem2der - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj deleted file mode 100644 index da3e8d8e09..0000000000 --- a/visualc/VS2010/pk_decrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {1EC6CBA3-6187-D456-D9B7-A35399395D71} - Win32Proj - pk_decrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj deleted file mode 100644 index 829e072344..0000000000 --- a/visualc/VS2010/pk_encrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {55007179-7746-9CFB-97EC-65102FB272C8} - Win32Proj - pk_encrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj deleted file mode 100644 index d93d11469f..0000000000 --- a/visualc/VS2010/pk_sign.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F2E8CA55-597F-7FDC-6456-D8650FB970A3} - Win32Proj - pk_sign - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj deleted file mode 100644 index 5933b92587..0000000000 --- a/visualc/VS2010/pk_verify.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C429B336-1B30-119C-3B34-21A186D6744F} - Win32Proj - pk_verify - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj deleted file mode 100644 index d35dd19a14..0000000000 --- a/visualc/VS2010/psa_constant_names.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117} - Win32Proj - psa_constant_names - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj deleted file mode 100644 index d0e0a6df6f..0000000000 --- a/visualc/VS2010/query_compile_time_config.vcxproj +++ /dev/null @@ -1,168 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D6F58AF2-9D80-562A-E2B0-F743281522B9} - Win32Proj - query_compile_time_config - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj deleted file mode 100644 index 900e415fb1..0000000000 --- a/visualc/VS2010/req_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3} - Win32Proj - req_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj deleted file mode 100644 index 188b17efda..0000000000 --- a/visualc/VS2010/rsa_decrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9} - Win32Proj - rsa_decrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj deleted file mode 100644 index a44f676d70..0000000000 --- a/visualc/VS2010/rsa_encrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D06CF12E-F222-9273-41BF-B8A052FA5527} - Win32Proj - rsa_encrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj deleted file mode 100644 index 35b27b7a38..0000000000 --- a/visualc/VS2010/rsa_genkey.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F472475C-F677-0E7F-F127-45BF5B64F622} - Win32Proj - rsa_genkey - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj deleted file mode 100644 index 90a7ac8cb8..0000000000 --- a/visualc/VS2010/rsa_sign.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10790F49-6887-AAB6-2D86-BCBD516F8D26} - Win32Proj - rsa_sign - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj deleted file mode 100644 index 5d2ac82081..0000000000 --- a/visualc/VS2010/rsa_sign_pss.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D} - Win32Proj - rsa_sign_pss - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj deleted file mode 100644 index a413ba8ca7..0000000000 --- a/visualc/VS2010/rsa_verify.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {689E28CF-89ED-BA38-3A14-78A75D891D46} - Win32Proj - rsa_verify - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj deleted file mode 100644 index 369b14514c..0000000000 --- a/visualc/VS2010/rsa_verify_pss.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {95C50864-854C-2A11-4C91-BCE654E344FB} - Win32Proj - rsa_verify_pss - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj deleted file mode 100644 index 6feb5936f3..0000000000 --- a/visualc/VS2010/selftest.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A} - Win32Proj - selftest - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj deleted file mode 100644 index 860334e4a4..0000000000 --- a/visualc/VS2010/ssl_client1.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {487A2F80-3CA3-678D-88D5-82194872CF08} - Win32Proj - ssl_client1 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj deleted file mode 100644 index 9884f23702..0000000000 --- a/visualc/VS2010/ssl_client2.vcxproj +++ /dev/null @@ -1,169 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4E590E9D-E28F-87FF-385B-D58736388231} - Win32Proj - ssl_client2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj deleted file mode 100644 index 1c98d34bf7..0000000000 --- a/visualc/VS2010/ssl_context_info.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC} - Win32Proj - ssl_context_info - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj deleted file mode 100644 index 6d44ef0795..0000000000 --- a/visualc/VS2010/ssl_fork_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {918CD402-047D-8467-E11C-E1132053F916} - Win32Proj - ssl_fork_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj deleted file mode 100644 index e2253c665e..0000000000 --- a/visualc/VS2010/ssl_mail_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD} - Win32Proj - ssl_mail_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj deleted file mode 100644 index 23ad7ecc87..0000000000 --- a/visualc/VS2010/ssl_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E08E0065-896A-7487-DEA5-D3B80B71F975} - Win32Proj - ssl_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj deleted file mode 100644 index d8f3e592dc..0000000000 --- a/visualc/VS2010/ssl_server2.vcxproj +++ /dev/null @@ -1,169 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A4DA7463-1047-BDF5-E1B3-5632CB573F41} - Win32Proj - ssl_server2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj deleted file mode 100644 index 9e70decd97..0000000000 --- a/visualc/VS2010/strerror.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {23EF735C-CC4C-3EC4-A75E-903DB340F04A} - Win32Proj - strerror - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj deleted file mode 100644 index 69678f635d..0000000000 --- a/visualc/VS2010/udp_proxy.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A} - Win32Proj - udp_proxy - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj deleted file mode 100644 index 9e0746de9a..0000000000 --- a/visualc/VS2010/zeroize.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10C01E94-4926-063E-9F56-C84ED190D349} - Win32Proj - zeroize - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - From 45419c1ee54704e90aa540e46ff388d547092c5c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Jul 2021 20:44:59 +0100 Subject: [PATCH 0758/1065] Revert "Add auto-generated files" This reverts commit 3e841871327634991a24c4f3245a17d3f3c94d74. --- library/error.c | 821 ------ library/version_features.c | 755 ----- programs/psa/psa_constant_names_generated.c | 446 --- programs/test/query_config.c | 2467 ----------------- ...te_psa_crypto_not_supported.generated.data | 1054 ------- visualc/VS2010/mbedTLS.sln | 676 ----- 6 files changed, 6219 deletions(-) delete mode 100644 library/error.c delete mode 100644 library/version_features.c delete mode 100644 programs/psa/psa_constant_names_generated.c delete mode 100644 programs/test/query_config.c delete mode 100644 tests/suites/test_suite_psa_crypto_not_supported.generated.data delete mode 100644 visualc/VS2010/mbedTLS.sln diff --git a/library/error.c b/library/error.c deleted file mode 100644 index 8e3011ea07..0000000000 --- a/library/error.c +++ /dev/null @@ -1,821 +0,0 @@ -/* - * Error message information - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#include "mbedtls/error.h" - -#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) - -#if defined(MBEDTLS_ERROR_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif - -#include -#include - -#if defined(MBEDTLS_AES_C) -#include "mbedtls/aes.h" -#endif - -#if defined(MBEDTLS_ARIA_C) -#include "mbedtls/aria.h" -#endif - -#if defined(MBEDTLS_ASN1_PARSE_C) -#include "mbedtls/asn1.h" -#endif - -#if defined(MBEDTLS_BASE64_C) -#include "mbedtls/base64.h" -#endif - -#if defined(MBEDTLS_BIGNUM_C) -#include "mbedtls/bignum.h" -#endif - -#if defined(MBEDTLS_CAMELLIA_C) -#include "mbedtls/camellia.h" -#endif - -#if defined(MBEDTLS_CCM_C) -#include "mbedtls/ccm.h" -#endif - -#if defined(MBEDTLS_CHACHA20_C) -#include "mbedtls/chacha20.h" -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) -#include "mbedtls/chachapoly.h" -#endif - -#if defined(MBEDTLS_CIPHER_C) -#include "mbedtls/cipher.h" -#endif - -#if defined(MBEDTLS_CTR_DRBG_C) -#include "mbedtls/ctr_drbg.h" -#endif - -#if defined(MBEDTLS_DES_C) -#include "mbedtls/des.h" -#endif - -#if defined(MBEDTLS_DHM_C) -#include "mbedtls/dhm.h" -#endif - -#if defined(MBEDTLS_ECP_C) -#include "mbedtls/ecp.h" -#endif - -#if defined(MBEDTLS_ENTROPY_C) -#include "mbedtls/entropy.h" -#endif - -#if defined(MBEDTLS_ERROR_C) -#include "mbedtls/error.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#endif - -#if defined(MBEDTLS_GCM_C) -#include "mbedtls/gcm.h" -#endif - -#if defined(MBEDTLS_HKDF_C) -#include "mbedtls/hkdf.h" -#endif - -#if defined(MBEDTLS_HMAC_DRBG_C) -#include "mbedtls/hmac_drbg.h" -#endif - -#if defined(MBEDTLS_MD_C) -#include "mbedtls/md.h" -#endif - -#if defined(MBEDTLS_NET_C) -#include "mbedtls/net_sockets.h" -#endif - -#if defined(MBEDTLS_OID_C) -#include "mbedtls/oid.h" -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_PK_C) -#include "mbedtls/pk.h" -#endif - -#if defined(MBEDTLS_PKCS12_C) -#include "mbedtls/pkcs12.h" -#endif - -#if defined(MBEDTLS_PKCS5_C) -#include "mbedtls/pkcs5.h" -#endif - -#if defined(MBEDTLS_POLY1305_C) -#include "mbedtls/poly1305.h" -#endif - -#if defined(MBEDTLS_RSA_C) -#include "mbedtls/rsa.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) -#include "mbedtls/ssl.h" -#endif - -#if defined(MBEDTLS_THREADING_C) -#include "mbedtls/threading.h" -#endif - -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) -#include "mbedtls/x509.h" -#endif - - -const char * mbedtls_high_level_strerr( int error_code ) -{ - int high_level_error_code; - - if( error_code < 0 ) - error_code = -error_code; - - /* Extract the high-level part from the error code. */ - high_level_error_code = error_code & 0xFF80; - - switch( high_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_CIPHER_C) - case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): - return( "CIPHER - The selected feature is not available" ); - case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): - return( "CIPHER - Bad input parameters" ); - case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED): - return( "CIPHER - Failed to allocate memory" ); - case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING): - return( "CIPHER - Input data contains invalid padding and is rejected" ); - case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED): - return( "CIPHER - Decryption of block requires a full block" ); - case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED): - return( "CIPHER - Authentication failed (for AEAD modes)" ); - case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): - return( "CIPHER - The context is invalid. For example, because it was freed" ); -#endif /* MBEDTLS_CIPHER_C */ - -#if defined(MBEDTLS_DHM_C) - case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA): - return( "DHM - Bad input parameters" ); - case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED): - return( "DHM - Reading of the DHM parameters failed" ); - case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED): - return( "DHM - Making of the DHM parameters failed" ); - case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED): - return( "DHM - Reading of the public values failed" ); - case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED): - return( "DHM - Making of the public value failed" ); - case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED): - return( "DHM - Calculation of the DHM secret failed" ); - case -(MBEDTLS_ERR_DHM_INVALID_FORMAT): - return( "DHM - The ASN.1 data is not formatted correctly" ); - case -(MBEDTLS_ERR_DHM_ALLOC_FAILED): - return( "DHM - Allocation of memory failed" ); - case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR): - return( "DHM - Read or write of file failed" ); - case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED): - return( "DHM - Setting the modulus and generator failed" ); -#endif /* MBEDTLS_DHM_C */ - -#if defined(MBEDTLS_ECP_C) - case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA): - return( "ECP - Bad input parameters to function" ); - case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL): - return( "ECP - The buffer is too small to write to" ); - case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE): - return( "ECP - The requested feature is not available, for example, the requested curve is not supported" ); - case -(MBEDTLS_ERR_ECP_VERIFY_FAILED): - return( "ECP - The signature is not valid" ); - case -(MBEDTLS_ERR_ECP_ALLOC_FAILED): - return( "ECP - Memory allocation failed" ); - case -(MBEDTLS_ERR_ECP_RANDOM_FAILED): - return( "ECP - Generation of random value, such as ephemeral key, failed" ); - case -(MBEDTLS_ERR_ECP_INVALID_KEY): - return( "ECP - Invalid private or public key" ); - case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH): - return( "ECP - The buffer contains a valid signature followed by more data" ); - case -(MBEDTLS_ERR_ECP_IN_PROGRESS): - return( "ECP - Operation in progress, call again with the same parameters to continue" ); -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_MD_C) - case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE): - return( "MD - The selected feature is not available" ); - case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA): - return( "MD - Bad input parameters to function" ); - case -(MBEDTLS_ERR_MD_ALLOC_FAILED): - return( "MD - Failed to allocate memory" ); - case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): - return( "MD - Opening or reading of file failed" ); -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) - case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT): - return( "PEM - No PEM header or footer found" ); - case -(MBEDTLS_ERR_PEM_INVALID_DATA): - return( "PEM - PEM string is not as expected" ); - case -(MBEDTLS_ERR_PEM_ALLOC_FAILED): - return( "PEM - Failed to allocate memory" ); - case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV): - return( "PEM - RSA IV is not in hex-format" ); - case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG): - return( "PEM - Unsupported key encryption algorithm" ); - case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED): - return( "PEM - Private key password can't be empty" ); - case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH): - return( "PEM - Given private key password does not allow for correct decryption" ); - case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE): - return( "PEM - Unavailable feature, e.g. hashing/encryption combination" ); - case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA): - return( "PEM - Bad input parameters to function" ); -#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ - -#if defined(MBEDTLS_PK_C) - case -(MBEDTLS_ERR_PK_ALLOC_FAILED): - return( "PK - Memory allocation failed" ); - case -(MBEDTLS_ERR_PK_TYPE_MISMATCH): - return( "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); - case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA): - return( "PK - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PK_FILE_IO_ERROR): - return( "PK - Read/write of file failed" ); - case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION): - return( "PK - Unsupported key version" ); - case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT): - return( "PK - Invalid key tag or value" ); - case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG): - return( "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); - case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED): - return( "PK - Private key password can't be empty" ); - case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH): - return( "PK - Given private key password does not allow for correct decryption" ); - case -(MBEDTLS_ERR_PK_INVALID_PUBKEY): - return( "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); - case -(MBEDTLS_ERR_PK_INVALID_ALG): - return( "PK - The algorithm tag or value is invalid" ); - case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE): - return( "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); - case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE): - return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); - case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): - return( "PK - The buffer contains a valid signature followed by more data" ); - case -(MBEDTLS_ERR_PK_BUFFER_TOO_SMALL): - return( "PK - The output buffer is too small" ); -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_PKCS12_C) - case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA): - return( "PKCS12 - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE): - return( "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); - case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT): - return( "PKCS12 - PBE ASN.1 data not as expected" ); - case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH): - return( "PKCS12 - Given private key password does not allow for correct decryption" ); -#endif /* MBEDTLS_PKCS12_C */ - -#if defined(MBEDTLS_PKCS5_C) - case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA): - return( "PKCS5 - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT): - return( "PKCS5 - Unexpected ASN.1 data" ); - case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE): - return( "PKCS5 - Requested encryption or digest alg not available" ); - case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH): - return( "PKCS5 - Given private key password does not allow for correct decryption" ); -#endif /* MBEDTLS_PKCS5_C */ - -#if defined(MBEDTLS_RSA_C) - case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA): - return( "RSA - Bad input parameters to function" ); - case -(MBEDTLS_ERR_RSA_INVALID_PADDING): - return( "RSA - Input data contains invalid padding and is rejected" ); - case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED): - return( "RSA - Something failed during generation of a key" ); - case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED): - return( "RSA - Key failed to pass the validity check of the library" ); - case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED): - return( "RSA - The public key operation failed" ); - case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED): - return( "RSA - The private key operation failed" ); - case -(MBEDTLS_ERR_RSA_VERIFY_FAILED): - return( "RSA - The PKCS#1 verification failed" ); - case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE): - return( "RSA - The output buffer for decryption is not large enough" ); - case -(MBEDTLS_ERR_RSA_RNG_FAILED): - return( "RSA - The random generator failed to generate non-zeros" ); -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS): - return( "SSL - A cryptographic operation is in progress. Try again later" ); - case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE): - return( "SSL - The requested feature is not available" ); - case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA): - return( "SSL - Bad input parameters to function" ); - case -(MBEDTLS_ERR_SSL_INVALID_MAC): - return( "SSL - Verification of the message MAC failed" ); - case -(MBEDTLS_ERR_SSL_INVALID_RECORD): - return( "SSL - An invalid SSL record was received" ); - case -(MBEDTLS_ERR_SSL_CONN_EOF): - return( "SSL - The connection indicated an EOF" ); - case -(MBEDTLS_ERR_SSL_DECODE_ERROR): - return( "SSL - A message could not be parsed due to a syntactic error" ); - case -(MBEDTLS_ERR_SSL_NO_RNG): - return( "SSL - No RNG was provided to the SSL module" ); - case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): - return( "SSL - No client certification received from the client, but required by the authentication mode" ); - case -(MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION): - return( "SSL - Client received an extended server hello containing an unsupported extension" ); - case -(MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL): - return( "SSL - No ALPN protocols supported that the client advertises" ); - case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): - return( "SSL - The own private key or pre-shared key is not set, but needed" ); - case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): - return( "SSL - No CA Chain is set, but required to operate" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE): - return( "SSL - An unexpected message was received from our peer" ); - case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): - return( "SSL - A fatal alert message was received from our peer" ); - case -(MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME): - return( "SSL - No server could be identified matching the client's SNI" ); - case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): - return( "SSL - The peer notified us that the connection is going to be closed" ); - case -(MBEDTLS_ERR_SSL_BAD_CERTIFICATE): - return( "SSL - Processing of the Certificate handshake message failed" ); - case -(MBEDTLS_ERR_SSL_ALLOC_FAILED): - return( "SSL - Memory allocation failed" ); - case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED): - return( "SSL - Hardware acceleration function returned with error" ); - case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH): - return( "SSL - Hardware acceleration function skipped / left alone data" ); - case -(MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION): - return( "SSL - Handshake protocol not within min/max boundaries" ); - case -(MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE): - return( "SSL - The handshake negotiation failed" ); - case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED): - return( "SSL - Session ticket has expired" ); - case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH): - return( "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); - case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY): - return( "SSL - Unknown identity received (eg, PSK identity)" ); - case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR): - return( "SSL - Internal error (eg, unexpected failure in lower-level module)" ); - case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING): - return( "SSL - A counter would wrap (eg, too many messages exchanged)" ); - case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO): - return( "SSL - Unexpected message at ServerHello in renegotiation" ); - case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED): - return( "SSL - DTLS client must retry for hello verification" ); - case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL): - return( "SSL - A buffer is too small to receive or write a message" ); - case -(MBEDTLS_ERR_SSL_WANT_READ): - return( "SSL - No data of requested type currently available on underlying transport" ); - case -(MBEDTLS_ERR_SSL_WANT_WRITE): - return( "SSL - Connection requires a write call" ); - case -(MBEDTLS_ERR_SSL_TIMEOUT): - return( "SSL - The operation timed out" ); - case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT): - return( "SSL - The client initiated a reconnect from the same port" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD): - return( "SSL - Record header looks valid but is not expected" ); - case -(MBEDTLS_ERR_SSL_NON_FATAL): - return( "SSL - The alert message received indicates a non-fatal error" ); - case -(MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER): - return( "SSL - A field in a message was incorrect or inconsistent with other fields" ); - case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): - return( "SSL - Internal-only message signaling that further message-processing should be done" ); - case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): - return( "SSL - The asynchronous operation is not completed yet" ); - case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE): - return( "SSL - Internal-only message signaling that a message arrived early" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID): - return( "SSL - An encrypted DTLS-frame with an unexpected CID was received" ); - case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH): - return( "SSL - An operation failed due to an unexpected version or configuration" ); - case -(MBEDTLS_ERR_SSL_BAD_CONFIG): - return( "SSL - Invalid value in SSL config" ); -#endif /* MBEDTLS_SSL_TLS_C */ - -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) - case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE): - return( "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_OID): - return( "X509 - Requested OID is unknown" ); - case -(MBEDTLS_ERR_X509_INVALID_FORMAT): - return( "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); - case -(MBEDTLS_ERR_X509_INVALID_VERSION): - return( "X509 - The CRT/CRL/CSR version element is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_SERIAL): - return( "X509 - The serial tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_ALG): - return( "X509 - The algorithm tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_NAME): - return( "X509 - The name tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_DATE): - return( "X509 - The date tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE): - return( "X509 - The signature tag or value invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS): - return( "X509 - The extension tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION): - return( "X509 - CRT/CRL/CSR has an unsupported version number" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG): - return( "X509 - Signature algorithm (oid) is unsupported" ); - case -(MBEDTLS_ERR_X509_SIG_MISMATCH): - return( "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); - case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED): - return( "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); - case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT): - return( "X509 - Format not recognized as DER or PEM" ); - case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA): - return( "X509 - Input invalid" ); - case -(MBEDTLS_ERR_X509_ALLOC_FAILED): - return( "X509 - Allocation of memory failed" ); - case -(MBEDTLS_ERR_X509_FILE_IO_ERROR): - return( "X509 - Read/write of file failed" ); - case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL): - return( "X509 - Destination buffer is too small" ); - case -(MBEDTLS_ERR_X509_FATAL_ERROR): - return( "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); -#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ - /* End Auto-Generated Code. */ - - default: - break; - } - - return( NULL ); -} - -const char * mbedtls_low_level_strerr( int error_code ) -{ - int low_level_error_code; - - if( error_code < 0 ) - error_code = -error_code; - - /* Extract the low-level part from the error code. */ - low_level_error_code = error_code & ~0xFF80; - - switch( low_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_AES_C) - case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): - return( "AES - Invalid key length" ); - case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): - return( "AES - Invalid data input length" ); - case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA): - return( "AES - Invalid input data" ); -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_ARIA_C) - case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA): - return( "ARIA - Bad input data" ); - case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH): - return( "ARIA - Invalid data input length" ); -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_ASN1_PARSE_C) - case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA): - return( "ASN1 - Out of data when parsing an ASN1 data structure" ); - case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG): - return( "ASN1 - ASN1 tag was of an unexpected value" ); - case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH): - return( "ASN1 - Error when trying to determine the length or invalid length" ); - case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH): - return( "ASN1 - Actual length differs from expected length" ); - case -(MBEDTLS_ERR_ASN1_INVALID_DATA): - return( "ASN1 - Data is invalid" ); - case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED): - return( "ASN1 - Memory allocation failed" ); - case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL): - return( "ASN1 - Buffer too small when writing ASN.1 data structure" ); -#endif /* MBEDTLS_ASN1_PARSE_C */ - -#if defined(MBEDTLS_BASE64_C) - case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL): - return( "BASE64 - Output buffer too small" ); - case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER): - return( "BASE64 - Invalid character in input" ); -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_BIGNUM_C) - case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR): - return( "BIGNUM - An error occurred while reading from or writing to a file" ); - case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA): - return( "BIGNUM - Bad input parameters to function" ); - case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER): - return( "BIGNUM - There is an invalid character in the digit string" ); - case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL): - return( "BIGNUM - The buffer is too small to write to" ); - case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE): - return( "BIGNUM - The input arguments are negative or result in illegal output" ); - case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO): - return( "BIGNUM - The input argument for division is zero, which is not allowed" ); - case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE): - return( "BIGNUM - The input arguments are not acceptable" ); - case -(MBEDTLS_ERR_MPI_ALLOC_FAILED): - return( "BIGNUM - Memory allocation failed" ); -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA): - return( "CAMELLIA - Bad input data" ); - case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH): - return( "CAMELLIA - Invalid data input length" ); -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_CCM_C) - case -(MBEDTLS_ERR_CCM_BAD_INPUT): - return( "CCM - Bad input parameters to the function" ); - case -(MBEDTLS_ERR_CCM_AUTH_FAILED): - return( "CCM - Authenticated decryption failed" ); -#endif /* MBEDTLS_CCM_C */ - -#if defined(MBEDTLS_CHACHA20_C) - case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA): - return( "CHACHA20 - Invalid input parameter(s)" ); -#endif /* MBEDTLS_CHACHA20_C */ - -#if defined(MBEDTLS_CHACHAPOLY_C) - case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE): - return( "CHACHAPOLY - The requested operation is not permitted in the current state" ); - case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED): - return( "CHACHAPOLY - Authenticated decryption failed: data was not authentic" ); -#endif /* MBEDTLS_CHACHAPOLY_C */ - -#if defined(MBEDTLS_CTR_DRBG_C) - case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED): - return( "CTR_DRBG - The entropy source failed" ); - case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG): - return( "CTR_DRBG - The requested random buffer length is too big" ); - case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG): - return( "CTR_DRBG - The input (entropy + additional data) is too large" ); - case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR): - return( "CTR_DRBG - Read or write error in file" ); -#endif /* MBEDTLS_CTR_DRBG_C */ - -#if defined(MBEDTLS_DES_C) - case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH): - return( "DES - The data input has an invalid length" ); -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ENTROPY_C) - case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED): - return( "ENTROPY - Critical entropy source failure" ); - case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES): - return( "ENTROPY - No more sources can be added" ); - case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED): - return( "ENTROPY - No sources have been added to poll" ); - case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE): - return( "ENTROPY - No strong sources have been added to poll" ); - case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR): - return( "ENTROPY - Read/write error in file" ); -#endif /* MBEDTLS_ENTROPY_C */ - -#if defined(MBEDTLS_ERROR_C) - case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR): - return( "ERROR - Generic error" ); - case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED): - return( "ERROR - This is a bug in the library" ); -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_PLATFORM_C) - case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): - return( "PLATFORM - Hardware accelerator failed" ); - case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): - return( "PLATFORM - The requested feature is not supported by the platform" ); -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_GCM_C) - case -(MBEDTLS_ERR_GCM_AUTH_FAILED): - return( "GCM - Authenticated decryption failed" ); - case -(MBEDTLS_ERR_GCM_BAD_INPUT): - return( "GCM - Bad input parameters to function" ); -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_HKDF_C) - case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA): - return( "HKDF - Bad input parameters to function" ); -#endif /* MBEDTLS_HKDF_C */ - -#if defined(MBEDTLS_HMAC_DRBG_C) - case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG): - return( "HMAC_DRBG - Too many random requested in single call" ); - case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG): - return( "HMAC_DRBG - Input too large (Entropy + additional)" ); - case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR): - return( "HMAC_DRBG - Read/write error in file" ); - case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED): - return( "HMAC_DRBG - The entropy source failed" ); -#endif /* MBEDTLS_HMAC_DRBG_C */ - -#if defined(MBEDTLS_NET_C) - case -(MBEDTLS_ERR_NET_SOCKET_FAILED): - return( "NET - Failed to open a socket" ); - case -(MBEDTLS_ERR_NET_CONNECT_FAILED): - return( "NET - The connection to the given server / port failed" ); - case -(MBEDTLS_ERR_NET_BIND_FAILED): - return( "NET - Binding of the socket failed" ); - case -(MBEDTLS_ERR_NET_LISTEN_FAILED): - return( "NET - Could not listen on the socket" ); - case -(MBEDTLS_ERR_NET_ACCEPT_FAILED): - return( "NET - Could not accept the incoming connection" ); - case -(MBEDTLS_ERR_NET_RECV_FAILED): - return( "NET - Reading information from the socket failed" ); - case -(MBEDTLS_ERR_NET_SEND_FAILED): - return( "NET - Sending information through the socket failed" ); - case -(MBEDTLS_ERR_NET_CONN_RESET): - return( "NET - Connection was reset by peer" ); - case -(MBEDTLS_ERR_NET_UNKNOWN_HOST): - return( "NET - Failed to get an IP address for the given hostname" ); - case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL): - return( "NET - Buffer is too small to hold the data" ); - case -(MBEDTLS_ERR_NET_INVALID_CONTEXT): - return( "NET - The context is invalid, eg because it was free()ed" ); - case -(MBEDTLS_ERR_NET_POLL_FAILED): - return( "NET - Polling the net context failed" ); - case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA): - return( "NET - Input invalid" ); -#endif /* MBEDTLS_NET_C */ - -#if defined(MBEDTLS_OID_C) - case -(MBEDTLS_ERR_OID_NOT_FOUND): - return( "OID - OID is not found" ); - case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL): - return( "OID - output buffer is too small" ); -#endif /* MBEDTLS_OID_C */ - -#if defined(MBEDTLS_POLY1305_C) - case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA): - return( "POLY1305 - Invalid input parameter(s)" ); -#endif /* MBEDTLS_POLY1305_C */ - -#if defined(MBEDTLS_SHA1_C) - case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA): - return( "SHA1 - SHA-1 input data was malformed" ); -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA): - return( "SHA256 - SHA-256 input data was malformed" ); -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA): - return( "SHA512 - SHA-512 input data was malformed" ); -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_THREADING_C) - case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA): - return( "THREADING - Bad input parameters to function" ); - case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR): - return( "THREADING - Locking / unlocking / free failed with error code" ); -#endif /* MBEDTLS_THREADING_C */ - /* End Auto-Generated Code. */ - - default: - break; - } - - return( NULL ); -} - -void mbedtls_strerror( int ret, char *buf, size_t buflen ) -{ - size_t len; - int use_ret; - const char * high_level_error_description = NULL; - const char * low_level_error_description = NULL; - - if( buflen == 0 ) - return; - - memset( buf, 0x00, buflen ); - - if( ret < 0 ) - ret = -ret; - - if( ret & 0xFF80 ) - { - use_ret = ret & 0xFF80; - - // Translate high level error code. - high_level_error_description = mbedtls_high_level_strerr( ret ); - - if( high_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); - -#if defined(MBEDTLS_SSL_TLS_C) - // Early return in case of a fatal error - do not try to translate low - // level code. - if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) - return; -#endif /* MBEDTLS_SSL_TLS_C */ - } - - use_ret = ret & ~0xFF80; - - if( use_ret == 0 ) - return; - - // If high level code is present, make a concatenation between both - // error strings. - // - len = strlen( buf ); - - if( len > 0 ) - { - if( buflen - len < 5 ) - return; - - mbedtls_snprintf( buf + len, buflen - len, " : " ); - - buf += len + 3; - buflen -= len + 3; - } - - // Translate low level error code. - low_level_error_description = mbedtls_low_level_strerr( ret ); - - if( low_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); -} - -#else /* MBEDTLS_ERROR_C */ - -/* - * Provide an non-function in case MBEDTLS_ERROR_C is not defined - */ -void mbedtls_strerror( int ret, char *buf, size_t buflen ) -{ - ((void) ret); - - if( buflen > 0 ) - buf[0] = '\0'; -} - -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -#endif - -#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/library/version_features.c b/library/version_features.c deleted file mode 100644 index a5e972e77f..0000000000 --- a/library/version_features.c +++ /dev/null @@ -1,755 +0,0 @@ -/* - * Version feature information - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#if defined(MBEDTLS_VERSION_C) - -#include "mbedtls/version.h" - -#include - -static const char * const features[] = { -#if defined(MBEDTLS_VERSION_FEATURES) -#if defined(MBEDTLS_HAVE_ASM) - "MBEDTLS_HAVE_ASM", -#endif /* MBEDTLS_HAVE_ASM */ -#if defined(MBEDTLS_NO_UDBL_DIVISION) - "MBEDTLS_NO_UDBL_DIVISION", -#endif /* MBEDTLS_NO_UDBL_DIVISION */ -#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) - "MBEDTLS_NO_64BIT_MULTIPLICATION", -#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ -#if defined(MBEDTLS_HAVE_SSE2) - "MBEDTLS_HAVE_SSE2", -#endif /* MBEDTLS_HAVE_SSE2 */ -#if defined(MBEDTLS_HAVE_TIME) - "MBEDTLS_HAVE_TIME", -#endif /* MBEDTLS_HAVE_TIME */ -#if defined(MBEDTLS_HAVE_TIME_DATE) - "MBEDTLS_HAVE_TIME_DATE", -#endif /* MBEDTLS_HAVE_TIME_DATE */ -#if defined(MBEDTLS_PLATFORM_MEMORY) - "MBEDTLS_PLATFORM_MEMORY", -#endif /* MBEDTLS_PLATFORM_MEMORY */ -#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) - "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", -#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) - "MBEDTLS_PLATFORM_EXIT_ALT", -#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ -#if defined(MBEDTLS_PLATFORM_TIME_ALT) - "MBEDTLS_PLATFORM_TIME_ALT", -#endif /* MBEDTLS_PLATFORM_TIME_ALT */ -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) - "MBEDTLS_PLATFORM_FPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) - "MBEDTLS_PLATFORM_PRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) - "MBEDTLS_PLATFORM_SNPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) - "MBEDTLS_PLATFORM_VSNPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) - "MBEDTLS_PLATFORM_NV_SEED_ALT", -#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ -#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) - "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", -#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ -#if defined(MBEDTLS_DEPRECATED_WARNING) - "MBEDTLS_DEPRECATED_WARNING", -#endif /* MBEDTLS_DEPRECATED_WARNING */ -#if defined(MBEDTLS_DEPRECATED_REMOVED) - "MBEDTLS_DEPRECATED_REMOVED", -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#if defined(MBEDTLS_TIMING_ALT) - "MBEDTLS_TIMING_ALT", -#endif /* MBEDTLS_TIMING_ALT */ -#if defined(MBEDTLS_AES_ALT) - "MBEDTLS_AES_ALT", -#endif /* MBEDTLS_AES_ALT */ -#if defined(MBEDTLS_ARIA_ALT) - "MBEDTLS_ARIA_ALT", -#endif /* MBEDTLS_ARIA_ALT */ -#if defined(MBEDTLS_CAMELLIA_ALT) - "MBEDTLS_CAMELLIA_ALT", -#endif /* MBEDTLS_CAMELLIA_ALT */ -#if defined(MBEDTLS_CCM_ALT) - "MBEDTLS_CCM_ALT", -#endif /* MBEDTLS_CCM_ALT */ -#if defined(MBEDTLS_CHACHA20_ALT) - "MBEDTLS_CHACHA20_ALT", -#endif /* MBEDTLS_CHACHA20_ALT */ -#if defined(MBEDTLS_CHACHAPOLY_ALT) - "MBEDTLS_CHACHAPOLY_ALT", -#endif /* MBEDTLS_CHACHAPOLY_ALT */ -#if defined(MBEDTLS_CMAC_ALT) - "MBEDTLS_CMAC_ALT", -#endif /* MBEDTLS_CMAC_ALT */ -#if defined(MBEDTLS_DES_ALT) - "MBEDTLS_DES_ALT", -#endif /* MBEDTLS_DES_ALT */ -#if defined(MBEDTLS_DHM_ALT) - "MBEDTLS_DHM_ALT", -#endif /* MBEDTLS_DHM_ALT */ -#if defined(MBEDTLS_ECJPAKE_ALT) - "MBEDTLS_ECJPAKE_ALT", -#endif /* MBEDTLS_ECJPAKE_ALT */ -#if defined(MBEDTLS_GCM_ALT) - "MBEDTLS_GCM_ALT", -#endif /* MBEDTLS_GCM_ALT */ -#if defined(MBEDTLS_NIST_KW_ALT) - "MBEDTLS_NIST_KW_ALT", -#endif /* MBEDTLS_NIST_KW_ALT */ -#if defined(MBEDTLS_MD5_ALT) - "MBEDTLS_MD5_ALT", -#endif /* MBEDTLS_MD5_ALT */ -#if defined(MBEDTLS_POLY1305_ALT) - "MBEDTLS_POLY1305_ALT", -#endif /* MBEDTLS_POLY1305_ALT */ -#if defined(MBEDTLS_RIPEMD160_ALT) - "MBEDTLS_RIPEMD160_ALT", -#endif /* MBEDTLS_RIPEMD160_ALT */ -#if defined(MBEDTLS_RSA_ALT) - "MBEDTLS_RSA_ALT", -#endif /* MBEDTLS_RSA_ALT */ -#if defined(MBEDTLS_SHA1_ALT) - "MBEDTLS_SHA1_ALT", -#endif /* MBEDTLS_SHA1_ALT */ -#if defined(MBEDTLS_SHA256_ALT) - "MBEDTLS_SHA256_ALT", -#endif /* MBEDTLS_SHA256_ALT */ -#if defined(MBEDTLS_SHA512_ALT) - "MBEDTLS_SHA512_ALT", -#endif /* MBEDTLS_SHA512_ALT */ -#if defined(MBEDTLS_ECP_ALT) - "MBEDTLS_ECP_ALT", -#endif /* MBEDTLS_ECP_ALT */ -#if defined(MBEDTLS_MD5_PROCESS_ALT) - "MBEDTLS_MD5_PROCESS_ALT", -#endif /* MBEDTLS_MD5_PROCESS_ALT */ -#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) - "MBEDTLS_RIPEMD160_PROCESS_ALT", -#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ -#if defined(MBEDTLS_SHA1_PROCESS_ALT) - "MBEDTLS_SHA1_PROCESS_ALT", -#endif /* MBEDTLS_SHA1_PROCESS_ALT */ -#if defined(MBEDTLS_SHA256_PROCESS_ALT) - "MBEDTLS_SHA256_PROCESS_ALT", -#endif /* MBEDTLS_SHA256_PROCESS_ALT */ -#if defined(MBEDTLS_SHA512_PROCESS_ALT) - "MBEDTLS_SHA512_PROCESS_ALT", -#endif /* MBEDTLS_SHA512_PROCESS_ALT */ -#if defined(MBEDTLS_DES_SETKEY_ALT) - "MBEDTLS_DES_SETKEY_ALT", -#endif /* MBEDTLS_DES_SETKEY_ALT */ -#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) - "MBEDTLS_DES_CRYPT_ECB_ALT", -#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ -#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) - "MBEDTLS_DES3_CRYPT_ECB_ALT", -#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) - "MBEDTLS_AES_SETKEY_ENC_ALT", -#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ -#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) - "MBEDTLS_AES_SETKEY_DEC_ALT", -#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ -#if defined(MBEDTLS_AES_ENCRYPT_ALT) - "MBEDTLS_AES_ENCRYPT_ALT", -#endif /* MBEDTLS_AES_ENCRYPT_ALT */ -#if defined(MBEDTLS_AES_DECRYPT_ALT) - "MBEDTLS_AES_DECRYPT_ALT", -#endif /* MBEDTLS_AES_DECRYPT_ALT */ -#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) - "MBEDTLS_ECDH_GEN_PUBLIC_ALT", -#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ -#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) - "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", -#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - "MBEDTLS_ECDSA_VERIFY_ALT", -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - "MBEDTLS_ECDSA_SIGN_ALT", -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ -#if defined(MBEDTLS_ECDSA_GENKEY_ALT) - "MBEDTLS_ECDSA_GENKEY_ALT", -#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ -#if defined(MBEDTLS_ECP_INTERNAL_ALT) - "MBEDTLS_ECP_INTERNAL_ALT", -#endif /* MBEDTLS_ECP_INTERNAL_ALT */ -#if defined(MBEDTLS_ECP_NO_FALLBACK) - "MBEDTLS_ECP_NO_FALLBACK", -#endif /* MBEDTLS_ECP_NO_FALLBACK */ -#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", -#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ -#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - "MBEDTLS_ECP_ADD_MIXED_ALT", -#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ -#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - "MBEDTLS_ECP_DOUBLE_JAC_ALT", -#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - "MBEDTLS_ECP_NORMALIZE_JAC_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ -#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", -#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ -#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", -#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - "MBEDTLS_ENTROPY_HARDWARE_ALT", -#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ -#if defined(MBEDTLS_AES_ROM_TABLES) - "MBEDTLS_AES_ROM_TABLES", -#endif /* MBEDTLS_AES_ROM_TABLES */ -#if defined(MBEDTLS_AES_FEWER_TABLES) - "MBEDTLS_AES_FEWER_TABLES", -#endif /* MBEDTLS_AES_FEWER_TABLES */ -#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) - "MBEDTLS_CAMELLIA_SMALL_MEMORY", -#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) - "MBEDTLS_CIPHER_MODE_CBC", -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_MODE_CFB) - "MBEDTLS_CIPHER_MODE_CFB", -#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(MBEDTLS_CIPHER_MODE_CTR) - "MBEDTLS_CIPHER_MODE_CTR", -#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if defined(MBEDTLS_CIPHER_MODE_OFB) - "MBEDTLS_CIPHER_MODE_OFB", -#endif /* MBEDTLS_CIPHER_MODE_OFB */ -#if defined(MBEDTLS_CIPHER_MODE_XTS) - "MBEDTLS_CIPHER_MODE_XTS", -#endif /* MBEDTLS_CIPHER_MODE_XTS */ -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) - "MBEDTLS_CIPHER_NULL_CIPHER", -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - "MBEDTLS_CIPHER_PADDING_PKCS7", -#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ -#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", -#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - "MBEDTLS_CIPHER_PADDING_ZEROS", -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ -#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) - "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", -#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - "MBEDTLS_ECP_DP_SECP192R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - "MBEDTLS_ECP_DP_SECP224R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - "MBEDTLS_ECP_DP_SECP256R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - "MBEDTLS_ECP_DP_SECP384R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - "MBEDTLS_ECP_DP_SECP521R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - "MBEDTLS_ECP_DP_SECP192K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - "MBEDTLS_ECP_DP_SECP224K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - "MBEDTLS_ECP_DP_SECP256K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - "MBEDTLS_ECP_DP_BP256R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - "MBEDTLS_ECP_DP_BP384R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - "MBEDTLS_ECP_DP_BP512R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - "MBEDTLS_ECP_DP_CURVE25519_ENABLED", -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - "MBEDTLS_ECP_DP_CURVE448_ENABLED", -#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ -#if defined(MBEDTLS_ECP_NIST_OPTIM) - "MBEDTLS_ECP_NIST_OPTIM", -#endif /* MBEDTLS_ECP_NIST_OPTIM */ -#if defined(MBEDTLS_ECP_RESTARTABLE) - "MBEDTLS_ECP_RESTARTABLE", -#endif /* MBEDTLS_ECP_RESTARTABLE */ -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - "MBEDTLS_ECDSA_DETERMINISTIC", -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - "MBEDTLS_PK_PARSE_EC_EXTENDED", -#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) - "MBEDTLS_ERROR_STRERROR_DUMMY", -#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ -#if defined(MBEDTLS_GENPRIME) - "MBEDTLS_GENPRIME", -#endif /* MBEDTLS_GENPRIME */ -#if defined(MBEDTLS_FS_IO) - "MBEDTLS_FS_IO", -#endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) - "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", -#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ -#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) - "MBEDTLS_NO_PLATFORM_ENTROPY", -#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ -#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) - "MBEDTLS_ENTROPY_FORCE_SHA256", -#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ -#if defined(MBEDTLS_ENTROPY_NV_SEED) - "MBEDTLS_ENTROPY_NV_SEED", -#endif /* MBEDTLS_ENTROPY_NV_SEED */ -#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", -#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -#if defined(MBEDTLS_MEMORY_DEBUG) - "MBEDTLS_MEMORY_DEBUG", -#endif /* MBEDTLS_MEMORY_DEBUG */ -#if defined(MBEDTLS_MEMORY_BACKTRACE) - "MBEDTLS_MEMORY_BACKTRACE", -#endif /* MBEDTLS_MEMORY_BACKTRACE */ -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - "MBEDTLS_PK_RSA_ALT_SUPPORT", -#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ -#if defined(MBEDTLS_PKCS1_V15) - "MBEDTLS_PKCS1_V15", -#endif /* MBEDTLS_PKCS1_V15 */ -#if defined(MBEDTLS_PKCS1_V21) - "MBEDTLS_PKCS1_V21", -#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) - "MBEDTLS_PSA_CRYPTO_CLIENT", -#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) - "MBEDTLS_PSA_CRYPTO_DRIVERS", -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", -#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) - "MBEDTLS_PSA_CRYPTO_SPM", -#endif /* MBEDTLS_PSA_CRYPTO_SPM */ -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) - "MBEDTLS_PSA_INJECT_ENTROPY", -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -#if defined(MBEDTLS_RSA_NO_CRT) - "MBEDTLS_RSA_NO_CRT", -#endif /* MBEDTLS_RSA_NO_CRT */ -#if defined(MBEDTLS_SELF_TEST) - "MBEDTLS_SELF_TEST", -#endif /* MBEDTLS_SELF_TEST */ -#if defined(MBEDTLS_SHA256_SMALLER) - "MBEDTLS_SHA256_SMALLER", -#endif /* MBEDTLS_SHA256_SMALLER */ -#if defined(MBEDTLS_SHA512_SMALLER) - "MBEDTLS_SHA512_SMALLER", -#endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - "MBEDTLS_SSL_ALL_ALERT_MESSAGES", -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - "MBEDTLS_SSL_DTLS_CONNECTION_ID", -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - "MBEDTLS_SSL_ASYNC_PRIVATE", -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - "MBEDTLS_SSL_CONTEXT_SERIALIZATION", -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ -#if defined(MBEDTLS_SSL_DEBUG_ALL) - "MBEDTLS_SSL_DEBUG_ALL", -#endif /* MBEDTLS_SSL_DEBUG_ALL */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - "MBEDTLS_SSL_ENCRYPT_THEN_MAC", -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - "MBEDTLS_SSL_RENEGOTIATION", -#endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - "MBEDTLS_SSL_PROTO_TLS1_2", -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - "MBEDTLS_SSL_PROTO_DTLS", -#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_ALPN) - "MBEDTLS_SSL_ALPN", -#endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - "MBEDTLS_SSL_DTLS_ANTI_REPLAY", -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - "MBEDTLS_SSL_DTLS_HELLO_VERIFY", -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -#if defined(MBEDTLS_SSL_DTLS_SRTP) - "MBEDTLS_SSL_DTLS_SRTP", -#endif /* MBEDTLS_SSL_DTLS_SRTP */ -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - "MBEDTLS_SSL_SESSION_TICKETS", -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - "MBEDTLS_SSL_EXPORT_KEYS", -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - "MBEDTLS_SSL_SERVER_NAME_INDICATION", -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) - "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) - "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ -#if defined(MBEDTLS_TEST_HOOKS) - "MBEDTLS_TEST_HOOKS", -#endif /* MBEDTLS_TEST_HOOKS */ -#if defined(MBEDTLS_THREADING_ALT) - "MBEDTLS_THREADING_ALT", -#endif /* MBEDTLS_THREADING_ALT */ -#if defined(MBEDTLS_THREADING_PTHREAD) - "MBEDTLS_THREADING_PTHREAD", -#endif /* MBEDTLS_THREADING_PTHREAD */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - "MBEDTLS_USE_PSA_CRYPTO", -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - "MBEDTLS_PSA_CRYPTO_CONFIG", -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ -#if defined(MBEDTLS_VERSION_FEATURES) - "MBEDTLS_VERSION_FEATURES", -#endif /* MBEDTLS_VERSION_FEATURES */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_X509_REMOVE_INFO) - "MBEDTLS_X509_REMOVE_INFO", -#endif /* MBEDTLS_X509_REMOVE_INFO */ -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - "MBEDTLS_X509_RSASSA_PSS_SUPPORT", -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -#if defined(MBEDTLS_AESNI_C) - "MBEDTLS_AESNI_C", -#endif /* MBEDTLS_AESNI_C */ -#if defined(MBEDTLS_AES_C) - "MBEDTLS_AES_C", -#endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_ASN1_PARSE_C) - "MBEDTLS_ASN1_PARSE_C", -#endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_ASN1_WRITE_C) - "MBEDTLS_ASN1_WRITE_C", -#endif /* MBEDTLS_ASN1_WRITE_C */ -#if defined(MBEDTLS_BASE64_C) - "MBEDTLS_BASE64_C", -#endif /* MBEDTLS_BASE64_C */ -#if defined(MBEDTLS_BIGNUM_C) - "MBEDTLS_BIGNUM_C", -#endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_CAMELLIA_C) - "MBEDTLS_CAMELLIA_C", -#endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_ARIA_C) - "MBEDTLS_ARIA_C", -#endif /* MBEDTLS_ARIA_C */ -#if defined(MBEDTLS_CCM_C) - "MBEDTLS_CCM_C", -#endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CHACHA20_C) - "MBEDTLS_CHACHA20_C", -#endif /* MBEDTLS_CHACHA20_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) - "MBEDTLS_CHACHAPOLY_C", -#endif /* MBEDTLS_CHACHAPOLY_C */ -#if defined(MBEDTLS_CIPHER_C) - "MBEDTLS_CIPHER_C", -#endif /* MBEDTLS_CIPHER_C */ -#if defined(MBEDTLS_CMAC_C) - "MBEDTLS_CMAC_C", -#endif /* MBEDTLS_CMAC_C */ -#if defined(MBEDTLS_CTR_DRBG_C) - "MBEDTLS_CTR_DRBG_C", -#endif /* MBEDTLS_CTR_DRBG_C */ -#if defined(MBEDTLS_DEBUG_C) - "MBEDTLS_DEBUG_C", -#endif /* MBEDTLS_DEBUG_C */ -#if defined(MBEDTLS_DES_C) - "MBEDTLS_DES_C", -#endif /* MBEDTLS_DES_C */ -#if defined(MBEDTLS_DHM_C) - "MBEDTLS_DHM_C", -#endif /* MBEDTLS_DHM_C */ -#if defined(MBEDTLS_ECDH_C) - "MBEDTLS_ECDH_C", -#endif /* MBEDTLS_ECDH_C */ -#if defined(MBEDTLS_ECDSA_C) - "MBEDTLS_ECDSA_C", -#endif /* MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_ECJPAKE_C) - "MBEDTLS_ECJPAKE_C", -#endif /* MBEDTLS_ECJPAKE_C */ -#if defined(MBEDTLS_ECP_C) - "MBEDTLS_ECP_C", -#endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_ENTROPY_C) - "MBEDTLS_ENTROPY_C", -#endif /* MBEDTLS_ENTROPY_C */ -#if defined(MBEDTLS_ERROR_C) - "MBEDTLS_ERROR_C", -#endif /* MBEDTLS_ERROR_C */ -#if defined(MBEDTLS_GCM_C) - "MBEDTLS_GCM_C", -#endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_HKDF_C) - "MBEDTLS_HKDF_C", -#endif /* MBEDTLS_HKDF_C */ -#if defined(MBEDTLS_HMAC_DRBG_C) - "MBEDTLS_HMAC_DRBG_C", -#endif /* MBEDTLS_HMAC_DRBG_C */ -#if defined(MBEDTLS_NIST_KW_C) - "MBEDTLS_NIST_KW_C", -#endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_MD_C) - "MBEDTLS_MD_C", -#endif /* MBEDTLS_MD_C */ -#if defined(MBEDTLS_MD5_C) - "MBEDTLS_MD5_C", -#endif /* MBEDTLS_MD5_C */ -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - "MBEDTLS_MEMORY_BUFFER_ALLOC_C", -#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ -#if defined(MBEDTLS_NET_C) - "MBEDTLS_NET_C", -#endif /* MBEDTLS_NET_C */ -#if defined(MBEDTLS_OID_C) - "MBEDTLS_OID_C", -#endif /* MBEDTLS_OID_C */ -#if defined(MBEDTLS_PADLOCK_C) - "MBEDTLS_PADLOCK_C", -#endif /* MBEDTLS_PADLOCK_C */ -#if defined(MBEDTLS_PEM_PARSE_C) - "MBEDTLS_PEM_PARSE_C", -#endif /* MBEDTLS_PEM_PARSE_C */ -#if defined(MBEDTLS_PEM_WRITE_C) - "MBEDTLS_PEM_WRITE_C", -#endif /* MBEDTLS_PEM_WRITE_C */ -#if defined(MBEDTLS_PK_C) - "MBEDTLS_PK_C", -#endif /* MBEDTLS_PK_C */ -#if defined(MBEDTLS_PK_PARSE_C) - "MBEDTLS_PK_PARSE_C", -#endif /* MBEDTLS_PK_PARSE_C */ -#if defined(MBEDTLS_PK_WRITE_C) - "MBEDTLS_PK_WRITE_C", -#endif /* MBEDTLS_PK_WRITE_C */ -#if defined(MBEDTLS_PKCS5_C) - "MBEDTLS_PKCS5_C", -#endif /* MBEDTLS_PKCS5_C */ -#if defined(MBEDTLS_PKCS12_C) - "MBEDTLS_PKCS12_C", -#endif /* MBEDTLS_PKCS12_C */ -#if defined(MBEDTLS_PLATFORM_C) - "MBEDTLS_PLATFORM_C", -#endif /* MBEDTLS_PLATFORM_C */ -#if defined(MBEDTLS_POLY1305_C) - "MBEDTLS_POLY1305_C", -#endif /* MBEDTLS_POLY1305_C */ -#if defined(MBEDTLS_PSA_CRYPTO_C) - "MBEDTLS_PSA_CRYPTO_C", -#endif /* MBEDTLS_PSA_CRYPTO_C */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - "MBEDTLS_PSA_CRYPTO_SE_C", -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - "MBEDTLS_PSA_CRYPTO_STORAGE_C", -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_ITS_FILE_C) - "MBEDTLS_PSA_ITS_FILE_C", -#endif /* MBEDTLS_PSA_ITS_FILE_C */ -#if defined(MBEDTLS_RIPEMD160_C) - "MBEDTLS_RIPEMD160_C", -#endif /* MBEDTLS_RIPEMD160_C */ -#if defined(MBEDTLS_RSA_C) - "MBEDTLS_RSA_C", -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_SHA1_C) - "MBEDTLS_SHA1_C", -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA224_C) - "MBEDTLS_SHA224_C", -#endif /* MBEDTLS_SHA224_C */ -#if defined(MBEDTLS_SHA256_C) - "MBEDTLS_SHA256_C", -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA384_C) - "MBEDTLS_SHA384_C", -#endif /* MBEDTLS_SHA384_C */ -#if defined(MBEDTLS_SHA512_C) - "MBEDTLS_SHA512_C", -#endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_SSL_CACHE_C) - "MBEDTLS_SSL_CACHE_C", -#endif /* MBEDTLS_SSL_CACHE_C */ -#if defined(MBEDTLS_SSL_COOKIE_C) - "MBEDTLS_SSL_COOKIE_C", -#endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_TICKET_C) - "MBEDTLS_SSL_TICKET_C", -#endif /* MBEDTLS_SSL_TICKET_C */ -#if defined(MBEDTLS_SSL_CLI_C) - "MBEDTLS_SSL_CLI_C", -#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) - "MBEDTLS_SSL_SRV_C", -#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_TLS_C) - "MBEDTLS_SSL_TLS_C", -#endif /* MBEDTLS_SSL_TLS_C */ -#if defined(MBEDTLS_THREADING_C) - "MBEDTLS_THREADING_C", -#endif /* MBEDTLS_THREADING_C */ -#if defined(MBEDTLS_TIMING_C) - "MBEDTLS_TIMING_C", -#endif /* MBEDTLS_TIMING_C */ -#if defined(MBEDTLS_VERSION_C) - "MBEDTLS_VERSION_C", -#endif /* MBEDTLS_VERSION_C */ -#if defined(MBEDTLS_X509_USE_C) - "MBEDTLS_X509_USE_C", -#endif /* MBEDTLS_X509_USE_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) - "MBEDTLS_X509_CRT_PARSE_C", -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_X509_CRL_PARSE_C) - "MBEDTLS_X509_CRL_PARSE_C", -#endif /* MBEDTLS_X509_CRL_PARSE_C */ -#if defined(MBEDTLS_X509_CSR_PARSE_C) - "MBEDTLS_X509_CSR_PARSE_C", -#endif /* MBEDTLS_X509_CSR_PARSE_C */ -#if defined(MBEDTLS_X509_CREATE_C) - "MBEDTLS_X509_CREATE_C", -#endif /* MBEDTLS_X509_CREATE_C */ -#if defined(MBEDTLS_X509_CRT_WRITE_C) - "MBEDTLS_X509_CRT_WRITE_C", -#endif /* MBEDTLS_X509_CRT_WRITE_C */ -#if defined(MBEDTLS_X509_CSR_WRITE_C) - "MBEDTLS_X509_CSR_WRITE_C", -#endif /* MBEDTLS_X509_CSR_WRITE_C */ -#endif /* MBEDTLS_VERSION_FEATURES */ - NULL -}; - -int mbedtls_version_check_feature( const char *feature ) -{ - const char * const *idx = features; - - if( *idx == NULL ) - return( -2 ); - - if( feature == NULL ) - return( -1 ); - - while( *idx != NULL ) - { - if( !strcmp( *idx, feature ) ) - return( 0 ); - idx++; - } - return( -1 ); -} - -#endif /* MBEDTLS_VERSION_C */ diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c deleted file mode 100644 index 192ccb28f1..0000000000 --- a/programs/psa/psa_constant_names_generated.c +++ /dev/null @@ -1,446 +0,0 @@ -/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ - -static const char *psa_strerror(psa_status_t status) -{ - switch (status) { - case PSA_ERROR_ALREADY_EXISTS: return "PSA_ERROR_ALREADY_EXISTS"; - case PSA_ERROR_BAD_STATE: return "PSA_ERROR_BAD_STATE"; - case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL"; - case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE"; - case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED"; - case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT"; - case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID"; - case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST"; - case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR"; - case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE"; - case PSA_ERROR_INSUFFICIENT_DATA: return "PSA_ERROR_INSUFFICIENT_DATA"; - case PSA_ERROR_INSUFFICIENT_ENTROPY: return "PSA_ERROR_INSUFFICIENT_ENTROPY"; - case PSA_ERROR_INSUFFICIENT_MEMORY: return "PSA_ERROR_INSUFFICIENT_MEMORY"; - case PSA_ERROR_INSUFFICIENT_STORAGE: return "PSA_ERROR_INSUFFICIENT_STORAGE"; - case PSA_ERROR_INVALID_ARGUMENT: return "PSA_ERROR_INVALID_ARGUMENT"; - case PSA_ERROR_INVALID_HANDLE: return "PSA_ERROR_INVALID_HANDLE"; - case PSA_ERROR_INVALID_PADDING: return "PSA_ERROR_INVALID_PADDING"; - case PSA_ERROR_INVALID_SIGNATURE: return "PSA_ERROR_INVALID_SIGNATURE"; - case PSA_ERROR_NOT_PERMITTED: return "PSA_ERROR_NOT_PERMITTED"; - case PSA_ERROR_NOT_SUPPORTED: return "PSA_ERROR_NOT_SUPPORTED"; - case PSA_ERROR_STORAGE_FAILURE: return "PSA_ERROR_STORAGE_FAILURE"; - case PSA_SUCCESS: return "PSA_SUCCESS"; - default: return NULL; - } -} - -static const char *psa_ecc_family_name(psa_ecc_family_t curve) -{ - switch (curve) { - case PSA_ECC_FAMILY_BRAINPOOL_P_R1: return "PSA_ECC_FAMILY_BRAINPOOL_P_R1"; - case PSA_ECC_FAMILY_MONTGOMERY: return "PSA_ECC_FAMILY_MONTGOMERY"; - case PSA_ECC_FAMILY_SECP_K1: return "PSA_ECC_FAMILY_SECP_K1"; - case PSA_ECC_FAMILY_SECP_R1: return "PSA_ECC_FAMILY_SECP_R1"; - case PSA_ECC_FAMILY_SECP_R2: return "PSA_ECC_FAMILY_SECP_R2"; - case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1"; - case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1"; - case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2"; - case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS"; - default: return NULL; - } -} - -static const char *psa_dh_family_name(psa_dh_family_t group) -{ - switch (group) { - case PSA_DH_FAMILY_CUSTOM: return "PSA_DH_FAMILY_CUSTOM"; - case PSA_DH_FAMILY_RFC7919: return "PSA_DH_FAMILY_RFC7919"; - default: return NULL; - } -} - -static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) -{ - switch (hash_alg) { - case PSA_ALG_ANY_HASH: return "PSA_ALG_ANY_HASH"; - case PSA_ALG_CATEGORY_HASH: return "PSA_ALG_CATEGORY_HASH"; - case PSA_ALG_MD5: return "PSA_ALG_MD5"; - case PSA_ALG_RIPEMD160: return "PSA_ALG_RIPEMD160"; - case PSA_ALG_SHA3_224: return "PSA_ALG_SHA3_224"; - case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256"; - case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384"; - case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512"; - case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512"; - case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1"; - case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224"; - case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256"; - case PSA_ALG_SHA_384: return "PSA_ALG_SHA_384"; - case PSA_ALG_SHA_512: return "PSA_ALG_SHA_512"; - case PSA_ALG_SHA_512_224: return "PSA_ALG_SHA_512_224"; - case PSA_ALG_SHA_512_256: return "PSA_ALG_SHA_512_256"; - default: return NULL; - } -} - -static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg) -{ - switch (ka_alg) { - case PSA_ALG_CATEGORY_KEY_AGREEMENT: return "PSA_ALG_CATEGORY_KEY_AGREEMENT"; - case PSA_ALG_ECDH: return "PSA_ALG_ECDH"; - case PSA_ALG_FFDH: return "PSA_ALG_FFDH"; - default: return NULL; - } -} - -static int psa_snprint_key_type(char *buffer, size_t buffer_size, - psa_key_type_t type) -{ - size_t required_size = 0; - switch (type) { - case PSA_KEY_TYPE_AES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_AES", 16); break; - case PSA_KEY_TYPE_CAMELLIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CAMELLIA", 21); break; - case PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_FLAG_PAIR", 31); break; - case PSA_KEY_TYPE_CATEGORY_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_KEY_PAIR", 30); break; - case PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY", 32); break; - case PSA_KEY_TYPE_CATEGORY_RAW: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_RAW", 25); break; - case PSA_KEY_TYPE_CATEGORY_SYMMETRIC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_SYMMETRIC", 31); break; - case PSA_KEY_TYPE_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CHACHA20", 21); break; - case PSA_KEY_TYPE_DERIVE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DERIVE", 19); break; - case PSA_KEY_TYPE_DES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DES", 16); break; - case PSA_KEY_TYPE_DH_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_KEY_PAIR_BASE", 29); break; - case PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE", 31); break; - case PSA_KEY_TYPE_DSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_KEY_PAIR", 25); break; - case PSA_KEY_TYPE_DSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_PUBLIC_KEY", 27); break; - case PSA_KEY_TYPE_ECC_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_KEY_PAIR_BASE", 30); break; - case PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE", 32); break; - case PSA_KEY_TYPE_HMAC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_HMAC", 17); break; - case PSA_KEY_TYPE_NONE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_NONE", 17); break; - case PSA_KEY_TYPE_PASSWORD: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD", 21); break; - case PSA_KEY_TYPE_PASSWORD_HASH: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD_HASH", 26); break; - case PSA_KEY_TYPE_PEPPER: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PEPPER", 19); break; - case PSA_KEY_TYPE_RAW_DATA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RAW_DATA", 21); break; - case PSA_KEY_TYPE_RSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_KEY_PAIR", 25); break; - case PSA_KEY_TYPE_RSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_PUBLIC_KEY", 27); break; - default: - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - append_with_curve(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_ECC_KEY_PAIR", 25, - PSA_KEY_TYPE_ECC_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { - append_with_curve(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_ECC_PUBLIC_KEY", 27, - PSA_KEY_TYPE_ECC_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { - append_with_group(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_DH_KEY_PAIR", 24, - PSA_KEY_TYPE_DH_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)) { - append_with_group(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_DH_PUBLIC_KEY", 26, - PSA_KEY_TYPE_DH_GET_FAMILY(type)); - } else { - return snprintf(buffer, buffer_size, - "0x%04x", (unsigned) type); - } - break; - } - buffer[0] = 0; - return (int) required_size; -} - -#define NO_LENGTH_MODIFIER 0xfffffffflu -static int psa_snprint_algorithm(char *buffer, size_t buffer_size, - psa_algorithm_t alg) -{ - size_t required_size = 0; - psa_algorithm_t core_alg = alg; - unsigned long length_modifier = NO_LENGTH_MODIFIER; - if (PSA_ALG_IS_MAC(alg)) { - core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); - if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33); - length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); - } else if (core_alg != alg) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TRUNCATED_MAC(", 22); - length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); - } - } else if (PSA_ALG_IS_AEAD(alg)) { - core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg); - if (core_alg == 0) { - /* For unknown AEAD algorithms, there is no "default tag length". */ - core_alg = alg; - } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); - } else if (core_alg != alg) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); - } - } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && - !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { - core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); - append(&buffer, buffer_size, &required_size, - "PSA_ALG_KEY_AGREEMENT(", 22); - append_with_alg(&buffer, buffer_size, &required_size, - psa_ka_algorithm_name, - PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)); - append(&buffer, buffer_size, &required_size, ", ", 2); - } - switch (core_alg) { - case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break; - case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break; - case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break; - case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break; - case PSA_ALG_CATEGORY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_HASH", 21); break; - case PSA_ALG_CATEGORY_KEY_AGREEMENT: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_AGREEMENT", 30); break; - case PSA_ALG_CATEGORY_KEY_DERIVATION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_DERIVATION", 31); break; - case PSA_ALG_CATEGORY_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_MAC", 20); break; - case PSA_ALG_CATEGORY_PAKE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_PAKE", 21); break; - case PSA_ALG_CATEGORY_SIGN: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_SIGN", 21); break; - case PSA_ALG_CBC_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_MAC", 15); break; - case PSA_ALG_CBC_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_NO_PADDING", 22); break; - case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break; - case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break; - case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break; - case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break; - case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break; - case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break; - case PSA_ALG_CTR: append(&buffer, buffer_size, &required_size, "PSA_ALG_CTR", 11); break; - case PSA_ALG_DETERMINISTIC_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_DSA_BASE", 30); break; - case PSA_ALG_DETERMINISTIC_ECDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_ECDSA_BASE", 32); break; - case PSA_ALG_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DSA_BASE", 16); break; - case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break; - case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break; - case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break; - case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break; - case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break; - case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break; - case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break; - case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break; - case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break; - case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break; - case PSA_ALG_JPAKE: append(&buffer, buffer_size, &required_size, "PSA_ALG_JPAKE", 13); break; - case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break; - case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break; - case PSA_ALG_PBKDF2_AES_CMAC_PRF_128: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_AES_CMAC_PRF_128", 31); break; - case PSA_ALG_PBKDF2_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_HMAC_BASE", 24); break; - case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break; - case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break; - case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break; - case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break; - case PSA_ALG_RSA_PKCS1V15_SIGN_RAW: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_SIGN_RAW", 29); break; - case PSA_ALG_RSA_PSS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_BASE", 20); break; - case PSA_ALG_SHA3_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_224", 16); break; - case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break; - case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break; - case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break; - case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break; - case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break; - case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break; - case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break; - case PSA_ALG_SHA_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_384", 15); break; - case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break; - case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break; - case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break; - case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break; - case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break; - case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break; - case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break; - default: - if (PSA_ALG_IS_DETERMINISTIC_DSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DETERMINISTIC_DSA(", 25 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_DETERMINISTIC_ECDSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DETERMINISTIC_ECDSA(", 27 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RANDOMIZED_DSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DSA(", 11 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RANDOMIZED_ECDSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_ECDSA(", 13 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_HKDF(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_HKDF(", 12 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_HMAC(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_HMAC(", 12 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_PBKDF2_HMAC(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_PBKDF2_HMAC(", 19 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_OAEP(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_OAEP(", 16 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_PKCS1V15_SIGN(", 25 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_PSS(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_PSS(", 15 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_TLS12_PRF(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TLS12_PRF(", 17 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_TLS12_PSK_TO_MS(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TLS12_PSK_TO_MS(", 23 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else { - append_integer(&buffer, buffer_size, &required_size, - "0x%08lx", (unsigned long) core_alg); - } - break; - } - if (core_alg != alg) { - if (length_modifier != NO_LENGTH_MODIFIER) { - append(&buffer, buffer_size, &required_size, ", ", 2); - append_integer(&buffer, buffer_size, &required_size, - "%lu", length_modifier); - } - append(&buffer, buffer_size, &required_size, ")", 1); - } - buffer[0] = 0; - return (int) required_size; -} - -static int psa_snprint_key_usage(char *buffer, size_t buffer_size, - psa_key_usage_t usage) -{ - size_t required_size = 0; - if (usage == 0) { - if (buffer_size > 1) { - buffer[0] = '0'; - buffer[1] = 0; - } else if (buffer_size == 1) { - buffer[0] = 0; - } - return 1; - } - if (usage & PSA_KEY_USAGE_COPY) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_COPY", 18); - usage ^= PSA_KEY_USAGE_COPY; - } - if (usage & PSA_KEY_USAGE_DECRYPT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DECRYPT", 21); - usage ^= PSA_KEY_USAGE_DECRYPT; - } - if (usage & PSA_KEY_USAGE_DERIVE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DERIVE", 20); - usage ^= PSA_KEY_USAGE_DERIVE; - } - if (usage & PSA_KEY_USAGE_ENCRYPT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_ENCRYPT", 21); - usage ^= PSA_KEY_USAGE_ENCRYPT; - } - if (usage & PSA_KEY_USAGE_EXPORT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_EXPORT", 20); - usage ^= PSA_KEY_USAGE_EXPORT; - } - if (usage & PSA_KEY_USAGE_SIGN_HASH) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23); - usage ^= PSA_KEY_USAGE_SIGN_HASH; - } - if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26); - usage ^= PSA_KEY_USAGE_SIGN_MESSAGE; - } - if (usage & PSA_KEY_USAGE_VERIFY_DERIVATION) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_DERIVATION", 31); - usage ^= PSA_KEY_USAGE_VERIFY_DERIVATION; - } - if (usage & PSA_KEY_USAGE_VERIFY_HASH) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25); - usage ^= PSA_KEY_USAGE_VERIFY_HASH; - } - if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28); - usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - if (usage != 0) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append_integer(&buffer, buffer_size, &required_size, - "0x%08lx", (unsigned long) usage); - } else { - buffer[0] = 0; - } - return (int) required_size; -} - -/* End of automatically generated file. */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c deleted file mode 100644 index 9a0d9a095d..0000000000 --- a/programs/test/query_config.c +++ /dev/null @@ -1,2467 +0,0 @@ -/* - * Query Mbed TLS compile time configurations from mbedtls_config.h - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbedtls/build_info.h" - -#include "query_config.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ - -/* - * Include all the headers with public APIs in case they define a macro to its - * default value when that configuration is not set in the mbedtls_config.h. - */ -#include "mbedtls/aes.h" -#include "mbedtls/aria.h" -#include "mbedtls/asn1.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/base64.h" -#include "mbedtls/bignum.h" -#include "mbedtls/camellia.h" -#include "mbedtls/ccm.h" -#include "mbedtls/chacha20.h" -#include "mbedtls/chachapoly.h" -#include "mbedtls/cipher.h" -#include "mbedtls/cmac.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" -#include "mbedtls/des.h" -#include "mbedtls/dhm.h" -#include "mbedtls/ecdh.h" -#include "mbedtls/ecdsa.h" -#include "mbedtls/ecjpake.h" -#include "mbedtls/ecp.h" -#include "mbedtls/entropy.h" -#include "mbedtls/error.h" -#include "mbedtls/gcm.h" -#include "mbedtls/hkdf.h" -#include "mbedtls/hmac_drbg.h" -#include "mbedtls/md.h" -#include "mbedtls/md5.h" -#include "mbedtls/memory_buffer_alloc.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/nist_kw.h" -#include "mbedtls/oid.h" -#include "mbedtls/pem.h" -#include "mbedtls/pk.h" -#include "mbedtls/pkcs12.h" -#include "mbedtls/pkcs5.h" -#include "mbedtls/platform_time.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/poly1305.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_ticket.h" -#include "mbedtls/threading.h" -#include "mbedtls/timing.h" -#include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" - -#include - -/* - * Helper macros to convert a macro or its expansion into a string - * WARNING: This does not work for expanding function-like macros. However, - * Mbed TLS does not currently have configuration options used in this fashion. - */ -#define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) -#define MACRO_NAME_TO_STR(macro) \ - mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) - -#if defined(_MSC_VER) -/* - * Visual Studio throws the warning 4003 because many Mbed TLS feature macros - * are defined empty. This means that from the preprocessor's point of view - * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as - * some macros expand to nothing. We suppress that specific warning to get a - * clean build and to ensure that tests treating warnings as errors do not - * fail. - */ -#pragma warning(push) -#pragma warning(disable:4003) -#endif /* _MSC_VER */ - -int query_config( const char *config ) -{ -#if defined(MBEDTLS_CONFIG_VERSION) - if( strcmp( "MBEDTLS_CONFIG_VERSION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CONFIG_VERSION ); - return( 0 ); - } -#endif /* MBEDTLS_CONFIG_VERSION */ - -#if defined(MBEDTLS_HAVE_ASM) - if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_ASM */ - -#if defined(MBEDTLS_NO_UDBL_DIVISION) - if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION ); - return( 0 ); - } -#endif /* MBEDTLS_NO_UDBL_DIVISION */ - -#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) - if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION ); - return( 0 ); - } -#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ - -#if defined(MBEDTLS_HAVE_SSE2) - if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_SSE2 */ - -#if defined(MBEDTLS_HAVE_TIME) - if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_TIME */ - -#if defined(MBEDTLS_HAVE_TIME_DATE) - if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_TIME_DATE */ - -#if defined(MBEDTLS_PLATFORM_MEMORY) - if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_MEMORY */ - -#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) - if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ - -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) - if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ - -#if defined(MBEDTLS_PLATFORM_TIME_ALT) - if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_ALT */ - -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ - -#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) - if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ - -#if defined(MBEDTLS_DEPRECATED_WARNING) - if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING ); - return( 0 ); - } -#endif /* MBEDTLS_DEPRECATED_WARNING */ - -#if defined(MBEDTLS_DEPRECATED_REMOVED) - if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED ); - return( 0 ); - } -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - -#if defined(MBEDTLS_TIMING_ALT) - if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_TIMING_ALT */ - -#if defined(MBEDTLS_AES_ALT) - if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ALT */ - -#if defined(MBEDTLS_ARIA_ALT) - if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ARIA_ALT */ - -#if defined(MBEDTLS_CAMELLIA_ALT) - if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_ALT */ - -#if defined(MBEDTLS_CCM_ALT) - if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CCM_ALT */ - -#if defined(MBEDTLS_CHACHA20_ALT) - if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHA20_ALT */ - -#if defined(MBEDTLS_CHACHAPOLY_ALT) - if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHAPOLY_ALT */ - -#if defined(MBEDTLS_CMAC_ALT) - if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CMAC_ALT */ - -#if defined(MBEDTLS_DES_ALT) - if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_ALT */ - -#if defined(MBEDTLS_DHM_ALT) - if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DHM_ALT */ - -#if defined(MBEDTLS_ECJPAKE_ALT) - if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECJPAKE_ALT */ - -#if defined(MBEDTLS_GCM_ALT) - if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_GCM_ALT */ - -#if defined(MBEDTLS_NIST_KW_ALT) - if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_NIST_KW_ALT */ - -#if defined(MBEDTLS_MD5_ALT) - if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_ALT */ - -#if defined(MBEDTLS_POLY1305_ALT) - if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_POLY1305_ALT */ - -#if defined(MBEDTLS_RIPEMD160_ALT) - if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_ALT */ - -#if defined(MBEDTLS_RSA_ALT) - if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_ALT */ - -#if defined(MBEDTLS_SHA1_ALT) - if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_ALT */ - -#if defined(MBEDTLS_SHA256_ALT) - if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_ALT */ - -#if defined(MBEDTLS_SHA512_ALT) - if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_ALT */ - -#if defined(MBEDTLS_ECP_ALT) - if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_ALT */ - -#if defined(MBEDTLS_MD5_PROCESS_ALT) - if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_PROCESS_ALT */ - -#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) - if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA1_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA256_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA512_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_PROCESS_ALT */ - -#if defined(MBEDTLS_DES_SETKEY_ALT) - if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_SETKEY_ALT */ - -#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) - if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ - -#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) - if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ - -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) - if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ - -#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) - if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ - -#if defined(MBEDTLS_AES_ENCRYPT_ALT) - if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ENCRYPT_ALT */ - -#if defined(MBEDTLS_AES_DECRYPT_ALT) - if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_DECRYPT_ALT */ - -#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) - if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ - -#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) - if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ - -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ - -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ - -#if defined(MBEDTLS_ECDSA_GENKEY_ALT) - if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ - -#if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_INTERNAL_ALT */ - -#if defined(MBEDTLS_ECP_NO_FALLBACK) - if( strcmp( "MBEDTLS_ECP_NO_FALLBACK", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_FALLBACK ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NO_FALLBACK */ - -#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ - -#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ - -#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ - -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ - -#if defined(MBEDTLS_AES_ROM_TABLES) - if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ROM_TABLES */ - -#if defined(MBEDTLS_AES_FEWER_TABLES) - if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES ); - return( 0 ); - } -#endif /* MBEDTLS_AES_FEWER_TABLES */ - -#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) - if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) - if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) - if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) - if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ - -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ - -#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ - -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ - -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ - -#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) - if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ - -#if defined(MBEDTLS_ECP_NIST_OPTIM) - if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NIST_OPTIM */ - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RESTARTABLE */ - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED ); - return( 0 ); - } -#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ - -#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) - if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY ); - return( 0 ); - } -#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ - -#if defined(MBEDTLS_GENPRIME) - if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME ); - return( 0 ); - } -#endif /* MBEDTLS_GENPRIME */ - -#if defined(MBEDTLS_FS_IO) - if( strcmp( "MBEDTLS_FS_IO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO ); - return( 0 ); - } -#endif /* MBEDTLS_FS_IO */ - -#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) - if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES ); - return( 0 ); - } -#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ - -#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) - if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ - -#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) - if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ - -#if defined(MBEDTLS_ENTROPY_NV_SEED) - if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_NV_SEED */ - -#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ - -#if defined(MBEDTLS_MEMORY_DEBUG) - if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_DEBUG */ - -#if defined(MBEDTLS_MEMORY_BACKTRACE) - if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_BACKTRACE */ - -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ - -#if defined(MBEDTLS_PKCS1_V15) - if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS1_V15 */ - -#if defined(MBEDTLS_PKCS1_V21) - if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS1_V21 */ - -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) - if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CLIENT ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ - -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) - if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_DRIVERS ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ - -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - if( strcmp( "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - -#if defined(MBEDTLS_PSA_CRYPTO_SPM) - if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SPM */ - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) - if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ - -#if defined(MBEDTLS_RSA_NO_CRT) - if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_NO_CRT */ - -#if defined(MBEDTLS_SELF_TEST) - if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST ); - return( 0 ); - } -#endif /* MBEDTLS_SELF_TEST */ - -#if defined(MBEDTLS_SHA256_SMALLER) - if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_SMALLER */ - -#if defined(MBEDTLS_SHA512_SMALLER) - if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_SMALLER */ - -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONTEXT_SERIALIZATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DEBUG_ALL */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_ALPN) - if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALPN */ - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -#if defined(MBEDTLS_SSL_DTLS_SRTP) - if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_SRTP */ - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( strcmp( "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ - -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) - if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ - -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) - if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ - -#if defined(MBEDTLS_TEST_HOOKS) - if( strcmp( "MBEDTLS_TEST_HOOKS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_HOOKS ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_HOOKS */ - -#if defined(MBEDTLS_THREADING_ALT) - if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_ALT */ - -#if defined(MBEDTLS_THREADING_PTHREAD) - if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_PTHREAD */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO ); - return( 0 ); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - -#if defined(MBEDTLS_VERSION_FEATURES) - if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES ); - return( 0 ); - } -#endif /* MBEDTLS_VERSION_FEATURES */ - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ); - return( 0 ); - } -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_X509_REMOVE_INFO) - if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO ); - return( 0 ); - } -#endif /* MBEDTLS_X509_REMOVE_INFO */ - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - -#if defined(MBEDTLS_AESNI_C) - if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C ); - return( 0 ); - } -#endif /* MBEDTLS_AESNI_C */ - -#if defined(MBEDTLS_AES_C) - if( strcmp( "MBEDTLS_AES_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C ); - return( 0 ); - } -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_ASN1_PARSE_C) - if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ASN1_PARSE_C */ - -#if defined(MBEDTLS_ASN1_WRITE_C) - if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ASN1_WRITE_C */ - -#if defined(MBEDTLS_BASE64_C) - if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C ); - return( 0 ); - } -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_BIGNUM_C) - if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C ); - return( 0 ); - } -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_ARIA_C) - if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C ); - return( 0 ); - } -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_CCM_C) - if( strcmp( "MBEDTLS_CCM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C ); - return( 0 ); - } -#endif /* MBEDTLS_CCM_C */ - -#if defined(MBEDTLS_CHACHA20_C) - if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHA20_C */ - -#if defined(MBEDTLS_CHACHAPOLY_C) - if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHAPOLY_C */ - -#if defined(MBEDTLS_CIPHER_C) - if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_C */ - -#if defined(MBEDTLS_CMAC_C) - if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C ); - return( 0 ); - } -#endif /* MBEDTLS_CMAC_C */ - -#if defined(MBEDTLS_CTR_DRBG_C) - if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_C */ - -#if defined(MBEDTLS_DEBUG_C) - if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C ); - return( 0 ); - } -#endif /* MBEDTLS_DEBUG_C */ - -#if defined(MBEDTLS_DES_C) - if( strcmp( "MBEDTLS_DES_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C ); - return( 0 ); - } -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_DHM_C) - if( strcmp( "MBEDTLS_DHM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C ); - return( 0 ); - } -#endif /* MBEDTLS_DHM_C */ - -#if defined(MBEDTLS_ECDH_C) - if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_C */ - -#if defined(MBEDTLS_ECDSA_C) - if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_C */ - -#if defined(MBEDTLS_ECJPAKE_C) - if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECJPAKE_C */ - -#if defined(MBEDTLS_ECP_C) - if( strcmp( "MBEDTLS_ECP_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_ENTROPY_C) - if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_C */ - -#if defined(MBEDTLS_ERROR_C) - if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C ); - return( 0 ); - } -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_GCM_C) - if( strcmp( "MBEDTLS_GCM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C ); - return( 0 ); - } -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_HKDF_C) - if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C ); - return( 0 ); - } -#endif /* MBEDTLS_HKDF_C */ - -#if defined(MBEDTLS_HMAC_DRBG_C) - if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_C */ - -#if defined(MBEDTLS_NIST_KW_C) - if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C ); - return( 0 ); - } -#endif /* MBEDTLS_NIST_KW_C */ - -#if defined(MBEDTLS_MD_C) - if( strcmp( "MBEDTLS_MD_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_MD5_C) - if( strcmp( "MBEDTLS_MD5_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_C */ - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ - -#if defined(MBEDTLS_NET_C) - if( strcmp( "MBEDTLS_NET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C ); - return( 0 ); - } -#endif /* MBEDTLS_NET_C */ - -#if defined(MBEDTLS_OID_C) - if( strcmp( "MBEDTLS_OID_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C ); - return( 0 ); - } -#endif /* MBEDTLS_OID_C */ - -#if defined(MBEDTLS_PADLOCK_C) - if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C ); - return( 0 ); - } -#endif /* MBEDTLS_PADLOCK_C */ - -#if defined(MBEDTLS_PEM_PARSE_C) - if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PEM_PARSE_C */ - -#if defined(MBEDTLS_PEM_WRITE_C) - if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PEM_WRITE_C */ - -#if defined(MBEDTLS_PK_C) - if( strcmp( "MBEDTLS_PK_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_PK_PARSE_C) - if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_PARSE_C */ - -#if defined(MBEDTLS_PK_WRITE_C) - if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_WRITE_C */ - -#if defined(MBEDTLS_PKCS5_C) - if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS5_C */ - -#if defined(MBEDTLS_PKCS12_C) - if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS12_C */ - -#if defined(MBEDTLS_PLATFORM_C) - if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_POLY1305_C) - if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C ); - return( 0 ); - } -#endif /* MBEDTLS_POLY1305_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - -#if defined(MBEDTLS_PSA_ITS_FILE_C) - if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_ITS_FILE_C */ - -#if defined(MBEDTLS_RIPEMD160_C) - if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_C */ - -#if defined(MBEDTLS_RSA_C) - if( strcmp( "MBEDTLS_RSA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SHA1_C) - if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA224_C) - if( strcmp( "MBEDTLS_SHA224_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA224_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA224_C */ - -#if defined(MBEDTLS_SHA256_C) - if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA384_C) - if( strcmp( "MBEDTLS_SHA384_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA384_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA384_C */ - -#if defined(MBEDTLS_SHA512_C) - if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SSL_CACHE_C) - if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_C */ - -#if defined(MBEDTLS_SSL_COOKIE_C) - if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_C */ - -#if defined(MBEDTLS_SSL_TICKET_C) - if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TICKET_C */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TLS_C */ - -#if defined(MBEDTLS_THREADING_C) - if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_C */ - -#if defined(MBEDTLS_TIMING_C) - if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C ); - return( 0 ); - } -#endif /* MBEDTLS_TIMING_C */ - -#if defined(MBEDTLS_VERSION_C) - if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C ); - return( 0 ); - } -#endif /* MBEDTLS_VERSION_C */ - -#if defined(MBEDTLS_X509_USE_C) - if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_USE_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRL_PARSE_C */ - -#if defined(MBEDTLS_X509_CSR_PARSE_C) - if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - -#if defined(MBEDTLS_X509_CREATE_C) - if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CREATE_C */ - -#if defined(MBEDTLS_X509_CRT_WRITE_C) - if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_WRITE_C */ - -#if defined(MBEDTLS_X509_CSR_WRITE_C) - if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_WRITE_C */ - -#if defined(MBEDTLS_MPI_WINDOW_SIZE) - if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_MPI_WINDOW_SIZE */ - -#if defined(MBEDTLS_MPI_MAX_SIZE) - if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_MPI_MAX_SIZE */ - -#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) - if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */ - -#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) - if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */ - -#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) - if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */ - -#if defined(MBEDTLS_ECP_WINDOW_SIZE) - if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_WINDOW_SIZE */ - -#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) - if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ - -#if defined(MBEDTLS_ENTROPY_MAX_SOURCES) - if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */ - -#if defined(MBEDTLS_ENTROPY_MAX_GATHER) - if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MAX_GATHER */ - -#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE) - if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */ - -#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE) - if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */ - -#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) - if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */ - -#if defined(MBEDTLS_PLATFORM_STD_CALLOC) - if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_CALLOC */ - -#if defined(MBEDTLS_PLATFORM_STD_FREE) - if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_FREE */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT */ - -#if defined(MBEDTLS_PLATFORM_STD_TIME) - if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_TIME */ - -#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_PRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_PRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */ - -#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */ - -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FREE_MACRO */ - -#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ - -#if defined(MBEDTLS_PLATFORM_TIME_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ - -#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ - -#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ - -#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) - if( strcmp( "MBEDTLS_PSA_HMAC_DRBG_MD_TYPE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */ - -#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT) - if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */ - -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ - -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ - -#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX) - if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */ - -#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) - if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ - -#if defined(MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - if( strcmp( "MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY */ - -#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) - if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ - -#if defined(MBEDTLS_PSK_MAX_LEN) - if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_PSK_MAX_LEN */ - -#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ - -#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) - if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ - -#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) - if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ - -#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) - if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ - -#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) - if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ - -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ - - /* If the symbol is not found, return an error */ - return( 1 ); -} - -#if defined(_MSC_VER) -#pragma warning(pop) -#endif /* _MSC_VER */ diff --git a/tests/suites/test_suite_psa_crypto_not_supported.generated.data b/tests/suites/test_suite_psa_crypto_not_supported.generated.data deleted file mode 100644 index 079381f5c4..0000000000 --- a/tests/suites/test_suite_psa_crypto_not_supported.generated.data +++ /dev/null @@ -1,1054 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA import AES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461" - -PSA generate AES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:128 - -PSA import AES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a0646174614865726500697320" - -PSA generate AES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:192 - -PSA import AES 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate AES 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:256 - -PSA import CAMELLIA 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461" - -PSA generate CAMELLIA 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:128 - -PSA import CAMELLIA 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a0646174614865726500697320" - -PSA generate CAMELLIA 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:192 - -PSA import CAMELLIA 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate CAMELLIA 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:256 - -PSA import CHACHA20 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 -import_not_supported:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate CHACHA20 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 -generate_not_supported:PSA_KEY_TYPE_CHACHA20:256 - -PSA import DES 64-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901" - -PSA generate DES 64-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:64 - -PSA import DES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902" - -PSA generate DES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:128 - -PSA import DES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902644573206b457904" - -PSA generate DES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:192 - -PSA import HMAC 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461" - -PSA generate HMAC 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:128 - -PSA import HMAC 160-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265" - -PSA generate HMAC 160-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:160 - -PSA import HMAC 224-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a0" - -PSA generate HMAC 224-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:224 - -PSA import HMAC 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:256 - -PSA import HMAC 384-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 384-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:384 - -PSA import HMAC 512-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 512-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:512 - -PSA import PASSWORD 48-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"486572650069" - -PSA generate PASSWORD 48-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:48 - -PSA import PASSWORD 168-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a0646174614865726500" - -PSA generate PASSWORD 168-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:168 - -PSA import PASSWORD 336-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" - -PSA generate PASSWORD 336-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:336 - -PSA import PASSWORD_HASH 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a064617461" - -PSA generate PASSWORD_HASH 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:128 - -PSA import PASSWORD_HASH 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate PASSWORD_HASH 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:256 - -PSA import PEPPER 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a064617461" - -PSA generate PEPPER 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PEPPER:128 - -PSA import PEPPER 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate PEPPER 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PEPPER:256 - -PSA import RSA_KEY_PAIR 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA generate RSA_KEY_PAIR 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 - -PSA import RSA_KEY_PAIR 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" - -PSA generate RSA_KEY_PAIR 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1536 - -PSA import RSA_PUBLIC_KEY 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" - -PSA generate RSA_PUBLIC_KEY 1024-bit never supported -generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024 - -PSA import RSA_PUBLIC_KEY 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" - -PSA generate RSA_PUBLIC_KEY 1536-bit never supported -generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA import ECC_KEY_PAIR(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_KEY_PAIR(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_KEY_PAIR(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 192-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 224-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA import ECC_KEY_PAIR(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_KEY_PAIR(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_KEY_PAIR(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_KEY_PAIR(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 225-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 384-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 521-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA import ECC_KEY_PAIR(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA generate ECC_PUBLIC_KEY(SECP_R2) 160-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA import ECC_KEY_PAIR(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_KEY_PAIR(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_KEY_PAIR(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_KEY_PAIR(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_KEY_PAIR(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_KEY_PAIR(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 233-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 239-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 283-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 409-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 571-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA import ECC_KEY_PAIR(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_KEY_PAIR(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_KEY_PAIR(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_KEY_PAIR(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_KEY_PAIR(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 233-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 283-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 409-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 571-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA import ECC_KEY_PAIR(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA generate ECC_PUBLIC_KEY(SECT_R2) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -# End of automatically generated file. diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln deleted file mode 100644 index dc3264451e..0000000000 --- a/visualc/VS2010/mbedTLS.sln +++ /dev/null @@ -1,676 +0,0 @@ - -Microsoft Visual Studio Solution File, Format Version 11.00 -# Visual C++ Express 2010 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum.vcxproj", "{D071CCF7-ACA0-21F8-D382-52A759AEA261}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hello", "hello.vcxproj", "{B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdsa", "ecdsa.vcxproj", "{F58142CC-0CC7-0B18-5A0F-53642CFBA18E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_key", "gen_key.vcxproj", "{BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app", "key_app.vcxproj", "{10AE376F-1A70-0297-0216-1FD01AD15D19}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app_writer", "key_app_writer.vcxproj", "{E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mpi_demo", "mpi_demo.vcxproj", "{A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_decrypt", "pk_decrypt.vcxproj", "{1EC6CBA3-6187-D456-D9B7-A35399395D71}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_encrypt", "pk_encrypt.vcxproj", "{55007179-7746-9CFB-97EC-65102FB272C8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_sign", "pk_sign.vcxproj", "{F2E8CA55-597F-7FDC-6456-D8650FB970A3}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_verify", "pk_verify.vcxproj", "{C429B336-1B30-119C-3B34-21A186D6744F}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_decrypt", "rsa_decrypt.vcxproj", "{E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_encrypt", "rsa_encrypt.vcxproj", "{D06CF12E-F222-9273-41BF-B8A052FA5527}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_genkey", "rsa_genkey.vcxproj", "{F472475C-F677-0E7F-F127-45BF5B64F622}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign", "rsa_sign.vcxproj", "{10790F49-6887-AAB6-2D86-BCBD516F8D26}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign_pss", "rsa_sign_pss.vcxproj", "{DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify", "rsa_verify.vcxproj", "{689E28CF-89ED-BA38-3A14-78A75D891D46}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify_pss", "rsa_verify_pss.vcxproj", "{95C50864-854C-2A11-4C91-BCE654E344FB}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_entropy", "gen_entropy.vcxproj", "{DE695064-13C3-18B0-378D-8B22672BF3F4}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_ctr_drbg", "gen_random_ctr_drbg.vcxproj", "{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_server", "dtls_server.vcxproj", "{BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client1", "ssl_client1.vcxproj", "{487A2F80-3CA3-678D-88D5-82194872CF08}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client2", "ssl_client2.vcxproj", "{4E590E9D-E28F-87FF-385B-D58736388231}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_context_info", "ssl_context_info.vcxproj", "{017ECC7D-FB6D-46D8-076B-F64172E8E3BC}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork_server.vcxproj", "{918CD402-047D-8467-E11C-E1132053F916}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server", "ssl_server.vcxproj", "{E08E0065-896A-7487-DEA5-D3B80B71F975}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server2", "ssl_server2.vcxproj", "{A4DA7463-1047-BDF5-E1B3-5632CB573F41}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcxproj", "{90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "query_compile_time_config", "query_compile_time_config.vcxproj", "{D6F58AF2-9D80-562A-E2B0-F743281522B9}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "selftest", "selftest.vcxproj", "{7DBC5F77-3DA1-5F73-8421-E693D95FC66A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udp_proxy", "udp_proxy.vcxproj", "{7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zeroize", "zeroize.vcxproj", "{10C01E94-4926-063E-9F56-C84ED190D349}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pem2der", "pem2der.vcxproj", "{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "strerror", "strerror.vcxproj", "{23EF735C-CC4C-3EC4-A75E-903DB340F04A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_app", "cert_app.vcxproj", "{D4D691D4-137C-CBFA-735B-D46636D7E4D8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_req", "cert_req.vcxproj", "{C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_write", "cert_write.vcxproj", "{35E52E46-3BA9-4361-41D3-53663C2E9B8A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj", "{DB904B85-AD31-B7FB-114F-88760CC485F2}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Win32 = Debug|Win32 - Debug|x64 = Debug|x64 - Release|Win32 = Release|Win32 - Release|x64 = Release|x64 - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.ActiveCfg = Debug|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.Build.0 = Debug|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.ActiveCfg = Debug|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.Build.0 = Debug|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.ActiveCfg = Release|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.Build.0 = Debug|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.ActiveCfg = Release|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.Build.0 = Release|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.ActiveCfg = Release|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.Build.0 = Release|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.ActiveCfg = Debug|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.Build.0 = Debug|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.ActiveCfg = Debug|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.Build.0 = Debug|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.ActiveCfg = Release|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.ActiveCfg = Debug|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.Build.0 = Debug|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.ActiveCfg = Debug|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.Build.0 = Debug|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.ActiveCfg = Release|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.Build.0 = Release|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.ActiveCfg = Release|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.Build.0 = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.Build.0 = Debug|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.ActiveCfg = Release|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.Build.0 = Debug|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.ActiveCfg = Release|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.Build.0 = Release|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.ActiveCfg = Release|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.Build.0 = Release|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.ActiveCfg = Debug|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.Build.0 = Debug|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.ActiveCfg = Debug|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.Build.0 = Debug|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.ActiveCfg = Release|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.Build.0 = Release|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.ActiveCfg = Release|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.Build.0 = Release|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.ActiveCfg = Debug|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.Build.0 = Debug|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.ActiveCfg = Debug|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.Build.0 = Debug|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.ActiveCfg = Release|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.Build.0 = Release|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.ActiveCfg = Release|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.Build.0 = Release|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.ActiveCfg = Debug|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.Build.0 = Debug|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.ActiveCfg = Debug|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.Build.0 = Debug|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.ActiveCfg = Release|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.Build.0 = Release|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.ActiveCfg = Release|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.Build.0 = Release|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.ActiveCfg = Debug|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.Build.0 = Debug|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.ActiveCfg = Debug|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.Build.0 = Debug|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.ActiveCfg = Release|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.Build.0 = Release|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.ActiveCfg = Release|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.Build.0 = Release|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.ActiveCfg = Debug|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.Build.0 = Debug|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.ActiveCfg = Debug|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.Build.0 = Debug|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.ActiveCfg = Release|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.Build.0 = Release|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.ActiveCfg = Release|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.Build.0 = Release|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.ActiveCfg = Debug|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.Build.0 = Debug|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.ActiveCfg = Debug|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.Build.0 = Debug|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.ActiveCfg = Release|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.Build.0 = Release|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.ActiveCfg = Release|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.Build.0 = Release|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.ActiveCfg = Debug|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.Build.0 = Debug|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.ActiveCfg = Debug|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.Build.0 = Debug|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.ActiveCfg = Release|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.Build.0 = Release|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.ActiveCfg = Release|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.Build.0 = Release|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.ActiveCfg = Debug|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.Build.0 = Debug|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.ActiveCfg = Debug|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.Build.0 = Debug|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.ActiveCfg = Release|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.Build.0 = Release|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.ActiveCfg = Release|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.Build.0 = Release|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.ActiveCfg = Debug|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.Build.0 = Debug|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.ActiveCfg = Debug|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.Build.0 = Debug|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.ActiveCfg = Release|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.Build.0 = Release|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.ActiveCfg = Release|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.Build.0 = Release|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.ActiveCfg = Debug|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.Build.0 = Debug|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.ActiveCfg = Debug|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.Build.0 = Debug|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.ActiveCfg = Release|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.Build.0 = Release|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.ActiveCfg = Release|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.Build.0 = Release|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.ActiveCfg = Debug|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.Build.0 = Debug|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.ActiveCfg = Debug|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.Build.0 = Debug|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.ActiveCfg = Release|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.Build.0 = Release|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.ActiveCfg = Release|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.Build.0 = Release|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.ActiveCfg = Debug|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.Build.0 = Debug|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.ActiveCfg = Debug|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.Build.0 = Debug|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.ActiveCfg = Release|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.Build.0 = Release|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.ActiveCfg = Release|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.Build.0 = Release|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.ActiveCfg = Debug|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.Build.0 = Debug|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.ActiveCfg = Debug|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.Build.0 = Debug|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.ActiveCfg = Release|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.Build.0 = Release|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.ActiveCfg = Release|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.Build.0 = Release|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.ActiveCfg = Debug|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.Build.0 = Debug|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.ActiveCfg = Debug|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.Build.0 = Debug|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.ActiveCfg = Release|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.Build.0 = Release|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.ActiveCfg = Release|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.Build.0 = Release|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.ActiveCfg = Debug|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.Build.0 = Debug|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.ActiveCfg = Debug|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.Build.0 = Debug|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.ActiveCfg = Release|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.Build.0 = Release|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.ActiveCfg = Release|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.Build.0 = Release|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.ActiveCfg = Debug|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.Build.0 = Debug|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.ActiveCfg = Debug|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.Build.0 = Debug|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.ActiveCfg = Release|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.ActiveCfg = Debug|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.Build.0 = Debug|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.ActiveCfg = Debug|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.Build.0 = Debug|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.ActiveCfg = Release|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.Build.0 = Release|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.ActiveCfg = Release|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.Build.0 = Release|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.ActiveCfg = Debug|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.Build.0 = Debug|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.ActiveCfg = Debug|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.Build.0 = Debug|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.ActiveCfg = Release|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.Build.0 = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.ActiveCfg = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.Build.0 = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.ActiveCfg = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.Build.0 = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.ActiveCfg = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.Build.0 = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.ActiveCfg = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.Build.0 = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.ActiveCfg = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.Build.0 = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.ActiveCfg = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.Build.0 = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.ActiveCfg = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.Build.0 = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.ActiveCfg = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.Build.0 = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.ActiveCfg = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.Build.0 = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.ActiveCfg = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.Build.0 = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.ActiveCfg = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.Build.0 = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.ActiveCfg = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.Build.0 = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.ActiveCfg = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.Build.0 = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.ActiveCfg = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.Build.0 = Release|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.ActiveCfg = Debug|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.Build.0 = Debug|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.ActiveCfg = Debug|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.Build.0 = Debug|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.ActiveCfg = Release|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.Build.0 = Release|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.ActiveCfg = Release|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.Build.0 = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.ActiveCfg = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.Build.0 = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.ActiveCfg = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.Build.0 = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.ActiveCfg = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.Build.0 = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.ActiveCfg = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.Build.0 = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.ActiveCfg = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.Build.0 = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.ActiveCfg = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.Build.0 = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.ActiveCfg = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.Build.0 = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.ActiveCfg = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.Build.0 = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.ActiveCfg = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.Build.0 = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.ActiveCfg = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.Build.0 = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.ActiveCfg = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.Build.0 = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.ActiveCfg = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.Build.0 = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.ActiveCfg = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.Build.0 = Release|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.ActiveCfg = Debug|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.Build.0 = Debug|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.ActiveCfg = Debug|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.Build.0 = Debug|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.ActiveCfg = Release|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.Build.0 = Release|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.ActiveCfg = Release|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.Build.0 = Release|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.ActiveCfg = Debug|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.Build.0 = Debug|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.ActiveCfg = Debug|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.Build.0 = Debug|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.ActiveCfg = Release|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.Build.0 = Release|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.ActiveCfg = Release|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.Build.0 = Release|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.ActiveCfg = Debug|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.Build.0 = Debug|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.ActiveCfg = Debug|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.Build.0 = Debug|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.ActiveCfg = Release|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.Build.0 = Release|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.ActiveCfg = Release|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.Build.0 = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.ActiveCfg = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.Build.0 = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.ActiveCfg = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.Build.0 = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.ActiveCfg = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.Build.0 = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.ActiveCfg = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.Build.0 = Release|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.ActiveCfg = Debug|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.Build.0 = Debug|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.ActiveCfg = Debug|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.Build.0 = Debug|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.ActiveCfg = Release|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.Build.0 = Release|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.ActiveCfg = Release|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.Build.0 = Release|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.ActiveCfg = Debug|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.Build.0 = Debug|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.ActiveCfg = Debug|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.Build.0 = Debug|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.ActiveCfg = Release|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.Build.0 = Release|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.ActiveCfg = Release|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.Build.0 = Release|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.ActiveCfg = Debug|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.Build.0 = Debug|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.ActiveCfg = Debug|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.Build.0 = Debug|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.ActiveCfg = Release|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.Build.0 = Release|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.ActiveCfg = Release|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.Build.0 = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.ActiveCfg = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.Build.0 = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.ActiveCfg = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.Build.0 = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.ActiveCfg = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.Build.0 = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.ActiveCfg = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.Build.0 = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.ActiveCfg = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.Build.0 = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.ActiveCfg = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.Build.0 = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.ActiveCfg = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.Build.0 = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.ActiveCfg = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.Build.0 = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.ActiveCfg = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.Build.0 = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.ActiveCfg = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.Build.0 = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.ActiveCfg = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.Build.0 = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.ActiveCfg = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.Build.0 = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.ActiveCfg = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.Build.0 = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.ActiveCfg = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.Build.0 = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.ActiveCfg = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.Build.0 = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.ActiveCfg = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.Build.0 = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.ActiveCfg = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.Build.0 = Release|x64 - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection -EndGlobal From e5306f6c1dc2e46b95b099678b6050b3fa1bdc89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 7 Jul 2021 10:48:26 +0200 Subject: [PATCH 0759/1065] Use distinct variables for distinct purposes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_test_common_source.c | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 7b85c7633f..6ec4171a89 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -145,7 +145,7 @@ void dtls_srtp_key_derivation( void *p_expkey, int ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char const *buf, size_t len ) { - int ret; + int my_ret = 0, ret_cr1, ret_cr2; unsigned char *tmp_buf; /* Record checking may modify the input buffer, @@ -155,23 +155,21 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); memcpy( tmp_buf, buf, len ); - ret = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) + ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); + if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) { - int ret_repeated; - /* Test-only: Make sure that mbedtls_ssl_check_record() * doesn't alter state. */ memcpy( tmp_buf, buf, len ); /* Restore buffer */ - ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret != ret_repeated ) + ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); + if( ret_cr2 != ret_cr1 ) { mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" ); - ret = -1; + my_ret = -1; goto cleanup; } - switch( ret ) + switch( ret_cr1 ) { case 0: break; @@ -179,24 +177,21 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, case MBEDTLS_ERR_SSL_INVALID_RECORD: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" ); - ret = 0; break; case MBEDTLS_ERR_SSL_INVALID_MAC: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" ); - ret = 0; break; case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD: if( opt.debug_level > 1 ) mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" ); - ret = 0; break; default: - mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret ); - ret = -1; + mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 ); + my_ret = -1; goto cleanup; } @@ -206,7 +201,7 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, cleanup: mbedtls_free( tmp_buf ); - return( ret ); + return( my_ret ); } int recv_cb( void *ctx, unsigned char *buf, size_t len ) From 458280e67c6cd4b5434793cb7d8e199422b93083 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 7 Jul 2021 11:33:06 +0200 Subject: [PATCH 0760/1065] Correction to outdated comment Signed-off-by: TRodziewicz --- library/ssl_misc.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index ce95432374..e16f4f4147 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -70,7 +70,8 @@ * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 * * We no longer support these versions, but some code still references those - * constants, for keep them for now until we clean up that code. + * constants as part of negotiating with the peer, so keep them available + * internally. */ #define MBEDTLS_SSL_MINOR_VERSION_1 1 #define MBEDTLS_SSL_MINOR_VERSION_2 2 From 45f2a40fa4363bc017937396a04240fb4b320e51 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Jul 2021 21:05:52 +0200 Subject: [PATCH 0761/1065] Speed up the generation of storage format test cases Restore the optimization done in HEAD^{/Speed up the generation of storage format test cases} which was lost during refactoring made when adding support for implicit usage flags. There are still more than one call to the C compiler, but the extra calls are only for some key usage test cases. This is an internal refactoring. This commit does not change the output of generate_psa_tests.py Signed-off-by: Gilles Peskine --- tests/scripts/generate_psa_tests.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b59ed749bc..c788ce6d6d 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -495,7 +495,8 @@ class StorageFormat: # test cases. This allows all required information to be obtained in # one go, which is a significant performance gain as the information # includes numerical values obtained by compiling a C program. - for key in self.generate_all_keys(): + all_keys = list(self.generate_all_keys()) + for key in all_keys: if key.location_value() != 0: # Skip keys with a non-default location, because they # require a driver and we currently have no mechanism to From a02003babe4e5145d37f47f42a2565b33e8534ea Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 7 Jul 2021 17:20:06 +0100 Subject: [PATCH 0762/1065] Fix divide by zero if macro used with wrong key If PSA_CIPHER_ENCRYPT_OUTPUT_SIZE was called on a non symmetric key, then a divide by zero could happen, as PSA_CIPHER_BLOCK_LENGTH will return 0 for such a key, and PSA_ROUND_UP_TO_MULTIPLE will divide by the block length. Signed-off-by: Paul Elliott --- include/psa/crypto_sizes.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 2811c237af..836f9ee147 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -992,9 +992,11 @@ */ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ (alg == PSA_ALG_CBC_PKCS7 ? \ + (((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) \ + == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ (input_length) + 1) + \ - PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ (PSA_ALG_IS_CIPHER(alg) ? \ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ 0)) From 44f6390c32f2f6208a10734cfbcd2fe0e38f2173 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 8 Jul 2021 12:46:26 +0100 Subject: [PATCH 0763/1065] Remove redundant hash len check Remove a check in rsa_rsassa_pkcs1_v15_encode() that is not needed because the same check is performed earlier. This check was added in #4707. Signed-off-by: David Horstmann --- library/rsa.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index ed1632a350..e818e6daeb 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2023,8 +2023,6 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * TAG-NULL + LEN [ NULL ] ] * TAG-OCTET + LEN [ HASH ] ] */ - if( 0x08 + oid_size + hashlen >= 0x80 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char)( 0x08 + oid_size + hashlen ); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; From 93213f66497a2250b9285ccbff7dd30064a5e335 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 8 Jul 2021 15:32:52 +0100 Subject: [PATCH 0764/1065] Remove test cases and update power 2 check The power 2 check now uses a looping bit shift to try match with the block sizes and will escape the loop when appropriate The test cases, as pointed out by Gilles, could be harmful in the future and testing a test case is not generally necessary Signed-off-by: Joe Subbiani --- .../test_suite_psa_crypto_metadata.data | 18 +++------------ .../test_suite_psa_crypto_metadata.function | 23 +++++++++++-------- 2 files changed, 16 insertions(+), 25 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 4e47e0c578..a3668fcc94 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -293,27 +293,15 @@ key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED Block cipher key type: AES depends_on:PSA_WANT_KEY_TYPE_AES -block_cipher_key_type:PSA_KEY_TYPE_AES:16:0 +block_cipher_key_type:PSA_KEY_TYPE_AES:16 Block cipher key type: DES depends_on:PSA_WANT_KEY_TYPE_DES -block_cipher_key_type:PSA_KEY_TYPE_DES:8:0 +block_cipher_key_type:PSA_KEY_TYPE_DES:8 Block cipher key type: Camellia depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16:0 - -Block cipher key type: AES non power 2 block_size (24) -depends_on:PSA_WANT_KEY_TYPE_AES -block_cipher_key_type:PSA_KEY_TYPE_AES:24:1 - -Block cipher key type: AES non power 2 block_size (12) -depends_on:PSA_WANT_KEY_TYPE_AES -block_cipher_key_type:PSA_KEY_TYPE_AES:12:1 - -Block cipher key type: DES non power 2 block_size (24) -depends_on:PSA_WANT_KEY_TYPE_DES -block_cipher_key_type:PSA_KEY_TYPE_DES:24:1 +block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16 Stream cipher key type: ChaCha20 depends_on:PSA_WANT_KEY_TYPE_CHACHA20 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index fbcc83a260..2722aea4c1 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -619,7 +619,7 @@ void key_type( int type_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void block_cipher_key_type( int type_arg, int block_size_arg, int expecting_power_2 ) +void block_cipher_key_type( int type_arg, int block_size_arg) { psa_key_type_t type = type_arg; size_t block_size = block_size_arg; @@ -629,26 +629,29 @@ void block_cipher_key_type( int type_arg, int block_size_arg, int expecting_powe TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - if (expecting_power_2 == 0) - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); + TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); /* PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h - * Requires block sizes to be a power of 2. The following test ensures - * the block sizes are indeed powers of 2. + * Requires block sizes to be a power of 2. + * The following creates a bit and shifts along until it finds a + * match or a mismatch. */ int check = 0; - while( block_size > 1) + for (size_t index = 1; index > 0; index = index << 1) { - if ( block_size % 2 != 0 ) + if (index == block_size) + { + check = 0; + break; + } + if (index > block_size) { check = 1; break; } - block_size = block_size / 2; } - /* expecting_power_2 should be 0 if true (e.g 16, 32 etc.) or 1 otherwise */ - TEST_EQUAL( check, expecting_power_2 ); + TEST_EQUAL( check, 0); } /* END_CASE */ From bc87b1ddf32f66b380801c02d6aa6e2f524417b3 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Thu, 8 Jul 2021 15:56:33 +0100 Subject: [PATCH 0765/1065] Add content length constraint to tests that use max_frag_len Includes: - handshake memory tests - Connection ID (MFL) tests - DTLS fragmenting tests Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 8131413e2e..e91b5ad065 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2246,6 +2246,7 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH +requires_max_content_len 512 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \ @@ -2259,6 +2260,7 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH +requires_max_content_len 1024 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \ "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \ @@ -5717,6 +5719,7 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" +# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384" \ "$P_CLI force_version=tls1_2 \ @@ -6539,6 +6542,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 4096 run_test "DTLS fragmenting: none (for reference)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6559,6 +6563,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "DTLS fragmenting: server only (max_frag_len)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6583,6 +6588,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 4096 run_test "DTLS fragmenting: server only (more) (max_frag_len)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6603,6 +6609,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=none \ crt_file=data_files/server7_int-ca.crt \ @@ -6630,6 +6637,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \ -p "$P_PXY mtu=1110" \ "$P_SRV dtls=1 debug_level=2 auth_mode=none \ @@ -6651,6 +6659,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6678,6 +6687,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 2048 run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \ -p "$P_PXY mtu=1110" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6698,6 +6708,7 @@ run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 4096 run_test "DTLS fragmenting: none (for reference) (MTU)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6717,6 +6728,7 @@ run_test "DTLS fragmenting: none (for reference) (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 4096 run_test "DTLS fragmenting: client (MTU)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6736,6 +6748,7 @@ run_test "DTLS fragmenting: client (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 2048 run_test "DTLS fragmenting: server (MTU)" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ crt_file=data_files/server7_int-ca.crt \ @@ -6755,6 +6768,7 @@ run_test "DTLS fragmenting: server (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 2048 run_test "DTLS fragmenting: both (MTU=1024)" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6780,6 +6794,7 @@ requires_config_enabled MBEDTLS_SHA256_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: both (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6811,6 +6826,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ -p "$P_PXY mtu=508" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6835,6 +6851,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ -p "$P_PXY mtu=508" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6858,6 +6875,7 @@ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6887,6 +6905,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6910,6 +6929,7 @@ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6936,6 +6956,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -6972,6 +6993,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ -p "$P_PXY mtu=1450" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7001,6 +7023,7 @@ requires_config_enabled MBEDTLS_SHA256_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_CHACHAPOLY_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7033,6 +7056,7 @@ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7065,6 +7089,7 @@ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CCM_C +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7098,6 +7123,7 @@ requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7130,6 +7156,7 @@ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7159,6 +7186,7 @@ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d" \ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \ @@ -7183,6 +7211,7 @@ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 +requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -7208,6 +7237,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_gnutls +requires_max_content_len 2048 run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ "$G_SRV -u" \ "$P_CLI dtls=1 debug_level=2 \ @@ -7231,6 +7261,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_gnutls requires_not_i686 +requires_max_content_len 2048 run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ @@ -7244,6 +7275,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_max_content_len 2048 run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ "$O_SRV -dtls1_2 -verify 10" \ "$P_CLI dtls=1 debug_level=2 \ @@ -7258,6 +7290,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_max_content_len 2048 run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ @@ -7277,6 +7310,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 +requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ "$G_NEXT_SRV -u" \ @@ -7294,6 +7328,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 +requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ "$P_SRV dtls=1 debug_level=2 \ @@ -7315,6 +7350,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 +requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ "$O_SRV -dtls1_2 -verify 10" \ @@ -7332,6 +7368,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 +requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ "$P_SRV dtls=1 debug_level=2 \ @@ -8406,6 +8443,7 @@ run_test "export keys functionality" \ requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_max_content_len 16384 run_tests_memory_after_hanshake # Final report From 9c09d5513e687a2949059aecc738badcf987277b Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Thu, 8 Jul 2021 16:03:44 +0100 Subject: [PATCH 0766/1065] Raise max_content_len constraint by one in Connection ID tests Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e91b5ad065..85dce76b04 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2244,9 +2244,12 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" -c "ignoring unexpected CID" \ -s "ignoring unexpected CID" +# This and the test below it requires MAX_CONTENT_LEN to be MFL+1, because the +# tests check that the buffer contents are reallocated when the message is +# larger than the buffer. requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH -requires_max_content_len 512 +requires_max_content_len 513 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \ @@ -2260,7 +2263,7 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH -requires_max_content_len 1024 +requires_max_content_len 1025 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \ "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \ From 62cf2e8e9f62db18514da3392a04cd842515990b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 27 Mar 2020 16:35:23 +0100 Subject: [PATCH 0767/1065] Switch all.sh to bash This will let us use bash features that are not found in some other sh implementations, such as DEBUG and ERR traps, "set -o pipefail", etc. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f8e43c8714..b6f39e96fa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1,4 +1,4 @@ -#! /usr/bin/env sh +#! /usr/bin/env bash # all.sh # @@ -175,8 +175,8 @@ pre_initialize_variables () { # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". - # Parse the script with sed, because in sh there is no way to list - # defined functions. + # Parse the script with sed. This way we get the functions in the order + # they are defined. ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0") # Exclude components that are not supported on this platform. From 5d99682a8c701cff581ee3f33e4e7fbb541010f3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 21:09:21 +0100 Subject: [PATCH 0768/1065] Add --error-test option to test error detection and reporting Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b6f39e96fa..20a20a3151 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -231,6 +231,8 @@ General options: Prefix for a cross-compiler for arm-none-eabi (default: "${ARM_NONE_EABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). + --error-test Error test mode: run a failing function in addition + to any specified component. --except Exclude the COMPONENTs listed on the command line, instead of running only those. --no-append-outcome Write a new outcome file and analyze it (default). @@ -378,6 +380,7 @@ check_headers_in_cpp () { pre_parse_command_line () { COMMAND_LINE_COMPONENTS= all_except=0 + error_test=0 no_armcc= # Note that legacy options are ignored instead of being omitted from this @@ -390,6 +393,7 @@ pre_parse_command_line () { --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; + --error-test) error_test=$((error_test + 1));; --except) all_except=1;; --force|-f) FORCE=1;; --gnutls-cli) shift; GNUTLS_CLI="$1";; @@ -2636,6 +2640,19 @@ post_report () { #### Run all the things ################################################################ +# Function invoked by --error-test to test error reporting. +pseudo_component_error_test () { + msg "Testing error reporting $error_test" + if [ $KEEP_GOING -ne 0 ]; then + echo "Expect three failing commands." + fi + error_test='this should not be used since the component runs in a subshell' + grep non_existent /dev/null + not grep -q . "$0" + make unknown_target + false "this should not be executed" +} + # Run one component and clean up afterwards. run_component () { # Back up the configuration in case the component modifies it. @@ -2685,6 +2702,10 @@ cleanup pre_generate_files # Run the requested tests. +while [ $error_test -gt 0 ]; do + run_component pseudo_component_error_test + error_test=$((error_test - 1)) +done for component in $RUN_COMPONENTS; do run_component "component_$component" done From ce266c48bb8214a061c906392b8fbcdf53ac6617 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 18:50:43 +0100 Subject: [PATCH 0769/1065] Run each component in a subshell and handle errors more robustly This commit completely rewrites keep-going mode. Instead of relying solely on "set -e", which has some subtle limitations (such as being off anywhere inside a conditional), use an ERR trap to record errors. Run each component in a subshell. This way a component can set environment variables, change the current directory, etc., without affecting other components. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 151 ++++++++++++++++++++++++++----------------- 1 file changed, 93 insertions(+), 58 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 20a20a3151..f3494bdd97 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -59,6 +59,15 @@ # This script must be invoked from the toplevel directory of a git # working copy of Mbed TLS. # +# The behavior on an error depends on whether --keep-going (alias -k) +# is in effect. +# * Without --keep-going: the script stops on the first error without +# cleaning up. This lets you work in the configuration of the failing +# component. +# * With --keep-going: the script runs all requested components and +# reports failures at the end. In particular the script always cleans +# up on exit. +# # Note that the output is not saved. You may want to run # script -c tests/scripts/all.sh # or @@ -81,6 +90,9 @@ # # Each component must start by invoking `msg` with a short informative message. # +# Each component is executed in a separate shell process. The component +# fails if any command in it returns a non-zero status. +# # The framework performs some cleanup tasks after each component. This # means that components can assume that the working directory is in a # cleaned-up state, and don't need to perform the cleanup themselves. @@ -91,19 +103,6 @@ # `tests/Makefile` and `programs/fuzz/Makefile` from git. # This cleans up after an in-tree use of CMake. # -# Any command that is expected to fail must be protected so that the -# script keeps running in --keep-going mode despite `set -e`. In keep-going -# mode, if a protected command fails, this is logged as a failure and the -# script will exit with a failure status once it has run all components. -# Commands can be protected in any of the following ways: -# * `make` is a function which runs the `make` command with protection. -# Note that you must write `make VAR=value`, not `VAR=value make`, -# because the `VAR=value make` syntax doesn't work with functions. -# * Put `report_status` before the command to protect it. -# * Put `if_build_successful` before a command. This protects it, and -# additionally skips it if a prior invocation of `make` in the same -# component failed. -# # The tests are roughly in order from fastest to slowest. This doesn't # have to be exact, but in general you should add slower tests towards # the end and fast checks near the beginning. @@ -477,8 +476,9 @@ pre_check_git () { } pre_setup_keep_going () { - failure_summary= - failure_count=0 + failure_count=0 # Number of failed components + last_failure_status=0 # Last failure status in this component + start_red= end_color= if [ -t 1 ]; then @@ -489,57 +489,73 @@ pre_setup_keep_going () { ;; esac fi - record_status () { - if "$@"; then - last_status=0 - else - last_status=$? - text="$current_section: $* -> $last_status" - failure_summary="$failure_summary -$text" - failure_count=$((failure_count + 1)) - echo "${start_red}^^^^$text^^^^${end_color}" >&2 - fi - } - make () { - case "$*" in - *test|*check) - if [ $build_status -eq 0 ]; then - record_status command make "$@" - else - echo "(skipped because the build failed)" - fi - ;; - *) - record_status command make "$@" - build_status=$last_status - ;; + + # Keep a summary of failures in a file. We'll print it out at the end. + failure_summary_file=$PWD/all-sh-failures-$$.log + : >"$failure_summary_file" + + # Whether it makes sense to keep a component going after the specified + # command fails (test command) or not (configure or build). + # This doesn't have to be 100% accurate: all failures are recorded anyway. + can_keep_going_after_failure () { + case "$1" in + "msg "*) false;; + *[!A-Za-z]"test"|*[!A-Za-z]"test"[!A-Za-z]*) true;; + "tests/"*) true;; + "grep "*|"not grep "*) true;; + *) false;; esac } + + # This function runs if there is any error in a component. + # It must either exit with a nonzero status, or set + # last_failure_status to a nonzero value. + err_trap () { + # Save $? (status of the failing command). This must be the very + # first thing, before $? is overridden. + last_failure_status=$? + failed_command=$BASH_COMMAND + + text="$current_section: $failed_command -> $last_failure_status" + echo "${start_red}^^^^$text^^^^${end_color}" >&2 + echo "$text" >>"$failure_summary_file" + + # If the command is fatal (configure or build command), stop this + # component. Otherwise (test command) keep the component running + # (run more tests from the same build). + if ! can_keep_going_after_failure "$failed_command"; then + exit $last_failure_status + fi + } + final_report () { if [ $failure_count -gt 0 ]; then echo echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo "${start_red}FAILED: $failure_count${end_color}$failure_summary" + echo "${start_red}FAILED: $failure_count components${end_color}" + cat "$failure_summary_file" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - exit 1 elif [ -z "${1-}" ]; then echo "SUCCESS :)" fi if [ -n "${1-}" ]; then echo "Killed by SIG$1." fi + rm -f "$failure_summary_file" + if [ $failure_count -gt 0 ]; then + exit 1 + fi } } -if_build_succeeded () { - if [ $build_status -eq 0 ]; then - record_status "$@" - fi +# These functions are kept temporarily for backward compatibility. +# Don't use them in new components. +record_status () { + "$@" +} +if_build_succeeded () { + "$@" } - -# to be used instead of ! for commands run with -# record_status or if_build_succeeded not() { ! "$@" } @@ -2667,12 +2683,35 @@ run_component () { # have messed it up or shortened it. redirect_err dd if=/dev/urandom of=./tests/seedfile bs=64 count=1 - # Run the component code. - if [ $QUIET -eq 1 ]; then - # msg() is silenced, so just print the component name here - echo "${current_component#component_}" + # Run the component in a subshell + if [ $KEEP_GOING -eq 1 ]; then + set +e + fi + ( + if [ $QUIET -eq 1 ]; then + # msg() will be silenced, so just print the component name here. + echo "${current_component#component_}" + exec >/dev/null + fi + if [ $KEEP_GOING -eq 1 ]; then + # Keep "set -e" off, and run an ERR trap instead to record failures. + set -E + trap err_trap ERR + fi + # The next line is what runs the component + "$@" + if [ $KEEP_GOING -eq 1 ]; then + trap - ERR + exit $last_failure_status + fi + ) + component_status=$? + if [ $KEEP_GOING -eq 1 ]; then + set -e + if [ $component_status -ne 0 ]; then + failure_count=$((failure_count + 1)) + fi fi - redirect_out "$@" # Restore the build tree to a clean state. cleanup @@ -2689,10 +2728,6 @@ pre_check_git build_status=0 if [ $KEEP_GOING -eq 1 ]; then pre_setup_keep_going -else - record_status () { - "$@" - } fi pre_setup_quiet_redirect pre_prepare_outcome_file From 3664780f98357b211fe6fafb4fb090c6fe630c84 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 18:50:49 +0100 Subject: [PATCH 0770/1065] Detect errors on the left-hand side of a pipeline Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f3494bdd97..f80b8ff1ea 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -113,8 +113,9 @@ #### Initialization and command line parsing ################################################################ -# Abort on errors (and uninitialised variables) -set -eu +# Abort on errors (even on the left-hand side of a pipe). +# Treat uninitialised variables as errors. +set -e -o pipefail -u pre_check_environment () { if [ -d library -a -d include -a -d tests ]; then :; else From f7e956c85c5204d253db043128ea4260040e158d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 18:56:09 +0100 Subject: [PATCH 0771/1065] component_test_cmake_out_of_source: simplify and fix error handling Remove ssl-opt.err even if it's empty. Call cat unconditionally: it'll have no visible effect if the file is empty. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f80b8ff1ea..5a0ae4b0fa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2548,11 +2548,10 @@ component_test_cmake_out_of_source () { # file is missing (ssl-opt.sh tolerates the absence of some files so # may exit with status 0 but emit errors). if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err - if [ -s ssl-opt.err ]; then - cat ssl-opt.err >&2 - record_status [ ! -s ssl-opt.err ] - rm ssl-opt.err - fi + cat ssl-opt.err >&2 + # If ssl-opt.err is non-empty, record an error and keep going. + record_status [ ! -s ssl-opt.err ] + rm ssl-opt.err cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" unset MBEDTLS_ROOT_DIR From 1f0cdaf3af3dbedeb0ae9dd7094df375472d129f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Jul 2021 18:41:16 +0200 Subject: [PATCH 0772/1065] Stop dispatching through obsolete functions Remove the obsolete functions record_status and if_build_succeeded. They didn't affect error detection, but they made error reporting worse since $BASH_COMMAND would be the unexpanded "$@". Keep the function definitions for the sake of pull requests using them that may still be in flight. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 209 ++++++++++++++++++++++--------------------- 1 file changed, 105 insertions(+), 104 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5a0ae4b0fa..8b8e3dd590 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -549,14 +549,15 @@ pre_setup_keep_going () { } } -# These functions are kept temporarily for backward compatibility. -# Don't use them in new components. +# record_status() and if_build_succeeded() are kept temporarily for backward +# compatibility. Don't use them in new components. record_status () { "$@" } if_build_succeeded () { "$@" } + not() { ! "$@" } @@ -707,24 +708,24 @@ pre_generate_files() { component_check_recursion () { msg "Check: recursion.pl" # < 1s - record_status tests/scripts/recursion.pl library/*.c + tests/scripts/recursion.pl library/*.c } component_check_generated_files () { msg "Check: check-generated-files, files generated with make" # 2s make generated_files - record_status tests/scripts/check-generated-files.sh + tests/scripts/check-generated-files.sh msg "Check: check-generated-files -u, files present" # 2s - record_status tests/scripts/check-generated-files.sh -u + tests/scripts/check-generated-files.sh -u # Check that the generated files are considered up to date. - record_status tests/scripts/check-generated-files.sh + tests/scripts/check-generated-files.sh msg "Check: check-generated-files -u, files absent" # 2s command make neat - record_status tests/scripts/check-generated-files.sh -u + tests/scripts/check-generated-files.sh -u # Check that the generated files are considered up to date. - record_status tests/scripts/check-generated-files.sh + tests/scripts/check-generated-files.sh # This component ends with the generated files present in the source tree. # This is necessary for subsequent components! @@ -732,18 +733,18 @@ component_check_generated_files () { component_check_doxy_blocks () { msg "Check: doxygen markup outside doxygen blocks" # < 1s - record_status tests/scripts/check-doxy-blocks.pl + tests/scripts/check-doxy-blocks.pl } component_check_files () { msg "Check: file sanity checks (permissions, encodings)" # < 1s - record_status tests/scripts/check_files.py + tests/scripts/check_files.py } component_check_changelog () { msg "Check: changelog entries" # < 1s rm -f ChangeLog.new - record_status scripts/assemble_changelog.py -o ChangeLog.new + scripts/assemble_changelog.py -o ChangeLog.new if [ -e ChangeLog.new ]; then # Show the diff for information. It isn't an error if the diff is # non-empty. @@ -754,7 +755,7 @@ component_check_changelog () { component_check_names () { msg "Check: declared and exported names (builds the library)" # < 3s - record_status tests/scripts/check-names.sh -v + tests/scripts/check-names.sh -v } component_check_test_cases () { @@ -764,13 +765,13 @@ component_check_test_cases () { else opt='' fi - record_status tests/scripts/check_test_cases.py $opt + tests/scripts/check_test_cases.py $opt unset opt } component_check_doxygen_warnings () { msg "Check: doxygen warnings (builds the documentation)" # ~ 3s - record_status tests/scripts/doxygen.sh + tests/scripts/doxygen.sh } @@ -790,7 +791,7 @@ component_test_default_out_of_box () { make test msg "selftest: make, default config (out-of-box)" # ~10s - if_build_succeeded programs/test/selftest + programs/test/selftest export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE" unset SAVE_MBEDTLS_TEST_OUTCOME_FILE @@ -805,16 +806,16 @@ component_test_default_cmake_gcc_asan () { make test msg "test: selftest (ASan build)" # ~ 10s - if_build_succeeded programs/test/selftest + programs/test/selftest msg "test: ssl-opt.sh (ASan build)" # ~ 1 min - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/compat.sh + tests/compat.sh msg "test: context-info.sh (ASan build)" # ~ 15 sec - if_build_succeeded tests/context-info.sh + tests/context-info.sh } component_test_full_cmake_gcc_asan () { @@ -827,16 +828,16 @@ component_test_full_cmake_gcc_asan () { make test msg "test: selftest (ASan build)" # ~ 10s - if_build_succeeded programs/test/selftest + programs/test/selftest msg "test: ssl-opt.sh (full config, ASan build)" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh (full config, ASan build)" - if_build_succeeded tests/compat.sh + tests/compat.sh msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec - if_build_succeeded tests/context-info.sh + tests/context-info.sh } component_test_psa_crypto_key_id_encodes_owner () { @@ -874,7 +875,7 @@ component_build_psa_crypto_spm () { # Check that if a symbol is renamed by crypto_spe.h, the non-renamed # version is not present. echo "Checking for renamed symbols in the library" - if_build_succeeded check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a + check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a } component_test_psa_crypto_client () { @@ -900,7 +901,7 @@ component_test_psa_crypto_rsa_no_genprime() { component_test_ref_configs () { msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - record_status tests/scripts/test-ref-configs.pl + tests/scripts/test-ref-configs.pl } component_test_no_renegotiation () { @@ -913,7 +914,7 @@ component_test_no_renegotiation () { make test msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh } component_test_no_pem_no_fs () { @@ -929,7 +930,7 @@ component_test_no_pem_no_fs () { make test msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - ssl-opt.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh } component_test_rsa_no_crt () { @@ -942,13 +943,13 @@ component_test_rsa_no_crt () { make test msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s - if_build_succeeded tests/ssl-opt.sh -f RSA + tests/ssl-opt.sh -f RSA msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min - if_build_succeeded tests/compat.sh -t RSA + tests/compat.sh -t RSA msg "test: RSA_NO_CRT - RSA-related part of context-info.sh (ASan build)" # ~ 15 sec - if_build_succeeded tests/context-info.sh + tests/context-info.sh } component_test_no_ctr_drbg_classic () { @@ -967,10 +968,10 @@ component_test_no_ctr_drbg_classic () { # The SSL tests are slow, so run a small subset, just enough to get # confidence that the SSL code copes with HMAC_DRBG. msg "test: Full minus CTR_DRBG, classic crypto - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' + tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)" - if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL + tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL } component_test_no_ctr_drbg_use_psa () { @@ -989,10 +990,10 @@ component_test_no_ctr_drbg_use_psa () { # The SSL tests are slow, so run a small subset, just enough to get # confidence that the SSL code copes with HMAC_DRBG. msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' + tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)" - if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL + tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL } component_test_no_hmac_drbg_classic () { @@ -1014,12 +1015,12 @@ component_test_no_hmac_drbg_classic () { # Test SSL with non-deterministic ECDSA. Only test features that # might be affected by how ECDSA signature is performed. msg "test: Full minus HMAC_DRBG, classic crypto - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign' + tests/ssl-opt.sh -f 'Default\|SSL async private: sign' # To save time, only test one protocol version, since this part of # the protocol is identical in (D)TLS up to 1.2. msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)" - if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA' + tests/compat.sh -m tls1_2 -t 'ECDSA' } component_test_no_hmac_drbg_use_psa () { @@ -1041,12 +1042,12 @@ component_test_no_hmac_drbg_use_psa () { # Test SSL with non-deterministic ECDSA. Only test features that # might be affected by how ECDSA signature is performed. msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign' + tests/ssl-opt.sh -f 'Default\|SSL async private: sign' # To save time, only test one protocol version, since this part of # the protocol is identical in (D)TLS up to 1.2. msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)" - if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA' + tests/compat.sh -m tls1_2 -t 'ECDSA' } component_test_psa_external_rng_no_drbg_classic () { @@ -1069,7 +1070,7 @@ component_test_psa_external_rng_no_drbg_classic () { make test msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default' + tests/ssl-opt.sh -f 'Default' } component_test_psa_external_rng_no_drbg_use_psa () { @@ -1088,7 +1089,7 @@ component_test_psa_external_rng_no_drbg_use_psa () { make test msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - ssl-opt.sh (subset)" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque' + tests/ssl-opt.sh -f 'Default\|opaque' } component_test_psa_external_rng_use_psa_crypto () { @@ -1103,7 +1104,7 @@ component_test_psa_external_rng_use_psa_crypto () { make test msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque' + tests/ssl-opt.sh -f 'Default\|opaque' } component_test_everest () { @@ -1116,11 +1117,11 @@ component_test_everest () { make test msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s - if_build_succeeded tests/ssl-opt.sh -f ECDH + tests/ssl-opt.sh -f ECDH msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min # Exclude some symmetric ciphers that are redundant here to gain time. - if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' + tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' } component_test_everest_curve25519_only () { @@ -1150,7 +1151,7 @@ component_test_small_ssl_out_content_len () { make msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet" + tests/ssl-opt.sh -f "Max fragment\|Large packet" } component_test_small_ssl_in_content_len () { @@ -1161,7 +1162,7 @@ component_test_small_ssl_in_content_len () { make msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment" + tests/ssl-opt.sh -f "Max fragment" } component_test_small_ssl_dtls_max_buffering () { @@ -1171,7 +1172,7 @@ component_test_small_ssl_dtls_max_buffering () { make msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" - if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" + tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" } component_test_small_mbedtls_ssl_dtls_max_buffering () { @@ -1181,15 +1182,15 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { make msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" - if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" + tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" } component_test_psa_collect_statuses () { msg "build+test: psa_collect_statuses" # ~30s scripts/config.py full - record_status tests/scripts/psa_collect_statuses.py + tests/scripts/psa_collect_statuses.py # Check that psa_crypto_init() succeeded at least once - record_status grep -q '^0:psa_crypto_init:' tests/statuses.log + grep -q '^0:psa_crypto_init:' tests/statuses.log rm -f tests/statuses.log } @@ -1203,16 +1204,16 @@ component_test_full_cmake_clang () { make test msg "test: psa_constant_names (full config, clang)" # ~ 1s - record_status tests/scripts/test_psa_constant_names.py + tests/scripts/test_psa_constant_names.py msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s - if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' + tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' msg "test: compat.sh DES, 3DES & NULL (full config)" # ~ 2 min - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES' + env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES' msg "test: compat.sh ARIA + ChachaPoly" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' + env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_memsan_constant_flow () { @@ -1319,59 +1320,59 @@ component_build_crypto_default () { msg "build: make, crypto only" scripts/config.py crypto make CFLAGS='-O1 -Werror' - if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.* + are_empty_libraries library/libmbedx509.* library/libmbedtls.* } component_build_crypto_full () { msg "build: make, crypto only, full config" scripts/config.py crypto_full make CFLAGS='-O1 -Werror' - if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.* + are_empty_libraries library/libmbedx509.* library/libmbedtls.* } component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal make CFLAGS='-O1 -Werror' - if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.* + are_empty_libraries library/libmbedx509.* library/libmbedtls.* } component_test_depends_curves () { msg "test/build: curves.pl (gcc)" # ~ 4 min - record_status tests/scripts/curves.pl + tests/scripts/curves.pl } component_test_depends_curves_psa () { msg "test/build: curves.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - record_status tests/scripts/curves.pl + tests/scripts/curves.pl } component_test_depends_hashes () { msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min - record_status tests/scripts/depends-hashes.pl + tests/scripts/depends-hashes.pl } component_test_depends_hashes_psa () { msg "test/build: depends-hashes.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - record_status tests/scripts/depends-hashes.pl + tests/scripts/depends-hashes.pl } component_test_depends_pkalgs () { msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min - record_status tests/scripts/depends-pkalgs.pl + tests/scripts/depends-pkalgs.pl } component_test_depends_pkalgs_psa () { msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - record_status tests/scripts/depends-pkalgs.pl + tests/scripts/depends-pkalgs.pl } component_build_key_exchanges () { msg "test/build: key-exchanges (gcc)" # ~ 1 min - record_status tests/scripts/key-exchanges.pl + tests/scripts/key-exchanges.pl } component_build_default_make_gcc_and_cxx () { @@ -1379,7 +1380,7 @@ component_build_default_make_gcc_and_cxx () { make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' msg "test: verify header list in cpp_dummy_build.cpp" - record_status check_headers_in_cpp + check_headers_in_cpp msg "build: Unix make, incremental g++" make TEST_CPP=1 @@ -1434,16 +1435,16 @@ component_test_no_use_psa_crypto_full_cmake_asan() { make test msg "test: ssl-opt.sh (full minus MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded tests/compat.sh + tests/compat.sh msg "test: compat.sh DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES' + env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES' msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' + env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_psa_crypto_config_basic() { @@ -1916,7 +1917,7 @@ component_test_memory_buffer_allocator () { msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C" # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out. - if_build_succeeded tests/ssl-opt.sh -e '^DTLS proxy' + tests/ssl-opt.sh -e '^DTLS proxy' } component_test_no_max_fragment_length () { @@ -1927,7 +1928,7 @@ component_test_no_max_fragment_length () { make msg "test: ssl-opt.sh, MFL-related tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment length" + tests/ssl-opt.sh -f "Max fragment length" } component_test_asan_remove_peer_certificate () { @@ -1940,13 +1941,13 @@ component_test_asan_remove_peer_certificate () { make test msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - if_build_succeeded tests/compat.sh + tests/compat.sh msg "test: context-info.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - if_build_succeeded tests/context-info.sh + tests/context-info.sh } component_test_no_max_fragment_length_small_ssl_out_content_len () { @@ -1958,10 +1959,10 @@ component_test_no_max_fragment_length_small_ssl_out_content_len () { make msg "test: MFL tests (disabled MFL extension case) & large packet tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer" + tests/ssl-opt.sh -f "Max fragment length\|Large buffer" msg "test: context-info.sh (disabled MFL extension case)" - if_build_succeeded tests/context-info.sh + tests/context-info.sh } component_test_variable_ssl_in_out_buffer_len () { @@ -1974,10 +1975,10 @@ component_test_variable_ssl_in_out_buffer_len () { make test msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" - if_build_succeeded tests/compat.sh + tests/compat.sh } component_test_variable_ssl_in_out_buffer_len_CID () { @@ -1992,10 +1993,10 @@ component_test_variable_ssl_in_out_buffer_len_CID () { make test msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled" - if_build_succeeded tests/compat.sh + tests/compat.sh } component_test_ssl_alloc_buffer_and_mfl () { @@ -2012,7 +2013,7 @@ component_test_ssl_alloc_buffer_and_mfl () { make test msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH" - if_build_succeeded tests/ssl-opt.sh -f "Handshake memory usage" + tests/ssl-opt.sh -f "Handshake memory usage" } component_test_when_no_ciphersuites_have_mac () { @@ -2026,7 +2027,7 @@ component_test_when_no_ciphersuites_have_mac () { make test msg "test ssl-opt.sh: !MBEDTLS_SSL_SOME_MODES_USE_MAC" - if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM' + tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM' } component_test_no_date_time () { @@ -2062,7 +2063,7 @@ component_test_malloc_0_null () { msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" # Just the calloc selftest. "make test" ran the others as part of the # test suites. - if_build_succeeded programs/test/selftest calloc + programs/test/selftest calloc msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)" # Run a subset of the tests. The choice is a balance between coverage @@ -2070,7 +2071,7 @@ component_test_malloc_0_null () { # The current choice is to skip tests whose description includes # "proxy", which is an approximation of skipping tests that use the # UDP proxy, which tend to be slower and flakier. - if_build_succeeded tests/ssl-opt.sh -e 'proxy' + tests/ssl-opt.sh -e 'proxy' } component_test_aes_fewer_tables () { @@ -2261,7 +2262,7 @@ component_test_m32_o1 () { make test msg "test ssl-opt.sh, i386, make, gcc-O1" - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh } support_test_m32_o1 () { support_test_m32_o0 "$@" @@ -2276,11 +2277,11 @@ component_test_m32_everest () { make test msg "test: i386, Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s - if_build_succeeded tests/ssl-opt.sh -f ECDH + tests/ssl-opt.sh -f ECDH msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min # Exclude some symmetric ciphers that are redundant here to gain time. - if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' + tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES' } support_test_m32_everest () { support_test_m32_o0 "$@" @@ -2378,7 +2379,7 @@ component_test_no_x509_info () { make test msg "test: ssl-opt.sh, full + MBEDTLS_X509_REMOVE_INFO" # ~ 1 min - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh } component_build_arm_none_eabi_gcc () { @@ -2419,7 +2420,7 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { scripts/config.py set MBEDTLS_NO_UDBL_DIVISION make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra' lib echo "Checking that software 64-bit division is not required" - if_build_succeeded not grep __aeabi_uldiv library/*.o + not grep __aeabi_uldiv library/*.o } component_build_arm_none_eabi_gcc_no_64bit_multiplication () { @@ -2428,7 +2429,7 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -O1 -march=armv6-m -mthumb' lib echo "Checking that software 64-bit multiplication is not required" - if_build_succeeded not grep __aeabi_lmul library/*.o + not grep __aeabi_lmul library/*.o } component_build_armcc () { @@ -2496,13 +2497,13 @@ component_test_memsan () { make test msg "test: ssl-opt.sh (MSan)" # ~ 1 min - if_build_succeeded tests/ssl-opt.sh + tests/ssl-opt.sh # Optional part(s) if [ "$MEMORY" -gt 0 ]; then msg "test: compat.sh (MSan)" # ~ 6 min 20s - if_build_succeeded tests/compat.sh + tests/compat.sh fi } @@ -2518,17 +2519,17 @@ component_test_valgrind () { # seem to receive signals under valgrind on OS X). if [ "$MEMORY" -gt 0 ]; then msg "test: ssl-opt.sh --memcheck (Release)" - if_build_succeeded tests/ssl-opt.sh --memcheck + tests/ssl-opt.sh --memcheck fi if [ "$MEMORY" -gt 1 ]; then msg "test: compat.sh --memcheck (Release)" - if_build_succeeded tests/compat.sh --memcheck + tests/compat.sh --memcheck fi if [ "$MEMORY" -gt 0 ]; then msg "test: context-info.sh --memcheck (Release)" - if_build_succeeded tests/context-info.sh --memcheck + tests/context-info.sh --memcheck fi } @@ -2547,10 +2548,10 @@ component_test_cmake_out_of_source () { # "No such file or directory", which would indicate that some required # file is missing (ssl-opt.sh tolerates the absence of some files so # may exit with status 0 but emit errors). - if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err + ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err cat ssl-opt.err >&2 # If ssl-opt.err is non-empty, record an error and keep going. - record_status [ ! -s ssl-opt.err ] + [ ! -s ssl-opt.err ] rm ssl-opt.err cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" @@ -2564,7 +2565,7 @@ component_test_cmake_as_subdirectory () { cd programs/test/cmake_subproject cmake . make - if_build_succeeded ./cmake_subproject + ./cmake_subproject cd "$MBEDTLS_ROOT_DIR" unset MBEDTLS_ROOT_DIR @@ -2577,7 +2578,7 @@ component_test_cmake_as_package () { cd programs/test/cmake_package cmake . make - if_build_succeeded ./cmake_package + ./cmake_package cd "$MBEDTLS_ROOT_DIR" unset MBEDTLS_ROOT_DIR @@ -2590,7 +2591,7 @@ component_test_cmake_as_package_install () { cd programs/test/cmake_package_install cmake . make - if_build_succeeded ./cmake_package_install + ./cmake_package_install cd "$MBEDTLS_ROOT_DIR" unset MBEDTLS_ROOT_DIR @@ -2615,9 +2616,9 @@ component_test_zeroize () { for compiler in clang gcc; do msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" - if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log - if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log - if_build_succeeded not grep -i "error" test_zeroize.log + gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log + grep "The buffer was correctly zeroized" test_zeroize.log + not grep -i "error" test_zeroize.log rm -f test_zeroize.log make clean done @@ -2628,7 +2629,7 @@ component_test_zeroize () { component_check_python_files () { msg "Lint: Python scripts" - record_status tests/scripts/check-python-files.sh + tests/scripts/check-python-files.sh } component_check_generate_test_code () { @@ -2636,7 +2637,7 @@ component_check_generate_test_code () { # unittest writes out mundane stuff like number or tests run on stderr. # Our convention is to reserve stderr for actual errors, and write # harmless info on stdout so it can be suppress with --quiet. - record_status ./tests/scripts/test_generate_test_code.py 2>&1 + ./tests/scripts/test_generate_test_code.py 2>&1 } ################################################################ From fec30cbe8c800dcc3615601eb2d6859de8d78da5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 19:34:23 +0100 Subject: [PATCH 0773/1065] Fix double reporting when the last command of a function fails Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8b8e3dd590..cb3c8f2fb9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -480,6 +480,11 @@ pre_setup_keep_going () { failure_count=0 # Number of failed components last_failure_status=0 # Last failure status in this component + # See err_trap + previous_failure_status=0 + previous_failed_command= + previous_failure_funcall_depth=0 + start_red= end_color= if [ -t 1 ]; then @@ -517,6 +522,21 @@ pre_setup_keep_going () { last_failure_status=$? failed_command=$BASH_COMMAND + if [[ $last_failure_status -eq $previous_failure_status && + "$failed_command" == "$previous_failed_command" && + ${#FUNCNAME[@]} == $((previous_failure_funcall_depth - 1)) ]] + then + # The same command failed twice in a row, but this time one level + # less deep in the function call stack. This happens when the last + # command of a function returns a nonzero status, and the function + # returns that same status. Ignore the second failure. + previous_failure_funcall_depth=${#FUNCNAME[@]} + return + fi + previous_failure_status=$last_failure_status + previous_failed_command=$failed_command + previous_failure_funcall_depth=${#FUNCNAME[@]} + text="$current_section: $failed_command -> $last_failure_status" echo "${start_red}^^^^$text^^^^${end_color}" >&2 echo "$text" >>"$failure_summary_file" From a681c59d348f362bd18fcff72c694fc8ede98546 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 21:27:40 +0100 Subject: [PATCH 0774/1065] Better not function In the `not` function, in keep-going mode, arrange to report the failing command (rather than `"$@"`). Note that the `!` keyword should not be used, because failures with `!` are not reported properly. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index cb3c8f2fb9..d95ca7b897 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -90,6 +90,9 @@ # # Each component must start by invoking `msg` with a short informative message. # +# Warning: due to the way bash detects errors, the failure of a command +# inside 'if' or '!' is not detected. Use the 'not' function instead of '!'. +# # Each component is executed in a separate shell process. The component # fails if any command in it returns a non-zero status. # @@ -484,6 +487,7 @@ pre_setup_keep_going () { previous_failure_status=0 previous_failed_command= previous_failure_funcall_depth=0 + unset report_failed_command start_red= end_color= @@ -508,7 +512,7 @@ pre_setup_keep_going () { "msg "*) false;; *[!A-Za-z]"test"|*[!A-Za-z]"test"[!A-Za-z]*) true;; "tests/"*) true;; - "grep "*|"not grep "*) true;; + "grep "*|"! grep "*) true;; *) false;; esac } @@ -520,7 +524,7 @@ pre_setup_keep_going () { # Save $? (status of the failing command). This must be the very # first thing, before $? is overridden. last_failure_status=$? - failed_command=$BASH_COMMAND + failed_command=${report_failed_command-$BASH_COMMAND} if [[ $last_failure_status -eq $previous_failure_status && "$failed_command" == "$previous_failed_command" && @@ -578,8 +582,14 @@ if_build_succeeded () { "$@" } -not() { - ! "$@" +# '! true' does not trigger the ERR trap. Arrange to trigger it, with +# a reasonably informative error message (not just "$@"). +not () { + if "$@"; then + report_failed_command="! $*" + false + unset report_failed_command + fi } pre_setup_quiet_redirect () { From b80f0d20ea063ff0a87ac52e58c8155faf53f8bd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 21:37:59 +0100 Subject: [PATCH 0775/1065] Complain if an unsupported component is explicitly requested In all.sh, when an explicit list of components is specified, error out if one of the components is not known or not supported. Patterns that happen to match zero components are still effectively ignored. Fix #2783 Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d95ca7b897..61b17e1022 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -444,6 +444,24 @@ pre_parse_command_line () { COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" fi + if [ $all_except -eq 0 ]; then + unsupported=0 + for component in $COMMAND_LINE_COMPONENTS; do + case $component in + *[*?\[]*) continue;; + esac + case " $SUPPORTED_COMPONENTS " in + *" $component "*) :;; + *) + echo >&2 "Component $component was explicitly requested, but is not known or not supported." + unsupported=$((unsupported + 1));; + esac + done + if [ $unsupported -ne 0 ]; then + exit 2 + fi + fi + # Build the list of components to run. RUN_COMPONENTS= for component in $SUPPORTED_COMPONENTS; do From c2e22ee27177c2041cdb047325db20df500796d4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 28 Mar 2020 22:02:50 +0100 Subject: [PATCH 0776/1065] Remove code that is useless now that components run in a subshell Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 61b17e1022..6249977c82 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -267,10 +267,6 @@ EOF # remove built files as well as the cmake cache/config cleanup() { - if [ -n "${MBEDTLS_ROOT_DIR+set}" ]; then - cd "$MBEDTLS_ROOT_DIR" - fi - command make clean # Remove CMake artefacts @@ -2603,7 +2599,6 @@ component_test_cmake_out_of_source () { rm ssl-opt.err cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" - unset MBEDTLS_ROOT_DIR } component_test_cmake_as_subdirectory () { From 3fa1673cf62be68d75661bf8b4e795985b348db6 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Fri, 9 Jul 2021 11:21:43 +0100 Subject: [PATCH 0777/1065] Fix grammar suggesting an upper bound on MAX_CONTENT_LEN Co-authored-by: Gilles Peskine Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 85dce76b04..3df667a2a3 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2244,7 +2244,7 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" -c "ignoring unexpected CID" \ -s "ignoring unexpected CID" -# This and the test below it requires MAX_CONTENT_LEN to be MFL+1, because the +# This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the # tests check that the buffer contents are reallocated when the message is # larger than the buffer. requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID From da36c9f2ce4fffddc99cc5178912e62049ec59a7 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 9 Jul 2021 12:03:06 +0100 Subject: [PATCH 0778/1065] Improve Code Style add space between bracket and a newline that had occured through changes but do not match the original file style Signed-off-by: Joe Subbiani --- tests/suites/test_suite_psa_crypto_metadata.function | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 2722aea4c1..f2dcfca2dd 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -619,7 +619,7 @@ void key_type( int type_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void block_cipher_key_type( int type_arg, int block_size_arg) +void block_cipher_key_type( int type_arg, int block_size_arg ) { psa_key_type_t type = type_arg; size_t block_size = block_size_arg; @@ -628,7 +628,6 @@ void block_cipher_key_type( int type_arg, int block_size_arg) TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); /* PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h From 7871c2e736eae72a92d2260259dcf41d3c282e80 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 7 Jul 2021 17:29:43 +0200 Subject: [PATCH 0779/1065] Adding new macro for tests failing Signed-off-by: TRodziewicz --- ChangeLog.d/issue4680.txt | 2 -- include/mbedtls/error.h | 2 +- library/common.h | 13 +++++++++++++ library/psa_crypto.c | 5 +---- library/psa_crypto_slot_management.c | 9 +-------- scripts/data_files/error.fmt | 2 +- tests/include/test/helpers.h | 9 --------- tests/src/helpers.c | 10 ---------- tests/suites/main_test.function | 3 +-- 9 files changed, 18 insertions(+), 37 deletions(-) delete mode 100644 ChangeLog.d/issue4680.txt diff --git a/ChangeLog.d/issue4680.txt b/ChangeLog.d/issue4680.txt deleted file mode 100644 index e37e4142c9..0000000000 --- a/ChangeLog.d/issue4680.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Re-introduce extended checks for psa unlock/wipe key slot. Fixes #4680. diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 49a641614f..f00b4f5b2f 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -129,7 +129,7 @@ extern "C" { * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -extern void (*mbedtls_test_hook_assert_test)( int test, const char * file, int line ); +extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const char * file ); #endif /** diff --git a/library/common.h b/library/common.h index a2c8a1e726..9e4b0312b1 100644 --- a/library/common.h +++ b/library/common.h @@ -46,6 +46,19 @@ #define MBEDTLS_STATIC_TESTABLE static #endif +#if defined(MBEDTLS_TEST_HOOKS) +extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const char * file ); +#define MBEDTLS_TEST_HOOK_TEST_ASSERT( TEST ) \ + do { \ + if( ( ! ( TEST ) ) && ( ( *mbedtls_test_hook_test_fail ) != NULL ) ) \ + { \ + ( *mbedtls_test_hook_test_fail )( #TEST, __LINE__, __FILE__ ); \ + } \ + } while( 0 ) +#else +#define MBEDTLS_TEST_HOOK_TEST_ASSERT( TEST ) +#endif /* defined(MBEDTLS_TEST_HOOKS) */ + /** Allow library to access its structs' private members. * * Although structs defined in header files are publicly available, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f5a879361d..8312c07500 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1002,10 +1002,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) if( slot->lock_count != 1 ) { -#if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_assert_test != NULL ) - ( *mbedtls_test_hook_assert_test )( slot->lock_count == 1, __FILE__, __LINE__ ); -#endif + MBEDTLS_TEST_HOOK_TEST_ASSERT( slot->lock_count == 1 ); status = PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4a0763f006..cb10f6e068 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -34,7 +34,6 @@ #include #include -#include "mbedtls/error.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -413,13 +412,7 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } - slot->lock_count = 1; - -#if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_assert_test != NULL ) - ( *mbedtls_test_hook_assert_test )( slot->lock_count > 0, __FILE__, __LINE__ ); -#endif - + MBEDTLS_TEST_HOOK_TEST_ASSERT( slot->lock_count > 0 ); return( PSA_ERROR_CORRUPTION_DETECTED ); } diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 8651a7b39e..fd491b858b 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -164,7 +164,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -void (*mbedtls_test_hook_assert_test)( int, const char *, int ); +void (*mbedtls_test_hook_test_fail)( const char *, int, const char *); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 8ee6996684..27e5599ed1 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -231,13 +231,4 @@ void mbedtls_test_err_add_check( int high, int low, int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ); #endif /* MBEDTLS_BIGNUM_C */ -/** - * \brief Check value in first parameter. - * - * \note If the check fails, fail the test currently being run. - */ -#if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_assert_test( int test, const char * file, int line ); -#endif - #endif /* TEST_HELPERS_H */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index e35ed62d60..4d3d53da50 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -274,13 +274,3 @@ int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ) return( mbedtls_mpi_read_string( X, radix, s ) ); } #endif - -#if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_assert_test( int test, const char * file, int line ) -{ - if ( !test ) - { - mbedtls_test_fail( "Test hook - test assertion failed.", line, file ); - } -} -#endif diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index f34c1bd2f5..3044bed35e 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -242,10 +242,9 @@ int main( int argc, const char *argv[] ) #endif #if defined(MBEDTLS_TEST_HOOKS) - mbedtls_test_hook_assert_test = &mbedtls_test_assert_test; + mbedtls_test_hook_test_fail = &mbedtls_test_fail; #endif - int ret = mbedtls_test_platform_setup(); if( ret != 0 ) { From 299510e889853f2c95ce1ccb0aeeedc074618b07 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 9 Jul 2021 16:55:11 +0200 Subject: [PATCH 0780/1065] Correction to comments and changelog removed Signed-off-by: TRodziewicz --- ChangeLog.d/issue4564.txt | 3 --- library/ssl_misc.h | 11 +++-------- tests/suites/test_suite_ssl.function | 4 +++- 3 files changed, 6 insertions(+), 12 deletions(-) delete mode 100644 ChangeLog.d/issue4564.txt diff --git a/ChangeLog.d/issue4564.txt b/ChangeLog.d/issue4564.txt deleted file mode 100644 index 286c31b37b..0000000000 --- a/ChangeLog.d/issue4564.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * Remove all instances of MBEDTLS_SSL_MINOR_VERSION_1 and - MBEDTLS_SSL_MINOR_VERSION_2 and related dead code and tests. Fixes #4564. diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e16f4f4147..9c82bc36c3 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -661,18 +661,13 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * - For stream/CBC, (static) encryption/decryption keys for the digest. * - For AEAD transformations, the size (potentially 0) of an explicit, * random initialization vector placed in encrypted records. - * - For some transformations (currently AEAD) an implicit IV. It may be static - * (e.g. AEAD) or dynamic (e.g. CBC) and (if present) is combined with the - * explicit IV in a transformation-dependent way (e.g. appending in TLS 1.2 - * and XOR'ing in TLS 1.3). + * - For some transformations (currently AEAD) an implicit IV. It is static + * and (if present) is combined with the explicit IV in a transformation- + * -dependent way (e.g. appending in TLS 1.2 and XOR'ing in TLS 1.3). * - For stream/CBC, a flag determining the order of encryption and MAC. * - The details of the transformation depend on the SSL/TLS version. * - The length of the authentication tag. * - * Note: These parameters are constant across multiple encryption/decryption - * operations. For CBC, the implicit IV needs to be updated after each - * operation. - * * The struct below refines this abstract view as follows: * - The cipher underlying the transformation is managed in * cipher contexts cipher_ctx_{enc/dec}, which must have the diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 93d6256bde..36fbf77dea 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3464,7 +3464,9 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, * Test record decryption for CBC without EtM, focused on the verification * of padding and MAC. * - * Actually depends on TLS 1.2 and AES. + * Actually depends on TLS 1.2 and either AES, ARIA or Camellia, but since + * the test framework doesn't support alternation in dependency statements, + * just depend on AES. * * The length_selector argument is interpreted as follows: * - if it's -1, the plaintext length is 0 and minimal padding is applied From c3366a4185012ddb72d3c47497603705a780c8b6 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 9 Jul 2021 16:57:20 +0200 Subject: [PATCH 0781/1065] Added mis-removed test and removed unneeded tests Signed-off-by: TRodziewicz --- tests/ssl-opt.sh | 25 ------------------------- tests/suites/test_suite_ssl.data | 4 ++++ 2 files changed, 4 insertions(+), 25 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 559cb4cfbd..218ace1716 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4703,31 +4703,6 @@ run_test "Not supported version check: srv max TLS 1.1" \ -S "Version: TLS1.1" \ -C "Protocol is TLSv1.1" -## ClientHello generated with -## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..." -## then manually twiddling the ciphersuite list. -## The ClientHello content is spelled out below as a hex string as -## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". -## The expected response is an inappropriate_fallback alert. - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: beginning of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020246'" \ - 0 \ - -s "client only supports ssl smaller than minimum" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: end of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020246'" \ - 0 \ - -s "client only supports ssl smaller than minimum" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - # Tests for ALPN extension run_test "ALPN: none" \ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index eb26fc266d..5d92469ad7 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -239,6 +239,10 @@ Handshake, PSK-WITH-AES-128-CBC-SHA depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 +DTLS Handshake, tls1_2 +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS +handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 + DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 From 1d2e2bb8cce97ed81b725e5af54ffa5b7040473b Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 7 Jun 2021 06:13:16 +0530 Subject: [PATCH 0782/1065] Add missing Curve448 support for PSA keys MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit mbedtls_ecp_read_key and mbedtls_ecp_write_key are updated to include support for Curve448 as prescribed by RFC 7748 §5. Test suites have been updated to validate curve448 under Montgomery curves. Signed-off-by: Archana --- library/ecp.c | 32 +++++++-- tests/suites/test_suite_ecp.data | 107 +++++++++++++++++++++++++++---- 2 files changed, 119 insertions(+), 20 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index e8df7ff284..79636652c4 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3054,6 +3054,7 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, } #define ECP_CURVE25519_KEY_SIZE 32 +#define ECP_CURVE448_KEY_SIZE 56 /* * Read a private key. */ @@ -3074,7 +3075,7 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) { /* - * If it is Curve25519 curve then mask the key as mandated by RFC7748 + * Mask the key as mandated by RFC7748 for Curve25519 and Curve448. */ if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) { @@ -3100,8 +3101,23 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, ECP_CURVE25519_KEY_SIZE * 8 - 2, 1 ) ); } - else - ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + else if( grp_id == MBEDTLS_ECP_DP_CURVE448 ) + { + if( buflen != ECP_CURVE448_KEY_SIZE ) + return MBEDTLS_ERR_ECP_INVALID_KEY; + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) ); + + /* Set the two least significant bits to 0 */ + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 0, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 1, 0 ) ); + + /* Set the most significant bit to 1 */ + MBEDTLS_MPI_CHK( + mbedtls_mpi_set_bit( &key->d, + ECP_CURVE448_KEY_SIZE * 8 - 1, 1 ) + ); + } } #endif @@ -3141,12 +3157,14 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, if( buflen < ECP_CURVE25519_KEY_SIZE ) return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); } - else - ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + else if ( key->grp.id == MBEDTLS_ECP_DP_CURVE448 ) + { + if( buflen < ECP_CURVE448_KEY_SIZE ) + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); } - #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index ceafc79bec..070787d3e9 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -205,14 +205,22 @@ ECP write binary #9 (odd, compressed, buffer just fits) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"93112b28345b7d1d7799611e49bea9d8290cb2d7afe1f9f3":"01":MBEDTLS_ECP_PF_COMPRESSED:"0348d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":25:0 -ECP write binary #10 (Montgomery, buffer just fits) +ECP write binary #10 (Montgomery curve25519, buffer just fits) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":32:0 -ECP write binary #11 (Montgomery, buffer too small) +ECP write binary #11 (Montgomery curve25519, buffer too small) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":31:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL +ECP write binary #12 (Montgomery curve448, buffer just fits) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_write_binary:MBEDTLS_ECP_DP_CURVE448:"3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":56:0 + +ECP write binary #13 (Montgomery curve448, buffer too small) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_write_binary:MBEDTLS_ECP_DP_CURVE448:"3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":55:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL + ECP read binary #1 (zero, invalid ilen) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0000":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA @@ -261,6 +269,22 @@ ECP read binary #12 (Curve25519, too long) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a00":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA +ECP read binary #13 (Curve448, OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_read_binary:MBEDTLS_ECP_DP_CURVE448:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":"6b7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f9a":"0":"1":0 + +ECP read binary #14 (Curve448, too long) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_read_binary:MBEDTLS_ECP_DP_CURVE448:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b00":"6b7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f9a":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA + +ECP read binary #15 (Curve448, too short) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_read_binary:MBEDTLS_ECP_DP_CURVE448:"8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":"6b7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f9a":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA + +ECP read binary #16 (Curve448, non-canonical) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_read_binary:MBEDTLS_ECP_DP_CURVE448:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"0":"1":0 + ECP tls read point #1 (zero, invalid length byte) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"0200":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA @@ -326,34 +350,58 @@ ECP check privkey #4 (short weierstrass, too big) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #5 (montgomery, too big) +ECP check privkey #5 (montgomery curve25519, too big) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"C000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #6 (montgomery, not big enough) +ECP check privkey #6 (montgomery curve25519, not big enough) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #7 (montgomery, msb OK) +ECP check privkey #7 (montgomery curve25519, msb OK) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000000":0 -ECP check privkey #8 (montgomery, bit 0 set) +ECP check privkey #8 (montgomery curve25519, bit 0 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #9 (montgomery, bit 1 set) +ECP check privkey #9 (montgomery curve25519, bit 1 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #10 (montgomery, bit 2 set) +ECP check privkey #10 (montgomery curve25519, bit 2 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #11 (montgomery, OK) +ECP check privkey #11 (montgomery curve25519, OK) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":0 +ECP check privkey #12 (montgomery curve448, too big) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #13 (montgomery curve448, not big enough) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #14 (montgomery curve448, msb OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 + +ECP check privkey #15 (montgomery curve448, bit 0 set) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #16 (montgomery curve448, bit 1 set) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #17 (montgomery curve448, OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC":0 + ECP check public-private #1 (OK) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":0 @@ -389,6 +437,10 @@ ECP gen keypair [#2] depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_CURVE25519 +ECP gen keypair [#3] +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_CURVE448 + ECP gen keypair wrapper depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1 @@ -481,17 +533,46 @@ ECP read key #13 (Curve25519, not long enough) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":MBEDTLS_ERR_ECP_INVALID_KEY:0 -ECP read key #14 (Curve448, not supported) +ECP read key #14 (Curve448, most significant bit unset) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":0:0 + +ECP read key #15 (Curve448, msb OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080":0:1 + +ECP read key #16 (Curve448, bit 0 set) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080":0:0 + +ECP read key #17 (Curve448, bit 1 set) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080":0:0 + +ECP read key #18 (Curve448, OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F":0:1 + +ECP read key #19 (Curve448, too long) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F":MBEDTLS_ERR_ECP_INVALID_KEY:0 + +ECP read key #20 (Curve448, not long enough) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F":MBEDTLS_ERR_ECP_INVALID_KEY:0 + +ECP read key #21 (Curve448, not supported) +depends_on:!MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0 -ECP read key #15 (Curve25519, not supported) +ECP read key #22 (Curve25519, not supported) depends_on:!MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0 -ECP read key #15 (invalid curve) +ECP read key #23 (invalid curve) mbedtls_ecp_read_key:INT_MAX:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0 -ECP read key #16 (Curve25519 RFC, OK) +ECP read key #24 (Curve25519 RFC, OK) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1 From ef6aa5c46d299bdf0e03b91956880938782c6195 Mon Sep 17 00:00:00 2001 From: Archana Date: Tue, 8 Jun 2021 11:40:10 +0530 Subject: [PATCH 0783/1065] Support Curve448 via the PSA API Enable Curve448 support Add test vectors to evaluate * RFC 7748 * a known-answer public key export test. * a known-answer ECDH (X448) test. Signed-off-by: Archana --- include/mbedtls/config_psa.h | 8 +------ include/psa/crypto_config.h | 7 +------ tests/suites/test_suite_psa_crypto.data | 28 +++++++++++++++++++++++++ 3 files changed, 30 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index f182c5274a..9080cd19bc 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -433,11 +433,6 @@ extern "C" { #if defined(PSA_WANT_ECC_MONTGOMERY_448) #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) -/* - * Curve448 is not yet supported via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/4249). - */ -#error "Curve448 is not yet supported via the PSA API in Mbed TLS." #define MBEDTLS_ECP_DP_CURVE448_ENABLED #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */ @@ -710,8 +705,7 @@ extern "C" { #define PSA_WANT_ECC_MONTGOMERY_255 #endif -/* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */ -#if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 #define PSA_WANT_ECC_MONTGOMERY_448 #endif diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 3f95d0ef19..64d8c58169 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -93,12 +93,7 @@ #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 #define PSA_WANT_ECC_MONTGOMERY_255 1 -/* - * Curve448 is not yet supported via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/4249). Thus, do not enable it by - * default. - */ -//#define PSA_WANT_ECC_MONTGOMERY_448 1 +#define PSA_WANT_ECC_MONTGOMERY_448 1 #define PSA_WANT_ECC_SECP_K1_192 1 /* * SECP224K1 is buggy via the PSA API in Mbed TLS diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8671e3718d..fcf6eaa8f1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -209,6 +209,22 @@ PSA import/export-public EC curve25519: accept masked input depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +PSA import/export EC curve448 key pair: good (already properly masked) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:1 + +PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 + +PSA import/export-public EC curve448: accept masked input +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" + +PSA import/export-public EC curve448: accept unmasked input +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" + PSA import/export-public: cannot export-public a symmetric key depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" @@ -229,6 +245,10 @@ PSA import/export curve25519 public key: good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1 +PSA import/export curve448 Public Key: good +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 + PSA import/export AES key: policy forbids export depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 @@ -3596,6 +3616,14 @@ PSA raw key agreement: X25519 (RFC 7748: Bob) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742" +PSA raw key agreement: X448 (RFC 7748: Alice) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":"3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609":"07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d" + +PSA raw key agreement: X448 (RFC 7748: Bob) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d":"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":"07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d" + PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 From 277572fa2b4b7f69b0f6fb15adbf658c7e35a36b Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 12 Jul 2021 09:00:57 +0530 Subject: [PATCH 0784/1065] Fix coding style issue Signed-off-by: Archana --- library/ecp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 79636652c4..b608ff1bd7 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3080,7 +3080,7 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) { if( buflen != ECP_CURVE25519_KEY_SIZE ) - return MBEDTLS_ERR_ECP_INVALID_KEY; + return( MBEDTLS_ERR_ECP_INVALID_KEY ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) ); @@ -3104,7 +3104,7 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, else if( grp_id == MBEDTLS_ECP_DP_CURVE448 ) { if( buflen != ECP_CURVE448_KEY_SIZE ) - return MBEDTLS_ERR_ECP_INVALID_KEY; + return( MBEDTLS_ERR_ECP_INVALID_KEY ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) ); @@ -3155,13 +3155,13 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, if( key->grp.id == MBEDTLS_ECP_DP_CURVE25519 ) { if( buflen < ECP_CURVE25519_KEY_SIZE ) - return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); } - else if ( key->grp.id == MBEDTLS_ECP_DP_CURVE448 ) + else if( key->grp.id == MBEDTLS_ECP_DP_CURVE448 ) { if( buflen < ECP_CURVE448_KEY_SIZE ) - return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); } MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); } From 8584f5b68bd72ca9bad37b55e8531b982f6422e6 Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 12 Jul 2021 09:19:58 +0530 Subject: [PATCH 0785/1065] test: psa: Improve description of curve 448 tests Improve the description of some curve 448 tests Signed-off-by: Archana --- tests/suites/test_suite_psa_crypto.data | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index fcf6eaa8f1..defb3f42e7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -209,19 +209,19 @@ PSA import/export-public EC curve25519: accept masked input depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" -PSA import/export EC curve448 key pair: good (already properly masked) +PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:1 -PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output) +PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 -PSA import/export-public EC curve448: accept masked input +PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" -PSA import/export-public EC curve448: accept unmasked input +PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" @@ -245,7 +245,7 @@ PSA import/export curve25519 public key: good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1 -PSA import/export curve448 Public Key: good +PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 From 36c8ddc4cc98e1cc6cc2255fe373da652c14c6a9 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Mon, 5 Jul 2021 09:10:52 +0100 Subject: [PATCH 0786/1065] Replace `_B` with `B` to prevent reserved identifier clashes Signed-off-by: Yuto Takano --- library/bignum.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index dfc78c9e2c..8658ba395b 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1587,17 +1587,17 @@ cleanup: */ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mbedtls_mpi _B; + mbedtls_mpi B; mbedtls_mpi_uint p[1]; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; - _B.s = ( b < 0 ) ? -1 : 1; - _B.n = 1; - _B.p = p; + B.s = ( b < 0 ) ? -1 : 1; + B.n = 1; + B.p = p; - return( mbedtls_mpi_add_mpi( X, A, &_B ) ); + return( mbedtls_mpi_add_mpi( X, A, &B ) ); } /* @@ -1605,17 +1605,17 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint */ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mbedtls_mpi _B; + mbedtls_mpi B; mbedtls_mpi_uint p[1]; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; - _B.s = ( b < 0 ) ? -1 : 1; - _B.n = 1; - _B.p = p; + B.s = ( b < 0 ) ? -1 : 1; + B.n = 1; + B.p = p; - return( mbedtls_mpi_sub_mpi( X, A, &_B ) ); + return( mbedtls_mpi_sub_mpi( X, A, &B ) ); } /** Helper for mbedtls_mpi multiplication. @@ -2027,16 +2027,16 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mbedtls_mpi _B; + mbedtls_mpi B; mbedtls_mpi_uint p[1]; MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; - _B.s = ( b < 0 ) ? -1 : 1; - _B.n = 1; - _B.p = p; + B.s = ( b < 0 ) ? -1 : 1; + B.n = 1; + B.p = p; - return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) ); + return( mbedtls_mpi_div_mpi( Q, R, A, &B ) ); } /* From c590611e97f1a52156ac2e09501478b3570083cb Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 12 Jul 2021 20:11:37 +0530 Subject: [PATCH 0787/1065] Add requested montgomery curve tests * Add tests to validate MSB not ok for Curve25519 and Curve448. * Add a test to generate key for for Curve448. Signed-off-by: Archana --- tests/suites/test_suite_ecp.data | 28 ++++++++++++++++--------- tests/suites/test_suite_psa_crypto.data | 4 ++++ 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 070787d3e9..0c30e4a2ef 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -362,43 +362,51 @@ ECP check privkey #7 (montgomery curve25519, msb OK) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000000":0 -ECP check privkey #8 (montgomery curve25519, bit 0 set) +ECP check privkey #8 (montgomery curve25519, msb not OK) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #9 (montgomery curve25519, bit 0 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #9 (montgomery curve25519, bit 1 set) +ECP check privkey #10 (montgomery curve25519, bit 1 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #10 (montgomery curve25519, bit 2 set) +ECP check privkey #11 (montgomery curve25519, bit 2 set) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #11 (montgomery curve25519, OK) +ECP check privkey #12 (montgomery curve25519, OK) depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":0 -ECP check privkey #12 (montgomery curve448, too big) +ECP check privkey #13 (montgomery curve448, too big) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #13 (montgomery curve448, not big enough) +ECP check privkey #14 (montgomery curve448, not big enough) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #14 (montgomery curve448, msb OK) +ECP check privkey #15 (montgomery curve448, msb OK) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 -ECP check privkey #15 (montgomery curve448, bit 0 set) +ECP check privkey #15 (montgomery curve448, msb not OK) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP check privkey #17 (montgomery curve448, bit 0 set) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #16 (montgomery curve448, bit 1 set) +ECP check privkey #18 (montgomery curve448, bit 1 set) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY -ECP check privkey #17 (montgomery curve448, OK) +ECP check privkey #19 (montgomery curve448, OK) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE448:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC":0 diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index defb3f42e7..6eca2f7f2e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3783,6 +3783,10 @@ PSA generate key: ECC, Curve25519, good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 +PSA generate key: ECC, Curve448, good +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 + PSA generate key: RSA, default e generate_key_rsa:512:"":PSA_SUCCESS From aca0b32132533acec4cbb9c64b5e64338bb04145 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Apr 2020 13:21:27 +0200 Subject: [PATCH 0788/1065] Keep going after a shell "[" a.k.a. "test" fails This is necessary to actually keep going and finish the component-specific cleanup in component_test_cmake_out_of_source if ssl-opt.err is non-empty. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6249977c82..afc1a49185 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -527,6 +527,7 @@ pre_setup_keep_going () { *[!A-Za-z]"test"|*[!A-Za-z]"test"[!A-Za-z]*) true;; "tests/"*) true;; "grep "*|"! grep "*) true;; + "test "*|"[ "*) true;; *) false;; esac } From 88a07457c7e6dbe0c170a75110f84bad39f156c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Jul 2021 19:03:50 +0200 Subject: [PATCH 0789/1065] Remove barely-used redirect functions redirect_out was no longer used and redirect_err was only used to quiet dd. Change the dd invocation to only print diagnostics on error (on platforms where this is possible). Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index afc1a49185..4614029ad0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -607,24 +607,6 @@ not () { fi } -pre_setup_quiet_redirect () { - if [ $QUIET -ne 1 ]; then - redirect_out () { - "$@" - } - redirect_err () { - "$@" - } - else - redirect_out () { - "$@" >/dev/null - } - redirect_err () { - "$@" 2>/dev/null - } - fi -} - pre_prepare_outcome_file () { case "$MBEDTLS_TEST_OUTCOME_FILE" in [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";; @@ -2726,7 +2708,12 @@ run_component () { # Unconditionally create a seedfile that's sufficiently long. # Do this before each component, because a previous component may # have messed it up or shortened it. - redirect_err dd if=/dev/urandom of=./tests/seedfile bs=64 count=1 + local dd_cmd + dd_cmd=(dd if=/dev/urandom of=./tests/seedfile bs=64 count=1) + case $OSTYPE in + linux*|freebsd*|openbsd*|darwin*) dd_cmd+=(status=none) + esac + "${dd_cmd[@]}" # Run the component in a subshell if [ $KEEP_GOING -eq 1 ]; then @@ -2774,7 +2761,6 @@ build_status=0 if [ $KEEP_GOING -eq 1 ]; then pre_setup_keep_going fi -pre_setup_quiet_redirect pre_prepare_outcome_file pre_print_configuration pre_check_tools From 72385036420e9a072c0588ccd685f8f72cf6458d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Jul 2021 19:07:07 +0200 Subject: [PATCH 0790/1065] Heed --quiet when running make generated_files Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4614029ad0..c3df05b724 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -713,7 +713,11 @@ pre_generate_files() { # since make doesn't have proper dependencies, remove any possibly outdate # file that might be around before generating fresh ones make neat - make generated_files + if [ $QUIET -eq 1 ]; then + make -s generated_files + else + make generated_files + fi } From 03ab544832fceeb1d618fef1d4f2e44641a9eadc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 9 Jul 2021 15:19:28 +0200 Subject: [PATCH 0791/1065] Generate cpp_cummy_build.cpp dynamically Generate programs/test/cpp_dummy_build.cpp dynamically instead of maintaining it manually. This removes the need to update it when the list of headers changes. Include all the headers unconditionally except for the ones that cannot be included directly. Support this dynamic generation both with make and with cmake. Adapt all.sh accordingly. Remove the redundant C build from component_build_default_make_gcc_and_cxx (it was also done in component_test_default_out_of_box), leaving a component_test_make_cxx. Also run the C++ program, because why not. Do this in the full configuration which may catch a bit more problems in headers. Fixes #2570 for good. Signed-off-by: Gilles Peskine --- programs/.gitignore | 1 + programs/Makefile | 7 +- programs/test/CMakeLists.txt | 12 ++- programs/test/cpp_dummy_build.cpp | 98 ----------------------- programs/test/generate_cpp_dummy_build.sh | 85 ++++++++++++++++++++ tests/scripts/all.sh | 22 ++--- 6 files changed, 109 insertions(+), 116 deletions(-) delete mode 100644 programs/test/cpp_dummy_build.cpp create mode 100755 programs/test/generate_cpp_dummy_build.sh diff --git a/programs/.gitignore b/programs/.gitignore index 83521a792b..d8eb6baa03 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -56,6 +56,7 @@ ssl/ssl_server ssl/ssl_server2 test/benchmark test/cpp_dummy_build +test/cpp_dummy_build.cpp test/ecp-bench test/query_compile_time_config test/selftest diff --git a/programs/Makefile b/programs/Makefile index 997c198716..977ae7e8b4 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -331,6 +331,10 @@ test/benchmark$(EXEXT): test/benchmark.c $(DEP) echo " CC test/benchmark.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +test/cpp_dummy_build.cpp: test/generate_cpp_dummy_build.sh + echo " Gen test/cpp_dummy_build.cpp" + test/generate_cpp_dummy_build.sh + test/cpp_dummy_build$(EXEXT): test/cpp_dummy_build.cpp $(DEP) echo " CXX test/cpp_dummy_build.cpp" $(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -391,10 +395,11 @@ clean: ifndef WINDOWS rm -f $(EXES) -rm -f ssl/ssl_pthread_server$(EXEXT) - -rm -f test/cpp_dummy_build$(EXEXT) + -rm -f test/cpp_dummy_build.cpp test/cpp_dummy_build$(EXEXT) else if exist *.o del /Q /F *.o if exist *.exe del /Q /F *.exe + if exist test\cpp_dummy_build.cpp del /Q /F test\cpp_dummy_build.cpp endif $(MAKE) -C fuzz clean diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 807d1bc10b..a0a1b763cc 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -14,7 +14,17 @@ set(executables_mbedcrypto ) if(TEST_CPP) - list(APPEND executables_mbedcrypto cpp_dummy_build) + set(cpp_dummy_build_cpp "${CMAKE_CURRENT_BINARY_DIR}/cpp_dummy_build.cpp") + set(generate_cpp_dummy_build "${CMAKE_CURRENT_SOURCE_DIR}/generate_cpp_dummy_build.sh") + add_custom_command( + OUTPUT "${cpp_dummy_build_cpp}" + COMMAND "${generate_cpp_dummy_build}" "${cpp_dummy_build_cpp}" + DEPENDS "${generate_cpp_dummy_build}" + WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}" + ) + add_executable(cpp_dummy_build "${cpp_dummy_build_cpp}") + target_include_directories(cpp_dummy_build PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include) + target_link_libraries(cpp_dummy_build ${mbedcrypto_target}) endif() foreach(exe IN LISTS executables_libs executables_mbedcrypto) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp deleted file mode 100644 index 7f1efe8dba..0000000000 --- a/programs/test/cpp_dummy_build.cpp +++ /dev/null @@ -1,98 +0,0 @@ -/* - * This program is a dummy C++ program to ensure Mbed TLS library header files - * can be included and built with a C++ compiler. - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbedtls/build_info.h" - -#include "mbedtls/aes.h" -#include "mbedtls/aria.h" -#include "mbedtls/asn1.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/base64.h" -#include "mbedtls/bignum.h" -#include "mbedtls/camellia.h" -#include "mbedtls/ccm.h" -#include "mbedtls/chacha20.h" -#include "mbedtls/chachapoly.h" -#include "mbedtls/check_config.h" -#include "mbedtls/cipher.h" -#include "mbedtls/cmac.h" -#include "mbedtls/config_psa.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" -#include "mbedtls/des.h" -#include "mbedtls/dhm.h" -#include "mbedtls/ecdh.h" -#include "mbedtls/ecdsa.h" -#include "mbedtls/ecjpake.h" -#include "mbedtls/ecp.h" -#include "mbedtls/entropy.h" -#include "mbedtls/error.h" -#include "mbedtls/gcm.h" -#include "mbedtls/hkdf.h" -#include "mbedtls/hmac_drbg.h" -#include "mbedtls/md.h" -#include "mbedtls/md5.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/nist_kw.h" -#include "mbedtls/oid.h" -#include "mbedtls/pem.h" -#include "mbedtls/pk.h" -#include "mbedtls/pkcs12.h" -#include "mbedtls/pkcs5.h" -#include "mbedtls/platform_time.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/poly1305.h" -#include "mbedtls/psa_util.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_ticket.h" -#include "mbedtls/threading.h" -#include "mbedtls/timing.h" -#include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#include "mbedtls/memory_buffer_alloc.h" -#endif - -#include "psa/crypto.h" -#include "psa/crypto_se_driver.h" - -int main() -{ - mbedtls_platform_context *ctx = NULL; - mbedtls_platform_setup(ctx); - mbedtls_printf("CPP Build test\n"); - mbedtls_platform_teardown(ctx); -} diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh new file mode 100755 index 0000000000..41adf149eb --- /dev/null +++ b/programs/test/generate_cpp_dummy_build.sh @@ -0,0 +1,85 @@ +#!/bin/sh + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +# Ensure a reproducible order for *.h +export LC_ALL=C + +print_cpp () { + cat <<'EOF' +/* Automatically generated file. Do not edit. + * + * This program is a dummy C++ program to ensure Mbed TLS library header files + * can be included and built with a C++ compiler. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbedtls/build_info.h" + +EOF + + for header in include/mbedtls/*.h include/psa/*.h; do + case ${header#include/} in + mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion + psa/crypto_config.h) :;; # not meant for direct inclusion + # Some of the psa/crypto_*.h headers are not meant to be included directly. + # They do have include guards that make them no-ops if psa/crypto.h + # has been included before. Since psa/crypto.h comes before psa/crypto_*.h + # in the wildcard enumeration, we don't need to skip those headers. + *) echo "#include \"${header#include/}\"";; + esac + done + + cat <<'EOF' + +int main() +{ + mbedtls_platform_context *ctx = NULL; + mbedtls_platform_setup(ctx); + mbedtls_printf("CPP Build test passed\n"); + mbedtls_platform_teardown(ctx); +} +EOF +} + +if [ -d include/mbedtls ]; then + : +elif [ -d ../include/mbedtls ]; then + cd .. +elif [ -d ../../include/mbedtls ]; then + cd ../.. +else + echo >&2 "This script must be run from an Mbed TLS source tree." + exit 3 +fi + +print_cpp >"${1:-programs/test/cpp_dummy_build.cpp}" diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c3df05b724..8c75c9f052 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -368,14 +368,6 @@ check_tools() done } -check_headers_in_cpp () { - ls include/mbedtls | grep "\.h$" >headers.txt - Date: Mon, 30 Mar 2020 20:11:39 +0200 Subject: [PATCH 0792/1065] Don't restore *config.h before backing it up Back up the config files at the beginning of all.sh, rather than before each component. In particular, create the backup before running cleanup for the first time. This fixes #3139 (all.sh using a config.h.bak from a previous job), and makes all.sh more robust against accidentally using a modified config.h midway through because a component messed with the backup. Use a different extension (*.all.bak rather than *.bak) for the backups. This is necessary to ensure that auxiliary scripts such as depends*.pl that make their own backup don't remove all.sh's backup, which the code from this commit does not support. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8c75c9f052..5c2ab2778d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -129,9 +129,14 @@ pre_check_environment () { pre_initialize_variables () { CONFIG_H='include/mbedtls/mbedtls_config.h' - CONFIG_BAK="$CONFIG_H.bak" CRYPTO_CONFIG_H='include/psa/crypto_config.h' - CRYPTO_CONFIG_BAK="$CRYPTO_CONFIG_H.bak" + + # Files that are clobbered by some jobs will be backed up. Use a different + # suffix from auxiliary scripts so that all.sh and auxiliary scripts can + # independently decide when to remove the backup file. + backup_suffix='.all.bak' + # Files clobbered by config.py + files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H" append_outcome=0 MEMORY=0 @@ -295,13 +300,18 @@ cleanup() rm -f programs/test/cmake_package_install/Makefile rm -f programs/test/cmake_package_install/cmake_package_install - if [ -f "$CONFIG_BAK" ]; then - mv "$CONFIG_BAK" "$CONFIG_H" - fi + # Restore files that may have been clobbered by the job + for x in $files_to_back_up; do + cp -p "$x$backup_suffix" "$x" + done +} - if [ -f "$CRYPTO_CONFIG_BAK" ]; then - mv "$CRYPTO_CONFIG_BAK" "$CRYPTO_CONFIG_H" - fi +final_cleanup () { + cleanup + + for x in $files_to_back_up; do + rm -f "$x$backup_suffix" + done } # Executed on exit. May be redefined depending on command line options. @@ -310,7 +320,7 @@ final_report () { } fatal_signal () { - cleanup + final_cleanup final_report $1 trap - $1 kill -$1 $$ @@ -485,6 +495,12 @@ pre_check_git () { fi } +pre_back_up () { + for x in $files_to_back_up; do + cp -p "$x" "$x$backup_suffix" + done +} + pre_setup_keep_going () { failure_count=0 # Number of failed components last_failure_status=0 # Last failure status in this component @@ -2666,7 +2682,7 @@ component_check_generate_test_code () { post_report () { msg "Done, cleaning up" - cleanup + final_cleanup final_report } @@ -2692,10 +2708,6 @@ pseudo_component_error_test () { # Run one component and clean up afterwards. run_component () { - # Back up the configuration in case the component modifies it. - # The cleanup function will restore it. - cp -p "$CONFIG_H" "$CONFIG_BAK" - cp -p "$CRYPTO_CONFIG_H" "$CRYPTO_CONFIG_BAK" current_component="$1" export MBEDTLS_TEST_CONFIGURATION="$current_component" @@ -2750,6 +2762,7 @@ pre_initialize_variables pre_parse_command_line "$@" pre_check_git +pre_back_up build_status=0 if [ $KEEP_GOING -eq 1 ]; then From 568f53a9d8734f8dc28f2a9c8fe86ef5267df0af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Jul 2021 18:16:01 +0200 Subject: [PATCH 0793/1065] Don't unconditionally restore **/Makefile all.sh restores **/Makefile from git in case the version in the worktree was from doing a cmake in-tree build. Instead of doing this unconditionally, do it only if the toplevel Makefile seems to have been automatically generated (by cmake or otherwise, e.g. by mbedtls-prepare-build). This way all.sh no longer silently wipes changes made to Makefile but not committed yet. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5c2ab2778d..7db9488eee 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -137,6 +137,8 @@ pre_initialize_variables () { backup_suffix='.all.bak' # Files clobbered by config.py files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H" + # Files clobbered by in-tree cmake + files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" append_outcome=0 MEMORY=0 @@ -282,8 +284,6 @@ cleanup() -iname CMakeCache.txt \) -exec rm -f {} \+ # Recover files overwritten by in-tree CMake builds rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile - git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile - git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile # Remove any artifacts from the component_test_cmake_as_subdirectory test. rm -rf programs/test/cmake_subproject/build @@ -495,6 +495,20 @@ pre_check_git () { fi } +pre_restore_files () { + # If the makefiles have been generated by a framework such as cmake, + # restore them from git. If the makefiles look like modifications from + # the ones checked into git, take care not to modify them. Whatever + # this function leaves behind is what the script will restore before + # each component. + case "$(head -n1 Makefile)" in + *[Gg]enerated*) + git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile + git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile + ;; + esac +} + pre_back_up () { for x in $files_to_back_up; do cp -p "$x" "$x$backup_suffix" @@ -2762,6 +2776,7 @@ pre_initialize_variables pre_parse_command_line "$@" pre_check_git +pre_restore_files pre_back_up build_status=0 From 18cddc08c748c5e4ff839a93dd245bd63204a7c3 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 13 Jul 2021 12:19:15 +0200 Subject: [PATCH 0794/1065] Reverting comments deleted in previous PR Signed-off-by: TRodziewicz --- library/psa_crypto.c | 7 +++++++ library/psa_crypto_slot_management.c | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8312c07500..a8f36745c8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1000,6 +1000,13 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); + /* + * As the return error code may not be handled in case of multiple errors, + * do our best to report an unexpected lock counter: if available call + * MBEDTLS_TEST_HOOK_TEST_ASSERT that may terminate execution (if called as + * part of the execution of a test suite this will stop the test suite + * execution). + */ if( slot->lock_count != 1 ) { MBEDTLS_TEST_HOOK_TEST_ASSERT( slot->lock_count == 1 ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index cb10f6e068..49e6b873be 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -412,6 +412,13 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } + /* + * As the return error code may not be handled in case of multiple errors, + * do our best to report if the lock counter is equal to zero: if available + * call MBEDTLS_TEST_HOOK_TEST_ASSERT that may terminate execution (if called + * as part of the execution of a unit test suite this will stop the test + * suite execution). + */ MBEDTLS_TEST_HOOK_TEST_ASSERT( slot->lock_count > 0 ); return( PSA_ERROR_CORRUPTION_DETECTED ); } From 829fe7038d69811e7e126c56ed5e89625eaf2202 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 13 Jul 2021 12:23:12 +0200 Subject: [PATCH 0795/1065] Correction to callback declaration and usage Signed-off-by: TRodziewicz --- library/platform_util.c | 5 +++++ scripts/data_files/error.fmt | 1 - tests/suites/main_test.function | 7 +++---- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/library/platform_util.c b/library/platform_util.c index 4e97e4d1b8..3d5cb5baa4 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -131,3 +131,8 @@ struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, #endif /* _WIN32 && !EFIX64 && !EFI32 */ } #endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */ + +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_test_fail)( const char *, int, const char *); +#endif /* MBEDTLS_TEST_HOOKS */ + diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index fd491b858b..3be94bd2c4 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -164,7 +164,6 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #if defined(MBEDTLS_TEST_HOOKS) void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -void (*mbedtls_test_hook_test_fail)( const char *, int, const char *); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 3044bed35e..80c730b8a2 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -237,12 +237,11 @@ $platform_code */ int main( int argc, const char *argv[] ) { -#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) - mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; -#endif - #if defined(MBEDTLS_TEST_HOOKS) mbedtls_test_hook_test_fail = &mbedtls_test_fail; +#if defined(MBEDTLS_ERROR_C) + mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; +#endif #endif int ret = mbedtls_test_platform_setup(); From bf4d0ce88d7b37c96e0dcf4d05b504ff653e2d70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 17:12:53 +0200 Subject: [PATCH 0796/1065] Remove obsolete MBEDTLS_xxx dependencies This file had temporary MBEDTLS_xxx dependencies because it was created when support for PSA_WANT_xxx was still incomplete. Switch to the PSA_WANT_xxx dependencies This fixes the bug that "PSA storage read: AES-GCM+CTR" was never executed because there was a typo in a dependency. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto_storage_format.misc.data | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_storage_format.misc.data b/tests/suites/test_suite_psa_crypto_storage_format.misc.data index 114c402a28..48e3804b42 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.misc.data +++ b/tests/suites/test_suite_psa_crypto_storage_format.misc.data @@ -3,11 +3,9 @@ # debugging changes to the test code or to the test case generation. PSA storage read: AES-GCM+CTR -#depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_CTR -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_CTR_C +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_CTR key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f":1 PSA storage save: AES-GCM+CTR -#depends_on:PSA_WANT_KEY_TYPE_AES -depends_on:MBEDTLS_AES_C +depends_on:PSA_WANT_KEY_TYPE_AES key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f" From 5df77c63fba92d58c76161c959aa1db337db57c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 17:22:58 +0200 Subject: [PATCH 0797/1065] Fix race condition when running generate_psa_tests.py Fix a race condition in parallel builds: when generating *.data files with generate_psa_tests.py, make instantiated the recipe once per output file, potentially resulting in multiple instances of generate_psa_tests.py running in parallel. This not only was inefficient, but occasionally caused the output to be corrupted (https://github.com/ARMmbed/mbedtls/issues/4773). Fix this by ensuring the recipe only runs once. Signed-off-by: Gilles Peskine --- tests/Makefile | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index c1620d6e72..6695437bf2 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -63,18 +63,25 @@ GENERATED_DATA_FILES := $(patsubst tests/%,%,$(shell $(PYTHON) scripts/generate_ GENERATED_FILES := $(GENERATED_DATA_FILES) generated_files: $(GENERATED_FILES) -$(GENERATED_DATA_FILES): scripts/generate_psa_tests.py +# generate_psa_tests.py spends more time analyzing inputs than generating +# outputs. Its inputs are the same no matter which files are being generated. +# It's rare not to want all the outputs. So always generate all of its outputs. +# Use an intermediate phony dependency so that parallel builds don't run +# a separate instance of the recipe for each output file. +.SECONDARY: generated_psa_test_data +$(GENERATED_DATA_FILES): generated_psa_test_data +generated_psa_test_data: scripts/generate_psa_tests.py ## The generated file only depends on the options that are present in ## crypto_config.h, not on which options are set. To avoid regenerating this ## file all the time when switching between configurations, don't declare ## crypto_config.h as a dependency. Remove this file from your working tree ## if you've just added or removed an option in crypto_config.h. -#$(GENERATED_DATA_FILES): ../include/psa/crypto_config.h -$(GENERATED_DATA_FILES): ../include/psa/crypto_values.h -$(GENERATED_DATA_FILES): ../include/psa/crypto_extra.h -$(GENERATED_DATA_FILES): suites/test_suite_psa_crypto_metadata.data -$(GENERATED_DATA_FILES): - echo " Gen $@ ..." +#generated_psa_test_data: ../include/psa/crypto_config.h +generated_psa_test_data: ../include/psa/crypto_values.h +generated_psa_test_data: ../include/psa/crypto_extra.h +generated_psa_test_data: suites/test_suite_psa_crypto_metadata.data +generated_psa_test_data: + echo " Gen $(GENERATED_DATA_FILES) ..." $(PYTHON) scripts/generate_psa_tests.py # A test application is built for each suites/test_suite_*.data file. From 8b427c851e6e0979c598b95d2c04d5deab10352d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 18:14:25 +0200 Subject: [PATCH 0798/1065] Use python3 when building on non-Windows for Windows The makefiles look for python3 on Unix-like systems where python is often Python 2. This uses sh code so it doesn't work on Windows. On Windows, the makefiles just assume that python is Python 3. The code was incorrectly deciding not to try python3 based on WINDOWS_BUILD, which indicates that the build is *for* Windows. Switch to checking WINDOWS, which indicates that the build is *on* Windows. Fix #4774 Signed-off-by: Gilles Peskine --- ChangeLog.d/makefile-python-windows.txt | 4 ++++ programs/Makefile | 6 +++++- tests/Makefile | 6 +++++- 3 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/makefile-python-windows.txt diff --git a/ChangeLog.d/makefile-python-windows.txt b/ChangeLog.d/makefile-python-windows.txt new file mode 100644 index 0000000000..57ccc1a39a --- /dev/null +++ b/ChangeLog.d/makefile-python-windows.txt @@ -0,0 +1,4 @@ +Bugfix + * The GNU makefiles invoke python3 in preference to python except on Windows. + The check was accidentally not performed when cross-compiling for Windows + on Linux. Fix this. Fixes #4774. diff --git a/programs/Makefile b/programs/Makefile index 997c198716..55ebd601a9 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -43,11 +43,15 @@ LOCAL_LDFLAGS += -lws2_32 ifdef SHARED SHARED_SUFFIX=.$(DLEXT) endif -PYTHON ?= python else DLEXT ?= so EXEXT= SHARED_SUFFIX= +endif + +ifdef WINDOWS +PYTHON ?= python +else PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif diff --git a/tests/Makefile b/tests/Makefile index 6695437bf2..251a9c6fc9 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -50,11 +50,15 @@ LOCAL_LDFLAGS += -lws2_32 ifdef SHARED SHARED_SUFFIX=.$(DLEXT) endif -PYTHON ?= python else DLEXT ?= so EXEXT= SHARED_SUFFIX= +endif + +ifdef WINDOWS +PYTHON ?= python +else PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif From e9ad95a63cb9063ea197a7b022b3148a55311bd8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 18:36:05 +0200 Subject: [PATCH 0799/1065] Error out if enumerating the generated data files fails Signed-off-by: Gilles Peskine --- tests/Makefile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/Makefile b/tests/Makefile index 251a9c6fc9..449fca2748 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -63,7 +63,13 @@ PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; els endif .PHONY: generated_files -GENERATED_DATA_FILES := $(patsubst tests/%,%,$(shell $(PYTHON) scripts/generate_psa_tests.py --list)) +GENERATED_DATA_FILES := $(patsubst tests/%,%,$(shell \ + $(PYTHON) scripts/generate_psa_tests.py --list || \ + echo FAILED \ +)) +ifeq ($(GENERATED_DATA_FILES),FAILED) +$(error "$(PYTHON) scripts/generate_psa_tests.py --list" failed) +endif GENERATED_FILES := $(GENERATED_DATA_FILES) generated_files: $(GENERATED_FILES) From 6ee3bc09ed0baca12ec64b90ed0fa944dd2b0780 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 20:34:55 +0200 Subject: [PATCH 0800/1065] Fix typo in test dependencies Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0729755f0e..5a03f598f2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -6748,7 +6748,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: both (MTU=512)" \ @@ -6779,7 +6779,7 @@ not_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ @@ -6803,7 +6803,7 @@ only_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ @@ -6855,7 +6855,7 @@ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ @@ -6904,7 +6904,7 @@ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ @@ -6940,7 +6940,7 @@ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ @@ -6969,7 +6969,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_CHACHAPOLY_C run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ @@ -7000,7 +7000,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C @@ -7032,7 +7032,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CCM_C @@ -7064,7 +7064,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC @@ -7097,7 +7097,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC @@ -7126,7 +7126,7 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 @@ -7150,7 +7150,7 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 From a3d2264b886ef732b31cade5a4e3e3a2593b6f9b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 23:23:23 +0200 Subject: [PATCH 0801/1065] Only run an unbridled parallel make (make -j) if MAKEFLAGS is unset Signed-off-by: Gilles Peskine --- tests/scripts/basic-build-test.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 83aa87aa08..4b05d1b2fa 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -62,6 +62,11 @@ fi : ${SEED:=1} export SEED +# if MAKEFLAGS is not set add the -j option to speed up invocations of make +if [ -z "${MAKEFLAGS+set}" ]; then + export MAKEFLAGS="-j" +fi + # To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh # we just export the variables they require export OPENSSL_CMD="$OPENSSL" @@ -87,7 +92,7 @@ export LDFLAGS=' --coverage' make clean cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.py full -make -j +make # Step 2 - Execute the tests From bbced87390b823ac5c6a8d28b0f7b4333f105d37 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 23:26:00 +0200 Subject: [PATCH 0802/1065] Show the udp_proxy seed in the console log Signed-off-by: Gilles Peskine --- tests/scripts/basic-build-test.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 4b05d1b2fa..aaf7cffa47 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -112,6 +112,7 @@ echo # Step 2b - System Tests (keep going even if some tests fail) echo echo '################ ssl-opt.sh ################' +echo "ssl-opt.sh will use SEED=$SEED for udp_proxy" sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT echo '^^^^^^^^^^^^^^^^ ssl-opt.sh ^^^^^^^^^^^^^^^^' echo From fc70b5252b8cb089c7e5922cc7aa963831d40c17 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jul 2021 23:27:01 +0200 Subject: [PATCH 0803/1065] Save the coverage report to a file Save the "Test Report Summary" to a file. This can help both CI scripts and human readers who want the summary after the fact without having to copy the console output. Take care to exit with a nonzero status if there is a failure while generating the test report summary. Signed-off-by: Gilles Peskine --- .gitignore | 1 + tests/scripts/basic-build-test.sh | 192 ++++++++++++++++-------------- 2 files changed, 105 insertions(+), 88 deletions(-) diff --git a/.gitignore b/.gitignore index b209ffcd9f..0792920a8b 100644 --- a/.gitignore +++ b/.gitignore @@ -18,6 +18,7 @@ Testing Coverage *.gcno *.gcda +coverage-summary.txt # generated by scripts/memory.sh massif-* diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index aaf7cffa47..fd22f4dda9 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -156,116 +156,125 @@ echo "=========================================================================" echo "Test Report Summary" echo -cd tests +{ -# Step 4a - Unit tests -echo "Unit tests - tests/scripts/run-test-suites.pl" + cd tests -PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ') -SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ') -TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ') -FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ') + # Step 4a - Unit tests + echo "Unit tests - tests/scripts/run-test-suites.pl" -echo "No test suites : $TOTAL_SUITES" -echo "Passed : $PASSED_TESTS" -echo "Failed : $FAILED_TESTS" -echo "Skipped : $SKIPPED_TESTS" -echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))" -echo "Total avail tests : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))" -echo + PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ') + SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ') + TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ') + FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ') -TOTAL_PASS=$PASSED_TESTS -TOTAL_FAIL=$FAILED_TESTS -TOTAL_SKIP=$SKIPPED_TESTS -TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS)) -TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS)) + echo "No test suites : $TOTAL_SUITES" + echo "Passed : $PASSED_TESTS" + echo "Failed : $FAILED_TESTS" + echo "Skipped : $SKIPPED_TESTS" + echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))" + echo "Total avail tests : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))" + echo -# Step 4b - TLS Options tests -echo "TLS Options tests - tests/ssl-opt.sh" + TOTAL_PASS=$PASSED_TESTS + TOTAL_FAIL=$FAILED_TESTS + TOTAL_SKIP=$SKIPPED_TESTS + TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS)) + TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS)) -PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p') -SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p') -TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p') -FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS)) + # Step 4b - TLS Options tests + echo "TLS Options tests - tests/ssl-opt.sh" -echo "Passed : $PASSED_TESTS" -echo "Failed : $FAILED_TESTS" -echo "Skipped : $SKIPPED_TESTS" -echo "Total exec'd tests : $TOTAL_TESTS" -echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))" -echo + PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p') + SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p') + TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p') + FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS)) -TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) -TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) -TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) -TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS)) -TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS)) + echo "Passed : $PASSED_TESTS" + echo "Failed : $FAILED_TESTS" + echo "Skipped : $SKIPPED_TESTS" + echo "Total exec'd tests : $TOTAL_TESTS" + echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))" + echo + + TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) + TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) + TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) + TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS)) + TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS)) -# Step 4c - System Compatibility tests -echo "System/Compatibility tests - tests/compat.sh" + # Step 4c - System Compatibility tests + echo "System/Compatibility tests - tests/compat.sh" -PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS)) + PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') + SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') + EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') + FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS)) -echo "Passed : $PASSED_TESTS" -echo "Failed : $FAILED_TESTS" -echo "Skipped : $SKIPPED_TESTS" -echo "Total exec'd tests : $EXED_TESTS" -echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))" -echo + echo "Passed : $PASSED_TESTS" + echo "Failed : $FAILED_TESTS" + echo "Skipped : $SKIPPED_TESTS" + echo "Total exec'd tests : $EXED_TESTS" + echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))" + echo -TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) -TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) -TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) -TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS)) -TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS)) + TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) + TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) + TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) + TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS)) + TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS)) -# Step 4d - Grand totals -echo "-------------------------------------------------------------------------" -echo "Total tests" + # Step 4d - Grand totals + echo "-------------------------------------------------------------------------" + echo "Total tests" -echo "Total Passed : $TOTAL_PASS" -echo "Total Failed : $TOTAL_FAIL" -echo "Total Skipped : $TOTAL_SKIP" -echo "Total exec'd tests : $TOTAL_EXED" -echo "Total avail tests : $TOTAL_AVAIL" -echo + echo "Total Passed : $TOTAL_PASS" + echo "Total Failed : $TOTAL_FAIL" + echo "Total Skipped : $TOTAL_SKIP" + echo "Total exec'd tests : $TOTAL_EXED" + echo "Total avail tests : $TOTAL_AVAIL" + echo -# Step 4e - Coverage -echo "Coverage" + # Step 4e - Coverage + echo "Coverage" -LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p') -LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p') -FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p') -FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p') -BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p') -BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p') + LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p') + LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p') + FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p') + FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p') + BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p') + BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p') -LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL)) -LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))" + LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL)) + LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))" -FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL)) -FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))" + FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL)) + FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))" -BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL)) -BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))" + BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL)) + BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))" -echo "Lines Tested : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%" -echo "Functions Tested : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%" -echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%" -echo + rm unit-test-$TEST_OUTPUT + rm sys-test-$TEST_OUTPUT + rm compat-test-$TEST_OUTPUT + rm cov-$TEST_OUTPUT -rm unit-test-$TEST_OUTPUT -rm sys-test-$TEST_OUTPUT -rm compat-test-$TEST_OUTPUT -rm cov-$TEST_OUTPUT + echo "Lines Tested : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%" + echo "Functions Tested : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%" + echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%" + echo -cd .. + # If there was a failure, remind the reader here. This also ensures that + # the coverage summary ends with a distinctive mark so that this script + # knows to exit with a failure status. + if [ $TOTAL_FAIL -ne 0 ]; then + echo "Note: $TOTAL_FAIL failures." + fi + +} | tee coverage-summary.txt make clean @@ -273,6 +282,13 @@ if [ -f "$CONFIG_BAK" ]; then mv "$CONFIG_BAK" "$CONFIG_H" fi -if [ $TOTAL_FAIL -ne 0 ]; then - exit 1 -fi +# If the coverage summary doesn't end with the expected last two lines +# ("Branches Tested" and a blank line), either there was an error while +# creating the coverage summary or the coverage summary reported failures. +newline=' +' +case "$(tail -n2 coverage-summary.txt)" in + *"$newline"*) exit 1;; + "Branches Tested"*) :;; + *) exit 1;; +esac From c9890e9a8c42251c4d3fac389d7833bf364064ce Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 14 Jul 2021 10:16:26 +0200 Subject: [PATCH 0804/1065] Rewording comments Signed-off-by: TRodziewicz --- library/psa_crypto.c | 9 +++++---- library/psa_crypto_slot_management.c | 9 +++++---- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8f36745c8..3574b9842a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1002,10 +1002,11 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) /* * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected lock counter: if available call - * MBEDTLS_TEST_HOOK_TEST_ASSERT that may terminate execution (if called as - * part of the execution of a test suite this will stop the test suite - * execution). + * do our best to report an unexpected lock counter. Assert with + * MBEDTLS_TEST_HOOK_TEST_ASSERT that the lock counter is equal to one: + * if the MBEDTLS_TEST_HOOKS configuration option is enabled and the + * function is called as part of the execution of a test suite, the + * execution of the test suite is stopped in error if the assertion fails. */ if( slot->lock_count != 1 ) { diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 49e6b873be..a5c43b1b2c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -414,10 +414,11 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) /* * As the return error code may not be handled in case of multiple errors, - * do our best to report if the lock counter is equal to zero: if available - * call MBEDTLS_TEST_HOOK_TEST_ASSERT that may terminate execution (if called - * as part of the execution of a unit test suite this will stop the test - * suite execution). + * do our best to report if the lock counter is equal to zero. Assert with + * MBEDTLS_TEST_HOOK_TEST_ASSERT that the lock counter is strictly greater + * than zero: if the MBEDTLS_TEST_HOOKS configuration option is enabled and + * the function is called as part of the execution of a test suite, the + * execution of the test suite is stopped in error if the assertion fails. */ MBEDTLS_TEST_HOOK_TEST_ASSERT( slot->lock_count > 0 ); return( PSA_ERROR_CORRUPTION_DETECTED ); From 538a0cbcf44c11d9e4ed80ed44f7b21497c87654 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Wed, 14 Jul 2021 10:20:09 +0100 Subject: [PATCH 0805/1065] Replace `_RR` with `prec_RR` to prevent reserved identifier clashes Signed-off-by: Yuto Takano --- include/mbedtls/bignum.h | 8 ++++---- library/bignum.c | 12 ++++++------ 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 5187d86611..7fef599846 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -826,14 +826,14 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, * \param E The exponent MPI. This must point to an initialized MPI. * \param N The base for the modular reduction. This must point to an * initialized MPI. - * \param _RR A helper MPI depending solely on \p N which can be used to + * \param prec_RR A helper MPI depending solely on \p N which can be used to * speed-up multiple modular exponentiations for the same value * of \p N. This may be \c NULL. If it is not \c NULL, it must * point to an initialized MPI. If it hasn't been used after * the call to mbedtls_mpi_init(), this function will compute - * the helper value and store it in \p _RR for reuse on + * the helper value and store it in \p prec_RR for reuse on * subsequent calls to this function. Otherwise, the function - * will assume that \p _RR holds the helper value set by a + * will assume that \p prec_RR holds the helper value set by a * previous call to mbedtls_mpi_exp_mod(), and reuse it. * * \return \c 0 if successful. @@ -845,7 +845,7 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, */ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *_RR ); + mbedtls_mpi *prec_RR ); /** * \brief Fill an MPI with a number of random bytes. diff --git a/library/bignum.c b/library/bignum.c index 8658ba395b..42ec7ac314 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2297,7 +2297,7 @@ cleanup: */ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *_RR ) + mbedtls_mpi *prec_RR ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t wbits, wsize, one = 1; @@ -2365,17 +2365,17 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * If 1st call, pre-compute R^2 mod N */ - if( _RR == NULL || _RR->p == NULL ) + if( prec_RR == NULL || prec_RR->p == NULL ) { MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) ); - if( _RR != NULL ) - memcpy( _RR, &RR, sizeof( mbedtls_mpi ) ); + if( prec_RR != NULL ) + memcpy( prec_RR, &RR, sizeof( mbedtls_mpi ) ); } else - memcpy( &RR, _RR, sizeof( mbedtls_mpi ) ); + memcpy( &RR, prec_RR, sizeof( mbedtls_mpi ) ); /* * W[1] = A * R^2 * R^-1 mod N = A * R mod N @@ -2523,7 +2523,7 @@ cleanup: mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos ); mbedtls_mpi_free( &WW ); - if( _RR == NULL || _RR->p == NULL ) + if( prec_RR == NULL || prec_RR->p == NULL ) mbedtls_mpi_free( &RR ); return( ret ); From ff58686e882bc07517f4c05b49923f331270fd94 Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Wed, 14 Jul 2021 10:25:57 +0100 Subject: [PATCH 0806/1065] Add ChangeLog entry for reserved identifier replacments Signed-off-by: Yuto Takano --- ChangeLog.d/issue4630.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/issue4630.txt diff --git a/ChangeLog.d/issue4630.txt b/ChangeLog.d/issue4630.txt new file mode 100644 index 0000000000..0bc4b99e59 --- /dev/null +++ b/ChangeLog.d/issue4630.txt @@ -0,0 +1,2 @@ +Bugfix + * Stop using reserved identifiers as local variables. Fixes #4630. From 554e64e6898b93f2ca9d78393228853cd9486765 Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 12 Jul 2021 12:31:40 +0530 Subject: [PATCH 0807/1065] Add a changelog for Armmbed#4626 Signed-off-by: Archana --- ChangeLog.d/psa_curve448_key_support.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/psa_curve448_key_support.txt diff --git a/ChangeLog.d/psa_curve448_key_support.txt b/ChangeLog.d/psa_curve448_key_support.txt new file mode 100644 index 0000000000..d1870ed1d0 --- /dev/null +++ b/ChangeLog.d/psa_curve448_key_support.txt @@ -0,0 +1,3 @@ +Features + * Enable support for Curve448 via the PSA API. Contributed by + Archana Madhavan in #4626. Fixes #3399 and #4249. From c22950c9d057be71938f7509280e72ce19c57cee Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 8 Jul 2021 16:50:01 +0100 Subject: [PATCH 0808/1065] Change PSA Cipher macro safety to use block length Although checking if the key was symmetric was correct, its easier to read if we just check the block length is not zero before we use it in a division. Signed-off-by: Paul Elliott --- include/psa/crypto_sizes.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 836f9ee147..1f8b6c305c 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -992,8 +992,7 @@ */ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ (alg == PSA_ALG_CBC_PKCS7 ? \ - (((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) \ - == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ (input_length) + 1) + \ PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ From 6603e2b81cb789aa1018acae78714ce49f189010 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 8 Jul 2021 16:53:42 +0100 Subject: [PATCH 0809/1065] Add fix to update output size macro as well. Same issue with zero block length applies here. Signed-off-by: Paul Elliott --- include/psa/crypto_sizes.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 1f8b6c305c..4c67f10afa 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1074,12 +1074,13 @@ */ #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ (PSA_ALG_IS_CIPHER(alg) ? \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ (((alg) == PSA_ALG_CBC_PKCS7 || \ (alg) == PSA_ALG_CBC_NO_PADDING || \ (alg) == PSA_ALG_ECB_NO_PADDING) ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ input_length) : \ - (input_length)) : \ + (input_length)) : 0) : \ 0) /** A sufficient output buffer size for psa_cipher_update(), for any of the From a417f56d28ec1a74276b6053c8aa53cb30a54fe1 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 14 Jul 2021 12:31:21 +0100 Subject: [PATCH 0810/1065] Add non regression test for cipher output size Call the output size macros specifically with asymmetric keys, which would cause a crash (and thus test fail) should this fix get regressed. Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 12 +++++++ tests/suites/test_suite_psa_crypto.function | 40 +++++++++++++++++++++ 2 files changed, 52 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8671e3718d..56295ee5b3 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1466,6 +1466,18 @@ cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f101112131415 PSA cipher: bad order function calls cipher_bad_order: +PSA cipher: incorrect key type (HMAC) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +cipher_bad_key:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + +PSA cipher: incorrect key type (RSA) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_bad_key:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA cipher: incorrect key type (ECC Family Sep R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +cipher_bad_key:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320" + PSA cipher encrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9136cb91da..150a3f43e3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2559,6 +2559,46 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_algorithm_t alg = alg_arg; + psa_key_type_t key_type = key_type_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_status_t status; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + /* Usage of either of these two size macros would cause divide by zero + * with incorrect key types previously. Input length should be irrelevant + * here. */ + TEST_EQUAL( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, 16 ), + 0 ); + TEST_EQUAL( PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, 16 ), 0 ); + + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + /* Should fail due to invalid alg type (to support invalid key type). + * Encrypt or decrypt will end up in the same place. */ + status = psa_cipher_encrypt_setup( &operation, key, alg ); + + TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + +exit: + psa_cipher_abort( &operation ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_encrypt_validation( int alg_arg, int key_type_arg, From 64df5f88c5d4d177bae047c56d3cdbd49974bfdd Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 14 Jul 2021 12:37:00 +0100 Subject: [PATCH 0811/1065] Add Changelog entry Signed-off-by: Paul Elliott --- ChangeLog.d/fix-cipher-output-size-macros.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/fix-cipher-output-size-macros.txt diff --git a/ChangeLog.d/fix-cipher-output-size-macros.txt b/ChangeLog.d/fix-cipher-output-size-macros.txt new file mode 100644 index 0000000000..4a4b971c83 --- /dev/null +++ b/ChangeLog.d/fix-cipher-output-size-macros.txt @@ -0,0 +1,4 @@ +Bugfix + * Prevent divide by zero if either of PSA_CIPHER_ENCRYPT_OUTPUT_SIZE() or + PSA_CIPHER_UPDATE_OUTPUT_SIZE() were called using an asymmetric key type. + From 113d80c219deabc10d67309a5e831c9db7f12e3f Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 15:16:09 +0100 Subject: [PATCH 0812/1065] Simplify the test and description Previously the check was convoluted. This has been simplified and given a more appropriate suggestion as per gilles suggestion Signed-off-by: Joe Subbiani --- .../test_suite_psa_crypto_metadata.function | 24 +++---------------- 1 file changed, 3 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index f2dcfca2dd..1db3ca6e3b 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -630,27 +630,9 @@ void block_cipher_key_type( int type_arg, int block_size_arg ) PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); - /* PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h - * Requires block sizes to be a power of 2. - * The following creates a bit and shifts along until it finds a - * match or a mismatch. - */ - int check = 0; - - for (size_t index = 1; index > 0; index = index << 1) - { - if (index == block_size) - { - check = 0; - break; - } - if (index > block_size) - { - check = 1; - break; - } - } - TEST_EQUAL( check, 0); + /* Check that the block size is a power of 2. This is required, at least, + for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ + TEST_ASSERT( ( ( block_size - 1 ) & block_size ) == 0 ); } /* END_CASE */ From 5ccdc556b1d40dd1deb9a688bf6aaffe0a621656 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 15 Jul 2021 09:03:51 +0100 Subject: [PATCH 0813/1065] Remove trailing whitespace Signed-off-by: Joe Subbiani --- tests/suites/test_suite_psa_crypto_metadata.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 1db3ca6e3b..9f4fc75495 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -630,7 +630,7 @@ void block_cipher_key_type( int type_arg, int block_size_arg ) PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); - /* Check that the block size is a power of 2. This is required, at least, + /* Check that the block size is a power of 2. This is required, at least, for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ TEST_ASSERT( ( ( block_size - 1 ) & block_size ) == 0 ); } From 12c77410eb9a97b123af3bab531f02893cf8ca29 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 15 Jul 2021 16:12:54 +0200 Subject: [PATCH 0814/1065] Removing unneded extern declaration of a callback and including common.h where the cb is needed Signed-off-by: TRodziewicz --- include/mbedtls/error.h | 1 - tests/suites/main_test.function | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index f00b4f5b2f..9a8690dc1a 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -129,7 +129,6 @@ extern "C" { * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const char * file ); #endif /** diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 80c730b8a2..6a87e80994 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -24,6 +24,7 @@ #endif #include "mbedtls/build_info.h" +#include "common.h" /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set From f31c6c111e6ff248c8cdda13e61057ee2695ba3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 May 2021 22:33:09 +0200 Subject: [PATCH 0815/1065] Typo Signed-off-by: Gilles Peskine --- docs/architecture/testing/psa-storage-format-testing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index 71bf968937..ca29f1926b 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -65,7 +65,7 @@ Method: Create a key with certain metadata with `psa_import_key`. Read the file Objective: ensure that the coverage is sufficient to have assurance that all keys are stored correctly. This requires a sufficient selection of key types, sizes, policies, etc. -In particular, the tests must validate that each `PSA_xxx` constant that is stored in a key is covered by at least once test case: +In particular, the tests must validate that each `PSA_xxx` constant that is stored in a key is covered by at least one test case: * Usage flags: `PSA_KEY_USAGE_xxx`. * Algorithms in policies: `PSA_ALG_xxx`. From d131e400f00ec3ead591161182ca98af8a95c523 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 May 2021 22:33:46 +0200 Subject: [PATCH 0816/1065] Clarification: forward and backward compatibility MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The import-and-save and load-and-check parts of the tests don't have to be actually the same test cases. Introduce the terms “forward compatibility” and “backward compatibility” and relate them to import-and-save and load-and-check actions. These are clarifications of intent that do not represent an intended change in the strategy or intended coverage. Signed-off-by: Gilles Peskine --- docs/architecture/testing/psa-storage-format-testing.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index ca29f1926b..161ae2b86d 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -20,10 +20,14 @@ An alternative, semi-direct approach consists of generating test data under vers ### Save-and-compare approach -Importing and saving a key is deterministic. Therefore we can ensure the stability of the storage format by creating test cases under a version V of Mbed TLS, where the test case parameters include both the parameters to pass to key creation and the expected state of the storage after the key is created. The test case creates a key as indicated by the parameters, then compares the actual state of the storage with the expected state. In addition, the test case also loads the key and checks that it has the expected data and metadata. +Importing and saving a key is deterministic. Therefore we can ensure the stability of the storage format by creating test cases under a version V of Mbed TLS, where the test case parameters include both the parameters to pass to key creation and the expected state of the storage after the key is created. The test case creates a key as indicated by the parameters, then compares the actual state of the storage with the expected state. + +In addition, the test case also loads the key and checks that it has the expected data and metadata. Import-and-save testing and load-and-check testing can be split into separate test functions with the same payloads. If the test passes with version V, this means that the test data is consistent with what the implementation does. When the test later runs under version W ≥ V, it creates and reads back a storage state which is known to be identical to the state that V would have produced. Thus, this approach validates that W can read storage states created by V. +Note that it is the combination of import-and-save passing on version V and load-and-check passing on version W with the same data that proves that version W can read back what version V wrote. From the perspective of a particular version of the library, the import-and-save tests guarantee forward compatibility while the load-and-check tests guarantee backward compatibility. + Use a similar approach for files other than keys where possible and relevant. ### Keeping up with storage format evolution From 77f8e5cb59941c520e556f7900ab75355fce50d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 May 2021 22:39:43 +0200 Subject: [PATCH 0817/1065] Add considerations on key material representations Signed-off-by: Gilles Peskine --- .../testing/psa-storage-format-testing.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index 161ae2b86d..26f9569454 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -75,6 +75,8 @@ In particular, the tests must validate that each `PSA_xxx` constant that is stor * Algorithms in policies: `PSA_ALG_xxx`. * Key types: `PSA_KEY_TYPE_xxx`, `PSA_ECC_FAMILY_xxx`, `PSA_DH_FAMILY_xxx`. +In addition, the coverage of key material must ensure that any variation in key representation is detected. See [“Considerations on key material representations”](#Considerations-on-key-material-representations) for considerations regarding key types. + Method: Each test case creates a key with `psa_import_key`, purges it from memory, then reads it back and exercises it. Generate test cases automatically based on an enumeration of available constants and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type. Note that the generated test cases will be checked into the repository (generating test cases at runtime would not allow us to test the stability of the format, only that a given version is internally consistent). ### Testing with alternative lifetime values @@ -86,6 +88,19 @@ Method: * For alternative locations: have tests conditional on the presence of a driver for that location. * For alternative persistence levels: TODO +### Considerations on key material representations + +The risks of incompatibilities in key representations depends on the key type and on the presence of drivers. Compatibility of and with drivers is currently out of scope of this document. + +Some types only have one plausible representation. Others admit alternative plausible representations (different encodings, or non-canonical representations). +Here are some areas to watch for, with an identified risk of incompatibilities. + +* HMAC keys longer than the block size: pre-hashed or not? +* DES keys: was parity enforced? +* RSA keys: can invalid DER encodings (e.g. leading zeros, ignored sign bit) have been stored? +* RSA private keys: can invalid CRT parameters have been stored? +* Montgomery private keys: were they stored in masked form? + ## Random generator state TODO From b91f81a55b32ae42f48ec1c55821ff188d3d1b6c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 May 2021 22:42:06 +0200 Subject: [PATCH 0818/1065] Discuss lifetimes, in particular persistence levels Signed-off-by: Gilles Peskine --- docs/architecture/testing/psa-storage-format-testing.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index 26f9569454..db22eb7b7e 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -71,6 +71,7 @@ Objective: ensure that the coverage is sufficient to have assurance that all key In particular, the tests must validate that each `PSA_xxx` constant that is stored in a key is covered by at least one test case: +* Lifetimes: `PSA_KEY_LIFETIME_xxx`, `PSA_KEY_PERSISTENCE_xxx`, `PSA_KEY_LOCATION_xxx`. * Usage flags: `PSA_KEY_USAGE_xxx`. * Algorithms in policies: `PSA_ALG_xxx`. * Key types: `PSA_KEY_TYPE_xxx`, `PSA_ECC_FAMILY_xxx`, `PSA_DH_FAMILY_xxx`. @@ -86,7 +87,7 @@ Objective: have test coverage for lifetimes other than the default persistent li Method: * For alternative locations: have tests conditional on the presence of a driver for that location. -* For alternative persistence levels: TODO +* For alternative persistence levels: have load-and-check tests for supported persistence levels. We may also want to have negative tests ensuring that keys with a not-supported persistence level are not accidentally created. ### Considerations on key material representations From 8ec3c8f015c254df80e0369009271d2c8a4013c0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 May 2021 22:42:52 +0200 Subject: [PATCH 0819/1065] Do not require test data to be in the repository What matters is that we validate that test data is not removed. Keeping the test data is the most obvious way, but not the only way. Signed-off-by: Gilles Peskine --- docs/architecture/testing/psa-storage-format-testing.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index db22eb7b7e..e293985cf8 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -34,6 +34,8 @@ Use a similar approach for files other than keys where possible and relevant. Test cases should normally not be removed from the code base: if something has worked before, it should keep working in future versions, so we should keep testing it. +This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review may be assisted by a tool that compares the old and the new version, in the same way that `abi-check.py` compares the library's API and ABI. + If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old keys (which should only be done by retiring a version of the storage format), then we should keep the corresponding test cases in load-only mode: create a file with the expected content, load it and check the data that it contains. ## Storage architecture overview @@ -78,7 +80,9 @@ In particular, the tests must validate that each `PSA_xxx` constant that is stor In addition, the coverage of key material must ensure that any variation in key representation is detected. See [“Considerations on key material representations”](#Considerations-on-key-material-representations) for considerations regarding key types. -Method: Each test case creates a key with `psa_import_key`, purges it from memory, then reads it back and exercises it. Generate test cases automatically based on an enumeration of available constants and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type. Note that the generated test cases will be checked into the repository (generating test cases at runtime would not allow us to test the stability of the format, only that a given version is internally consistent). +Method: Each test case creates a key with `psa_import_key`, purges it from memory, then reads it back and exercises it. + +Generate test cases automatically based on an enumeration of available constants and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type. ### Testing with alternative lifetime values From 3daaea858b7f7385b737dbce834c3314710397bf Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 20 Jul 2021 13:36:16 +0200 Subject: [PATCH 0820/1065] Changing the places of the mbedtls_test_hook_test_fail callback declaration Signed-off-by: TRodziewicz --- tests/suites/main_test.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 6a87e80994..e016865348 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -24,7 +24,6 @@ #endif #include "mbedtls/build_info.h" -#include "common.h" /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set @@ -239,6 +238,7 @@ $platform_code int main( int argc, const char *argv[] ) { #if defined(MBEDTLS_TEST_HOOKS) + extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const char * file ); mbedtls_test_hook_test_fail = &mbedtls_test_fail; #if defined(MBEDTLS_ERROR_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; From b96957065037cf81989fd6890d1bfa6e90837d5c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jul 2021 10:56:39 +0200 Subject: [PATCH 0821/1065] Explain the final error checking Signed-off-by: Gilles Peskine --- tests/scripts/basic-build-test.sh | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index fd22f4dda9..96f9c47ad9 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -285,10 +285,15 @@ fi # If the coverage summary doesn't end with the expected last two lines # ("Branches Tested" and a blank line), either there was an error while # creating the coverage summary or the coverage summary reported failures. +# The script runs under `set -e`, so most failures cause it to abort, +# but failures on the left-hand side of a pipe are not detected (this is +# a limitation of sh), so we check that the left-hand side of the pipe +# succeeded by checking that it took the last action that it was expected +# to take. newline=' ' case "$(tail -n2 coverage-summary.txt)" in - *"$newline"*) exit 1;; - "Branches Tested"*) :;; - *) exit 1;; + *"$newline"*) exit 1;; # last line was not blank + "Branches Tested"*) :;; # looks good + *) exit 1;; # next-to-last line had unexpected content esac From 6ee3b7ed1ff74c4d529d6eaabb237fe24810f4fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jul 2021 11:08:30 +0200 Subject: [PATCH 0822/1065] More robust failure detection for the coverage report generation The previous implementation was hard to understand and could in principle fail to notice if there was a test case failure and the writing of the line "Note: $TOTAL_FAIL failures." failed. KISS. Signed-off-by: Gilles Peskine --- tests/scripts/basic-build-test.sh | 32 ++++++++++--------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 96f9c47ad9..2be62b43dc 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -156,6 +156,11 @@ echo "=========================================================================" echo "Test Report Summary" echo +# A failure of the left-hand side of a pipe is ignored (this is a limitation +# of sh). We'll use the presence of this file as a marker that the generation +# of the report succeeded. +rm -f "basic-build-test-$$.ok" + { cd tests @@ -267,13 +272,7 @@ echo echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%" echo - # If there was a failure, remind the reader here. This also ensures that - # the coverage summary ends with a distinctive mark so that this script - # knows to exit with a failure status. - if [ $TOTAL_FAIL -ne 0 ]; then - echo "Note: $TOTAL_FAIL failures." - fi - + touch "basic-build-test-$$.ok" } | tee coverage-summary.txt make clean @@ -282,18 +281,7 @@ if [ -f "$CONFIG_BAK" ]; then mv "$CONFIG_BAK" "$CONFIG_H" fi -# If the coverage summary doesn't end with the expected last two lines -# ("Branches Tested" and a blank line), either there was an error while -# creating the coverage summary or the coverage summary reported failures. -# The script runs under `set -e`, so most failures cause it to abort, -# but failures on the left-hand side of a pipe are not detected (this is -# a limitation of sh), so we check that the left-hand side of the pipe -# succeeded by checking that it took the last action that it was expected -# to take. -newline=' -' -case "$(tail -n2 coverage-summary.txt)" in - *"$newline"*) exit 1;; # last line was not blank - "Branches Tested"*) :;; # looks good - *) exit 1;; # next-to-last line had unexpected content -esac +# The file must exist, otherwise it means something went wrong while generating +# the coverage report. If something did go wrong, rm will complain so this +# script will exit with a failure status. +rm "basic-build-test-$$.ok" From d8d19327d5ad69e5d83f955318d4e55aca69cad1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jul 2021 12:29:27 +0200 Subject: [PATCH 0823/1065] Fix mixup about the directory containing the success indicator file Signed-off-by: Gilles Peskine --- tests/scripts/basic-build-test.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 2be62b43dc..cf68b4ed41 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -159,7 +159,7 @@ echo # A failure of the left-hand side of a pipe is ignored (this is a limitation # of sh). We'll use the presence of this file as a marker that the generation # of the report succeeded. -rm -f "basic-build-test-$$.ok" +rm -f "tests/basic-build-test-$$.ok" { @@ -272,6 +272,8 @@ rm -f "basic-build-test-$$.ok" echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%" echo + # Mark the report generation as having succeeded. This must be the + # last thing in the report generation. touch "basic-build-test-$$.ok" } | tee coverage-summary.txt @@ -284,4 +286,4 @@ fi # The file must exist, otherwise it means something went wrong while generating # the coverage report. If something did go wrong, rm will complain so this # script will exit with a failure status. -rm "basic-build-test-$$.ok" +rm "tests/basic-build-test-$$.ok" From 95832d88728414558e195522251ab1910c79bd4a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 22 Jul 2021 09:44:53 +0100 Subject: [PATCH 0824/1065] Explicitly mark mbedtls_ssl_session.exported as private This was an oversight during concurrent merging in the run-up to Mbed TLS 3.0. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a14a58307..e69bdb64f9 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -925,7 +925,7 @@ struct mbedtls_ssl_session unsigned char MBEDTLS_PRIVATE(id)[32]; /*!< session identifier */ unsigned char MBEDTLS_PRIVATE(master)[48]; /*!< the master secret */ - unsigned char exported; + unsigned char MBEDTLS_PRIVATE(exported); #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) From 03799427445d796d8ada01bb4258b80fa787ac3a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 22 Jul 2021 11:33:12 +0100 Subject: [PATCH 0825/1065] Explicitly mark mbedtls_ssl_config.respect_cli_pref as private This was always intended to be explicitly marked private. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index e69bdb64f9..610aa14914 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1214,7 +1214,7 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_SRV_C) unsigned int MBEDTLS_PRIVATE(cert_req_ca_list) : 1; /*!< enable sending CA list in Certificate Request messages? */ - unsigned int respect_cli_pref : 1; /*!< pick the ciphersuite according to + unsigned int MBEDTLS_PRIVATE(respect_cli_pref) : 1; /*!< pick the ciphersuite according to the client's preferences rather than ours */ #endif From 5d26efdea3658b0372dd33427ee5af688d2bcd93 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 22 Jul 2021 10:22:07 +0100 Subject: [PATCH 0826/1065] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/session_export_private.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/session_export_private.txt diff --git a/ChangeLog.d/session_export_private.txt b/ChangeLog.d/session_export_private.txt new file mode 100644 index 0000000000..5475824181 --- /dev/null +++ b/ChangeLog.d/session_export_private.txt @@ -0,0 +1,5 @@ +Changes + * Explicitly mark the fields mbedtls_ssl_session.exported and + mbedtls_ssl_config.respect_cli_pref as private. This was an + oversight during the run-up to the release of Mbed TLS 3.0. + The fields were never intended to be public. From fadbdbb5769b249d88b225417dc1bc4c3eb732d2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 23 Jul 2021 06:25:48 +0100 Subject: [PATCH 0827/1065] Store TLS version in SSL session structure Instances of `mbedtls_ssl_session` represent data enabling session resumption. With the introduction of TLS 1.3, the format of this data changes. We therefore need TLS-version field as part of `mbedtlsl_ssl_session` which allows distinguish 1.2 and 1.3 sessions. This commit introduces such a TLS-version field to mbedtls_ssl_session. The change has a few ramifications: - Session serialization/deserialization routines need to be adjusted. This is achieved by adding the TLS-version after the header of Mbed TLS version+config, and by having the subsequent structure of the serialized data depend on the value of this field. The details are described in terms of the RFC 8446 presentation language. The 1.2 session (de)serialization are moved into static helper functions, while the top-level session (de)serialization only parses the Mbed TLS version+config header and the TLS-version field, and dispatches according to the found version. This way, it will be easy to add support for TLS 1.3 sessions in the future. - Tests for session serialization need to be adjusted - Once we add support for TLS 1.3, with runtime negotiation of 1.2 vs. 1.3, we will need to have some logic comparing the TLS version of the proposed session to the negotiated TLS version. For now, however, we only support TLS 1.2, and no such logic is needed. Instead, we just store the TLS version in the session structure at the same point when we populate mbedtls_ssl_context.minor_ver. The change introduces some overlap between `mbedtls_ssl_session.minor_ver` and `mbedtls_ssl_context.minor_ver`, which should be studied and potentially resolved. However, with both fields being private and explicitly marked so, this can happen in a later change. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 + library/ssl_cli.c | 1 + library/ssl_srv.c | 1 + library/ssl_tls.c | 228 ++++++++++++++++++--------- tests/suites/test_suite_ssl.function | 19 ++- 5 files changed, 171 insertions(+), 80 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a14a58307..4f6b448e91 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -927,6 +927,8 @@ struct mbedtls_ssl_session unsigned char exported; + unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index ef391b306e..e0a1c24ec1 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2024,6 +2024,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, ssl->conf->transport, buf + 0 ); + ssl->session_negotiate->minor_ver = ssl->minor_ver; if( ssl->major_ver < ssl->conf->min_major_ver || ssl->minor_ver < ssl->conf->min_minor_ver || diff --git a/library/ssl_srv.c b/library/ssl_srv.c index ad98850f06..d82ec0471f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1392,6 +1392,7 @@ read_record_header: mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, ssl->conf->transport, buf ); + ssl->session_negotiate->minor_ver = ssl->minor_ver; ssl->handshake->max_major_ver = ssl->major_ver; ssl->handshake->max_minor_ver = ssl->minor_ver; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1cfda4a081..95d6468758 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4550,44 +4550,62 @@ static unsigned char ssl_serialized_session_header[] = { * Serialize a session in the following format: * (in the presentation language of TLS, RFC 8446 section 3) * - * opaque mbedtls_version[3]; // major, minor, patch - * opaque session_format[2]; // version-specific 16-bit field determining - * // the format of the remaining - * // serialized data. + * struct { * - * Note: When updating the format, remember to keep - * these version+format bytes. + * opaque mbedtls_version[3]; // major, minor, patch + * opaque session_format[2]; // version-specific 16-bit field determining + * // the format of the remaining + * // serialized data. * - * // In this version, `session_format` determines - * // the setting of those compile-time - * // configuration options which influence - * // the structure of mbedtls_ssl_session. - * uint64 start_time; - * uint8 ciphersuite[2]; // defined by the standard - * uint8 compression; // 0 or 1 - * uint8 session_id_len; // at most 32 - * opaque session_id[32]; - * opaque master[48]; // fixed length in the standard - * uint32 verify_result; - * opaque peer_cert<0..2^24-1>; // length 0 means no peer cert - * opaque ticket<0..2^24-1>; // length 0 means no ticket - * uint32 ticket_lifetime; - * uint8 mfl_code; // up to 255 according to standard - * uint8 trunc_hmac; // 0 or 1 - * uint8 encrypt_then_mac; // 0 or 1 + * Note: When updating the format, remember to keep + * these version+format bytes. + * + * // In this version, `session_format` determines + * // the setting of those compile-time + * // configuration options which influence + * // the structure of mbedtls_ssl_session. + * + * uint8_t minor_ver; // Possible values: + * // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3) + * + * select (serialized_session.minor_ver) { + * + * case MBEDTLS_SSL_MINOR_VERSION_3: // TLS 1.2 + * serialized_session_tls12 data; + * + * }; + * + * } serialized_session; * - * The order is the same as in the definition of the structure, except - * verify_result is put before peer_cert so that all mandatory fields come - * together in one block. */ -static int ssl_session_save( const mbedtls_ssl_session *session, - unsigned char omit_header, - unsigned char *buf, - size_t buf_len, - size_t *olen ) + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +/* Serialization of TLS 1.2 sessions: + * + * struct { + * uint64 start_time; + * uint8 ciphersuite[2]; // defined by the standard + * uint8 compression; // 0 or 1 + * uint8 session_id_len; // at most 32 + * opaque session_id[32]; + * opaque master[48]; // fixed length in the standard + * uint32 verify_result; + * opaque peer_cert<0..2^24-1>; // length 0 means no peer cert + * opaque ticket<0..2^24-1>; // length 0 means no ticket + * uint32 ticket_lifetime; + * uint8 mfl_code; // up to 255 according to standard + * uint8 trunc_hmac; // 0 or 1 + * uint8 encrypt_then_mac; // 0 or 1 + * } serialized_session_tls12; + * + */ +static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, + unsigned char *buf, + size_t buf_len ) { unsigned char *p = buf; size_t used = 0; + #if defined(MBEDTLS_HAVE_TIME) uint64_t start; #endif @@ -4597,23 +4615,6 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( !omit_header ) - { - /* - * Add version identifier - */ - - used += sizeof( ssl_serialized_session_header ); - - if( used <= buf_len ) - { - memcpy( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ); - p += sizeof( ssl_serialized_session_header ); - } - } - /* * Time */ @@ -4756,9 +4757,61 @@ static int ssl_session_save( const mbedtls_ssl_session *session, *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF ); #endif - /* Done */ - *olen = used; + return( used ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +static int ssl_session_save( const mbedtls_ssl_session *session, + unsigned char omit_header, + unsigned char *buf, + size_t buf_len, + size_t *olen ) +{ + unsigned char *p = buf; + size_t used = 0; + + if( !omit_header ) + { + /* + * Add Mbed TLS version identifier + */ + + used += sizeof( ssl_serialized_session_header ); + + if( used <= buf_len ) + { + memcpy( p, ssl_serialized_session_header, + sizeof( ssl_serialized_session_header ) ); + p += sizeof( ssl_serialized_session_header ); + } + } + + /* + * TLS version identifier + */ + used += 1; + if( used <= buf_len ) + { + *p++ = session->minor_ver; + } + + /* Forward to version-specific serialization routine. */ + switch( session->minor_ver ) + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + case MBEDTLS_SSL_MINOR_VERSION_3: + { + size_t remaining_len = used <= buf_len ? buf_len - used : 0; + used += ssl_session_save_tls12( session, p, remaining_len ); + break; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + default: + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + *olen = used; if( used > buf_len ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -4782,13 +4835,10 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * This internal version is wrapped by a public function that cleans up in * case of error, and has an extra option omit_header. */ -static int ssl_session_load( mbedtls_ssl_session *session, - unsigned char omit_header, - const unsigned char *buf, - size_t len ) +static int ssl_session_load_tls12( mbedtls_ssl_session *session, + const unsigned char *buf, + size_t len ) { - const unsigned char *p = buf; - const unsigned char * const end = buf + len; #if defined(MBEDTLS_HAVE_TIME) uint64_t start; #endif @@ -4798,22 +4848,8 @@ static int ssl_session_load( mbedtls_ssl_session *session, #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( !omit_header ) - { - /* - * Check version identifier - */ - - if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( memcmp( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ) != 0 ) - { - return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); - } - p += sizeof( ssl_serialized_session_header ); - } + const unsigned char *p = buf; + const unsigned char * const end = buf + len; /* * Time @@ -4998,6 +5034,54 @@ static int ssl_session_load( mbedtls_ssl_session *session, return( 0 ); } +static int ssl_session_load( mbedtls_ssl_session *session, + unsigned char omit_header, + const unsigned char *buf, + size_t len ) +{ + const unsigned char *p = buf; + const unsigned char * const end = buf + len; + + if( !omit_header ) + { + /* + * Check Mbed TLS version identifier + */ + + if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( memcmp( p, ssl_serialized_session_header, + sizeof( ssl_serialized_session_header ) ) != 0 ) + { + return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + } + p += sizeof( ssl_serialized_session_header ); + } + + /* + * TLS version identifier + */ + if( 1 > (size_t)( end - p ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + session->minor_ver = *p++; + + /* Dispatch according to TLS version. */ + switch( session->minor_ver ) + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + case MBEDTLS_SSL_MINOR_VERSION_3: /* TLS 1.2 */ + { + size_t remaining_len = ( end - p ); + return( ssl_session_load_tls12( session, p, remaining_len ) ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + default: + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } +} + /* * Deserialize session: public wrapper for error cleaning */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 98ed11fd44..8f742b86cb 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1435,13 +1435,14 @@ cleanup: * Populate a session structure for serialization tests. * Choose dummy values, mostly non-0 to distinguish from the init default. */ -static int ssl_populate_session( mbedtls_ssl_session *session, - int ticket_len, - const char *crt_file ) +static int ssl_populate_session_tls12( mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file ) { #if defined(MBEDTLS_HAVE_TIME) session->start = mbedtls_time( NULL ) - 42; #endif + session->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; session->ciphersuite = 0xabcd; session->compression = 1; session->id_len = sizeof( session->id ); @@ -1449,7 +1450,7 @@ static int ssl_populate_session( mbedtls_ssl_session *session, memset( session->master, 17, sizeof( session->master ) ); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO) - if( strlen( crt_file ) != 0 ) + if( crt_file != NULL && strlen( crt_file ) != 0 ) { mbedtls_x509_crt tmp_crt; int ret; @@ -4008,7 +4009,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) mbedtls_ssl_session_init( &restored ); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 ); + TEST_ASSERT( ssl_populate_session_tls12( &original, ticket_len, crt_file ) == 0 ); /* Serialize it */ TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len ) @@ -4026,6 +4027,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) #if defined(MBEDTLS_HAVE_TIME) TEST_ASSERT( original.start == restored.start ); #endif + TEST_ASSERT( original.minor_ver == restored.minor_ver ); TEST_ASSERT( original.ciphersuite == restored.ciphersuite ); TEST_ASSERT( original.compression == restored.compression ); TEST_ASSERT( original.id_len == restored.id_len ); @@ -4104,7 +4106,7 @@ void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) mbedtls_ssl_session_init( &session ); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); + TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 ); /* Get desired buffer size for serializing */ TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 ) @@ -4154,7 +4156,7 @@ void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) mbedtls_ssl_session_init( &session ); /* Prepare dummy session and get serialized size */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); + TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 ); TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); @@ -4190,7 +4192,7 @@ void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) mbedtls_ssl_session_init( &session ); /* Prepare serialized session data */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); + TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 ); TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL ); @@ -4235,6 +4237,7 @@ void ssl_session_serialize_version_check( int corrupt_major, corrupt_config == 1 }; mbedtls_ssl_session_init( &session ); + ssl_populate_session_tls12( &session, 0, NULL ); /* Infer length of serialized session. */ TEST_ASSERT( mbedtls_ssl_session_save( &session, From 218dec824e6de919f229afa00731d185651aae09 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 23 Jul 2021 07:23:47 +0100 Subject: [PATCH 0828/1065] Document that returning 0 from the recv callback means EOF Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a14a58307..bf44975c35 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -493,10 +493,11 @@ typedef int mbedtls_ssl_send_t( void *ctx, * \param buf Buffer to write the received data to * \param len Length of the receive buffer * - * \return The callback must return the number of bytes received, - * or a non-zero error code. - * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ + * \returns If data has been received, the positive number of bytes received. + * \returns \c 0 if the connection has been closed. + * \returns If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ * must be returned when the operation would block. + * \returns Another negative error code on other kinds of failures. * * \note The callback may receive fewer bytes than the length of the * buffer. It must always return the number of bytes actually From b4b184a6f861f00d3eb7c6678ff1d9a3be24bbb5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 26 Jul 2021 18:39:24 +0200 Subject: [PATCH 0829/1065] Remove reference to compat-1.2.h This has been irrelevant since Mbed TLS 2.0.0. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 7822384ce3..e7ee579344 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -88,7 +88,6 @@ my %error_codes_seen; foreach my $line (@matches) { - next if ($line =~ /compat-1.2.h/); my ($error_name, $error_code) = $line =~ /(MBEDTLS_ERR_\w+)\s+\-(0x\w+)/; my ($description) = $line =~ /\/\*\*< (.*?)\.? \*\//; From 37bdbe6c4d2174e41ba688d7b0db696732343258 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 05:38:58 +0100 Subject: [PATCH 0830/1065] Remove mentions of truncated HMAC from ssl_tls.c Signed-off-by: Hanno Becker --- library/ssl_tls.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 95d6468758..ecfd0cf0c1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -655,7 +655,6 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, * - [in] ciphersuite * - [in] master * - [in] encrypt_then_mac - * - [in] trunc_hmac * - [in] compression * - [in] tls_prf: pointer to PRF to use for key derivation * - [in] randbytes: buffer holding ServerHello.random + ClientHello.random @@ -4506,8 +4505,6 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, #define SSL_SERIALIZED_SESSION_CONFIG_MFL 0 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0 - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #define SSL_SERIALIZED_SESSION_CONFIG_ETM 1 #else @@ -4524,9 +4521,8 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, #define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT 1 #define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 2 #define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT 3 -#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT 4 -#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 5 -#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 6 +#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 4 +#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 5 #define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG \ ( (uint16_t) ( \ @@ -4534,7 +4530,6 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, ( SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT ) | \ ( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT ) | \ ( SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT ) | \ ( SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT ) | \ ( SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT ) ) ) @@ -4594,7 +4589,6 @@ static unsigned char ssl_serialized_session_header[] = { * opaque ticket<0..2^24-1>; // length 0 means no ticket * uint32 ticket_lifetime; * uint8 mfl_code; // up to 255 according to standard - * uint8 trunc_hmac; // 0 or 1 * uint8 encrypt_then_mac; // 0 or 1 * } serialized_session_tls12; * From dce50974bf400bb2dec6088cdaff27396b2b1084 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 05:39:23 +0100 Subject: [PATCH 0831/1065] Prefix "version" with "library" or "protocol" to avoid ambiguity Signed-off-by: Hanno Becker --- library/ssl_tls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ecfd0cf0c1..83ffef7c28 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4547,9 +4547,9 @@ static unsigned char ssl_serialized_session_header[] = { * * struct { * - * opaque mbedtls_version[3]; // major, minor, patch - * opaque session_format[2]; // version-specific 16-bit field determining - * // the format of the remaining + * opaque mbedtls_version[3]; // library version: major, minor, patch + * opaque session_format[2]; // library-version specific 16-bit field + * // determining the format of the remaining * // serialized data. * * Note: When updating the format, remember to keep @@ -4560,7 +4560,7 @@ static unsigned char ssl_serialized_session_header[] = { * // configuration options which influence * // the structure of mbedtls_ssl_session. * - * uint8_t minor_ver; // Possible values: + * uint8_t minor_ver; // Protol-version. Possible values: * // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3) * * select (serialized_session.minor_ver) { From 57723135b3108e070df1031d6fb38535ca7d5cca Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:40:44 +0100 Subject: [PATCH 0832/1065] Document temporary overlap of TLS version in SSL context and session Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 4f6b448e91..26edecfda4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -927,6 +927,9 @@ struct mbedtls_ssl_session unsigned char exported; + /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver. + * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs + * to be studied whether one of them can be removed. */ unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -1247,6 +1250,10 @@ struct mbedtls_ssl_context #endif /* MBEDTLS_SSL_RENEGOTIATION */ int MBEDTLS_PRIVATE(major_ver); /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ + + /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver. + * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs + * to be studied whether one of them can be removed. */ int MBEDTLS_PRIVATE(minor_ver); /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ From bd25755d2a6f72961e4dd8925e324596978c4f6a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 06:59:27 +0000 Subject: [PATCH 0833/1065] Rename ssl_populate_transform() -> ssl_tls12_populate_transform() In TLS 1.2 specific code, the internal helper functions ssl_populate_transform() builds an SSL transform structure, representing a specific record protection mechanism. In preparation for a subsequent commit which will introduce a similar helper function specific to TLS 1.3, this commmit renames ssl_populate_transform() to ssl_tls12_populate_transform(). Signed-off-by: Hanno Becker --- library/ssl_misc.h | 3 ++- library/ssl_tls.c | 48 +++++++++++++++++++++++----------------------- 2 files changed, 26 insertions(+), 25 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723b..ca92d6893e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -740,7 +740,8 @@ struct mbedtls_ssl_transform #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) /* We need the Hello random bytes in order to re-derive keys from the - * Master Secret and other session info, see ssl_populate_transform() */ + * Master Secret and other session info, + * see ssl_tls12_populate_transform() */ unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */ #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ }; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fe3b5e2e64..33f4e601c3 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -665,14 +665,14 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, * - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys * - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg */ -static int ssl_populate_transform( mbedtls_ssl_transform *transform, +static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, int ciphersuite, const unsigned char master[48], -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], int minor_ver, @@ -1328,22 +1328,22 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) } /* Populate transform structure */ - ret = ssl_populate_transform( ssl->transform_negotiate, - ssl->session_negotiate->ciphersuite, - ssl->session_negotiate->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session_negotiate->encrypt_then_mac, -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - ssl->handshake->tls_prf, - ssl->handshake->randbytes, - ssl->minor_ver, - ssl->conf->endpoint, - ssl ); + ret = ssl_tls12_populate_transform( ssl->transform_negotiate, + ssl->session_negotiate->ciphersuite, + ssl->session_negotiate->master, +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + ssl->session_negotiate->encrypt_then_mac, +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + ssl->handshake->tls_prf, + ssl->handshake->randbytes, + ssl->minor_ver, + ssl->conf->endpoint, + ssl ); if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls12_populate_transform", ret ); return( ret ); } @@ -5775,14 +5775,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - ret = ssl_populate_transform( ssl->transform, + ret = ssl_tls12_populate_transform( ssl->transform, ssl->session->ciphersuite, ssl->session->master, -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \ + defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session->encrypt_then_mac, -#endif -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC && + MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls12prf_from_cs( ssl->session->ciphersuite ), p, /* currently pointing to randbytes */ MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ From c94060c6417468bd0c5fd091f3a3aa4217bbb4bd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 07:50:44 +0000 Subject: [PATCH 0834/1065] Add TLS 1.3 specific key to SSL transform conversion function This commit adds the TLS 1.3 specific internal function ``` mbedtls_ssl_tls13_populate_transform() ``` which creates an instance of the SSL transform structure `mbedtls_ssl_transform` representing a TLS 1.3 record protection mechanism. It is analogous to the existing internal helper function ``` ssl_tls12_populate_transform() ``` which creates transform structures representing record protection mechanisms in TLS 1.2 and earlier. Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 108 +++++++++++++++++++++++++++++++++++++++ library/ssl_tls13_keys.h | 33 ++++++++++++ 2 files changed, 141 insertions(+) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index f1c8a12d86..28313130f7 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -699,4 +699,112 @@ exit: return( ret ); } +int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, + int endpoint, + int ciphersuite, + mbedtls_ssl_key_set const *traffic_keys, + mbedtls_ssl_context *ssl /* DEBUG ONLY */ ) +{ + int ret; + mbedtls_cipher_info_t const *cipher_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + unsigned char const *key_enc; + unsigned char const *iv_enc; + unsigned char const *key_dec; + unsigned char const *iv_dec; + +#if !defined(MBEDTLS_DEBUG_C) + ssl = NULL; /* make sure we don't use it except for those cases */ + (void) ssl; +#endif + + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); + + cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); + if( cipher_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Setup cipher contexts in target transform + */ + + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_SRV_C) + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + { + key_enc = traffic_keys->server_write_key; + key_dec = traffic_keys->client_write_key; + iv_enc = traffic_keys->server_write_iv; + iv_dec = traffic_keys->client_write_iv; + } + else +#endif /* MBEDTLS_SSL_SRV_C */ +#if defined(MBEDTLS_SSL_CLI_C) + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + key_enc = traffic_keys->client_write_key; + key_dec = traffic_keys->server_write_key; + iv_enc = traffic_keys->client_write_iv; + iv_dec = traffic_keys->server_write_iv; + } + else +#endif /* MBEDTLS_SSL_CLI_C */ + { + /* should not happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( transform->iv_enc, iv_enc, traffic_keys->iv_len ); + memcpy( transform->iv_dec, iv_dec, traffic_keys->iv_len ); + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, + key_enc, cipher_info->key_bitlen, + MBEDTLS_ENCRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, + key_dec, cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + + /* + * Setup other fields in SSL transform + */ + + if( ( ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ) != 0 ) + transform->taglen = 8; + else + transform->taglen = 16; + + transform->ivlen = traffic_keys->iv_len; + transform->maclen = 0; + transform->fixed_ivlen = transform->ivlen; + transform->minlen = transform->taglen + 1; + transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4; + + return( 0 ); +} + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 3b96998aed..ca892b1665 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -498,4 +498,37 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl, unsigned char const *transcript, unsigned char *result ); +/** + * \bref Setup an SSL transform structure representing the + * record protection mechanism used by TLS 1.3 + * + * \param transform The SSL transform structure to be created. This must have + * been initialized through mbedtls_ssl_transform_init() and + * not used in any other way prior to calling this function. + * In particular, this function does not clean up the + * transform structure prior to installing the new keys. + * \param endpoint Indicates whether the transform is for the client + * (value #MBEDTLS_SSL_IS_CLIENT) or the server + * (value #MBEDTLS_SSL_IS_SERVER). + * \param ciphersuite The numerical identifier for the ciphersuite to use. + * This must be one of the identifiers listed in + * ssl_ciphersuites.h. + * \param traffic_keys The key material to use. No reference is stored in + * the SSL transform being generated, and the caller + * should destroy the key material afterwards. + * \param ssl (Debug-only) The SSL context to use for debug output + * in case of failure. This parameter is only needed if + * #MBEDTLS_DEBUG_C is set, and is ignored otherwise. + * + * \return \c 0 on success. In this case, \p transform is ready to + * be used with mbedtls_ssl_transform_decrypt() and + * mbedtls_ssl_transform_encrypt(). + * \return A negative error code on failure. + */ +int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, + int endpoint, + int ciphersuite, + mbedtls_ssl_key_set const *traffic_keys, + mbedtls_ssl_context *ssl ); + #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ From 79e2d1b6f6eb5c07370afe20c20af00a727a190b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 11:42:19 +0000 Subject: [PATCH 0835/1065] Fix AEAD additional data computation for TLS 1.3 The AEAD additional data (AAD) is computed differently in TLS 1.3 compared to TLS 1.2, but this change hasn't yet been reflected in the codee, rendering the current implementation of ``` mbedtls_ssl_{encrypt,decrypt}_buf() ``` not standard compliant. This commit fixes this by adjusting the AAD extraction function ssl_extract_add_data_from_record() and its call-sites. Please see the documentation of the code for an explanation of how the AAD has changed from TLS 1.2 to TLS 1.3. Signed-off-by: Hanno Becker --- library/ssl_msg.c | 53 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 12 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 76cc2b17d4..cf2eab56bf 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -384,7 +384,8 @@ static int ssl_parse_inner_plaintext( unsigned char const *content, static void ssl_extract_add_data_from_record( unsigned char* add_data, size_t *add_data_len, mbedtls_record *rec, - unsigned minor_ver ) + unsigned minor_ver, + size_t taglen ) { /* Quoting RFC 5246 (TLS 1.2): * @@ -403,15 +404,37 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, * * For TLS 1.3, the record sequence number is dropped from the AAD * and encoded within the nonce of the AEAD operation instead. + * Moreover, the additional data involves the length of the TLS + * ciphertext, not the TLS plaintext as in earlier versions. + * Quoting RFC 8446 (TLS 1.3): + * + * additional_data = TLSCiphertext.opaque_type || + * TLSCiphertext.legacy_record_version || + * TLSCiphertext.length + * + * We pass the tag length to this function in order to compute the + * ciphertext length from the inner plaintext length rec->data_len via + * + * TLSCiphertext.length = TLSInnerPlaintext.length + taglen. + * */ unsigned char *cur = add_data; + size_t ad_len_field = rec->data_len; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + /* In TLS 1.3, the AAD contains the length of the TLSCiphertext, + * which differs from the length of the TLSInnerPlaintext + * by the length of the authentication tag. */ + ad_len_field += taglen; + } + else #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ { ((void) minor_ver); + ((void) taglen); memcpy( cur, rec->ctr, sizeof( rec->ctr ) ); cur += sizeof( rec->ctr ); } @@ -431,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = ( ad_len_field >> 8 ) & 0xFF; + cur[1] = ( ad_len_field >> 0 ) & 0xFF; cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( rec->data_len >> 8 ) & 0xFF; - cur[1] = ( rec->data_len >> 0 ) & 0xFF; + cur[0] = ( ad_len_field >> 8 ) & 0xFF; + cur[1] = ( ad_len_field >> 0 ) & 0xFF; cur += 2; } @@ -646,7 +669,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, unsigned char mac[MBEDTLS_SSL_MAC_ADD]; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, add_data_len ); @@ -743,7 +767,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * This depends on the TLS version. */ ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", iv, transform->ivlen ); @@ -897,7 +922,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } ssl_extract_add_data_from_record( add_data, &add_data_len, - rec, transform->minor_ver ); + rec, transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, @@ -1304,7 +1330,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * This depends on the TLS version. */ ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", add_data, add_data_len ); @@ -1414,7 +1441,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Further, we still know that data_len > minlen */ rec->data_len -= transform->maclen; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); /* Calculate expected MAC. */ MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, @@ -1606,7 +1634,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, */ rec->data_len -= transform->maclen; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + transform->minor_ver, + transform->taglen ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* From a77d005d39e78b55231311d034f2187eae8d5929 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 15:16:33 +0000 Subject: [PATCH 0836/1065] Add known answer tests for TLS 1.3 record protection This commit adds four known answer tests for TLS 1.3 record protection from the following sources: - RFC 8448 "Example Handshake Traces for TLS 1.3" - tls13.ulfheim.net "The New Illustrated TLS Connection" It extends the test coverage of the existing record protection tests in the following ways: - The existing record protection tests hand-craft record transform structures; the new tests use the function mbedtls_ssl_tls13_populate_transform() from library source to create an TLS 1.3 transform from raw key material and connection information. - The existing record protection tests only check that encryption and decryption are inverse to each other; as such, they don't catch non-compliant implementations of encryption and decryption which happen to be inverse to each other. By adding a known answer test for TLS 1.3 record protection, can gain confidence that our implementation is indeed standards-compliant. Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 55 ++++++++++++++++++ tests/suites/test_suite_ssl.function | 86 ++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 5d92469ad7..efedd06154 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6021,6 +6021,61 @@ SSL TLS 1.3 Key schedule: Handshake secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803" +SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1 +# - Server App Key: 0b6d22c8ff68097ea871c672073773bf +# - Server App IV: 1b13dd9f8d8f17091d34b349 +# - Client App Key: 49134b95328f279f0183860589ac6707 +# - Client App IV: bc4dd5f7b98acff85466261d +# - App data payload: 70696e67 +# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" + +SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 +# - Server App Key: 0b6d22c8ff68097ea871c672073773bf +# - Server App IV: 1b13dd9f8d8f17091d34b349 +# - Client App Key: 49134b95328f279f0183860589ac6707 +# - Client App IV: bc4dd5f7b98acff85466261d +# - App data payload: 706f6e67 +# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" + +SSL TLS 1.3 Record Encryption RFC 8448 Example #1 +# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3 +# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56 +# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84 +# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51 +# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9 +# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f +# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f +# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f +# 30 31 +# - Complete record: 17 03 03 00 43 a2 3f 70 54 b6 2c 94 d0 af fa fe +# 82 28 ba 55 cb ef ac ea 42 f9 14 aa 66 bc ab 3f +# 2b 98 19 a8 a5 b4 6b 39 5b d5 4a 9a 20 44 1e 2b +# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6 +# 3a ee bb 21 69 49 15 e4 +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" + +SSL TLS 1.3 Record Encryption RFC 8448 Example #2 +# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3 +# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56 +# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84 +# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51 +# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9 +# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f +# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f +# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f +# 30 31 +# - Complete record: 17 03 03 00 43 2e 93 7e 11 ef 4a c7 40 e5 38 ad +# 36 00 5f c4 a4 69 32 fc 32 25 d0 5f 82 aa 1b 36 +# e3 0e fa f9 7d 90 e6 df fc 60 2d cb 50 1a 59 a8 +# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54 +# 0d d0 32 e1 67 c2 95 5d +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" + +SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE +ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE + SSL TLS 1.3 Key schedule: Application secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 081e8a45a6..a83d6e2bef 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3943,6 +3943,92 @@ void ssl_tls1_3_create_psk_binder( int hash_alg, } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_record_protection( int ciphersuite, + int endpoint, + int ctr, + data_t *server_write_key, + data_t *server_write_iv, + data_t *client_write_key, + data_t *client_write_iv, + data_t *plaintext, + data_t *ciphertext ) +{ + mbedtls_ssl_key_set keys; + mbedtls_ssl_transform transform_send; + mbedtls_ssl_transform transform_recv; + mbedtls_record rec; + unsigned char *buf = NULL; + int other_endpoint; + + TEST_ASSERT( endpoint == MBEDTLS_SSL_IS_CLIENT || + endpoint == MBEDTLS_SSL_IS_SERVER ); + + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + other_endpoint = MBEDTLS_SSL_IS_CLIENT; + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) + other_endpoint = MBEDTLS_SSL_IS_SERVER; + + TEST_ASSERT( server_write_key->len == client_write_key->len ); + TEST_ASSERT( server_write_iv->len == client_write_iv->len ); + + memcpy( keys.client_write_key, + client_write_key->x, client_write_key->len ); + memcpy( keys.client_write_iv, + client_write_iv->x, client_write_iv->len ); + memcpy( keys.server_write_key, + server_write_key->x, server_write_key->len ); + memcpy( keys.server_write_iv, + server_write_iv->x, server_write_iv->len ); + + keys.key_len = server_write_key->len; + keys.iv_len = server_write_iv->len; + + mbedtls_ssl_transform_init( &transform_recv ); + mbedtls_ssl_transform_init( &transform_send ); + + TEST_ASSERT( mbedtls_ssl_tls13_populate_transform( + &transform_send, endpoint, + ciphersuite, &keys, NULL ) == 0 ); + TEST_ASSERT( mbedtls_ssl_tls13_populate_transform( + &transform_recv, other_endpoint, + ciphersuite, &keys, NULL ) == 0 ); + + ASSERT_ALLOC( buf, ciphertext->len ); + rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_TRANSPORT_STREAM, + rec.ver ); + + /* Copy plaintext into record structure */ + rec.buf = buf; + rec.buf_len = ciphertext->len; + rec.data_offset = 0; + TEST_ASSERT( plaintext->len <= ciphertext->len ); + memcpy( rec.buf + rec.data_offset, plaintext->x, plaintext->len ); + rec.data_len = plaintext->len; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + rec.cid_len = 0; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + memset( &rec.ctr[0], 0, 8 ); + rec.ctr[7] = ctr; + + TEST_ASSERT( mbedtls_ssl_encrypt_buf( NULL, &transform_send, &rec, + NULL, NULL ) == 0 ); + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + ciphertext->x, ciphertext->len ); + + TEST_ASSERT( mbedtls_ssl_decrypt_buf( NULL, &transform_recv, &rec ) == 0 ); + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + plaintext->x, plaintext->len ); + + mbedtls_ssl_transform_free( &transform_send ); + mbedtls_ssl_transform_free( &transform_recv ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ void ssl_tls1_3_key_evolution( int hash_alg, data_t *secret, From 80e760e00642836a19e7c05efad3ac34a57230be Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Mar 2021 06:00:21 +0000 Subject: [PATCH 0837/1065] Fix memory leak in TLS 1.3 record protection unit test Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index a83d6e2bef..554e7b86e2 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4024,6 +4024,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, plaintext->x, plaintext->len ); + mbedtls_free( buf ); mbedtls_ssl_transform_free( &transform_send ); mbedtls_ssl_transform_free( &transform_recv ); } From 7887a77c2507bfbddd2238a0a1a06f9b19d7f64e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:27:57 +0100 Subject: [PATCH 0838/1065] Match parameter check in TLS 1.3 populate transform to 1.2 version Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 28313130f7..0977cabb34 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -719,12 +719,19 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, #endif ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); + if( ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found", + ciphersuite ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); if( cipher_info == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", + ciphersuite_info->cipher ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ) } /* From edd5bf0a95d05d72c405be84011ea9638d2b966d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:32:16 +0100 Subject: [PATCH 0839/1065] Fix and document minimum length of record ciphertext in TLS 1.3 Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 0977cabb34..8270009c76 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -808,9 +808,15 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = traffic_keys->iv_len; transform->maclen = 0; transform->fixed_ivlen = transform->ivlen; - transform->minlen = transform->taglen + 1; transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4; + /* We add the true record content type (1 Byte) to the plaintext and + * then pad to the configured granularity. The mimimum length of the + * type-extended and padded plaintext is therefore the padding + * granularity. */ + transform->minlen = + transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY; + return( 0 ); } From 41537452f495a7ee448a7bd4d0d5f566341263d6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Apr 2021 05:35:28 +0100 Subject: [PATCH 0840/1065] Add comment regarding the wire-version used in TLS 1.3 records Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 554e7b86e2..2e09907228 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3996,6 +3996,8 @@ void ssl_tls1_3_record_protection( int ciphersuite, ASSERT_ALLOC( buf, ciphertext->len ); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + + /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_TRANSPORT_STREAM, From f62a730e80ebdc976d32b1d0f52078273ee1fb7f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 05:21:28 +0100 Subject: [PATCH 0841/1065] Add missing semicolon in TLS 1.3 transform generation code Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 8270009c76..91384f281f 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -731,7 +731,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", ciphersuite_info->cipher ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } /* From c0da10dc3a491a4aab41503c12921e11fe7b9fb7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 05:32:23 +0100 Subject: [PATCH 0842/1065] Remove TLS 1.3 specific code from TLS <= 1.2 transform generator Signed-off-by: Hanno Becker --- library/ssl_tls.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 33f4e601c3..88a3e745ef 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -714,6 +714,15 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) ); #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + /* At the moment, we keep TLS <= 1.2 and TLS 1.3 transform + * generation separate. This should never happen. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Get various info structures */ @@ -806,19 +815,10 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, * sequence number). */ transform->ivlen = 12; -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) transform->fixed_ivlen = 12; - } else -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - { - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - transform->fixed_ivlen = 12; - else - transform->fixed_ivlen = 4; - } + transform->fixed_ivlen = 4; /* Minimum length of encrypted record */ explicit_ivlen = transform->ivlen - transform->fixed_ivlen; From dfba065d80adc007e81288e3655de82dfefb56d5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:16:57 +0100 Subject: [PATCH 0843/1065] Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity Signed-off-by: Hanno Becker --- library/ssl_tls13_keys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 91384f281f..902f99ea81 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -815,7 +815,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, * type-extended and padded plaintext is therefore the padding * granularity. */ transform->minlen = - transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY; + transform->taglen + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY; return( 0 ); } From 1f91878281cdb680c98f33a3312d1fce56f45eba Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:18:28 +0100 Subject: [PATCH 0844/1065] Specify padding granularity in TLS 1.3 record protection KATs Still check that encryption and decryption are inverse to each other if the granularity does not match the one used in the KAT. Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 ++++++++---- tests/suites/test_suite_ssl.function | 17 +++++++++++++---- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index efedd06154..04f6e1d344 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6028,7 +6028,8 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1 # - Client App IV: bc4dd5f7b98acff85466261d # - App data payload: 70696e67 # - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 # - Server App Key: 0b6d22c8ff68097ea871c672073773bf @@ -6037,7 +6038,8 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 # - Client App IV: bc4dd5f7b98acff85466261d # - App data payload: 706f6e67 # - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" SSL TLS 1.3 Record Encryption RFC 8448 Example #1 # Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3 @@ -6054,7 +6056,8 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1 # 2b 98 19 a8 a5 b4 6b 39 5b d5 4a 9a 20 44 1e 2b # 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6 # 3a ee bb 21 69 49 15 e4 -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3 @@ -6071,7 +6074,8 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # e3 0e fa f9 7d 90 e6 df fc 60 2d cb 50 1a 59 a8 # fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54 # 0d d0 32 e1 67 c2 95 5d -ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" +# - Padding used: No (== granularity 1) +ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2e09907228..6d8a9e8671 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3947,6 +3947,7 @@ void ssl_tls1_3_create_psk_binder( int hash_alg, void ssl_tls1_3_record_protection( int ciphersuite, int endpoint, int ctr, + int padding_used, data_t *server_write_key, data_t *server_write_iv, data_t *client_write_key, @@ -3959,6 +3960,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, mbedtls_ssl_transform transform_recv; mbedtls_record rec; unsigned char *buf = NULL; + size_t buf_len; int other_endpoint; TEST_ASSERT( endpoint == MBEDTLS_SSL_IS_CLIENT || @@ -3994,7 +3996,10 @@ void ssl_tls1_3_record_protection( int ciphersuite, &transform_recv, other_endpoint, ciphersuite, &keys, NULL ) == 0 ); - ASSERT_ALLOC( buf, ciphertext->len ); + /* Make sure we have enough space in the buffer even if + * we use more padding than the KAT. */ + buf_len = ciphertext->len + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY; + ASSERT_ALLOC( buf, buf_len ); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ @@ -4005,7 +4010,7 @@ void ssl_tls1_3_record_protection( int ciphersuite, /* Copy plaintext into record structure */ rec.buf = buf; - rec.buf_len = ciphertext->len; + rec.buf_len = buf_len; rec.data_offset = 0; TEST_ASSERT( plaintext->len <= ciphertext->len ); memcpy( rec.buf + rec.data_offset, plaintext->x, plaintext->len ); @@ -4019,8 +4024,12 @@ void ssl_tls1_3_record_protection( int ciphersuite, TEST_ASSERT( mbedtls_ssl_encrypt_buf( NULL, &transform_send, &rec, NULL, NULL ) == 0 ); - ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, - ciphertext->x, ciphertext->len ); + + if( padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY ) + { + ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, + ciphertext->x, ciphertext->len ); + } TEST_ASSERT( mbedtls_ssl_decrypt_buf( NULL, &transform_recv, &rec ) == 0 ); ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len, From 6c53ecc01db4212da1a8715afe1abc599a9c6f0d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 19:20:10 +0100 Subject: [PATCH 0845/1065] all.sh: Run basic TLS 1.3 with and without record padding Signed-off-by: Hanno Becker --- tests/scripts/all.sh | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f8e43c8714..5d2710cadc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2437,11 +2437,22 @@ component_build_armcc () { } component_test_tls13_experimental () { - msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled" + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding" scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL + scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make - msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled" + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding" + make test +} + +component_test_tls13_experimental_with_padding () { + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding" + scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL + scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding" make test } From d7e4b2ce4267c681a72e31faa2611b3250ee1541 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 1 Aug 2021 20:13:06 +0100 Subject: [PATCH 0846/1065] Remove duplicated test from SSL test suite Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 04f6e1d344..25eefb3ab9 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -6077,9 +6077,6 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # - Padding used: No (== granularity 1) ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE -ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE - SSL TLS 1.3 Key schedule: Application secrets derivation helper # Vector from RFC 8448 ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" From fa0d61e559c5aba87cf1f2a09da30dce8b51b5c5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 08:56:14 +0100 Subject: [PATCH 0847/1065] Fix typo Signed-off-by: Hanno Becker --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 83ffef7c28..d03b28f667 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4560,7 +4560,7 @@ static unsigned char ssl_serialized_session_header[] = { * // configuration options which influence * // the structure of mbedtls_ssl_session. * - * uint8_t minor_ver; // Protol-version. Possible values: + * uint8_t minor_ver; // Protocol-version. Possible values: * // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3) * * select (serialized_session.minor_ver) { From 47b09567abc411252a3e2552eda63433c79e6bbd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 26 Jul 2021 18:39:53 +0200 Subject: [PATCH 0848/1065] More flexible parsing of Doxygen comments for MBEDTLS_ERR_xxx Before this commit, definitions of error codes must match a strict pattern, with a Doxygen comment following the definition on the same line and starting with "/**<". Change how generate_errors.pl so that the Doxygen comment can be before the definition instead of after, and doesn't have to be on the same line. Also allow spaces between "#" and "define", and allow Doxygen comments to start with "/*!" rather than "/**". Starting with "///" or "//!" is not supported. This commit does not change the output of generate_errors.pl. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 45 +++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 15 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index e7ee579344..f26c419893 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -53,26 +53,46 @@ my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 RSA SSL X509 ); -my $line_separator = $/; undef $/; open(FORMAT_FILE, '<:crlf', "$error_format_file") or die "Opening error format file '$error_format_file': $!"; my $error_format = ; close(FORMAT_FILE); -$/ = $line_separator; - my @files = <$include_dir/*.h>; my @necessary_include_files; my @matches; foreach my $file (@files) { open(FILE, '<:crlf', "$file"); - my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, ); - push(@matches, @grep_res); + my $content = ; close FILE; - my $include_name = $file; - $include_name =~ s!.*/!!; - push @necessary_include_files, $include_name if @grep_res; + my $found = 0; + while ($content =~ m[ + (?:/\*[*!]([^<](?:[^*]|\*+[^*/])*)\*/)? + \s*\#\s*define\s+(MBEDTLS_ERR_\w+)\s+\-(0[Xx][0-9A-Fa-f]+)\s* + (?:/\*[*!]<((?:[^*]|\*+[^*/])*)\*/)? + ]gsx) { + my ($before, $name, $value, $after) = ($1, $2, $3, $4); + # Discard Doxygen comments that are coincidentally present before + # an error definition but not attached to it. This is ad hoc, based + # on what actually matters (or mattered at some point). + undef $before if $before =~ /\s*\\name\s/s; + die "Description neither before nor after $name in $file\n" + if !defined($before) && !defined($after); + die "Description both before and after $name in $file\n" + if defined($before) && defined($after); + my $description = (defined($before) ? $before : $after); + $description =~ s/^\s+//; + $description =~ s/\n( \*)?//g; + $description =~ s/\.?\s+$//; + push @matches, [$name, $value, $description]; + ++$found; + } + if ($found) { + my $include_name = $file; + $include_name =~ s!.*/!!; + push @necessary_include_files, $include_name; + } } my $ll_old_define = ""; @@ -86,19 +106,14 @@ my %included_headers; my %error_codes_seen; -foreach my $line (@matches) +foreach my $match (@matches) { - my ($error_name, $error_code) = $line =~ /(MBEDTLS_ERR_\w+)\s+\-(0x\w+)/; - my ($description) = $line =~ /\/\*\*< (.*?)\.? \*\//; + my ($error_name, $error_code, $description) = @$match; die "Duplicated error code: $error_code ($error_name)\n" if( $error_codes_seen{$error_code}++ ); $description =~ s/\\/\\\\/g; - if ($description eq "") { - $description = "DESCRIPTION MISSING"; - warn "Missing description for $error_name\n"; - } my ($module_name) = $error_name =~ /^MBEDTLS_ERR_([^_]+)/; From 05aa543b73ae52ddd526afefc1e9b09c6e0a8deb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 26 Jul 2021 18:45:22 +0200 Subject: [PATCH 0849/1065] Better support multiline comments for MBEDTLS_ERR_xxx They were recognized by a prior commit. In this commit, replace line breaks (with optional comment continuation marker) by spaces. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index f26c419893..33b14ee2a9 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -83,7 +83,7 @@ foreach my $file (@files) { if defined($before) && defined($after); my $description = (defined($before) ? $before : $after); $description =~ s/^\s+//; - $description =~ s/\n( \*)?//g; + $description =~ s/\n( *\*)? */ /g; $description =~ s/\.?\s+$//; push @matches, [$name, $value, $description]; ++$found; From d297157fe8363f787ec91ce523585494e56143db Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 26 Jul 2021 18:48:10 +0200 Subject: [PATCH 0850/1065] Move MBEDTLS_ERR_xxx Doxygen comments before the definition Now that descriptions of error codes no longer have to be on the same line for the sake of generate_errors.pl, move them to their own line before the definition. This aligns them with what we do for other definitions, and means that we no longer need to have very long lines containing both the C definition and the comment. ``` perl -i -pe 's~^(#define +MBEDTLS_ERR_\w+ +-\w+) */\*[*!]<(.*)\*/~/**$2*/\n$1~' include/mbedtls/*.h ``` This commit does not change the output of generate_errors.pl. Signed-off-by: Gilles Peskine --- include/mbedtls/aes.h | 9 ++- include/mbedtls/aria.h | 6 +- include/mbedtls/asn1.h | 21 ++++-- include/mbedtls/base64.h | 6 +- include/mbedtls/bignum.h | 24 ++++--- include/mbedtls/camellia.h | 6 +- include/mbedtls/ccm.h | 6 +- include/mbedtls/chacha20.h | 3 +- include/mbedtls/chachapoly.h | 6 +- include/mbedtls/cipher.h | 21 ++++-- include/mbedtls/ctr_drbg.h | 12 ++-- include/mbedtls/des.h | 3 +- include/mbedtls/dhm.h | 30 +++++--- include/mbedtls/ecp.h | 27 ++++--- include/mbedtls/entropy.h | 15 ++-- include/mbedtls/error.h | 12 ++-- include/mbedtls/gcm.h | 6 +- include/mbedtls/hkdf.h | 3 +- include/mbedtls/hmac_drbg.h | 12 ++-- include/mbedtls/md.h | 12 ++-- include/mbedtls/net_sockets.h | 39 ++++++---- include/mbedtls/oid.h | 6 +- include/mbedtls/pem.h | 27 ++++--- include/mbedtls/pk.h | 45 ++++++++---- include/mbedtls/pkcs12.h | 12 ++-- include/mbedtls/pkcs5.h | 12 ++-- include/mbedtls/poly1305.h | 3 +- include/mbedtls/rsa.h | 27 ++++--- include/mbedtls/sha1.h | 3 +- include/mbedtls/sha256.h | 3 +- include/mbedtls/sha512.h | 3 +- include/mbedtls/ssl.h | 132 ++++++++++++++++++++++------------ include/mbedtls/threading.h | 6 +- include/mbedtls/x509.h | 60 ++++++++++------ 34 files changed, 412 insertions(+), 206 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 0050980835..879c3f2a14 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -51,11 +51,14 @@ #define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */ /* Error codes in range 0x0020-0x0022 */ -#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ +/** Invalid key length. */ +#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 +/** Invalid data input length. */ +#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /* Error codes in range 0x0021-0x0025 */ -#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ +/** Invalid input data. */ +#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 08547068c7..1a96d153ab 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -44,9 +44,11 @@ #define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */ #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */ -#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */ +/** Bad input data. */ +#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C -#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */ +/** Invalid data input length. */ +#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 4668581095..f45fc17511 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -43,13 +43,20 @@ * ASN1 is a standard to specify data structures. * \{ */ -#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ -#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ -#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ -#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ -#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */ -#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */ -#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ +/** Out of data when parsing an ASN1 data structure. */ +#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 +/** ASN1 tag was of an unexpected value. */ +#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 +/** Error when trying to determine the length or invalid length. */ +#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 +/** Actual length differs from expected length. */ +#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 +/** Data is invalid. */ +#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 +/** Memory allocation failed */ +#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A +/** Buffer too small when writing ASN.1 data structure. */ +#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /* \} name */ diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index e3938b40e3..8378589f31 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -26,8 +26,10 @@ #include -#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ -#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ +/** Output buffer too small. */ +#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A +/** Invalid character in input. */ +#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 7fef599846..45d3119910 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -32,14 +32,22 @@ #include #endif -#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ -#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ -#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ -#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ -#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ -#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ -#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */ +/** An error occurred while reading from or writing to a file. */ +#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 +/** There is an invalid character in the digit string. */ +#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 +/** The buffer is too small to write to. */ +#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 +/** The input arguments are negative or result in illegal output. */ +#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A +/** The input argument for division is zero, which is not allowed. */ +#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C +/** The input arguments are not acceptable. */ +#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E +/** Memory allocation failed. */ +#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 #define MBEDTLS_MPI_CHK(f) \ do \ diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 6a09da88b5..6feeaf049b 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -33,9 +33,11 @@ #define MBEDTLS_CAMELLIA_ENCRYPT 1 #define MBEDTLS_CAMELLIA_DECRYPT 0 -#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */ +/** Bad input data. */ +#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 -#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ +/** Invalid data input length. */ +#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 6613cee7d4..b3adecc4fb 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -57,8 +57,10 @@ #define MBEDTLS_CCM_STAR_DECRYPT 2 #define MBEDTLS_CCM_STAR_ENCRYPT 3 -#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ -#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ +/** Bad input parameters to the function. */ +#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D +/** Authenticated decryption failed. */ +#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index 25e1a263ab..8af16ede9b 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -38,7 +38,8 @@ #include #include -#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */ +/** Invalid input parameter(s). */ +#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 3f6e4a3315..3f4318fb0d 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -38,8 +38,10 @@ /* for shared error codes */ #include "mbedtls/poly1305.h" -#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */ -#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */ +/** The requested operation is not permitted in the current state. */ +#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 +/** Authenticated decryption failed: data was not authentic. */ +#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 7afdc6ac97..9c9a2e88cd 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -51,13 +51,20 @@ #define inline __inline #endif -#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ -#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */ -#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ -#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ -#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ -#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ -#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ +/** The selected feature is not available. */ +#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 +/** Bad input parameters. */ +#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 +/** Failed to allocate memory. */ +#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 +/** Input data contains invalid padding and is rejected. */ +#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 +/** Decryption of block requires a full block. */ +#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 +/** Authentication failed (for AEAD modes). */ +#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 +/** The context is invalid. For example, because it was freed. */ +#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */ diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index c188b08ae2..959a5d57c4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -50,10 +50,14 @@ #include "mbedtls/threading.h" #endif -#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ -#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< The requested random buffer length is too big. */ -#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< The input (entropy + additional data) is too large. */ -#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read or write error in file. */ +/** The entropy source failed. */ +#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 +/** The requested random buffer length is too big. */ +#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 +/** The input (entropy + additional data) is too large. */ +#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 +/** Read or write error in file. */ +#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */ diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 9e2f6839f4..63a8e00d1c 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -36,7 +36,8 @@ #define MBEDTLS_DES_ENCRYPT 1 #define MBEDTLS_DES_DECRYPT 0 -#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ +/** The data input has an invalid length. */ +#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 #define MBEDTLS_DES_KEY_SIZE 8 diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 75baed951b..32a957d5a5 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -70,16 +70,26 @@ /* * DHM Error codes */ -#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */ -#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ -#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ -#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ -#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ -#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ -#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ -#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ -#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */ -#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */ +/** Bad input parameters. */ +#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 +/** Reading of the DHM parameters failed. */ +#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 +/** Making of the DHM parameters failed. */ +#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 +/** Reading of the public values failed. */ +#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 +/** Making of the public value failed. */ +#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 +/** Calculation of the DHM secret failed. */ +#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 +/** The ASN.1 data is not formatted correctly. */ +#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 +/** Allocation of memory failed. */ +#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 +/** Read or write of file failed. */ +#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 +/** Setting the modulus and generator failed. */ +#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /** Which parameter to access in mbedtls_dhm_get_value(). */ typedef enum diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index b87114bc72..384d0608a7 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -42,15 +42,24 @@ /* * ECP error codes */ -#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */ -#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< The requested feature is not available, for example, the requested curve is not supported. */ -#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */ -#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ -#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as ephemeral key, failed. */ -#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ -#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */ -#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 +/** The buffer is too small to write to. */ +#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 +/** The requested feature is not available, for example, the requested curve is not supported. */ +#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 +/** The signature is not valid. */ +#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 +/** Memory allocation failed. */ +#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 +/** Generation of random value, such as ephemeral key, failed. */ +#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 +/** Invalid private or public key. */ +#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 +/** The buffer contains a valid signature followed by more data. */ +#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 +/** Operation in progress, call again with the same parameters to continue. */ +#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /* Flags indicating whether to include code that is specific to certain * types of curves. These flags are for internal library use only. */ diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index a16a3753fb..128ec82529 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -42,11 +42,16 @@ #endif -#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ -#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ -#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ -#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D /**< No strong sources have been added to poll. */ -#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /**< Read/write error in file. */ +/** Critical entropy source failure. */ +#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C +/** No more sources can be added. */ +#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E +/** No sources have been added to poll. */ +#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 +/** No strong sources have been added to poll. */ +#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D +/** Read/write error in file. */ +#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /** * \name SECTION: Module settings diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 9a8690dc1a..27420ce4fc 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -108,11 +108,15 @@ extern "C" { #endif -#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ -#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ +/** Generic error */ +#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 +/** This is a bug in the library */ +#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E -#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ -#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */ +/** Hardware accelerator failed */ +#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 +/** The requested feature is not supported by the platform */ +#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /** * \brief Combines a high-level and low-level error code together. diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index d1219bb1a4..9d9155fc5b 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -41,8 +41,10 @@ #define MBEDTLS_GCM_ENCRYPT 1 #define MBEDTLS_GCM_DECRYPT 0 -#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ -#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ +/** Authenticated decryption failed. */ +#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 81a627014e..e6bfe05602 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -33,7 +33,8 @@ * \name HKDF Error codes * \{ */ -#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /**< Bad input parameters to function. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /* \} name */ #ifdef __cplusplus diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 0df8ee8554..0f1653f7a0 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -38,10 +38,14 @@ /* * Error codes */ -#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ -#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ -#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ -#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */ +/** Too many random requested in single call. */ +#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 +/** Input too large (Entropy + additional). */ +#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 +/** Read/write error in file. */ +#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 +/** The entropy source failed. */ +#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /** * \name SECTION: Module settings diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 1170bc1ad5..fa2b152f96 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -30,10 +30,14 @@ #include "mbedtls/build_info.h" -#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ -#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ -#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ +/** The selected feature is not available. */ +#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 +/** Failed to allocate memory. */ +#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 +/** Opening or reading of file failed. */ +#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 7b77329a81..c8214a2335 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -46,19 +46,32 @@ #include #include -#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ -#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ -#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ -#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ -#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ -#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ -#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ -#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ -#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ -#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ -#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ -#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */ -#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */ +/** Failed to open a socket. */ +#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 +/** The connection to the given server / port failed. */ +#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 +/** Binding of the socket failed. */ +#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 +/** Could not listen on the socket. */ +#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 +/** Could not accept the incoming connection. */ +#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A +/** Reading information from the socket failed. */ +#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C +/** Sending information through the socket failed. */ +#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E +/** Connection was reset by peer. */ +#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 +/** Failed to get an IP address for the given hostname. */ +#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 +/** Buffer is too small to hold the data. */ +#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 +/** The context is invalid, eg because it was free()ed. */ +#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 +/** Polling the net context failed. */ +#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 +/** Input invalid. */ +#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 #define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 9e68e91979..836e455b34 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -38,8 +38,10 @@ #include "mbedtls/md.h" #endif -#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ -#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */ +/** OID is not found. */ +#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E +/** output buffer is too small */ +#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /* This is for the benefit of X.509, but defined here in order to avoid * having a "backwards" include of x.509.h here */ diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index a01a296b40..baceb07623 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -33,15 +33,24 @@ * PEM data. * \{ */ -#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ -#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ -#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ -#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ -#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ -#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ -#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ -#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ -#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ +/** No PEM header or footer found. */ +#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 +/** PEM string is not as expected. */ +#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 +/** Failed to allocate memory. */ +#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 +/** RSA IV is not in hex-format. */ +#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 +/** Unsupported key encryption algorithm. */ +#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 +/** Private key password can't be empty. */ +#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 +/** Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 +/** Unavailable feature, e.g. hashing/encryption combination. */ +#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /* \} name */ #ifdef __cplusplus diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index f3553ccc6b..ded52225f2 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -49,21 +49,36 @@ #define inline __inline #endif -#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */ -#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ -#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */ -#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */ -#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */ -#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ -#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */ -#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */ -#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ -#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ -#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ -#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ -#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ -#define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880 /**< The output buffer is too small. */ +/** Memory allocation failed. */ +#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 +/** Type mismatch, eg attempt to encrypt with an ECDSA key */ +#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 +/** Read/write of file failed. */ +#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 +/** Unsupported key version */ +#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 +/** Invalid key tag or value. */ +#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 +/** Key algorithm is unsupported (only RSA and EC are supported). */ +#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 +/** Private key password can't be empty. */ +#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 +/** Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 +/** The pubkey tag or value is invalid (only RSA and EC are supported). */ +#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 +/** The algorithm tag or value is invalid. */ +#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 +/** Elliptic curve is unsupported (only NIST curves are supported). */ +#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 +/** Unavailable feature, e.g. RSA disabled for RSA key. */ +#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 +/** The buffer contains a valid signature followed by more data. */ +#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 +/** The output buffer is too small. */ +#define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index de139ac6b8..cded903f4e 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -30,10 +30,14 @@ #include -#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ -#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ -#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 +/** Feature not available, e.g. unsupported encryption scheme. */ +#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 +/** PBE ASN.1 data not as expected. */ +#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 +/** Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 #define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ #define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */ diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index c339398a7c..71d716be71 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -32,10 +32,14 @@ #include #include -#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */ -#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */ -#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 +/** Unexpected ASN.1 data. */ +#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 +/** Requested encryption or digest alg not available. */ +#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 +/** Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 #define MBEDTLS_PKCS5_DECRYPT 0 #define MBEDTLS_PKCS5_ENCRYPT 1 diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 7984ca4b7d..6657aa2e1f 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -38,7 +38,8 @@ #include #include -#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */ +/** Invalid input parameter(s). */ +#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index cffbe3b508..d03c31d71b 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -41,15 +41,24 @@ /* * RSA Error codes */ -#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ -#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ -#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the validity check of the library. */ -#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ -#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ -#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ -#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ -#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 +/** Input data contains invalid padding and is rejected. */ +#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 +/** Something failed during generation of a key. */ +#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 +/** Key failed to pass the validity check of the library. */ +#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 +/** The public key operation failed. */ +#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 +/** The private key operation failed. */ +#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 +/** The PKCS#1 verification failed. */ +#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 +/** The output buffer for decryption is not large enough. */ +#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 +/** The random generator failed to generate non-zeros. */ +#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /* * RSA constants diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index d2db67ca6f..6b55174a5e 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -35,7 +35,8 @@ #include #include -#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */ +/** SHA-1 input data was malformed. */ +#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 7f42c2c900..9e6f59dc4b 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -31,7 +31,8 @@ #include #include -#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */ +/** SHA-256 input data was malformed. */ +#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index c43b9075e3..48901cc39d 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -30,7 +30,8 @@ #include #include -#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */ +/** SHA-512 input data was malformed. */ +#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3a14a58307..d3ab1c486f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -59,27 +59,45 @@ /* * SSL Error codes */ -#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ -#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ -#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ -#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ -#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */ +/** A cryptographic operation is in progress. Try again later. */ +#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 +/** The requested feature is not available. */ +#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 +/** Verification of the message MAC failed. */ +#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 +/** An invalid SSL record was received. */ +#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 +/** The connection indicated an EOF. */ +#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 +/** A message could not be parsed due to a syntactic error. */ +#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /* Error space gap */ -#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ -#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */ -#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580 /**< No ALPN protocols supported that the client advertises */ -#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ -#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ -#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ -#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ -#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ +/** No RNG was provided to the SSL module. */ +#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 +/** No client certification received from the client, but required by the authentication mode. */ +#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 +/** Client received an extended server hello containing an unsupported extension */ +#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 +/** No ALPN protocols supported that the client advertises */ +#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580 +/** The own private key or pre-shared key is not set, but needed. */ +#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 +/** No CA Chain is set, but required to operate. */ +#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 +/** An unexpected message was received from our peer. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 +/** A fatal alert message was received from our peer. */ +#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 +/** No server could be identified matching the client's SNI. */ +#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 +/** The peer notified us that the connection is going to be closed. */ +#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +/** Processing of the Certificate handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /* Error space gap */ /* Error space gap */ /* Error space gap */ @@ -89,30 +107,53 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ -#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ -#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ -#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< The handshake negotiation failed. */ -#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ -#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ -#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ -#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ -#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ -#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ -#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ -#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ +/** Memory allocation failed */ +#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 +/** Hardware acceleration function returned with error */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 +/** Hardware acceleration function skipped / left alone data */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 +/** Handshake protocol not within min/max boundaries */ +#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 +/** The handshake negotiation failed. */ +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 +/** Session ticket has expired. */ +#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 +/** Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ +#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 +/** Unknown identity received (eg, PSK identity) */ +#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 +/** Internal error (eg, unexpected failure in lower-level module) */ +#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 +/** A counter would wrap (eg, too many messages exchanged). */ +#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 +/** Unexpected message at ServerHello in renegotiation. */ +#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 +/** DTLS client must retry for hello verification */ +#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 +/** A buffer is too small to receive or write a message */ +#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /* Error space gap */ -#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ -#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ -#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ -#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ -#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ -#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ -#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600 /**< A field in a message was incorrect or inconsistent with other fields. */ -#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ -#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ -#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ +/** No data of requested type currently available on underlying transport. */ +#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 +/** Connection requires a write call. */ +#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 +/** The operation timed out. */ +#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 +/** The client initiated a reconnect from the same port. */ +#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 +/** Record header looks valid but is not expected. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 +/** The alert message received indicates a non-fatal error. */ +#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 +/** A field in a message was incorrect or inconsistent with other fields. */ +#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600 +/** Internal-only message signaling that further message-processing should be done */ +#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 +/** The asynchronous operation is not completed yet. */ +#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 +/** Internal-only message signaling that a message arrived early. */ +#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /* Error space gap */ /* Error space gap */ /* Error space gap */ @@ -121,9 +162,12 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */ -#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 /**< An operation failed due to an unexpected version or configuration. */ -#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */ +/** An encrypted DTLS-frame with an unexpected CID was received. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 +/** An operation failed due to an unexpected version or configuration. */ +#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 +/** Invalid value in SSL config */ +#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /* * Various constants diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 96cadc4df8..fbc7374783 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -31,8 +31,10 @@ extern "C" { #endif -#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ +/** Bad input parameters to function. */ +#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C +/** Locking / unlocking / free failed with error code. */ +#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E #if defined(MBEDTLS_THREADING_PTHREAD) #include diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 5be4286ece..df187cb098 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -53,26 +53,46 @@ * \name X509 Error codes * \{ */ -#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ -#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ -#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ -#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ -#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ -#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ -#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ -#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ -#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ -#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ -#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ -#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ -#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ -#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */ -#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ +/** Unavailable feature, e.g. RSA hashing/encryption combination. */ +#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 +/** Requested OID is unknown. */ +#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 +/** The CRT/CRL/CSR format is invalid, e.g. different type expected. */ +#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 +/** The CRT/CRL/CSR version element is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 +/** The serial tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 +/** The algorithm tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 +/** The name tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 +/** The date tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 +/** The signature tag or value invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 +/** The extension tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 +/** CRT/CRL/CSR has an unsupported version number. */ +#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 +/** Signature algorithm (oid) is unsupported. */ +#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 +/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ +#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 +/** Certificate verification failed, e.g. CRL, CA or signature check failed. */ +#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 +/** Format not recognized as DER or PEM. */ +#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 +/** Input invalid. */ +#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 +/** Allocation of memory failed. */ +#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 +/** Read/write of file failed. */ +#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 +/** Destination buffer is too small. */ +#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 +/** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ +#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /* \} name */ /** From 7f8e2770fa60e355bb9f305fb840ab6f702efe34 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 26 Jul 2021 19:30:08 +0200 Subject: [PATCH 0851/1065] Document the big regex Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 33b14ee2a9..ecf552e2ce 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -68,9 +68,17 @@ foreach my $file (@files) { close FILE; my $found = 0; while ($content =~ m[ - (?:/\*[*!]([^<](?:[^*]|\*+[^*/])*)\*/)? - \s*\#\s*define\s+(MBEDTLS_ERR_\w+)\s+\-(0[Xx][0-9A-Fa-f]+)\s* - (?:/\*[*!]<((?:[^*]|\*+[^*/])*)\*/)? + # Both the before-comment and the after-comment are optional. + # Only the comment content is a regex capture group. The comment + # start and end parts are outside the capture group. + (?:/\*[*!](?!<) # Doxygen before-comment start + ((?:[^*]|\*+[^*/])*) # $1: Comment content (no */ inside) + \*/)? # Comment end + \s*\#\s*define\s+(MBEDTLS_ERR_\w+) # $2: name + \s+\-(0[Xx][0-9A-Fa-f]+)\s* # $3: value (without the sign) + (?:/\*[*!]< # Doxygen after-comment start + ((?:[^*]|\*+[^*/])*) # $4: Comment content (no */ inside) + \*/)? # Comment end ]gsx) { my ($before, $name, $value, $after) = ($1, $2, $3, $4); # Discard Doxygen comments that are coincidentally present before From 58887bab1212c51ddf2900c0df92d5780cbb8fb2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Aug 2021 22:53:40 +0200 Subject: [PATCH 0852/1065] Show warnings if something looks wrong This makes no difference to the output. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index ecf552e2ce..0a03f02e96 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -21,6 +21,7 @@ # limitations under the License. use strict; +use warnings; my ($include_dir, $data_dir, $error_file); @@ -84,7 +85,7 @@ foreach my $file (@files) { # Discard Doxygen comments that are coincidentally present before # an error definition but not attached to it. This is ad hoc, based # on what actually matters (or mattered at some point). - undef $before if $before =~ /\s*\\name\s/s; + undef $before if defined($before) && $before =~ /\s*\\name\s/s; die "Description neither before nor after $name in $file\n" if !defined($before) && !defined($after); die "Description both before and after $name in $file\n" From ec135544c81aa4c292f8b715244ac1b38682580b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Aug 2021 23:14:03 +0200 Subject: [PATCH 0853/1065] Clarify some comments Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7db9488eee..73630c122e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2714,8 +2714,11 @@ pseudo_component_error_test () { echo "Expect three failing commands." fi error_test='this should not be used since the component runs in a subshell' + # Expected error: 'grep non_existent /dev/null -> 1' grep non_existent /dev/null + # Expected error: '! grep -q . tests/scripts/all.sh -> 1' not grep -q . "$0" + # Expected error: 'make unknown_target -> 2' make unknown_target false "this should not be executed" } @@ -2735,8 +2738,11 @@ run_component () { esac "${dd_cmd[@]}" - # Run the component in a subshell + # Run the component in a subshell, with error trapping and output + # redirection set up based on the relevant options. if [ $KEEP_GOING -eq 1 ]; then + # We want to keep running if the subshell fails, so 'set -e' must + # be off when the subshell runs. set +e fi ( From 88a7c2b32e6cf289d8287186a20370aead8e6eb1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Aug 2021 23:28:00 +0200 Subject: [PATCH 0854/1065] Improve --error-test reporting Count invocations from 1 to n instead of n to 1. Explain how changing the loop variable would cause an error if the function was not executed in a subshell. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 73630c122e..54b28b870f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2709,11 +2709,13 @@ post_report () { # Function invoked by --error-test to test error reporting. pseudo_component_error_test () { - msg "Testing error reporting $error_test" + msg "Testing error reporting $error_test_i" if [ $KEEP_GOING -ne 0 ]; then echo "Expect three failing commands." fi - error_test='this should not be used since the component runs in a subshell' + # If the component doesn't run in a subshell, changing error_test_i to an + # invalid integer will cause an error in the loop that runs this function. + error_test_i=this_should_not_be_used_since_the_component_runs_in_a_subshell # Expected error: 'grep non_existent /dev/null -> 1' grep non_existent /dev/null # Expected error: '! grep -q . tests/scripts/all.sh -> 1' @@ -2796,10 +2798,10 @@ cleanup pre_generate_files # Run the requested tests. -while [ $error_test -gt 0 ]; do +for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do run_component pseudo_component_error_test - error_test=$((error_test - 1)) done +unset error_test_i for component in $RUN_COMPONENTS; do run_component "component_$component" done From c111e2429287ba5f20708a4853541fd3cb4f0ae1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Aug 2021 23:29:53 +0200 Subject: [PATCH 0855/1065] Improve the detection of keep-going commands Have simpler patterns related to 'test' (the central objective being to keep going if 'make test' or 'tests/...' fails, but not if 'make tests' fails). Add 'cd' as a can't-keep-going command. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 54b28b870f..6cdc922fe3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -543,13 +543,19 @@ pre_setup_keep_going () { # Whether it makes sense to keep a component going after the specified # command fails (test command) or not (configure or build). # This doesn't have to be 100% accurate: all failures are recorded anyway. + # False positives result in running things that can't be expected to + # work. False negatives result in things not running after something else + # failed even though they might have given useful feedback. can_keep_going_after_failure () { case "$1" in "msg "*) false;; - *[!A-Za-z]"test"|*[!A-Za-z]"test"[!A-Za-z]*) true;; - "tests/"*) true;; - "grep "*|"! grep "*) true;; - "test "*|"[ "*) true;; + "cd "*) false;; + *make*[\ /]tests*) false;; # make tests, make CFLAGS=-I../tests, ... + *test*) true;; # make test, tests/stuff, env V=v tests/stuff, ... + *make*check*) true;; + "grep "*) true;; + "[ "*) true;; + "! "*) true;; *) false;; esac } From b0302c4c7bdc684c5307040e9e8d8c314e245c48 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Aug 2021 09:39:42 +0100 Subject: [PATCH 0856/1065] Move messaging related session reset into separate helper function - Improves readability - Will be useful when we introduce MPS as an alternative msg layer. - Will be useful when we need to reset the messaging layer upon receipt of a HelloRetryRequest in TLS 1.3. Signed-off-by: Hanno Becker --- library/ssl_tls.c | 110 ++++++++++++++++++++++++---------------------- 1 file changed, 57 insertions(+), 53 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fe3b5e2e64..c43f92a376 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3231,9 +3231,9 @@ error: * If partial is non-zero, keep data in the input buffer and client ID. * (Use when a DTLS client reconnects from the same port.) */ -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +static void ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl, + int partial ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t in_buf_len = ssl->in_buf_len; size_t out_buf_len = ssl->out_buf_len; @@ -3242,16 +3242,65 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif -#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \ - !defined(MBEDTLS_SSL_SRV_C) - ((void) partial); +#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || !defined(MBEDTLS_SSL_SRV_C) + partial = 0; #endif - ssl->state = MBEDTLS_SSL_HELLO_REQUEST; - /* Cancel any possibly running timer */ mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_reset_in_out_pointers( ssl ); + + /* Reset incoming message parsing */ + ssl->in_offt = NULL; + ssl->nb_zero = 0; + ssl->in_msgtype = 0; + ssl->in_msglen = 0; + ssl->in_hslen = 0; + ssl->keep_current_message = 0; + ssl->transform_in = NULL; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + ssl->next_record_offset = 0; + ssl->in_epoch = 0; +#endif + + /* Keep current datagram if partial == 1 */ + if( partial == 0 ) + { + ssl->in_left = 0; + memset( ssl->in_buf, 0, in_buf_len ); + } + + /* Reset outgoing message writing */ + ssl->out_msgtype = 0; + ssl->out_msglen = 0; + ssl->out_left = 0; + memset( ssl->out_buf, 0, out_buf_len ); + memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + ssl->transform_out = NULL; + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + mbedtls_ssl_dtls_replay_reset( ssl ); +#endif + + if( ssl->transform ) + { + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); + ssl->transform = NULL; + } +} + +int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + + ssl_session_reset_msg_layer( ssl, partial ); + + /* Reset renegotiation state */ #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; ssl->renego_records_seen = 0; @@ -3262,53 +3311,8 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) #endif ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; - ssl->in_offt = NULL; - mbedtls_ssl_reset_in_out_pointers( ssl ); - - ssl->in_msgtype = 0; - ssl->in_msglen = 0; -#if defined(MBEDTLS_SSL_PROTO_DTLS) - ssl->next_record_offset = 0; - ssl->in_epoch = 0; -#endif -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); -#endif - - ssl->in_hslen = 0; - ssl->nb_zero = 0; - - ssl->keep_current_message = 0; - - ssl->out_msgtype = 0; - ssl->out_msglen = 0; - ssl->out_left = 0; - - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); - - ssl->transform_in = NULL; - ssl->transform_out = NULL; - - ssl->session_in = NULL; + ssl->session_in = NULL; ssl->session_out = NULL; - - memset( ssl->out_buf, 0, out_buf_len ); - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - if( partial == 0 ) -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - { - ssl->in_left = 0; - memset( ssl->in_buf, 0, in_buf_len ); - } - - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); - ssl->transform = NULL; - } - if( ssl->session ) { mbedtls_ssl_session_free( ssl->session ); From 3a6c76937adce329cbc85fe5001cc7e533545b8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Aug 2020 10:28:51 +0200 Subject: [PATCH 0857/1065] Add arm-linux-gnueabi-gcc build to all.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently it can't be mandatory, since we can't install the required toolchain on Jenkins right away. Also, while at it, remove `SHELL='sh -x'` from the other arm5vte component; it was a leftover from debugging. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f8e43c8714..7570b1128f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -161,6 +161,7 @@ pre_initialize_variables () { : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} + : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then @@ -230,6 +231,9 @@ General options: --arm-none-eabi-gcc-prefix= Prefix for a cross-compiler for arm-none-eabi (default: "${ARM_NONE_EABI_GCC_PREFIX}") + --arm-linux-gnueabi-gcc-prefix= + Prefix for a cross-compiler for arm-linux-gnueabi + (default: "${ARM_LINUX_GNUEABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). --except Exclude the COMPONENTs listed on the command line, instead of running only those. @@ -387,6 +391,7 @@ pre_parse_command_line () { case "$1" in --append-outcome) append_outcome=1;; --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; + --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";; --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; @@ -2369,14 +2374,29 @@ component_build_arm_none_eabi_gcc () { ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } -component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s +component_build_arm_linux_gnueabi_gcc_arm5vte () { + msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. - # It would be better to build with arm-linux-gnueabi-gcc but - # we don't have that on our CI at this time. + # Build everything including programs, see for example + # https://github.com/ARMmbed/mbedtls/pull/3449#issuecomment-675313720 + make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' + + msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1" + ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o +} +support_build_arm_linux_gnueabi_gcc_arm5vte () { + type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1 +} + +component_build_arm_none_eabi_gcc_arm5vte () { + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s + scripts/config.py baremetal + # This is an imperfect substitute for + # component_build_arm_linux_gnueabi_gcc_arm5vte + # in case the gcc-arm-linux-gnueabihf toolchain is not available make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" From efd14bf9bd5bfa686d6f422a317f946ad472f5bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Aug 2020 10:31:36 +0200 Subject: [PATCH 0858/1065] Enable arm-linux-gnueabi-gcc build on Travis MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 48faa4846c..8fa0b343e4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,6 +14,7 @@ jobs: - graphviz - gcc-arm-none-eabi - libnewlib-arm-none-eabi + - gcc-arm-linux-gnueabi language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: @@ -22,7 +23,7 @@ jobs: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box - tests/scripts/all.sh -k test_ref_configs - - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus + - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus - name: full configuration script: From ae505eeeed006c907bf05697eac8c7e8fd38aee4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 6 Jul 2021 09:44:59 +0200 Subject: [PATCH 0859/1065] Fix missing dependency on Travis MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Was getting errors like: In file included from /usr/include/limits.h:25:0, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:168, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/syslimits.h:7, from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:34, from ../include/mbedtls/check_config.h:30, from ../include/mbedtls/build_info.h:81, from common.h:26, from asn1write.c:20: /usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory There are two packages to choose from: armhf or armel. Since the comment in all.sh says we're trying to be close to Debian's "armel" architecture, choose that, and fix a comment that was mentioning gnueabihf for no apparent reason. Signed-off-by: Manuel Pégourié-Gonnard --- .travis.yml | 1 + tests/scripts/all.sh | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8fa0b343e4..39ae19c190 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,6 +15,7 @@ jobs: - gcc-arm-none-eabi - libnewlib-arm-none-eabi - gcc-arm-linux-gnueabi + - libc6-dev-armel-cross language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7570b1128f..e103c9a3de 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2396,7 +2396,7 @@ component_build_arm_none_eabi_gcc_arm5vte () { scripts/config.py baremetal # This is an imperfect substitute for # component_build_arm_linux_gnueabi_gcc_arm5vte - # in case the gcc-arm-linux-gnueabihf toolchain is not available + # in case the gcc-arm-linux-gnueabi toolchain is not available make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" From 1d475b63981742afe9a90b2e70330111c8b65c3d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Aug 2021 13:43:36 +0200 Subject: [PATCH 0860/1065] Disable wildcards when checking for unsupported components Otherwise $COMMAND_LINE_COMPONENTS would try to expand wildcard patterns based on files in the current directory. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6cdc922fe3..4dfbaec668 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -444,7 +444,9 @@ pre_parse_command_line () { if [ $all_except -eq 0 ]; then unsupported=0 + set -f for component in $COMMAND_LINE_COMPONENTS; do + set +f case $component in *[*?\[]*) continue;; esac @@ -455,6 +457,7 @@ pre_parse_command_line () { unsupported=$((unsupported + 1));; esac done + set +f if [ $unsupported -ne 0 ]; then exit 2 fi From bf66e2cc8ffdd17c954d10fcc1431e41214aff7f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Aug 2021 13:44:28 +0200 Subject: [PATCH 0861/1065] Documentation improvements Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4dfbaec668..2dc13756a8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -271,7 +271,9 @@ Tool path options: EOF } -# remove built files as well as the cmake cache/config +# Cleanup before/after running a component. +# Remove built files as well as the cmake cache/config. +# Does not remove generated source files. cleanup() { command make clean @@ -306,6 +308,8 @@ cleanup() done } +# Final cleanup when this script exits (except when exiting on a failure +# in non-keep-going mode). final_cleanup () { cleanup @@ -442,11 +446,14 @@ pre_parse_command_line () { COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" fi + # Error out if an explicitly requested component doesn't exist. if [ $all_except -eq 0 ]; then unsupported=0 set -f for component in $COMMAND_LINE_COMPONENTS; do set +f + # If the requested name includes a wildcard character, don't + # check it. Accept wildcard patterns that don't match anything. case $component in *[*?\[]*) continue;; esac From 3cbd69c4d42df872ba3bec1fe511a0183255da74 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Aug 2021 15:10:27 +0200 Subject: [PATCH 0862/1065] Switch to 4-space indentation Signed-off-by: Gilles Peskine --- programs/test/generate_cpp_dummy_build.sh | 37 ++++++++++++----------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index 41adf149eb..9e16348b52 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -21,7 +21,7 @@ set -e export LC_ALL=C print_cpp () { - cat <<'EOF' + cat <<'EOF' /* Automatically generated file. Do not edit. * * This program is a dummy C++ program to ensure Mbed TLS library header files @@ -47,19 +47,20 @@ print_cpp () { EOF - for header in include/mbedtls/*.h include/psa/*.h; do - case ${header#include/} in - mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion - psa/crypto_config.h) :;; # not meant for direct inclusion - # Some of the psa/crypto_*.h headers are not meant to be included directly. - # They do have include guards that make them no-ops if psa/crypto.h - # has been included before. Since psa/crypto.h comes before psa/crypto_*.h - # in the wildcard enumeration, we don't need to skip those headers. - *) echo "#include \"${header#include/}\"";; - esac - done + for header in include/mbedtls/*.h include/psa/*.h; do + case ${header#include/} in + mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion + psa/crypto_config.h) :;; # not meant for direct inclusion + # Some of the psa/crypto_*.h headers are not meant to be included + # directly. They do have include guards that make them no-ops if + # psa/crypto.h has been included before. Since psa/crypto.h comes + # before psa/crypto_*.h in the wildcard enumeration, we don't need + # to skip those headers. + *) echo "#include \"${header#include/}\"";; + esac + done - cat <<'EOF' + cat <<'EOF' int main() { @@ -72,14 +73,14 @@ EOF } if [ -d include/mbedtls ]; then - : + : elif [ -d ../include/mbedtls ]; then - cd .. + cd .. elif [ -d ../../include/mbedtls ]; then - cd ../.. + cd ../.. else - echo >&2 "This script must be run from an Mbed TLS source tree." - exit 3 + echo >&2 "This script must be run from an Mbed TLS source tree." + exit 3 fi print_cpp >"${1:-programs/test/cpp_dummy_build.cpp}" From 7530163f3b003e4851a48cb5661b1b1d4dbf6e6a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Aug 2021 15:10:47 +0200 Subject: [PATCH 0863/1065] Make --quiet more effective when running make generated_files Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2dc13756a8..7e8b2c3c20 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -752,7 +752,7 @@ pre_generate_files() { # file that might be around before generating fresh ones make neat if [ $QUIET -eq 1 ]; then - make -s generated_files + make generated_files >/dev/null else make generated_files fi From 86f6129067b7f2f6f6ff7aa1e1af69660e8f2d9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Aug 2021 15:11:33 +0200 Subject: [PATCH 0864/1065] Documentation improvement Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7e8b2c3c20..6c322e29fc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -242,7 +242,7 @@ General options: (default: "${ARM_NONE_EABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). --error-test Error test mode: run a failing function in addition - to any specified component. + to any specified component. May be repeated. --except Exclude the COMPONENTs listed on the command line, instead of running only those. --no-append-outcome Write a new outcome file and analyze it (default). From 91e890e2fcefca43836dc174ad37906a6d6c996f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Aug 2021 15:13:57 +0200 Subject: [PATCH 0865/1065] Add documentation Signed-off-by: Gilles Peskine --- programs/test/generate_cpp_dummy_build.sh | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index 9e16348b52..94e911515d 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -1,5 +1,18 @@ #!/bin/sh +DEFAULT_OUTPUT_FILE=programs/test/cpp_dummy_build.cpp + +if [ "$1" = "--help" ]; then + cat <"${1:-programs/test/cpp_dummy_build.cpp}" +print_cpp >"${1:-$DEFAULT_OUTPUT_FILE}" From 03af67891194788791572fe892eb5d49c0ab9202 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Aug 2021 11:35:17 +0200 Subject: [PATCH 0866/1065] Documentation improvements Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6c322e29fc..26a5b7e5de 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -203,6 +203,8 @@ pre_initialize_variables () { # Test whether the component $1 is included in the command line patterns. is_component_included() { + # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS + # only does word splitting. set -f for pattern in $COMMAND_LINE_COMPONENTS; do set +f @@ -449,6 +451,8 @@ pre_parse_command_line () { # Error out if an explicitly requested component doesn't exist. if [ $all_except -eq 0 ]; then unsupported=0 + # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS + # only does word splitting. set -f for component in $COMMAND_LINE_COMPONENTS; do set +f @@ -552,6 +556,9 @@ pre_setup_keep_going () { # Whether it makes sense to keep a component going after the specified # command fails (test command) or not (configure or build). + # This function normally receives the failing simple command + # ($BASH_COMMAND) as an argument, but if $report_failed_command is set, + # this is passed instead. # This doesn't have to be 100% accurate: all failures are recorded anyway. # False positives result in running things that can't be expected to # work. False negatives result in things not running after something else From 80ddb991c2eab48bf5ed1d91ac0cb4a05facd143 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Aug 2021 11:51:59 +0200 Subject: [PATCH 0867/1065] Add --restore option to clean up but not necessarily run components Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 26a5b7e5de..f963e4bf03 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -243,6 +243,9 @@ General options: Prefix for a cross-compiler for arm-none-eabi (default: "${ARM_NONE_EABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). + --restore First clean up the build tree, restoring backed up + files. Do not run any components unless they are + explicitly specified. --error-test Error test mode: run a failing function in addition to any specified component. May be repeated. --except Exclude the COMPONENTs listed on the command line, @@ -388,6 +391,7 @@ pre_parse_command_line () { COMMAND_LINE_COMPONENTS= all_except=0 error_test=0 + restore_first=0 no_armcc= # Note that legacy options are ignored instead of being omitted from this @@ -426,6 +430,7 @@ pre_parse_command_line () { --quiet|-q) QUIET=1;; --random-seed) unset SEED;; --release-test|-r) SEED=$RELEASE_SEED;; + --restore) restore_first=1;; --seed|-s) shift; SEED="$1";; -*) echo >&2 "Unknown option: $1" @@ -438,7 +443,7 @@ pre_parse_command_line () { done # With no list of components, run everything. - if [ -z "$COMMAND_LINE_COMPONENTS" ]; then + if [ -z "$COMMAND_LINE_COMPONENTS" ] && [ $restore_first -eq 0 ]; then all_except=1 fi From f3cce8b0e1bb5df423e4c4bf46ac1cd5d5387300 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 7 Aug 2021 14:29:49 +0100 Subject: [PATCH 0868/1065] Add handshake message writing variant that doesn't update checksum The helper `mbedtls_ssl_write_handshake_msg` writes a handshake message and updates the handshake transcript. With TLS 1.3, we need finer control over the checksum: updating at message granularity is not sufficient. To allow for manual maintenance of the checksum in those cases, refine `mbedtls_ssl_write_handshake_msg()` into `mbedtls_ssl_write_handshake_msg_ext()` which takes a parameter determining whether the checksum should be updated. Signed-off-by: Hanno Becker --- library/ssl_misc.h | 8 +++++++- library/ssl_msg.c | 5 +++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723b..e4966f0198 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -971,7 +971,13 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, unsigned update_hs_digest ); int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, + int update_checksum ); +static inline int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +{ + return( mbedtls_ssl_write_handshake_msg_ext( ssl, 1 /* update checksum */ ) ); +} + int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 76cc2b17d4..fe26eaaf29 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2360,7 +2360,8 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) * (including handshake headers but excluding record headers) * - ssl->out_msg: the record contents (handshake headers + content) */ -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, + int update_checksum ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; @@ -2469,7 +2470,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Update running hashes of handshake messages seen */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0 ) ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); } From 41934dd20a71fc474f0bd4f6cb754b09b48bd52f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 7 Aug 2021 19:13:43 +0100 Subject: [PATCH 0869/1065] Share preparatory code between client and server handshake steps Signed-off-by: Hanno Becker --- library/ssl_cli.c | 15 --------------- library/ssl_srv.c | 15 --------------- library/ssl_tls.c | 32 ++++++++++++++++++++++++++++++-- 3 files changed, 30 insertions(+), 32 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e0a1c24ec1..59c5460429 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -4210,23 +4210,8 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index d82ec0471f..3d6739342d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -4258,23 +4258,8 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - switch( ssl->state ) { case MBEDTLS_SSL_HELLO_REQUEST: diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470e..bf87fe56dc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5076,12 +5076,40 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, /* * Perform a single step of the SSL handshake */ +static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + return( ret ); +} + int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) { - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) + if( ssl == NULL || + ssl->conf == NULL || + ssl->handshake == NULL || + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + { return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + ret = ssl_prepare_handshake_step( ssl ); + if( ret != 0 ) + return( ret ); #if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) From b1dc59a125982ce6bebbb91db44ce6106b0b604b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 5 Aug 2021 15:58:09 +0800 Subject: [PATCH 0870/1065] Add tls1.3 parameters to ssl_{client,server2} To support tls1.3 relative tests, add `tls1_3` parameter for `{min,max}_version` and `force_version` issues: #4844 Change-Id: I1b22a076582374b8aabc733086562e9d03a94a2a Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 26 ++++++++++++++++++++++++-- programs/ssl/ssl_server2.c | 26 ++++++++++++++++++++++++-- 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 25fe21bd9d..d967bcf963 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -395,13 +395,20 @@ int main( void ) USAGE_CURVES \ USAGE_DHMLEN \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n"\ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1070,6 +1077,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1078,6 +1089,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1103,6 +1118,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d2aa48a059..264325e070 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -485,6 +485,13 @@ int main( void ) USAGE_ETM \ USAGE_CURVES \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ USAGE_SSL_ASYNC \ USAGE_SNI \ @@ -492,8 +499,8 @@ int main( void ) " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1712,6 +1719,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1720,6 +1731,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1745,6 +1760,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } From 2a572cf376137a6d67d459d825b0ca4855592dfe Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 11:21:08 +0800 Subject: [PATCH 0871/1065] Move socket setup behind ssl structure setup. If socket setup fail, ssl structure setup won't be called. And the order of them do not affect final result, but it will break ssl setup negative tests. Change the order can fix that. issue: #4844 Change-Id: I2488ed5f74773421eb1eac0cfd7f1ce4fbb0b32d Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 70 +++++++++++++++++++------------------- programs/ssl/ssl_server2.c | 39 +++++++++++---------- 2 files changed, 54 insertions(+), 55 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d967bcf963..86c314c35d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1592,41 +1592,7 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* - * 2. Start the connection - */ - if( opt.server_addr == NULL) - opt.server_addr = opt.server_name; - - mbedtls_printf( " . Connecting to %s/%s/%s...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff + * 2. Setup stuff */ mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); @@ -1978,6 +1944,40 @@ int main( int argc, char *argv[] ) mbedtls_printf( " ok\n" ); + /* + * 3. Start the connection + */ + if( opt.server_addr == NULL) + opt.server_addr = opt.server_name; + + mbedtls_printf( " . Connecting to %s/%s/%s...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr, opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret ); + goto exit; + } + + if( opt.nbio > 0 ) + ret = mbedtls_net_set_nonblock( &server_fd ); + else + ret = mbedtls_net_set_block( &server_fd ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + /* * 4. Handshake */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 264325e070..83bd617c68 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2398,26 +2398,7 @@ int main( int argc, char *argv[] ) #endif /* SNI_OPTION */ /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on %s://%s:%s/ ...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr ? opt.server_addr : "*", - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff + * 2. Setup stuff */ mbedtls_printf( " . Setting up the SSL/TLS structure..." ); fflush( stdout ); @@ -2911,6 +2892,24 @@ int main( int argc, char *argv[] ) mbedtls_printf( " ok\n" ); + /* + * 3. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on %s://%s:%s/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr ? opt.server_addr : "*", + opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); + goto exit; + } + mbedtls_printf( " ok\n" ); + reset: #if !defined(_WIN32) if( received_sigterm ) From 60835a88c3249e266d0a1aac69a955f2a1ac26f4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 4 Aug 2021 10:13:52 +0800 Subject: [PATCH 0872/1065] Add config check utils functions Check configuration parameter in structure setup function to make sure the config data is available and valid. Current implementation checks the version config. Available version configs are - tls1_3 only - tls1_2 only issues: #4844 Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924 Signed-off-by: Jerry Yu --- library/ssl_misc.h | 46 ++++++++++++++++++++++++++++++++++++++++++ library/ssl_tls.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 96 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723b..879e0e07b0 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1259,4 +1259,50 @@ void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ); void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ +/** + * ssl utils functions for checking configuration. + */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static inline int mbedtls_ssl_conf_is_tls13_only( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +static inline int mbedtls_ssl_conf_is_tls12_only( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_config *conf ) +{ + if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 && + conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + { + return( 1 ); + } + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/ + #endif /* ssl_misc.h */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470e..911a80c64b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3142,6 +3142,53 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); } +static int ssl_conf_version_check( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + { + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS 1.3 is not yet supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls13 only." ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls12 only." ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_hybrid_tls12_tls13( ssl->conf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } +#endif + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "The SSL configuration is invalid." ) ); + return( MBEDTLS_ERR_SSL_BAD_CONFIG ); +} + +static int ssl_conf_check(const mbedtls_ssl_context *ssl) +{ + int ret; + ret = ssl_conf_version_check( ssl ); + if( ret != 0 ) + return( ret ); + + /* Space for further checks */ + + return( 0 ); +} + /* * Setup an SSL context */ @@ -3155,6 +3202,9 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, ssl->conf = conf; + if( ( ret = ssl_conf_check( ssl ) ) != 0 ) + return( ret ); + /* * Prepare base structures */ From c46e9b4091fd3d682a4128c2111e339ced186ab4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 11:22:24 +0800 Subject: [PATCH 0873/1065] tests: Add negative version config tests. tls1.3 and tls1.2 can not be enabled at same time before #4832 resolved. And the test won't run into `handshake` stage, add `skip_handshak_check` function to skip it. Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3 Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 45 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ba5a217790..ecead57916 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -693,6 +693,11 @@ find_in_both() { fi } +SKIP_HANDSHAKE_CHECK="NO" +skip_handshake_stage_check() { + SKIP_HANDSHAKE_CHECK="YES" +} + # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] # Options: -s pattern pattern that must be present in server output # -c pattern pattern that must be present in client output @@ -855,21 +860,25 @@ run_test() { # (useful to avoid tests with only negative assertions and non-zero # expected client exit to incorrectly succeed in case of catastrophic # failure) - if is_polar "$SRV_CMD"; then - if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return + if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ] + then + if is_polar "$SRV_CMD"; then + if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi fi - fi - if is_polar "$CLI_CMD"; then - if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return + if is_polar "$CLI_CMD"; then + if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi fi fi + SKIP_HANDSHAKE_CHECK="NO" # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't # exit with status 0 when interrupted by a signal, and we don't really # care anyway), in case e.g. the server reports a memory leak. @@ -8478,6 +8487,20 @@ run_test "export keys functionality" \ -c "EAP-TLS IV is:" \ -s "EAP-TLS IV is:" +# TLS1.3 test cases +# TODO: remove or rewrite this test case if #4832 is resolved. +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +skip_handshake_stage_check +run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \ + "$P_SRV debug_level=1 min_version=tls1_2 max_version=tls1_3" \ + "$P_CLI debug_level=1 min_version=tls1_2 max_version=tls1_3" \ + 1 \ + -s "SSL - The requested feature is not available" \ + -c "SSL - The requested feature is not available" \ + -s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \ + -c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" + # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C From b19ccc3998d40d0463e0e92bb8c1e18669de2d40 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 9 Aug 2021 17:44:56 +0800 Subject: [PATCH 0874/1065] fix test_suite_debug test fail Before `mbedtls_ssl_setup`, config functions should be called. Without it, `mbedtls_ssl_setup` will raise invalid value error. Change-Id: I46fdaa5e8eb83d06c620087a9e1e7e14e1c5d9b5 Signed-off-by: Jerry Yu --- tests/suites/test_suite_debug.function | 39 +++++++++++++++++++++----- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 197a7ef313..c51be4d0b1 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -60,10 +60,16 @@ void debug_print_msg_threshold( int threshold, int level, char * file, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); mbedtls_debug_set_threshold( threshold ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); mbedtls_debug_print_msg( &ssl, level, file, line, "Text message, 2 == %d", 2 ); @@ -89,10 +95,15 @@ void mbedtls_debug_print_ret( char * file, int line, char * text, int value, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); @@ -116,11 +127,15 @@ void mbedtls_debug_print_buf( char * file, int line, char * text, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); @@ -146,10 +161,15 @@ void mbedtls_debug_print_crt( char * crt_file, char * file, int line, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); @@ -177,12 +197,17 @@ void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, memset( buffer.buf, 0, 2000 ); buffer.ptr = buffer.buf; + mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); From 3cc4c2a50698006726ee19679fc8339176363540 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 16:29:08 +0800 Subject: [PATCH 0875/1065] Add dummy ssl_tls13_{client,server}.c Change-Id: Ic1cd1d55b097f5a31c9f48e9d55733d75ab49982 Signed-off-by: Jerry Yu --- library/CMakeLists.txt | 2 ++ library/Makefile | 2 ++ library/ssl_tls13_client.c | 34 ++++++++++++++++++++++++++++++++++ library/ssl_tls13_server.c | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+) create mode 100644 library/ssl_tls13_client.c create mode 100644 library/ssl_tls13_server.c diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 1cd5589cd1..5adc128c96 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -104,6 +104,8 @@ set(src_tls ssl_ticket.c ssl_tls.c ssl_tls13_keys.c + ssl_tls13_server.c + ssl_tls13_client.c ) if(CMAKE_COMPILER_IS_GNUCC) diff --git a/library/Makefile b/library/Makefile index 0ee6e4f36f..8c58fb8501 100644 --- a/library/Makefile +++ b/library/Makefile @@ -167,6 +167,8 @@ OBJS_TLS= \ ssl_ticket.o \ ssl_tls.o \ ssl_tls13_keys.o \ + ssl_tls13_client.o \ + ssl_tls13_server.o \ # This line is intentionally left blank .SILENT: diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c new file mode 100644 index 0000000000..c35fedc575 --- /dev/null +++ b/library/ssl_tls13_client.c @@ -0,0 +1,34 @@ +/* + * TLS 1.3 client-side functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS ( https://tls.mbed.org ) + */ + +#include "common.h" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + +#if defined(MBEDTLS_SSL_CLI_C) + +#include "ssl_misc.h" + + + +#endif /* MBEDTLS_SSL_CLI_C */ + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c new file mode 100644 index 0000000000..370f11920e --- /dev/null +++ b/library/ssl_tls13_server.c @@ -0,0 +1,32 @@ +/* + * TLSv1.3 server-side functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +#include "common.h" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + + +#if defined(MBEDTLS_SSL_SRV_C) + +#include "ssl_misc.h" + + +#endif /* MBEDTLS_SSL_SRV_C */ + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From b9930e7d7053197649cbe0723658f9bd0b7c442e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 Aug 2021 17:11:51 +0800 Subject: [PATCH 0876/1065] Add dummy tls1.3 handshake dispatch functions Base on version config, `handshack_{clinet,server}_step` will call different step function. TLS1.3 features will be gradully added base on it. And a new test cases is added to make sure it reports `feature is not available`. Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949 Signed-off-by: Jerry Yu --- library/ssl_misc.h | 4 ++++ library/ssl_tls.c | 24 ++++++++++++++++++++++-- library/ssl_tls13_client.c | 6 +++++- library/ssl_tls13_server.c | 8 ++++++-- tests/ssl-opt.sh | 9 +++++++++ 5 files changed, 46 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 879e0e07b0..c8e2f4c884 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -881,6 +881,10 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ); +#endif int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 911a80c64b..923c671a7b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5135,11 +5135,31 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_CLI_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ret = mbedtls_ssl_handshake_client_step( ssl ); + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_client_step_tls1_3( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_client_step( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + } #endif #if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ret = mbedtls_ssl_handshake_server_step( ssl ); + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_server_step_tls1_3( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) ) + ret = mbedtls_ssl_handshake_server_step( ssl ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + } #endif return( ret ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c35fedc575..368b5572db 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -27,7 +27,11 @@ #include "ssl_misc.h" - +int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 370f11920e..a56727741b 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1,5 +1,5 @@ /* - * TLSv1.3 server-side functions + * TLS 1.3 server-side functions * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -21,11 +21,15 @@ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - #if defined(MBEDTLS_SSL_SRV_C) #include "ssl_misc.h" +int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ecead57916..01265ae9b3 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8501,6 +8501,15 @@ run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \ -s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \ -c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS1.3: handshake dispatch test: tls1_3 only" \ + "$P_SRV min_version=tls1_3 max_version=tls1_3" \ + "$P_CLI min_version=tls1_3 max_version=tls1_3" \ + 1 \ + -s "SSL - The requested feature is not available" \ + -c "SSL - The requested feature is not available" + # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C From b6bbbb174da33a860b5556e989e334f8d7eee7b3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:00:14 +0100 Subject: [PATCH 0877/1065] Fix typo in documentation of ssl->transform_out Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee3379..639e3d962a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1329,7 +1329,7 @@ struct mbedtls_ssl_context * Record layer transformations */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (in) */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation */ From 0e719ff34144a71d60e1c4e14d63565cb15673bf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:24:08 +0100 Subject: [PATCH 0878/1065] Improve the documentation of legacy msg layer transforms Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 639e3d962a..dc4782e65b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1328,10 +1328,18 @@ struct mbedtls_ssl_context /* * Record layer transformations */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params */ - mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_in); /*!< current transform params (in) + * This is always a reference, + * never an owning pointer. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_out); /*!< current transform params (out) + * This is always a reference, + * never an owning pointer. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params + * This pointer owns the transform + * it references. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation + * This pointer owns the transform + * it references. */ /* * Timers From 3aa186f9462f6afd2943980863f37d8a608dbaa5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 09:24:19 +0100 Subject: [PATCH 0879/1065] Add transforms to be used for TLS 1.3 Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 6 ++++++ library/ssl_misc.h | 7 +++++++ library/ssl_tls.c | 12 ++++++++++++ 3 files changed, 25 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index dc4782e65b..34353daffb 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1341,6 +1341,12 @@ struct mbedtls_ssl_context * This pointer owns the transform * it references. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* The application data transform in TLS 1.3. + * This pointer owns the transform it references. */ + mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_application); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Timers */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index cc19f4723b..174bad88b5 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -562,6 +562,13 @@ struct mbedtls_ssl_handshake_params uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* TLS 1.3 transforms for 0-RTT and encrypted handshake messages. + * Those pointers own the transforms they reference. */ + mbedtls_ssl_transform *transform_handshake; + mbedtls_ssl_transform *transform_earlydata; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Checksum contexts */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bb5ddc470e..8316d252b7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5393,6 +5393,13 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ), mbedtls_ssl_get_output_buflen( ssl ) ); #endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_free( handshake->transform_earlydata ); + mbedtls_free( handshake->transform_handshake ); + handshake->transform_earlydata = NULL; + handshake->transform_handshake = NULL; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ } void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) @@ -6091,6 +6098,11 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) mbedtls_free( ssl->session_negotiate ); } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_ssl_transform_free( ssl->transform_application ); + mbedtls_free( ssl->transform_application ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + if( ssl->session ) { mbedtls_ssl_session_free( ssl->session ); From 89d469cdb4c576ceb74008ede2345879245d0f4a Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 22 Jun 2021 16:24:28 +0200 Subject: [PATCH 0880/1065] Move working variables to ccm context structure Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 10 +++++ library/ccm.c | 98 +++++++++++++++++++++---------------------- 2 files changed, 58 insertions(+), 50 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index b3adecc4fb..2b9909e1a6 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -77,6 +77,16 @@ extern "C" { typedef struct mbedtls_ccm_context { mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ + unsigned char MBEDTLS_PRIVATE(b)[16]; /*!< The B working buffer */ + unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ + unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ + unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ + size_t MBEDTLS_PRIVATE(plaintext_len); /*!< The counter buffer */ + int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: + #MBEDTLS_CCM_ENCRYPT or + #MBEDTLS_CCM_DECRYPT or + #MBEDTLS_CCM_STAR_ENCRYPT or + #MBEDTLS_CCM_STAR_DECRYPT. */ } mbedtls_ccm_context; diff --git a/library/ccm.c b/library/ccm.c index 424ee77b69..686eda5437 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -117,11 +117,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) * Update the CBC-MAC state in y using a block in b * (Always using b as the source helps the compiler optimise a bit better.) */ -#define UPDATE_CBC_MAC \ - for( i = 0; i < 16; i++ ) \ - y[i] ^= b[i]; \ - \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ +#define UPDATE_CBC_MAC \ + for( i = 0; i < 16; i++ ) \ + ctx->y[i] ^= ctx->b[i]; \ + \ + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) \ return( ret ); /* @@ -130,16 +130,16 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) * This avoids allocating one more 16 bytes buffer while allowing src == dst. */ #define CTR_CRYPT( dst, src, len ) \ - do \ - { \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, \ - 16, b, &olen ) ) != 0 ) \ - { \ - return( ret ); \ - } \ - \ - for( i = 0; i < (len); i++ ) \ - (dst)[i] = (src)[i] ^ b[i]; \ + do \ + { \ + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, \ + 16, ctx->b, &olen ) ) != 0 ) \ + { \ + return( ret ); \ + } \ + \ + for( i = 0; i < (len); i++ ) \ + (dst)[i] = (src)[i] ^ ctx->b[i]; \ } while( 0 ) /* @@ -153,14 +153,12 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - unsigned char q; size_t len_left, olen; - unsigned char b[16]; - unsigned char y[16]; - unsigned char ctr[16]; const unsigned char *src; unsigned char *dst; + ctx->mode = mode; + /* * Check length requirements: SP800-38C A.1 * Additional requirement: a < 2^16 - 2^8 to simplify the code. @@ -178,7 +176,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, if( add_len >= 0xFF00 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - q = 16 - 1 - (unsigned char) iv_len; + ctx->q = 16 - 1 - (unsigned char) iv_len; /* * First block B_0: @@ -192,22 +190,22 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 5 .. 3 (t - 2) / 2 * 2 .. 0 q - 1 */ - b[0] = 0; - b[0] |= ( add_len > 0 ) << 6; - b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; - b[0] |= q - 1; + ctx->b[0] = 0; + ctx->b[0] |= ( add_len > 0 ) << 6; + ctx->b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; + ctx->b[0] |= ctx->q - 1; - memcpy( b + 1, iv, iv_len ); + memcpy( ctx->b + 1, iv, iv_len ); - for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = (unsigned char)( len_left & 0xFF ); + for( i = 0, len_left = length; i < ctx->q; i++, len_left >>= 8 ) + ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); /* Start CBC-MAC with first block */ - memset( y, 0, 16 ); + memset( ctx->y, 0, 16 ); UPDATE_CBC_MAC; /* @@ -220,12 +218,12 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, len_left = add_len; src = add; - memset( b, 0, 16 ); - b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - b[1] = (unsigned char)( ( add_len ) & 0xFF ); + memset( ctx->b, 0, 16 ); + ctx->b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); + ctx->b[1] = (unsigned char)( ( add_len ) & 0xFF ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; - memcpy( b + 2, src, use_len ); + memcpy( ctx->b + 2, src, use_len ); len_left -= use_len; src += use_len; @@ -235,8 +233,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, { use_len = len_left > 16 ? 16 : len_left; - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + memset( ctx->b, 0, 16 ); + memcpy( ctx->b, src, use_len ); UPDATE_CBC_MAC; len_left -= use_len; @@ -254,10 +252,10 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 7 .. 3 0 * 2 .. 0 q - 1 */ - ctr[0] = q - 1; - memcpy( ctr + 1, iv, iv_len ); - memset( ctr + 1 + iv_len, 0, q ); - ctr[15] = 1; + ctx->ctr[0] = ctx->q - 1; + memcpy( ctx->ctr + 1, iv, iv_len ); + memset( ctx->ctr + 1 + iv_len, 0, ctx->q ); + ctx->ctr[15] = 1; /* * Authenticate and {en,de}crypt the message. @@ -273,19 +271,19 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, { size_t use_len = len_left > 16 ? 16 : len_left; - if( mode == CCM_ENCRYPT ) + if( ctx->mode == CCM_ENCRYPT ) { - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + memset( ctx->b, 0, 16 ); + memcpy( ctx->b, src, use_len ); UPDATE_CBC_MAC; } CTR_CRYPT( dst, src, use_len ); - if( mode == CCM_DECRYPT ) + if( ctx->mode == CCM_DECRYPT ) { - memset( b, 0, 16 ); - memcpy( b, dst, use_len ); + memset( ctx->b, 0, 16 ); + memcpy( ctx->b, dst, use_len ); UPDATE_CBC_MAC; } @@ -297,19 +295,19 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * Increment counter. * No need to check for overflow thanks to the length check above. */ - for( i = 0; i < q; i++ ) - if( ++ctr[15-i] != 0 ) + for( i = 0; i < ctx->q; i++ ) + if( ++(ctx->ctr)[15-i] != 0 ) break; } /* * Authentication: reset counter and crypt/mask internal tag */ - for( i = 0; i < q; i++ ) - ctr[15-i] = 0; + for( i = 0; i < ctx->q; i++ ) + ctx->ctr[15-i] = 0; - CTR_CRYPT( y, y, 16 ); - memcpy( tag, y, tag_len ); + CTR_CRYPT( ctx->y, ctx->y, 16 ); + memcpy( tag, ctx->y, tag_len ); return( 0 ); } From 793692cbcb296042cc1d5a35b39536e8dc59cdbf Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 22 Jun 2021 20:34:20 +0200 Subject: [PATCH 0881/1065] Split ccm_auth function. Move logic to ccm_starts, ccm_set_lengths, ccm_update_ad, ccm_update and ccm_finish Use separate variable to track context state. Encode first block only if both mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() were called. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 3 + library/ccm.c | 225 ++++++++++++++++++++++++++++++++---------- 2 files changed, 178 insertions(+), 50 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 2b9909e1a6..f9f8000fba 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -87,6 +87,9 @@ typedef struct mbedtls_ccm_context #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_DECRYPT. */ + int MBEDTLS_PRIVATE(state); /*!< Working value holding context's + state. Used for chunked data + input */ } mbedtls_ccm_context; diff --git a/library/ccm.c b/library/ccm.c index 686eda5437..a2ca98600c 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -142,22 +142,105 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) (dst)[i] = (src)[i] ^ ctx->b[i]; \ } while( 0 ) -/* - * Authenticated encryption or decryption - */ -static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +#define CCM_STATE__CLEAR 0 +#define CCM_STATE__STARTED 0x0001 +#define CCM_STATE__LENGHTS_SET 0x0002 + +static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { + ctx->state = CCM_STATE__CLEAR; + memset( ctx->b, 0, 16); + memset( ctx->y, 0, 16); + memset( ctx->ctr, 0, 16); +} + +static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t len_left, olen; - const unsigned char *src; - unsigned char *dst; + + /* length calulcation can be done only after both + * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed + */ + if( !(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGHTS_SET) ) + return 0; + + /* + * First block B_0: + * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() + * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() + * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() + */ + for( i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8 ) + ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); + + if( len_left > 0 ) + return( MBEDTLS_ERR_CCM_BAD_INPUT ); + + /* Start CBC-MAC with first block*/ + UPDATE_CBC_MAC; + + return (0); +} + +int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len ) +{ + int ret; + + /* Also implies q is within bounds */ + if( iv_len < 7 || iv_len > 13 ) + return( MBEDTLS_ERR_CCM_BAD_INPUT ); ctx->mode = mode; + ctx->q = 16 - 1 - (unsigned char) iv_len; + + /* + * Prepare counter block for encryption: + * 0 .. 0 flags + * 1 .. iv_len nonce (aka iv) + * iv_len+1 .. 15 counter (initially 1) + * + * With flags as (bits): + * 7 .. 3 0 + * 2 .. 0 q - 1 + */ + memset( ctx->ctr, 0, 16); + ctx->ctr[0] = ctx->q - 1; + memcpy( ctx->ctr + 1, iv, iv_len ); + memset( ctx->ctr + 1 + iv_len, 0, ctx->q ); + ctx->ctr[15] = 1; + + /* + * First block B_0: + * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() + * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() + * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() + * + * With flags as (bits): + * 7 0 + * 6 add present? - set by: mbedtls_ccm_set_lengths() + * 5 .. 3 (t - 2) / 2 - set by: mbedtls_ccm_set_lengths() + * 2 .. 0 q - 1 - set by: mbedtls_ccm_starts() + */ + ctx->b[0] |= ctx->q - 1; + + memcpy( ctx->b + 1, iv, iv_len ); + + ctx->state |= CCM_STATE__STARTED; + ret = mbedtls_ccm_calculate_first_block(ctx); + + return ret; +} + +int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, + size_t total_ad_len, + size_t plaintext_len, + size_t tag_len ) +{ + int ret; /* * Check length requirements: SP800-38C A.1 @@ -169,44 +252,40 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - /* Also implies q is within bounds */ - if( iv_len < 7 || iv_len > 13 ) + if( total_ad_len >= 0xFF00 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - if( add_len >= 0xFF00 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); - - ctx->q = 16 - 1 - (unsigned char) iv_len; - /* * First block B_0: - * 0 .. 0 flags - * 1 .. iv_len nonce (aka iv) - * iv_len+1 .. 15 length + * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() + * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() + * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() * * With flags as (bits): * 7 0 - * 6 add present? - * 5 .. 3 (t - 2) / 2 - * 2 .. 0 q - 1 + * 6 add present? - set by: mbedtls_ccm_set_lengths() + * 5 .. 3 (t - 2) / 2 - set by: mbedtls_ccm_set_lengths() + * 2 .. 0 q - 1 - set by: mbedtls_ccm_starts() */ - ctx->b[0] = 0; - ctx->b[0] |= ( add_len > 0 ) << 6; + ctx->b[0] |= ( total_ad_len > 0 ) << 6; ctx->b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; - ctx->b[0] |= ctx->q - 1; - memcpy( ctx->b + 1, iv, iv_len ); + ctx->plaintext_len = plaintext_len; - for( i = 0, len_left = length; i < ctx->q; i++, len_left >>= 8 ) - ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); + ctx->state |= CCM_STATE__LENGHTS_SET; + ret = mbedtls_ccm_calculate_first_block(ctx); - if( len_left > 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + return ret; +} - - /* Start CBC-MAC with first block */ - memset( ctx->y, 0, 16 ); - UPDATE_CBC_MAC; +int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, + const unsigned char *add, + size_t add_len ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char i; + size_t len_left, olen; + const unsigned char *src; /* * If there is additional data, update CBC-MAC with @@ -242,20 +321,24 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, } } - /* - * Prepare counter block for encryption: - * 0 .. 0 flags - * 1 .. iv_len nonce (aka iv) - * iv_len+1 .. 15 counter (initially 1) - * - * With flags as (bits): - * 7 .. 3 0 - * 2 .. 0 q - 1 - */ - ctx->ctr[0] = ctx->q - 1; - memcpy( ctx->ctr + 1, iv, iv_len ); - memset( ctx->ctr + 1 + iv_len, 0, ctx->q ); - ctx->ctr[15] = 1; + return (0); +} + +int mbedtls_ccm_update( mbedtls_ccm_context *ctx, + const unsigned char *input, size_t input_len, + unsigned char *output, size_t output_size, + size_t *output_len ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char i; + size_t len_left, olen; + const unsigned char *src; + unsigned char *dst; + + if( output_size < input_len ) + return( MBEDTLS_ERR_CCM_BAD_INPUT ); + CCM_VALIDATE_RET( output_length != NULL ); + *output_len = input_len; /* * Authenticate and {en,de}crypt the message. @@ -263,7 +346,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * The only difference between encryption and decryption is * the respective order of authentication and {en,de}cryption. */ - len_left = length; + len_left = input_len; src = input; dst = output; @@ -300,6 +383,16 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, break; } + return (0); +} + +int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, + unsigned char *tag, size_t tag_len ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char i; + size_t olen; + /* * Authentication: reset counter and crypt/mask internal tag */ @@ -308,6 +401,38 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, CTR_CRYPT( ctx->y, ctx->y, 16 ); memcpy( tag, ctx->y, tag_len ); + mbedtls_ccm_clear_state(ctx); + + return( 0 ); +} + +/* + * Authenticated encryption or decryption + */ +static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t olen; + + if( ( ret = mbedtls_ccm_starts( ctx, mode, iv, iv_len ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_ccm_set_lengths( ctx, add_len, length, tag_len ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_ccm_update_ad( ctx, add, add_len ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_ccm_update( ctx, input, length, + output, length, &olen ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_ccm_finish( ctx, tag, tag_len ) ) != 0 ) + return( ret ); return( 0 ); } From 88c4d624f80582d7b242912ce65c37cc8382f39c Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 5 Jul 2021 17:09:16 +0200 Subject: [PATCH 0882/1065] Clear context state if previous operation failed. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index a2ca98600c..34531a4162 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -122,7 +122,10 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) ctx->y[i] ^= ctx->b[i]; \ \ if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) \ - return( ret ); + { \ + ctx->state |= CCM_STATE__ERROR; \ + return( ret ); \ + } \ /* * Encrypt or decrypt a partial block with CTR @@ -135,6 +138,7 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, \ 16, ctx->b, &olen ) ) != 0 ) \ { \ + ctx->state |= CCM_STATE__ERROR; \ return( ret ); \ } \ \ @@ -145,6 +149,7 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) #define CCM_STATE__CLEAR 0 #define CCM_STATE__STARTED 0x0001 #define CCM_STATE__LENGHTS_SET 0x0002 +#define CCM_STATE__ERROR 0x0004 static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { ctx->state = CCM_STATE__CLEAR; @@ -175,7 +180,10 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); if( len_left > 0 ) + { + ctx->state |= CCM_STATE__ERROR; return( MBEDTLS_ERR_CCM_BAD_INPUT ); + } /* Start CBC-MAC with first block*/ UPDATE_CBC_MAC; @@ -188,12 +196,15 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, const unsigned char *iv, size_t iv_len ) { - int ret; - /* Also implies q is within bounds */ if( iv_len < 7 || iv_len > 13 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if( ctx->state & CCM_STATE__ERROR ) + { + mbedtls_ccm_clear_state(ctx); + } + ctx->mode = mode; ctx->q = 16 - 1 - (unsigned char) iv_len; @@ -230,9 +241,7 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, memcpy( ctx->b + 1, iv, iv_len ); ctx->state |= CCM_STATE__STARTED; - ret = mbedtls_ccm_calculate_first_block(ctx); - - return ret; + return mbedtls_ccm_calculate_first_block(ctx); } int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, @@ -240,8 +249,6 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, size_t plaintext_len, size_t tag_len ) { - int ret; - /* * Check length requirements: SP800-38C A.1 * Additional requirement: a < 2^16 - 2^8 to simplify the code. @@ -255,6 +262,11 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, if( total_ad_len >= 0xFF00 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if( ctx->state & CCM_STATE__ERROR ) + { + mbedtls_ccm_clear_state(ctx); + } + /* * First block B_0: * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() @@ -273,9 +285,7 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, ctx->plaintext_len = plaintext_len; ctx->state |= CCM_STATE__LENGHTS_SET; - ret = mbedtls_ccm_calculate_first_block(ctx); - - return ret; + return mbedtls_ccm_calculate_first_block(ctx); } int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, From eb2ca96d69e564385f4830e0fb32bc2714375544 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 6 Jul 2021 12:45:11 +0200 Subject: [PATCH 0883/1065] Store set lenghts in ccm context. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 5 ++++- library/ccm.c | 45 +++++++++++++++---------------------------- 2 files changed, 20 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index f9f8000fba..813959be0b 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -81,7 +81,10 @@ typedef struct mbedtls_ccm_context unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ - size_t MBEDTLS_PRIVATE(plaintext_len); /*!< The counter buffer */ + size_t MBEDTLS_PRIVATE(plaintext_len); /*!< Total plaintext length */ + size_t MBEDTLS_PRIVATE(add_len); /*!< Total authentication data length */ + size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */ + size_t MBEDTLS_PRIVATE(processed); /*!< How many bytes of input data were processed (chunked input) */ int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: #MBEDTLS_CCM_ENCRYPT or #MBEDTLS_CCM_DECRYPT or diff --git a/library/ccm.c b/library/ccm.c index 34531a4162..36b1e91583 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -172,10 +172,20 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) /* * First block B_0: - * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() + * 0 .. 0 flags * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() - * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() + * iv_len+1 .. 15 length + * + * With flags as (bits): + * 7 0 + * 6 add present? + * 5 .. 3 (t - 2) / 2 + * 2 .. 0 q - 1 */ + ctx->b[0] |= ( ctx->add_len > 0 ) << 6; + ctx->b[0] |= ( ( ctx->tag_len - 2 ) / 2 ) << 3; + ctx->b[0] |= ctx->q - 1; + for( i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8 ) ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); @@ -225,19 +235,8 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, ctx->ctr[15] = 1; /* - * First block B_0: - * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() - * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() - * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() - * - * With flags as (bits): - * 7 0 - * 6 add present? - set by: mbedtls_ccm_set_lengths() - * 5 .. 3 (t - 2) / 2 - set by: mbedtls_ccm_set_lengths() - * 2 .. 0 q - 1 - set by: mbedtls_ccm_starts() + * See mbedtls_ccm_calculate_first_block() for B block layout description */ - ctx->b[0] |= ctx->q - 1; - memcpy( ctx->b + 1, iv, iv_len ); ctx->state |= CCM_STATE__STARTED; @@ -267,22 +266,10 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, mbedtls_ccm_clear_state(ctx); } - /* - * First block B_0: - * 0 .. 0 flags - set by: mbedtls_ccm_starts() and mbedtls_ccm_set_lenghts() - * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() - * iv_len+1 .. 15 length - set by: mbedtls_ccm_calculate_first_block() - * - * With flags as (bits): - * 7 0 - * 6 add present? - set by: mbedtls_ccm_set_lengths() - * 5 .. 3 (t - 2) / 2 - set by: mbedtls_ccm_set_lengths() - * 2 .. 0 q - 1 - set by: mbedtls_ccm_starts() - */ - ctx->b[0] |= ( total_ad_len > 0 ) << 6; - ctx->b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; - ctx->plaintext_len = plaintext_len; + ctx->add_len = total_ad_len; + ctx->tag_len = tag_len; + ctx->processed = 0; ctx->state |= CCM_STATE__LENGHTS_SET; return mbedtls_ccm_calculate_first_block(ctx); From 33392450b75dac7a45c523f67b1ea6b7bcd43e4c Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 6 Jul 2021 15:38:35 +0200 Subject: [PATCH 0884/1065] Add chunked auth data support Signed-off-by: Mateusz Starzyk --- library/ccm.c | 59 ++++++++++++++++++++++++++------------------------- 1 file changed, 30 insertions(+), 29 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 36b1e91583..0a886a0e10 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -281,43 +281,44 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t len_left, olen; - const unsigned char *src; + size_t olen, use_len, offset; - /* - * If there is additional data, update CBC-MAC with - * add_len, add, 0 (padding to a block boundary) - */ - if( add_len > 0 ) + if( ctx->add_len > 0 && add_len > 0) { - size_t use_len; - len_left = add_len; - src = add; - - memset( ctx->b, 0, 16 ); - ctx->b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - ctx->b[1] = (unsigned char)( ( add_len ) & 0xFF ); - - use_len = len_left < 16 - 2 ? len_left : 16 - 2; - memcpy( ctx->b + 2, src, use_len ); - len_left -= use_len; - src += use_len; - - UPDATE_CBC_MAC; - - while( len_left > 0 ) + if( ctx->processed == 0 ) { - use_len = len_left > 16 ? 16 : len_left; - memset( ctx->b, 0, 16 ); - memcpy( ctx->b, src, use_len ); - UPDATE_CBC_MAC; + ctx->b[0] = (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); + ctx->b[1] = (unsigned char)( ( ctx->add_len ) & 0xFF ); - len_left -= use_len; - src += use_len; + ctx->processed += 2; + } + + while( add_len > 0 ) + { + offset = ctx->processed % 16; + + use_len = 16 - offset; + + if( use_len > add_len ) + use_len = add_len; + + memcpy( ctx->b + offset, add, use_len ); + ctx->processed += use_len; + add_len -= use_len; + add += use_len; + + if( use_len + offset == 16 || ctx->processed - 2 == ctx->add_len ) + { + UPDATE_CBC_MAC; + memset( ctx->b, 0, 16 ); + } } } + if( ctx->processed - 2 == ctx->add_len ) + ctx->processed = 0; // prepare for mbedtls_ccm_update() + return (0); } From 2ad7d8e1ffcaa1b431db6e994206798987ea779e Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 7 Jul 2021 11:05:45 +0200 Subject: [PATCH 0885/1065] Replace CCM_CRYPT macro with a more versatile static function. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 59 ++++++++++++++++++++++++++++----------------------- 1 file changed, 32 insertions(+), 27 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 0a886a0e10..ae5fa34252 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -108,14 +108,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); } -/* - * Macros for common operations. - * Results in smaller compiled code than static inline functions. - */ - /* * Update the CBC-MAC state in y using a block in b * (Always using b as the source helps the compiler optimise a bit better.) + * + * Macro results in smaller compiled code than static inline functions. */ #define UPDATE_CBC_MAC \ for( i = 0; i < 16; i++ ) \ @@ -127,30 +124,37 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) return( ret ); \ } \ -/* - * Encrypt or decrypt a partial block with CTR - * Warning: using b for temporary storage! src and dst must not be b! - * This avoids allocating one more 16 bytes buffer while allowing src == dst. - */ -#define CTR_CRYPT( dst, src, len ) \ - do \ - { \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, \ - 16, ctx->b, &olen ) ) != 0 ) \ - { \ - ctx->state |= CCM_STATE__ERROR; \ - return( ret ); \ - } \ - \ - for( i = 0; i < (len); i++ ) \ - (dst)[i] = (src)[i] ^ ctx->b[i]; \ - } while( 0 ) - #define CCM_STATE__CLEAR 0 #define CCM_STATE__STARTED 0x0001 #define CCM_STATE__LENGHTS_SET 0x0002 #define CCM_STATE__ERROR 0x0004 +/* + * Encrypt or decrypt a partial block with CTR + */ +static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, + size_t offset, size_t use_len, + const unsigned char *input, + unsigned char *output ) +{ + size_t i; + size_t olen = 0; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char tmp_buf[16] = {0}; + + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, + &olen ) ) != 0 ) + { + ctx->state |= CCM_STATE__ERROR; \ + return ret; + } + + for( i = 0; i < use_len; i++ ) + output[i] = input[i] ^ tmp_buf[offset + i]; + + return ret; +} + static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { ctx->state = CCM_STATE__CLEAR; memset( ctx->b, 0, 16); @@ -359,7 +363,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, UPDATE_CBC_MAC; } - CTR_CRYPT( dst, src, use_len ); + mbedtls_ccm_crypt( ctx, 0, use_len, src, dst ); if( ctx->mode == CCM_DECRYPT ) { @@ -389,7 +393,6 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t olen; /* * Authentication: reset counter and crypt/mask internal tag @@ -397,7 +400,9 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, for( i = 0; i < ctx->q; i++ ) ctx->ctr[15-i] = 0; - CTR_CRYPT( ctx->y, ctx->y, 16 ); + ret = mbedtls_ccm_crypt( ctx, 0, 16, ctx->y, ctx->y ); + if( ret != 0 ) + return ret; memcpy( tag, ctx->y, tag_len ); mbedtls_ccm_clear_state(ctx); From 6a15bcf61be1e6691c9209a0ecc4a32f63e248ae Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 7 Jul 2021 13:41:30 +0200 Subject: [PATCH 0886/1065] Add support for chunked plaintext/cyphertext input. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 96 ++++++++++++++++++++++++++++----------------------- 1 file changed, 52 insertions(+), 44 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index ae5fa34252..4b1b499ad1 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -333,59 +333,67 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t len_left, olen; - const unsigned char *src; - unsigned char *dst; + size_t use_len, offset, olen; if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); CCM_VALIDATE_RET( output_length != NULL ); *output_len = input_len; - /* - * Authenticate and {en,de}crypt the message. - * - * The only difference between encryption and decryption is - * the respective order of authentication and {en,de}cryption. - */ - len_left = input_len; - src = input; - dst = output; - - while( len_left > 0 ) + if( ctx->processed == 0 ) { - size_t use_len = len_left > 16 ? 16 : len_left; - - if( ctx->mode == CCM_ENCRYPT ) - { - memset( ctx->b, 0, 16 ); - memcpy( ctx->b, src, use_len ); - UPDATE_CBC_MAC; - } - - mbedtls_ccm_crypt( ctx, 0, use_len, src, dst ); - - if( ctx->mode == CCM_DECRYPT ) - { - memset( ctx->b, 0, 16 ); - memcpy( ctx->b, dst, use_len ); - UPDATE_CBC_MAC; - } - - dst += use_len; - src += use_len; - len_left -= use_len; - - /* - * Increment counter. - * No need to check for overflow thanks to the length check above. - */ - for( i = 0; i < ctx->q; i++ ) - if( ++(ctx->ctr)[15-i] != 0 ) - break; + memset( ctx->b, 0, 16 ); } - return (0); + while ( input_len > 0 ) + { + offset = ctx->processed % 16; + + use_len = 16 - offset; + + if( use_len > input_len ) + use_len = input_len; + + ctx->processed += use_len; + memcpy( ctx->b + offset, input, use_len ); + + if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) + { + if( ctx->mode == CCM_ENCRYPT ) + { + UPDATE_CBC_MAC; + ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); + if( ret != 0 ) + return ret; + memset( ctx->b, 0, 16 ); + } + + if( ctx->mode == CCM_DECRYPT ) + { + ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); + if( ret != 0 ) + return ret; + memset( ctx->b, 0, 16 ); + memcpy( ctx->b, output, use_len ); + UPDATE_CBC_MAC; + memset( ctx->b, 0, 16 ); + } + + input_len -= use_len; + input += use_len; + output += use_len; + + /* + * Increment counter. + * No need to check for overflow thanks to the length check above. + */ + for( i = 0; i < ctx->q; i++ ) + if( ++(ctx->ctr)[15-i] != 0 ) + break; + } + } + + return 0; } int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, From 05e92d67bbe15f30c9ad74c123362e1701125dad Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 9 Jul 2021 12:44:07 +0200 Subject: [PATCH 0887/1065] Fix crypt mode configuration. Validate parameters in chunked input functions. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 107 ++++++++++++++++++++++++++++---------------------- 1 file changed, 60 insertions(+), 47 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 4b1b499ad1..4f7ebfa827 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -52,8 +52,6 @@ #define CCM_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -#define CCM_ENCRYPT 0 -#define CCM_DECRYPT 1 /* * Initialize context @@ -174,6 +172,10 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) if( !(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGHTS_SET) ) return 0; + if( ctx->tag_len == 0 && \ + ( ctx->mode == MBEDTLS_CCM_ENCRYPT || ctx->mode == MBEDTLS_CCM_DECRYPT ) ) + return( MBEDTLS_ERR_CCM_BAD_INPUT ); + /* * First block B_0: * 0 .. 0 flags @@ -210,6 +212,13 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, const unsigned char *iv, size_t iv_len ) { + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( iv != NULL ); + CCM_VALIDATE_RET( mode == MBEDTLS_CCM_DECRYPT || \ + mode == MBEDTLS_CCM_STAR_DECRYPT || \ + mode == MBEDTLS_CCM_ENCRYPT || \ + mode == MBEDTLS_CCM_STAR_ENCRYPT ); + /* Also implies q is within bounds */ if( iv_len < 7 || iv_len > 13 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -252,6 +261,8 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, size_t plaintext_len, size_t tag_len ) { + CCM_VALIDATE_RET( ctx != NULL ); + /* * Check length requirements: SP800-38C A.1 * Additional requirement: a < 2^16 - 2^8 to simplify the code. @@ -283,6 +294,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, const unsigned char *add, size_t add_len ) { + CCM_VALIDATE_RET( ctx->add_len == 0 || add != NULL ); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t olen, use_len, offset; @@ -331,6 +344,9 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char *output, size_t output_size, size_t *output_len ) { + CCM_VALIDATE_RET( ctx->plaintext_len == 0 || input != NULL ); + CCM_VALIDATE_RET( ctx->plaintext_len == 0 || output != NULL ); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t use_len, offset, olen; @@ -359,7 +375,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) { - if( ctx->mode == CCM_ENCRYPT ) + if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) { UPDATE_CBC_MAC; ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); @@ -368,7 +385,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, memset( ctx->b, 0, 16 ); } - if( ctx->mode == CCM_DECRYPT ) + if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) { ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); if( ret != 0 ) @@ -402,6 +420,7 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; + CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); /* * Authentication: reset counter and crypt/mask internal tag */ @@ -457,13 +476,7 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len, + return( ccm_auth_crypt( ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len, add, add_len, input, output, tag, tag_len ) ); } @@ -473,17 +486,25 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + return( ccm_auth_crypt( ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len, + add, add_len, input, output, tag, tag_len ) ); +} - return( mbedtls_ccm_star_encrypt_and_tag( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); +static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) +{ + unsigned char i; + int diff; + + /* Check tag in "constant-time" */ + for( diff = 0, i = 0; i < tag_len; i++ ) + diff |= tag1[i] ^ tag2[i]; + + if( diff != 0 ) + { + return( MBEDTLS_ERR_CCM_AUTH_FAILED ); + } + + return( 0 ); } /* @@ -497,31 +518,18 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - unsigned char i; - int diff; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length, + if( ( ret = ccm_auth_crypt( ctx, MBEDTLS_CCM_STAR_DECRYPT, length, iv, iv_len, add, add_len, input, output, check_tag, tag_len ) ) != 0 ) { return( ret ); } - /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < tag_len; i++ ) - diff |= tag[i] ^ check_tag[i]; - - if( diff != 0 ) + if( ( ret = mbedtls_ccm_compare_tags( tag, check_tag, tag_len ) ) != 0 ) { mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_CCM_AUTH_FAILED ); + return( ret ); } return( 0 ); @@ -533,18 +541,23 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char check_tag[16]; - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if( ( ret = ccm_auth_crypt( ctx, MBEDTLS_CCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, check_tag, tag_len ) ) != 0 ) + { + return( ret ); + } - return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); + if( ( ret = mbedtls_ccm_compare_tags( tag, check_tag, tag_len ) ) != 0 ) + { + mbedtls_platform_zeroize( output, length ); + return( ret ); + } + + return( 0 ); } #endif /* !MBEDTLS_CCM_ALT */ From 20bac2fbe4ac0e002f4e622634cd858925c258c7 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 12 Jul 2021 14:52:44 +0200 Subject: [PATCH 0888/1065] Fix chunked ccm update. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 71 ++++++++++++++++++++++++++++----------------------- 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 4f7ebfa827..5450e408c1 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -373,42 +373,49 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, ctx->processed += use_len; memcpy( ctx->b + offset, input, use_len ); + if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) + { + if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) + { + UPDATE_CBC_MAC; + } + ret = mbedtls_ccm_crypt( ctx, offset, use_len, ctx->b + offset, output ); + if( ret != 0 ) + return ret; + } + + if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) + { + ret = mbedtls_ccm_crypt( ctx, offset, use_len, ctx->b + offset, output ); + if( ret != 0 ) + return ret; + + for( i = 0; i < use_len; i++ ) + ctx->y[i + offset] ^= output[i]; + + if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) + { + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) + { + ctx->state |= CCM_STATE__ERROR; + return( ret ); + } + } + } + if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) { - if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ - ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) - { - UPDATE_CBC_MAC; - ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); - if( ret != 0 ) - return ret; - memset( ctx->b, 0, 16 ); - } - - if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ - ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) - { - ret = mbedtls_ccm_crypt( ctx, 0, use_len, ctx->b, output ); - if( ret != 0 ) - return ret; - memset( ctx->b, 0, 16 ); - memcpy( ctx->b, output, use_len ); - UPDATE_CBC_MAC; - memset( ctx->b, 0, 16 ); - } - - input_len -= use_len; - input += use_len; - output += use_len; - - /* - * Increment counter. - * No need to check for overflow thanks to the length check above. - */ for( i = 0; i < ctx->q; i++ ) - if( ++(ctx->ctr)[15-i] != 0 ) - break; + if( ++(ctx->ctr)[15-i] != 0 ) + break; + memset( ctx->b, 0, 16 ); } + + input_len -= use_len; + input += use_len; + output += use_len; } return 0; From 25a3dfe7dd3ba598b79e70d1d407081810dec8a1 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 12 Jul 2021 14:53:45 +0200 Subject: [PATCH 0889/1065] Add multipart tests for ccm suite. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 114 +++++++++++++++++++++++++-- 1 file changed, 108 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 840583c5ca..77ecf689b5 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -1,5 +1,64 @@ /* BEGIN_HEADER */ #include "mbedtls/ccm.h" + +/* Use the multipart interface to process the encrypted data in two parts + * and check that the output matches the expected output. + * The context must have been set up with the key. */ +static int check_multipart( mbedtls_ccm_context *ctx, + int mode, + const data_t *iv, + const data_t *add, + const data_t *input, + const data_t *expected_output, + const data_t *tag, + size_t n1, + size_t n1_add) +{ + int ok = 0; + uint8_t *output = NULL; + size_t n2 = input->len - n1; + size_t n2_add = add->len - n1_add; + size_t olen; + + /* Sanity checks on the test data */ + TEST_ASSERT( n1 <= input->len ); + TEST_ASSERT( n1_add <= add->len ); + TEST_EQUAL( input->len, expected_output->len ); + TEST_EQUAL( 0, mbedtls_ccm_starts( ctx, mode, iv->x, iv->len ) ); + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( ctx, add->len, input->len, tag->len ) ); + TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x, n1_add) ); + TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x + n1_add, n2_add ) ); + + /* Allocate a tight buffer for each update call. This way, if the function + * tries to write beyond the advertised required buffer size, this will + * count as an overflow for memory sanitizers and static checkers. */ + ASSERT_ALLOC( output, n1 ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x, n1, output, n1, &olen ) ); + TEST_EQUAL( n1, olen ); + ASSERT_COMPARE( output, olen, expected_output->x, n1 ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, n2 ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x + n1, n2, output, n2, &olen ) ); + TEST_EQUAL( n2, olen ); + ASSERT_COMPARE( output, olen, expected_output->x + n1, n2 ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_ccm_finish( ctx, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + mbedtls_free( output ); + output = NULL; + + ok = 1; +exit: + mbedtls_free( output ); + return( ok ); +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -123,6 +182,7 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, { mbedtls_ccm_context ctx; size_t tag_len; + size_t n1, n1_add; uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 ); mbedtls_ccm_init( &ctx ); @@ -143,6 +203,25 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, /* Check we didn't write past the end */ TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 ); + const data_t encrypted_expected = { .x = result->x, + .len = msg->len }; + const data_t tag_expected = { .x = result->x + msg->len, + .len = tag_len }; + + for( n1 = 0; n1 <= msg->len; n1 += 1 ) + { + for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1 * 10000 + n1_add ); + if( !check_multipart( &ctx, MBEDTLS_CCM_ENCRYPT, + iv, add, msg, + &encrypted_expected, + &tag_expected, + n1, n1_add ) ) + goto exit; + } + } + exit: mbedtls_ccm_free( &ctx ); free( msg_n_tag ); @@ -157,6 +236,7 @@ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, { unsigned char tag[16]; mbedtls_ccm_context ctx; + size_t n1, n1_add; mbedtls_ccm_init( &ctx ); @@ -165,28 +245,50 @@ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, msg->len -= tag_len; memcpy( tag, msg->x + msg->len, tag_len ); + uint8_t * io_msg = (uint8_t *)malloc( msg->len + 2 ); + memset( io_msg, 0, msg->len + 2 ); + memcpy( io_msg, msg->x, msg->len ); + TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); /* Test with input == output */ TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg->x, msg->x, msg->x + msg->len, tag_len ) == result ); + io_msg, io_msg, tag, tag_len ) == result ); + + /* Check we didn't write past the end */ + TEST_ASSERT( io_msg[msg->len] == 0 && io_msg[msg->len + 1] == 0 ); if( result == 0 ) { - TEST_ASSERT( memcmp( msg->x, expected_msg->x, expected_msg->len ) == 0 ); + TEST_ASSERT( memcmp( io_msg, expected_msg->x, expected_msg->len ) == 0 ); + + const data_t tag_expected = { .x = tag, + .len = tag_len }; + + for( n1 = 0; n1 <= msg->len; n1 += 1 ) + { + for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1 * 10000 + n1_add ); + if( !check_multipart( &ctx, MBEDTLS_CCM_DECRYPT, + iv, add, msg, + expected_msg, + &tag_expected, + n1, n1_add ) ) + goto exit; + } + } } else { size_t i; for( i = 0; i < msg->len; i++ ) - TEST_ASSERT( msg->x[i] == 0 ); + TEST_ASSERT( io_msg[i] == 0 ); } - /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 ); - exit: + free(io_msg); mbedtls_ccm_free( &ctx ); } /* END_CASE */ From 663055f78464a27f9470ed04142eb975554cf4ec Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 12 Jul 2021 19:13:52 +0200 Subject: [PATCH 0890/1065] Remove UPDATE_CBC macro and working b buffer. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 1 - library/ccm.c | 74 +++++++++++++++++++------------------------ 2 files changed, 33 insertions(+), 42 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 813959be0b..72dfd3d6c4 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -77,7 +77,6 @@ extern "C" { typedef struct mbedtls_ccm_context { mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ - unsigned char MBEDTLS_PRIVATE(b)[16]; /*!< The B working buffer */ unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ diff --git a/library/ccm.c b/library/ccm.c index 5450e408c1..399a936e93 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -106,22 +106,6 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); } -/* - * Update the CBC-MAC state in y using a block in b - * (Always using b as the source helps the compiler optimise a bit better.) - * - * Macro results in smaller compiled code than static inline functions. - */ -#define UPDATE_CBC_MAC \ - for( i = 0; i < 16; i++ ) \ - ctx->y[i] ^= ctx->b[i]; \ - \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) \ - { \ - ctx->state |= CCM_STATE__ERROR; \ - return( ret ); \ - } \ - #define CCM_STATE__CLEAR 0 #define CCM_STATE__STARTED 0x0001 #define CCM_STATE__LENGHTS_SET 0x0002 @@ -155,7 +139,6 @@ static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { ctx->state = CCM_STATE__CLEAR; - memset( ctx->b, 0, 16); memset( ctx->y, 0, 16); memset( ctx->ctr, 0, 16); } @@ -177,7 +160,7 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) return( MBEDTLS_ERR_CCM_BAD_INPUT ); /* - * First block B_0: + * First block: * 0 .. 0 flags * 1 .. iv_len nonce (aka iv) - set by: mbedtls_ccm_starts() * iv_len+1 .. 15 length @@ -188,12 +171,12 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) * 5 .. 3 (t - 2) / 2 * 2 .. 0 q - 1 */ - ctx->b[0] |= ( ctx->add_len > 0 ) << 6; - ctx->b[0] |= ( ( ctx->tag_len - 2 ) / 2 ) << 3; - ctx->b[0] |= ctx->q - 1; + ctx->y[0] |= ( ctx->add_len > 0 ) << 6; + ctx->y[0] |= ( ( ctx->tag_len - 2 ) / 2 ) << 3; + ctx->y[0] |= ctx->q - 1; for( i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8 ) - ctx->b[15-i] = (unsigned char)( len_left & 0xFF ); + ctx->y[15-i] = (unsigned char)( len_left & 0xFF ); if( len_left > 0 ) { @@ -202,7 +185,11 @@ static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) } /* Start CBC-MAC with first block*/ - UPDATE_CBC_MAC; + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) + { + ctx->state |= CCM_STATE__ERROR; + return( ret ); + } return (0); } @@ -248,9 +235,9 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, ctx->ctr[15] = 1; /* - * See mbedtls_ccm_calculate_first_block() for B block layout description + * See mbedtls_ccm_calculate_first_block() for block layout description */ - memcpy( ctx->b + 1, iv, iv_len ); + memcpy( ctx->y + 1, iv, iv_len ); ctx->state |= CCM_STATE__STARTED; return mbedtls_ccm_calculate_first_block(ctx); @@ -304,9 +291,8 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, { if( ctx->processed == 0 ) { - memset( ctx->b, 0, 16 ); - ctx->b[0] = (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); - ctx->b[1] = (unsigned char)( ( ctx->add_len ) & 0xFF ); + ctx->y[0] ^= (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); + ctx->y[1] ^= (unsigned char)( ( ctx->add_len ) & 0xFF ); ctx->processed += 2; } @@ -320,15 +306,20 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, if( use_len > add_len ) use_len = add_len; - memcpy( ctx->b + offset, add, use_len ); + for( i = 0; i < use_len; i++ ) + ctx->y[i + offset] ^= add[i]; + ctx->processed += use_len; add_len -= use_len; add += use_len; if( use_len + offset == 16 || ctx->processed - 2 == ctx->add_len ) { - UPDATE_CBC_MAC; - memset( ctx->b, 0, 16 ); + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) + { + ctx->state |= CCM_STATE__ERROR; + return( ret ); + } } } } @@ -356,11 +347,6 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, CCM_VALIDATE_RET( output_length != NULL ); *output_len = input_len; - if( ctx->processed == 0 ) - { - memset( ctx->b, 0, 16 ); - } - while ( input_len > 0 ) { offset = ctx->processed % 16; @@ -371,16 +357,23 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, use_len = input_len; ctx->processed += use_len; - memcpy( ctx->b + offset, input, use_len ); if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) { + for( i = 0; i < use_len; i++ ) + ctx->y[i + offset] ^= input[i]; + if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) { - UPDATE_CBC_MAC; + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) + { + ctx->state |= CCM_STATE__ERROR; + return( ret ); + } } - ret = mbedtls_ccm_crypt( ctx, offset, use_len, ctx->b + offset, output ); + + ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); if( ret != 0 ) return ret; } @@ -388,7 +381,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) { - ret = mbedtls_ccm_crypt( ctx, offset, use_len, ctx->b + offset, output ); + ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); if( ret != 0 ) return ret; @@ -410,7 +403,6 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, for( i = 0; i < ctx->q; i++ ) if( ++(ctx->ctr)[15-i] != 0 ) break; - memset( ctx->b, 0, 16 ); } input_len -= use_len; From 29ec75b34e9f34aac91524308966b0631f9c05b5 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 13 Jul 2021 12:26:17 +0200 Subject: [PATCH 0891/1065] Add multipart testing to CCM* tests. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 52 ++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 77ecf689b5..72c707ea0d 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -304,6 +304,7 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, unsigned char result[50]; mbedtls_ccm_context ctx; size_t iv_len, tag_len; + size_t n1, n1_add; int ret; mbedtls_ccm_init( &ctx ); @@ -338,6 +339,31 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, TEST_ASSERT( result[expected_result->len] == 0 && result[expected_result->len + 1] == 0 ); + if( ret == 0 ) + { + const data_t iv_data = { .x = iv, + .len = iv_len }; + + const data_t encrypted_expected = { .x = expected_result->x, + .len = msg->len }; + const data_t tag_expected = { .x = expected_result->x + msg->len, + .len = tag_len }; + + for( n1 = 0; n1 <= msg->len; n1 += 1 ) + { + for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1 * 10000 + n1_add ); + if( !check_multipart( &ctx, MBEDTLS_CCM_STAR_ENCRYPT, + &iv_data, add, msg, + &encrypted_expected, + &tag_expected, + n1, n1_add ) ) + goto exit; + } + } + } + exit: mbedtls_ccm_free( &ctx ); } @@ -354,6 +380,7 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, unsigned char result[50]; mbedtls_ccm_context ctx; size_t iv_len, tag_len; + size_t n1, n1_add; int ret; mbedtls_ccm_init( &ctx ); @@ -389,6 +416,31 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, TEST_EQUAL( result[msg->len], '+' ); TEST_EQUAL( result[msg->len + 1], '+' ); + if( ret == 0 ) + { + msg->len -= tag_len; + + const data_t iv_data = { .x = iv, + .len = iv_len }; + + const data_t tag_expected = { .x = msg->x + msg->len, + .len = tag_len }; + + for( n1 = 0; n1 <= msg->len; n1 += 1 ) + { + for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) + { + mbedtls_test_set_step( n1 * 10000 + n1_add ); + if( !check_multipart( &ctx, MBEDTLS_CCM_STAR_DECRYPT, + &iv_data, add, msg, + expected_result, + &tag_expected, + n1, n1_add ) ) + goto exit; + } + } + } + exit: mbedtls_ccm_free( &ctx ); } From 27a1bef89d6b238473751f48a66335a7d2850aad Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 13 Jul 2021 15:33:19 +0200 Subject: [PATCH 0892/1065] Tidy up test functions. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 216 ++++++++++++++------------- 1 file changed, 114 insertions(+), 102 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 72c707ea0d..25cc49b8d2 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -48,7 +48,10 @@ static int check_multipart( mbedtls_ccm_context *ctx, mbedtls_free( output ); output = NULL; - ASSERT_ALLOC( output, tag->len ); + if( tag->len == 0 ) + ASSERT_ALLOC( output, 16 ); + else + ASSERT_ALLOC( output, tag->len ); TEST_EQUAL( 0, mbedtls_ccm_finish( ctx, output, tag->len ) ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); mbedtls_free( output ); @@ -181,32 +184,34 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, data_t * add, data_t * result ) { mbedtls_ccm_context ctx; - size_t tag_len; size_t n1, n1_add; - uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 ); + uint8_t* io_msg_buf = NULL; + uint8_t* tag_buf = NULL; + const size_t expected_tag_len = result->len - msg->len; + const uint8_t* expected_tag = result->x + msg->len; + + /* Prepare input/output message buffer */ + ASSERT_ALLOC( io_msg_buf, msg->len ); + if( msg->len != 0 ) + memcpy( io_msg_buf, msg->x, msg->len ); + + /* Prepare tag buffer */ + ASSERT_ALLOC( tag_buf, expected_tag_len ); mbedtls_ccm_init( &ctx ); - - memset( msg_n_tag, 0, result->len + 2 ); - memcpy( msg_n_tag, msg->x, msg->len ); - - tag_len = result->len - msg->len; - - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); - + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 ); + TEST_EQUAL( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len, + io_msg_buf, io_msg_buf, tag_buf, expected_tag_len ), 0); - TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 ); - - /* Check we didn't write past the end */ - TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 ); + ASSERT_COMPARE( io_msg_buf, msg->len, result->x, msg->len ); + ASSERT_COMPARE( tag_buf, expected_tag_len, expected_tag, expected_tag_len ); + /* Prepare data_t structers for multipart testing */ const data_t encrypted_expected = { .x = result->x, .len = msg->len }; - const data_t tag_expected = { .x = result->x + msg->len, - .len = tag_len }; + const data_t tag_expected = { .x = (uint8_t*) expected_tag, /* cast to conform with data_t x type */ + .len = expected_tag_len }; for( n1 = 0; n1 <= msg->len; n1 += 1 ) { @@ -224,54 +229,53 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, exit: mbedtls_ccm_free( &ctx ); - free( msg_n_tag ); + mbedtls_free( io_msg_buf ); + mbedtls_free( tag_buf ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, data_t * msg, data_t * iv, - data_t * add, int tag_len, int result, + data_t * add, int expected_tag_len, int result, data_t * expected_msg ) { - unsigned char tag[16]; mbedtls_ccm_context ctx; size_t n1, n1_add; + const size_t expected_msg_len = msg->len - expected_tag_len; + const uint8_t* expected_tag = msg->x + expected_msg_len; + + /* Prepare input/output message buffer */ + uint8_t* io_msg_buf = NULL; + ASSERT_ALLOC( io_msg_buf, expected_msg_len ); + if( expected_msg_len ) + memcpy( io_msg_buf, msg->x, expected_msg_len ); + mbedtls_ccm_init( &ctx ); - - memset( tag, 0x00, sizeof( tag ) ); - - msg->len -= tag_len; - memcpy( tag, msg->x + msg->len, tag_len ); - - uint8_t * io_msg = (uint8_t *)malloc( msg->len + 2 ); - memset( io_msg, 0, msg->len + 2 ); - memcpy( io_msg, msg->x, msg->len ); - - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); - + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - io_msg, io_msg, tag, tag_len ) == result ); - - /* Check we didn't write past the end */ - TEST_ASSERT( io_msg[msg->len] == 0 && io_msg[msg->len + 1] == 0 ); + TEST_EQUAL( mbedtls_ccm_auth_decrypt( &ctx, expected_msg_len, iv->x, iv->len, add->x, add->len, + io_msg_buf, io_msg_buf, expected_tag, expected_tag_len ), result ); if( result == 0 ) { - TEST_ASSERT( memcmp( io_msg, expected_msg->x, expected_msg->len ) == 0 ); + ASSERT_COMPARE( io_msg_buf, expected_msg_len, expected_msg->x, expected_msg_len ); - const data_t tag_expected = { .x = tag, - .len = tag_len }; + /* Prepare data_t structers for multipart testing */ + const data_t encrypted = { .x = msg->x, + .len = expected_msg_len }; - for( n1 = 0; n1 <= msg->len; n1 += 1 ) + const data_t tag_expected = { .x = (uint8_t*) expected_tag, + .len = expected_tag_len }; + + for( n1 = 0; n1 <= expected_msg_len; n1 += 1 ) { for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) { mbedtls_test_set_step( n1 * 10000 + n1_add ); if( !check_multipart( &ctx, MBEDTLS_CCM_DECRYPT, - iv, add, msg, + iv, add, &encrypted, expected_msg, &tag_expected, n1, n1_add ) ) @@ -283,12 +287,12 @@ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, { size_t i; - for( i = 0; i < msg->len; i++ ) - TEST_ASSERT( io_msg[i] == 0 ); + for( i = 0; i < expected_msg_len; i++ ) + TEST_EQUAL( io_msg_buf[i], 0 ); } exit: - free(io_msg); + mbedtls_free(io_msg_buf); mbedtls_ccm_free( &ctx ); } /* END_CASE */ @@ -301,21 +305,32 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, data_t *expected_result, int output_ret ) { unsigned char iv[13]; - unsigned char result[50]; mbedtls_ccm_context ctx; - size_t iv_len, tag_len; + size_t iv_len, expected_tag_len; size_t n1, n1_add; - int ret; + uint8_t* io_msg_buf = NULL; + uint8_t* tag_buf = NULL; - mbedtls_ccm_init( &ctx ); - - memset( result, 0x00, sizeof( result ) ); + const uint8_t* expected_tag = expected_result->x + msg->len; + /* Calculate tag length */ if( sec_level % 4 == 0) - tag_len = 0; + expected_tag_len = 0; else - tag_len = 1 << ( sec_level % 4 + 1); + expected_tag_len = 1 << ( sec_level % 4 + 1); + /* Prepare input/output message buffer */ + ASSERT_ALLOC( io_msg_buf, msg->len ); + if( msg->len ) + memcpy( io_msg_buf, msg->x, msg->len ); + + /* Prepare tag buffer */ + if( expected_tag_len == 0 ) + ASSERT_ALLOC( tag_buf, 16 ); + else + ASSERT_ALLOC( tag_buf, expected_tag_len ); + + /* Calculate iv */ TEST_ASSERT( source_address->len == 8 ); TEST_ASSERT( frame_counter->len == 4 ); memcpy( iv, source_address->x, source_address->len ); @@ -323,31 +338,26 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, iv[source_address->len + frame_counter->len] = sec_level; iv_len = sizeof( iv ); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, - key->x, key->len * 8 ) == 0 ); + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, + key->x, key->len * 8 ), 0 ); + /* Test with input == output */ + TEST_EQUAL( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len, + add->x, add->len, io_msg_buf, + io_msg_buf, tag_buf, expected_tag_len), output_ret ); - ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len, - add->x, add->len, msg->x, - result, result + msg->len, tag_len ); + ASSERT_COMPARE( io_msg_buf, msg->len, expected_result->x, msg->len ); + ASSERT_COMPARE( tag_buf, expected_tag_len, expected_tag, expected_tag_len ); - TEST_ASSERT( ret == output_ret ); - - TEST_ASSERT( memcmp( result, - expected_result->x, expected_result->len ) == 0 ); - - /* Check we didn't write past the end */ - TEST_ASSERT( result[expected_result->len] == 0 && - result[expected_result->len + 1] == 0 ); - - if( ret == 0 ) + if( output_ret == 0 ) { const data_t iv_data = { .x = iv, .len = iv_len }; const data_t encrypted_expected = { .x = expected_result->x, .len = msg->len }; - const data_t tag_expected = { .x = expected_result->x + msg->len, - .len = tag_len }; + const data_t tag_expected = { .x = (uint8_t*)expected_tag, + .len = expected_tag_len }; for( n1 = 0; n1 <= msg->len; n1 += 1 ) { @@ -366,6 +376,8 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, exit: mbedtls_ccm_free( &ctx ); + mbedtls_free( io_msg_buf ); + mbedtls_free( tag_buf ); } /* END_CASE */ @@ -377,22 +389,27 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, data_t *expected_result, int output_ret ) { unsigned char iv[13]; - unsigned char result[50]; mbedtls_ccm_context ctx; - size_t iv_len, tag_len; + size_t iv_len, expected_tag_len; size_t n1, n1_add; - int ret; - - mbedtls_ccm_init( &ctx ); - - memset( iv, 0x00, sizeof( iv ) ); - memset( result, '+', sizeof( result ) ); + /* Calculate tag length */ if( sec_level % 4 == 0) - tag_len = 0; + expected_tag_len = 0; else - tag_len = 1 << ( sec_level % 4 + 1); + expected_tag_len = 1 << ( sec_level % 4 + 1); + const size_t expected_msg_len = msg->len - expected_tag_len; + const uint8_t* expected_tag = msg->x + expected_msg_len; + + /* Prepare input/output message buffer */ + uint8_t* io_msg_buf = NULL; + ASSERT_ALLOC( io_msg_buf, expected_msg_len ); + if( expected_msg_len ) + memcpy( io_msg_buf, msg->x, expected_msg_len ); + + /* Calculate iv */ + memset( iv, 0x00, sizeof( iv ) ); TEST_ASSERT( source_address->len == 8 ); TEST_ASSERT( frame_counter->len == 4 ); memcpy( iv, source_address->x, source_address->len ); @@ -400,39 +417,33 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, iv[source_address->len + frame_counter->len] = sec_level; iv_len = sizeof( iv ); + mbedtls_ccm_init( &ctx ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + /* Test with input == output */ + TEST_EQUAL( mbedtls_ccm_star_auth_decrypt( &ctx, expected_msg_len, iv, iv_len, + add->x, add->len, io_msg_buf, io_msg_buf, + expected_tag, expected_tag_len ), output_ret ); - ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len, - add->x, add->len, msg->x, result, - msg->x + msg->len - tag_len, tag_len ); + ASSERT_COMPARE( io_msg_buf, expected_msg_len, expected_result->x, expected_msg_len ); - TEST_ASSERT( ret == output_ret ); - - TEST_ASSERT( memcmp( result, expected_result->x, - expected_result->len ) == 0 ); - - /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) ); - TEST_EQUAL( result[msg->len], '+' ); - TEST_EQUAL( result[msg->len + 1], '+' ); - - if( ret == 0 ) + if( output_ret == 0 ) { - msg->len -= tag_len; - const data_t iv_data = { .x = iv, .len = iv_len }; - const data_t tag_expected = { .x = msg->x + msg->len, - .len = tag_len }; + const data_t encrypted = { .x = msg->x, + .len = expected_msg_len} ; - for( n1 = 0; n1 <= msg->len; n1 += 1 ) + const data_t tag_expected = { .x = (uint8_t*) expected_tag, + .len = expected_tag_len }; + + for( n1 = 0; n1 <= expected_msg_len; n1 += 1 ) { for( n1_add = 0; n1_add <= add->len; n1_add += 1 ) { mbedtls_test_set_step( n1 * 10000 + n1_add ); if( !check_multipart( &ctx, MBEDTLS_CCM_STAR_DECRYPT, - &iv_data, add, msg, + &iv_data, add, &encrypted, expected_result, &tag_expected, n1, n1_add ) ) @@ -443,5 +454,6 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, exit: mbedtls_ccm_free( &ctx ); + mbedtls_free( io_msg_buf ); } /* END_CASE */ From de7a83da0d571e97364dbf9fd3571d1fd316a2a0 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 14 Jul 2021 12:39:14 +0200 Subject: [PATCH 0893/1065] Add changelog for chunked CCM implementation. Signed-off-by: Mateusz Starzyk --- ChangeLog.d/chunked_ccm.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/chunked_ccm.txt diff --git a/ChangeLog.d/chunked_ccm.txt b/ChangeLog.d/chunked_ccm.txt new file mode 100644 index 0000000000..4e3065f906 --- /dev/null +++ b/ChangeLog.d/chunked_ccm.txt @@ -0,0 +1,8 @@ +Changes + * Implement multi-part CCM API. + The multi-part functions: mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), + mbedtls_ccm_update_ad(), mbedtls_ccm_update(), mbedtls_ccm_finish() + were introduced in mbedTLS 3.0 release, however their implementation was + postponed util now. + Implemented functions support chunked data input for both CCM and CCM* + algorithms. From 4df9ac4882b467c2bd06eec87c144cf024c0f0af Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 13:47:23 +0200 Subject: [PATCH 0894/1065] Reorganize ccm context structure. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 72dfd3d6c4..c903e68fd3 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -76,19 +76,19 @@ extern "C" { */ typedef struct mbedtls_ccm_context { - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ - unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ size_t MBEDTLS_PRIVATE(plaintext_len); /*!< Total plaintext length */ size_t MBEDTLS_PRIVATE(add_len); /*!< Total authentication data length */ size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */ size_t MBEDTLS_PRIVATE(processed); /*!< How many bytes of input data were processed (chunked input) */ - int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: - #MBEDTLS_CCM_ENCRYPT or - #MBEDTLS_CCM_DECRYPT or - #MBEDTLS_CCM_STAR_ENCRYPT or - #MBEDTLS_CCM_STAR_DECRYPT. */ + unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ + unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform: + #MBEDTLS_CCM_ENCRYPT or + #MBEDTLS_CCM_DECRYPT or + #MBEDTLS_CCM_STAR_ENCRYPT or + #MBEDTLS_CCM_STAR_DECRYPT. */ int MBEDTLS_PRIVATE(state); /*!< Working value holding context's state. Used for chunked data input */ From a9cbdfbb349a3bed44ad7241472e938e944278f5 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 13:49:54 +0200 Subject: [PATCH 0895/1065] Replace ccm status flags with bitshifts. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 399a936e93..be1671c04c 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -107,9 +107,9 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) } #define CCM_STATE__CLEAR 0 -#define CCM_STATE__STARTED 0x0001 -#define CCM_STATE__LENGHTS_SET 0x0002 -#define CCM_STATE__ERROR 0x0004 +#define CCM_STATE__STARTED (1 << 0) +#define CCM_STATE__LENGHTS_SET (1 << 1) +#define CCM_STATE__ERROR (1 << 2) /* * Encrypt or decrypt a partial block with CTR From c52220d775aba3a30a1a64035aacb448cb6e58d3 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 13:54:55 +0200 Subject: [PATCH 0896/1065] Clear temporary buffer after block crypt operation. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/ccm.c b/library/ccm.c index be1671c04c..425872dc32 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -127,13 +127,15 @@ static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen ) ) != 0 ) { - ctx->state |= CCM_STATE__ERROR; \ + ctx->state |= CCM_STATE__ERROR; + mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } for( i = 0; i < use_len; i++ ) output[i] = input[i] ^ tmp_buf[offset + i]; + mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } From ca9dc8d1d742b5e5f193c5b8f70709fe3c043ee4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 14:03:53 +0200 Subject: [PATCH 0897/1065] Rename ccm_calculate_first_block function. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 425872dc32..d8c65b552e 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -145,7 +145,7 @@ static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { memset( ctx->ctr, 0, 16); } -static int mbedtls_ccm_calculate_first_block(mbedtls_ccm_context *ctx) +static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; @@ -237,12 +237,12 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, ctx->ctr[15] = 1; /* - * See mbedtls_ccm_calculate_first_block() for block layout description + * See ccm_calculate_first_block_if_ready() for block layout description */ memcpy( ctx->y + 1, iv, iv_len ); ctx->state |= CCM_STATE__STARTED; - return mbedtls_ccm_calculate_first_block(ctx); + return ccm_calculate_first_block_if_ready(ctx); } int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, @@ -276,7 +276,7 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, ctx->processed = 0; ctx->state |= CCM_STATE__LENGHTS_SET; - return mbedtls_ccm_calculate_first_block(ctx); + return ccm_calculate_first_block_if_ready(ctx); } int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, From 5d97601e81af90dc92bc9577d2515f7849a25837 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 14:12:30 +0200 Subject: [PATCH 0898/1065] Remove ccm input validation. VALIDATE and VALIDATE_RET macros are obsolete. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index d8c65b552e..80a795fc1d 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -47,18 +47,12 @@ #if !defined(MBEDTLS_CCM_ALT) -#define CCM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT ) -#define CCM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - /* * Initialize context */ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) { - CCM_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); } @@ -70,9 +64,6 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( key != NULL ); - cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); if( cipher_info == NULL ) @@ -201,13 +192,6 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, const unsigned char *iv, size_t iv_len ) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( mode == MBEDTLS_CCM_DECRYPT || \ - mode == MBEDTLS_CCM_STAR_DECRYPT || \ - mode == MBEDTLS_CCM_ENCRYPT || \ - mode == MBEDTLS_CCM_STAR_ENCRYPT ); - /* Also implies q is within bounds */ if( iv_len < 7 || iv_len > 13 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -250,8 +234,6 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, size_t plaintext_len, size_t tag_len ) { - CCM_VALIDATE_RET( ctx != NULL ); - /* * Check length requirements: SP800-38C A.1 * Additional requirement: a < 2^16 - 2^8 to simplify the code. @@ -283,8 +265,6 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, const unsigned char *add, size_t add_len ) { - CCM_VALIDATE_RET( ctx->add_len == 0 || add != NULL ); - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t olen, use_len, offset; @@ -337,16 +317,12 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char *output, size_t output_size, size_t *output_len ) { - CCM_VALIDATE_RET( ctx->plaintext_len == 0 || input != NULL ); - CCM_VALIDATE_RET( ctx->plaintext_len == 0 || output != NULL ); - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t use_len, offset, olen; if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - CCM_VALIDATE_RET( output_length != NULL ); *output_len = input_len; while ( input_len > 0 ) @@ -421,7 +397,6 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); /* * Authentication: reset counter and crypt/mask internal tag */ From 2d5652aceed0a4d3a15d949baae6cbc939ce4d75 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 27 Jul 2021 16:07:54 +0200 Subject: [PATCH 0899/1065] Move ccm error state handling. Remove error clearing from ccm_starts() and ccm_set_lengths(). Add error check in ccm_update_ad(), ccm_update() and ccm_finish(). Signed-off-by: Mateusz Starzyk --- library/ccm.c | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 80a795fc1d..1247f8d377 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -118,7 +118,7 @@ static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen ) ) != 0 ) { - ctx->state |= CCM_STATE__ERROR; + ctx->state |= CCM_STATE__ERROR; mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } @@ -196,11 +196,6 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, if( iv_len < 7 || iv_len > 13 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - if( ctx->state & CCM_STATE__ERROR ) - { - mbedtls_ccm_clear_state(ctx); - } - ctx->mode = mode; ctx->q = 16 - 1 - (unsigned char) iv_len; @@ -247,11 +242,6 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, if( total_ad_len >= 0xFF00 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); - if( ctx->state & CCM_STATE__ERROR ) - { - mbedtls_ccm_clear_state(ctx); - } - ctx->plaintext_len = plaintext_len; ctx->add_len = total_ad_len; ctx->tag_len = tag_len; @@ -269,6 +259,11 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, unsigned char i; size_t olen, use_len, offset; + if( ctx->state & CCM_STATE__ERROR ) + { + return ret; + } + if( ctx->add_len > 0 && add_len > 0) { if( ctx->processed == 0 ) @@ -321,6 +316,11 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char i; size_t use_len, offset, olen; + if( ctx->state & CCM_STATE__ERROR ) + { + return ret; + } + if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); *output_len = input_len; @@ -397,6 +397,11 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; + if( ctx->state & CCM_STATE__ERROR ) + { + return ret; + } + /* * Authentication: reset counter and crypt/mask internal tag */ From 36d3b89c84a46726eba6040b945724ec78bfffee Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 28 Jul 2021 14:14:58 +0200 Subject: [PATCH 0900/1065] Verify input data lengths. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 1247f8d377..a6ba77435c 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -100,7 +100,8 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) #define CCM_STATE__CLEAR 0 #define CCM_STATE__STARTED (1 << 0) #define CCM_STATE__LENGHTS_SET (1 << 1) -#define CCM_STATE__ERROR (1 << 2) +#define CCM_STATE__AUTH_DATA_FINISHED (1 << 2) +#define CCM_STATE__ERROR (1 << 4) /* * Encrypt or decrypt a partial block with CTR @@ -264,15 +265,29 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, return ret; } - if( ctx->add_len > 0 && add_len > 0) + if( ctx->add_len > 0 && add_len > 0 ) { + if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) + { + return ret; + } + if( ctx->processed == 0 ) { + if ( add_len > ctx->add_len ) + { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + ctx->y[0] ^= (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); ctx->y[1] ^= (unsigned char)( ( ctx->add_len ) & 0xFF ); ctx->processed += 2; } + else if ( ctx->processed - 2 + add_len > ctx->add_len ) + { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } while( add_len > 0 ) { @@ -299,10 +314,13 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, } } } - } - if( ctx->processed - 2 == ctx->add_len ) - ctx->processed = 0; // prepare for mbedtls_ccm_update() + if( ctx->processed - 2 == ctx->add_len ) + { + ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; + ctx->processed = 0; // prepare for mbedtls_ccm_update() + } + } return (0); } @@ -321,6 +339,11 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, return ret; } + if( ctx->processed + input_len > ctx->plaintext_len ) + { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); *output_len = input_len; @@ -402,6 +425,16 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, return ret; } + if( ctx->add_len > 0 && !( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) ) + { + return ret; + } + + if( ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len ) + { + return ret; + } + /* * Authentication: reset counter and crypt/mask internal tag */ From 22f7a35ca4de9bca49aa2e994eaa87460b3abe77 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 28 Jul 2021 15:08:47 +0200 Subject: [PATCH 0901/1065] Do not use output buffer for internal XOR during decryption. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 2 ++ library/ccm.c | 56 ++++++++++++++++++++++++++++++++++--------- 2 files changed, 47 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index c903e68fd3..06aa6a8884 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -61,6 +61,8 @@ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /** Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F +/** Memory allocation failed */ +#define MBEDTLS_ERR_CCM_ALLOC_FAILED -0x0011 #ifdef __cplusplus extern "C" { diff --git a/library/ccm.c b/library/ccm.c index a6ba77435c..3663a769da 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -36,14 +36,17 @@ #include -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #include #define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_CCM_ALT) @@ -330,13 +333,16 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char *output, size_t output_size, size_t *output_len ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int ret; unsigned char i; size_t use_len, offset, olen; + const size_t local_output_len = input_len; + unsigned char* local_output = NULL; + if( ctx->state & CCM_STATE__ERROR ) { - return ret; + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } if( ctx->processed + input_len > ctx->plaintext_len ) @@ -344,10 +350,24 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_INPUT; } + /* Local output is used for decryption only. */ + if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) + { + local_output = mbedtls_calloc( local_output_len, sizeof( *local_output) ); + if( local_output == NULL ) + { + ctx->state |= CCM_STATE__ERROR; + return MBEDTLS_ERR_CCM_ALLOC_FAILED; + } + } + if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); *output_len = input_len; + ret = 0; + while ( input_len > 0 ) { offset = ctx->processed % 16; @@ -370,31 +390,37 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) { ctx->state |= CCM_STATE__ERROR; - return( ret ); + goto exit; } } ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); if( ret != 0 ) - return ret; + goto exit; } if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) { - ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); + /* Write decrypted data to local_output to avoid using output variable as + * input in the XOR operation for Y. + */ + ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, local_output ); if( ret != 0 ) - return ret; + goto exit; for( i = 0; i < use_len; i++ ) - ctx->y[i + offset] ^= output[i]; + ctx->y[i + offset] ^= local_output[i]; + + memcpy( output, local_output, use_len ); + mbedtls_platform_zeroize( local_output, local_output_len ); if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) { if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) { ctx->state |= CCM_STATE__ERROR; - return( ret ); + goto exit; } } } @@ -411,7 +437,15 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, output += use_len; } - return 0; +exit: + if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) + { + mbedtls_platform_zeroize( local_output, local_output_len ); + mbedtls_free( local_output ); + } + + return ret; } int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, From eb395c00c9253aa6552128d0da1e05002df30aa1 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 28 Jul 2021 15:10:54 +0200 Subject: [PATCH 0902/1065] Move 'Authenticated decryption' comment. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 3663a769da..51cee939f3 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -538,6 +538,9 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, add, add_len, input, output, tag, tag_len ) ); } +/* + * Authenticated decryption + */ static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) { unsigned char i; @@ -555,9 +558,6 @@ static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned ch return( 0 ); } -/* - * Authenticated decryption - */ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, From 1bda9451ef395c35b99255625fc647287e4ecc8e Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 28 Jul 2021 15:21:46 +0200 Subject: [PATCH 0903/1065] Factor out common code from ccm decrypt functions. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 43 ++++++++++++++++++++----------------------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 51cee939f3..a14e025ded 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -558,16 +558,16 @@ static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned ch return( 0 ); } -int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ) +static int ccm_auth_decrypt( mbedtls_ccm_context *ctx, int mode, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - if( ( ret = ccm_auth_crypt( ctx, MBEDTLS_CCM_STAR_DECRYPT, length, + if( ( ret = ccm_auth_crypt( ctx, mode, length, iv, iv_len, add, add_len, input, output, check_tag, tag_len ) ) != 0 ) { @@ -583,29 +583,26 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, return( 0 ); } +int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ) +{ + return ccm_auth_decrypt( ctx, MBEDTLS_CCM_STAR_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, tag, tag_len ); +} + int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char check_tag[16]; - - if( ( ret = ccm_auth_crypt( ctx, MBEDTLS_CCM_DECRYPT, length, - iv, iv_len, add, add_len, - input, output, check_tag, tag_len ) ) != 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_ccm_compare_tags( tag, check_tag, tag_len ) ) != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( ret ); - } - - return( 0 ); + return ccm_auth_decrypt( ctx, MBEDTLS_CCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, tag, tag_len ); } #endif /* !MBEDTLS_CCM_ALT */ From c8bdf36a728989cab1b81f0dbcd856f75ea4fdda Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 28 Jul 2021 15:39:51 +0200 Subject: [PATCH 0904/1065] Validate tag pointer in ccm function. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 3 ++- tests/suites/test_suite_ccm.function | 5 +---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index a14e025ded..af26de8d4f 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -478,7 +478,8 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, ret = mbedtls_ccm_crypt( ctx, 0, 16, ctx->y, ctx->y ); if( ret != 0 ) return ret; - memcpy( tag, ctx->y, tag_len ); + if( tag != NULL ) + memcpy( tag, ctx->y, tag_len ); mbedtls_ccm_clear_state(ctx); return( 0 ); diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 25cc49b8d2..21f0699b4a 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -48,10 +48,7 @@ static int check_multipart( mbedtls_ccm_context *ctx, mbedtls_free( output ); output = NULL; - if( tag->len == 0 ) - ASSERT_ALLOC( output, 16 ); - else - ASSERT_ALLOC( output, tag->len ); + ASSERT_ALLOC( output, tag->len ); TEST_EQUAL( 0, mbedtls_ccm_finish( ctx, output, tag->len ) ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); mbedtls_free( output ); From 87889069477435c8f5cfd2a13db6f62df08cf233 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 29 Jul 2021 14:08:18 +0200 Subject: [PATCH 0905/1065] Add CCM test for edge cases. Cover: - not calling auth data update - not calling cipher text update - exceeding configured auth data length - exceeding configured cipher text length Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 64 +++++++++++++++ tests/suites/test_suite_ccm.function | 111 +++++++++++++++++++++++++++ 2 files changed, 175 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index a14d4be252..382d2180f2 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1517,3 +1517,67 @@ mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FD CCM-Camellia encrypt and tag RFC 5528 #24 depends_on:MBEDTLS_CAMELLIA_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F" + +CCM encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" + +CCM* encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" + +CCM decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" + +CCM* decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" + +CCM encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" + +CCM* encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" + +CCM decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" + +CCM* decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" + +CCM encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 21f0699b4a..347f189777 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -454,3 +454,114 @@ exit: mbedtls_free( io_msg_buf ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_skip_auth( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * result, data_t * tag ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + /* Sanity checks on the test data */ + TEST_EQUAL( msg->len, result->len ); + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 0, msg->len, tag->len ) ); + + ASSERT_ALLOC( output, result->len ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, result->len, &olen ) ); + TEST_EQUAL( result->len, olen ); + ASSERT_COMPARE( output, olen, result->x, result->len ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + mbedtls_free( output ); + output = NULL; + +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_skip_cipher( int cipher_id, int mode, + data_t * key, data_t * iv, data_t* add, + data_t * tag ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, tag->len ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + mbedtls_free( output ); + output = NULL; + +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_overflow_auth( int cipher_id, int mode, + data_t * key, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for msg length and tag length. They are not a part of this test + // set half of auth data length to provoke an overflow + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len / 2, 16, 16 ) ); + + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); +exit: + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_overflow_cipher( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded value for tag length. It is a not a part of this test + // set half of msg length to provoke an overflow + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len / 2, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, msg->len ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \ + mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) ); +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ From ceb5bc6150877c658f3572cb74448b8a343229b4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 30 Jul 2021 14:36:22 +0200 Subject: [PATCH 0906/1065] Fix typos. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 347f189777..39e0b0b532 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -204,7 +204,7 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, ASSERT_COMPARE( io_msg_buf, msg->len, result->x, msg->len ); ASSERT_COMPARE( tag_buf, expected_tag_len, expected_tag, expected_tag_len ); - /* Prepare data_t structers for multipart testing */ + /* Prepare data_t structures for multipart testing */ const data_t encrypted_expected = { .x = result->x, .len = msg->len }; const data_t tag_expected = { .x = (uint8_t*) expected_tag, /* cast to conform with data_t x type */ @@ -259,7 +259,7 @@ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, { ASSERT_COMPARE( io_msg_buf, expected_msg_len, expected_msg->x, expected_msg_len ); - /* Prepare data_t structers for multipart testing */ + /* Prepare data_t structures for multipart testing */ const data_t encrypted = { .x = msg->x, .len = expected_msg_len }; From c562788068ed9186807aa2c857954f925dd9644d Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 2 Aug 2021 11:49:58 +0200 Subject: [PATCH 0907/1065] Fix local buffer allocation conditions. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index af26de8d4f..20e9414acc 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -351,8 +351,9 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, } /* Local output is used for decryption only. */ - if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ - ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) + if( local_output_len > 0 && \ + ( ctx->mode == MBEDTLS_CCM_DECRYPT || \ + ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) ) { local_output = mbedtls_calloc( local_output_len, sizeof( *local_output) ); if( local_output == NULL ) From f337850738ca8d77dd0d31514fdb451381f6bd38 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 11:32:11 +0200 Subject: [PATCH 0908/1065] Use const size buffer for local output in CCM decryption. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 2 -- library/ccm.c | 28 +++------------------------- 2 files changed, 3 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 06aa6a8884..c903e68fd3 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -61,8 +61,6 @@ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /** Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F -/** Memory allocation failed */ -#define MBEDTLS_ERR_CCM_ALLOC_FAILED -0x0011 #ifdef __cplusplus extern "C" { diff --git a/library/ccm.c b/library/ccm.c index 20e9414acc..13582d2a0e 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -43,9 +43,6 @@ #include #define mbedtls_printf printf #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ -#include -#define mbedtls_calloc calloc -#define mbedtls_free free #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_CCM_ALT) @@ -337,8 +334,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char i; size_t use_len, offset, olen; - const size_t local_output_len = input_len; - unsigned char* local_output = NULL; + unsigned char local_output[16]; if( ctx->state & CCM_STATE__ERROR ) { @@ -350,19 +346,6 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_INPUT; } - /* Local output is used for decryption only. */ - if( local_output_len > 0 && \ - ( ctx->mode == MBEDTLS_CCM_DECRYPT || \ - ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) ) - { - local_output = mbedtls_calloc( local_output_len, sizeof( *local_output) ); - if( local_output == NULL ) - { - ctx->state |= CCM_STATE__ERROR; - return MBEDTLS_ERR_CCM_ALLOC_FAILED; - } - } - if( output_size < input_len ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); *output_len = input_len; @@ -414,7 +397,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, ctx->y[i + offset] ^= local_output[i]; memcpy( output, local_output, use_len ); - mbedtls_platform_zeroize( local_output, local_output_len ); + mbedtls_platform_zeroize( local_output, 16 ); if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) { @@ -439,12 +422,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, } exit: - if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ - ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) - { - mbedtls_platform_zeroize( local_output, local_output_len ); - mbedtls_free( local_output ); - } + mbedtls_platform_zeroize( local_output, 16 ); return ret; } From 4f2dd8aada0f75717db1ff9c0139de71f93a0321 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 15:37:47 +0200 Subject: [PATCH 0909/1065] Fix errors returned by CCM functions. Add new error code for calling functions in wrong order. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 2 ++ library/ccm.c | 10 +++++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index c903e68fd3..d478414395 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -61,6 +61,8 @@ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /** Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F +/** CCM functions called in the wrong sequence. */ +#define MBEDTLS_ERR_CCM_BAD_SEQUENCE -0x0011 #ifdef __cplusplus extern "C" { diff --git a/library/ccm.c b/library/ccm.c index 13582d2a0e..33c631a87a 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -269,7 +269,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, { if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) { - return ret; + return MBEDTLS_ERR_CCM_BAD_SEQUENCE; } if( ctx->processed == 0 ) @@ -430,22 +430,22 @@ exit: int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int ret; unsigned char i; if( ctx->state & CCM_STATE__ERROR ) { - return ret; + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } if( ctx->add_len > 0 && !( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) ) { - return ret; + return MBEDTLS_ERR_CCM_BAD_SEQUENCE; } if( ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len ) { - return ret; + return MBEDTLS_ERR_CCM_BAD_SEQUENCE; } /* From 62d22f9782dd68876353feb23889210ebb9a7efc Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 15:53:41 +0200 Subject: [PATCH 0910/1065] Use additional state in CCM to track auth data input. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 33c631a87a..7574bdcf62 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -100,7 +100,8 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) #define CCM_STATE__CLEAR 0 #define CCM_STATE__STARTED (1 << 0) #define CCM_STATE__LENGHTS_SET (1 << 1) -#define CCM_STATE__AUTH_DATA_FINISHED (1 << 2) +#define CCM_STATE__AUTH_DATA_STARTED (1 << 2) +#define CCM_STATE__AUTH_DATA_FINISHED (1 << 3) #define CCM_STATE__ERROR (1 << 4) /* @@ -272,7 +273,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_SEQUENCE; } - if( ctx->processed == 0 ) + if( !(ctx->state & CCM_STATE__AUTH_DATA_STARTED) ) { if ( add_len > ctx->add_len ) { @@ -282,17 +283,17 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, ctx->y[0] ^= (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); ctx->y[1] ^= (unsigned char)( ( ctx->add_len ) & 0xFF ); - ctx->processed += 2; + ctx->state |= CCM_STATE__AUTH_DATA_STARTED; } - else if ( ctx->processed - 2 + add_len > ctx->add_len ) + else if ( ctx->processed + add_len > ctx->add_len ) { return MBEDTLS_ERR_CCM_BAD_INPUT; } while( add_len > 0 ) { - offset = ctx->processed % 16; - + offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1] + * holding total auth data length */ use_len = 16 - offset; if( use_len > add_len ) @@ -305,7 +306,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, add_len -= use_len; add += use_len; - if( use_len + offset == 16 || ctx->processed - 2 == ctx->add_len ) + if( use_len + offset == 16 || ctx->processed == ctx->add_len ) { if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) { @@ -315,7 +316,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, } } - if( ctx->processed - 2 == ctx->add_len ) + if( ctx->processed == ctx->add_len ) { ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; ctx->processed = 0; // prepare for mbedtls_ccm_update() From b73c3ec1bc5f8e885421af5352a6f57455900137 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 15:55:38 +0200 Subject: [PATCH 0911/1065] Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 7574bdcf62..b7c8f6d4d9 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -331,7 +331,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, unsigned char *output, size_t output_size, size_t *output_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t use_len, offset, olen; @@ -431,7 +431,7 @@ exit: int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; if( ctx->state & CCM_STATE__ERROR ) From a42f9537b53411effa79b0b14591f131ee2a2ebc Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 16:00:24 +0200 Subject: [PATCH 0912/1065] Improve documentation for CCM's `processed` variable. Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index d478414395..8aacfce55e 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -84,7 +84,12 @@ typedef struct mbedtls_ccm_context size_t MBEDTLS_PRIVATE(plaintext_len); /*!< Total plaintext length */ size_t MBEDTLS_PRIVATE(add_len); /*!< Total authentication data length */ size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */ - size_t MBEDTLS_PRIVATE(processed); /*!< How many bytes of input data were processed (chunked input) */ + size_t MBEDTLS_PRIVATE(processed); /*!< Track how many bytes of input data + were processed (chunked input). + Used indepenedantly for both auth data + and plaintext/ciphertext. + This variable is set to zero after + auth data input is finished. */ unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform: #MBEDTLS_CCM_ENCRYPT or From 2f1754916c7a478f44aa430d086412925fd6b35e Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 16:05:14 +0200 Subject: [PATCH 0913/1065] Improve comment on local_output. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ccm.c b/library/ccm.c index b7c8f6d4d9..1e88f90679 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -387,7 +387,10 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) { - /* Write decrypted data to local_output to avoid using output variable as + /* Since output may be in shared memory, we cannot be sure that + * it will contain what we wrote to it. Therefore, we should avoid using + * it as input to any operations. + * Write decrypted data to local_output to avoid using output variable as * input in the XOR operation for Y. */ ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, local_output ); From bccbf88bc3843f36a851ab6c7a02cd5c46129456 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 9 Aug 2021 16:12:46 +0200 Subject: [PATCH 0914/1065] Rename CCM test functions. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 64 ++++++++++++++-------------- tests/suites/test_suite_ccm.function | 8 ++-- 2 files changed, 36 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 382d2180f2..ff92e5fd78 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1518,66 +1518,66 @@ CCM-Camellia encrypt and tag RFC 5528 #24 depends_on:MBEDTLS_CAMELLIA_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F" -CCM encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16) +CCM encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" -CCM* encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16) +CCM* encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" -CCM decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4) +CCM decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" -CCM* decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4) +CCM* decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" -CCM encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) +CCM encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" -CCM* encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) +CCM* encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" -CCM decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) +CCM decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" -CCM* decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) +CCM* decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" -CCM encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM* encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM* encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM* decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" -CCM* decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 39e0b0b532..028ab896e7 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -456,7 +456,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_skip_auth( int cipher_id, int mode, +void mbedtls_ccm_skip_ad( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, data_t * result, data_t * tag ) { @@ -493,7 +493,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_skip_cipher( int cipher_id, int mode, +void mbedtls_ccm_skip_update( int cipher_id, int mode, data_t * key, data_t * iv, data_t* add, data_t * tag ) { @@ -520,7 +520,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_overflow_auth( int cipher_id, int mode, +void mbedtls_ccm_overflow_ad( int cipher_id, int mode, data_t * key, data_t * iv, data_t * add ) { @@ -540,7 +540,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_overflow_cipher( int cipher_id, int mode, +void mbedtls_ccm_overflow_update( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, data_t * add ) { From f442de69ebb3aa5db2d642382a0b7b9604937ef3 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 10 Aug 2021 13:36:43 +0200 Subject: [PATCH 0915/1065] Add tests for CCM corner cases. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 64 ++++++++++++++++ tests/suites/test_suite_ccm.function | 108 +++++++++++++++++++++++++++ 2 files changed, 172 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index ff92e5fd78..5d23e6a74c 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1554,30 +1554,94 @@ CCM encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM encrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM encrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM encrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM encrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM decrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM decrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM decrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM decrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM* encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM* encrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* encrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM* encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM* encrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* encrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM* decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +CCM* decrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* decrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + CCM* decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* decrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM* decrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 028ab896e7..74893bb294 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -539,6 +539,53 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_ccm_incomplete_ad( int cipher_id, int mode, + data_t * key, data_t * iv, data_t* add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for msg length and tag length. They are not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len/2) ); + + ASSERT_ALLOC( output, 16 ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void mbedtls_ccm_full_ad_and_overflow( int cipher_id, int mode, + data_t * key, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for msg length and tag length. They are not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) ); + + // pass full auth data + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + // pass 1 extra byte + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_update_ad( &ctx, add->x, 1) ); +exit: + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_ccm_overflow_update( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, @@ -565,3 +612,64 @@ exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_incomplete_update( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded value for tag length. It is not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, msg->len ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len/2, output, msg->len, &olen ) ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, 16 ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ccm_full_update_and_overflow( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded value for tag length. It is a not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, msg->len ); + // pass full text + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) ); + // pass 1 extra byte + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \ + mbedtls_ccm_update( &ctx, msg->x, 1, output, 1, &olen ) ); +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ From 8fb1754e1ab4408fad3496abe52fdc61fb0d0e81 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 10 Aug 2021 13:45:19 +0200 Subject: [PATCH 0916/1065] Add short description for CCM test functions. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 74893bb294..d9c397c68e 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -455,6 +455,7 @@ exit: } /* END_CASE */ +/* Skip auth data, provide full text */ /* BEGIN_CASE */ void mbedtls_ccm_skip_ad( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, @@ -492,6 +493,7 @@ exit: } /* END_CASE */ +/* Provide auth data, skip full text */ /* BEGIN_CASE */ void mbedtls_ccm_skip_update( int cipher_id, int mode, data_t * key, data_t * iv, data_t* add, @@ -519,6 +521,7 @@ exit: } /* END_CASE */ +/* Provide too much auth data */ /* BEGIN_CASE */ void mbedtls_ccm_overflow_ad( int cipher_id, int mode, data_t * key, data_t * iv, @@ -539,6 +542,7 @@ exit: } /* END_CASE */ +/* Provide incomplete auth data and finish */ /* BEGIN_CASE */ void mbedtls_ccm_incomplete_ad( int cipher_id, int mode, data_t * key, data_t * iv, data_t* add ) @@ -563,7 +567,8 @@ exit: } /* END_CASE */ - +/* Provide complete auth data on first update_ad. + * Provide unexpected auth data on second update_ad */ /* BEGIN_CASE */ void mbedtls_ccm_full_ad_and_overflow( int cipher_id, int mode, data_t * key, data_t * iv, @@ -586,6 +591,7 @@ exit: } /* END_CASE */ +/* Provide too much plaintext/ciphertext */ /* BEGIN_CASE */ void mbedtls_ccm_overflow_update( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, @@ -613,6 +619,7 @@ exit: } /* END_CASE */ +/* Provide incomplete plaintext/ciphertext and finish */ /* BEGIN_CASE */ void mbedtls_ccm_incomplete_update( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, @@ -645,6 +652,8 @@ exit: } /* END_CASE */ +/* Provide full plaintext/ciphertext of first update + * Provide unexpected plaintext/ciphertext on second update */ /* BEGIN_CASE */ void mbedtls_ccm_full_update_and_overflow( int cipher_id, int mode, data_t * key, data_t * msg, data_t * iv, From 551265f8798eb843ee61063b34d42add44dd9bb7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:03:48 +0100 Subject: [PATCH 0917/1065] Add TLS 1.3 IANA signature-algorithm values Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee3379..3090f9313c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -337,6 +337,41 @@ #define MBEDTLS_SSL_SIG_RSA 1 #define MBEDTLS_SSL_SIG_ECDSA 3 +/* + * TLS 1.3 signature algorithms + * RFC 8446, Section 4.2.2 + */ + +/* RSASSA-PKCS1-v1_5 algorithms */ +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256 0x0401 +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA384 0x0501 +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA512 0x0601 + +/* ECDSA algorithms */ +#define MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256 0x0403 +#define MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384 0x0503 +#define MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512 0x0603 + +/* RSASSA-PSS algorithms with public key OID rsaEncryption */ +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256 0x0804 +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA384 0x0805 +#define MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA512 0x0806 + +/* EdDSA algorithms */ +#define MBEDTLS_TLS13_SIG_ED25519 0x0807 +#define MBEDTLS_TLS13_SIG_ED448 0x0808 + +/* RSASSA-PSS algorithms with public key OID RSASSA-PSS */ +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA256 0x0809 +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA384 0x080A +#define MBEDTLS_TLS13_SIG_RSA_PSS_PSS_SHA512 0x080B + +/* LEGACY ALGORITHMS */ +#define MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA1 0x0201 +#define MBEDTLS_TLS13_SIG_ECDSA_SHA1 0x0203 + +#define MBEDTLS_TLS13_SIG_NONE 0x0 + /* * Client Certificate Types * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 From e0f5227550f7798aeff2ce2933d184aaa10fad89 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 10 Aug 2021 13:55:47 +0200 Subject: [PATCH 0918/1065] Add CCM test for calling finish without any input. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 12 ++++++++++++ tests/suites/test_suite_ccm.function | 24 ++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 5d23e6a74c..91aa98bd43 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1645,3 +1645,15 @@ mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5 CCM* decrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" + +CCM encrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" + +CCM decrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" + +CCM* encrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" + +CCM* decrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index d9c397c68e..48c4fe919d 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -682,3 +682,27 @@ exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ + +/* Finish without passing any auth data or plaintext/ciphertext input */ +/* BEGIN_CASE */ +void mbedtls_ccm_instant_finish( int cipher_id, int mode, + data_t * key, data_t * iv ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for add length, msg length and tag length. + // They are not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 16, 16, 16 ) ); + + ASSERT_ALLOC( output, 16 ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ From 1cd6e0021f14d9f1b5015c8851781a0e07ffabec Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:27:10 +0100 Subject: [PATCH 0919/1065] Add experimental API for configuration of TLS 1.3 sig algs Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 17 +++++++++++++++++ library/ssl_tls.c | 16 ++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3090f9313c..c62f730b3e 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1182,6 +1182,10 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + const uint16_t* MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms in TLS 1.3 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -3026,6 +3030,19 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, */ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, const int *hashes ); + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief Configure allowed signature algorithms for use in TLS 1.3 + * + * \param conf The SSL configuration to use. + * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, + * with the most preferred algorithm listed first. Supported values + * are available as \c MBEDTLS_TLS13_SIG_XXX. + */ +void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, + const uint16_t* sig_algs ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 923c671a7b..e2fb9b66fb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3933,6 +3933,22 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, { conf->sig_hashes = hashes; } + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief Configure allowed signature algorithms for use in TLS 1.3 + * + * \param conf The SSL configuration to use. + * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, + * with the most preferred algorithm listed first. Supported values + * are available as \c MBEDTLS_TLS13_SIG_XXX. + */ +void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, + const uint16_t* sig_algs ) +{ + conf->tls13_sig_algs = sig_algs; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) From 11ceadd382b1edb83031b4fcb10af3fcd11997fd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:36:41 +0100 Subject: [PATCH 0920/1065] Add cmdline param for TLS 1.3 sig alg config to ssl_{client,server}2 Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 90 ++++++++++++++++++++++++++++++++++++-- programs/ssl/ssl_server2.c | 89 ++++++++++++++++++++++++++++++++++++- 2 files changed, 174 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 86c314c35d..17b1ccf939 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -88,6 +88,7 @@ int main( void ) #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_ALPN_STRING NULL #define DFL_CURVES NULL +#define DFL_SIG_ALGS NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_HS_TO_MIN 0 #define DFL_HS_TO_MAX 0 @@ -269,6 +270,15 @@ int main( void ) #define USAGE_CURVES "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +#define USAGE_SIG_ALGS \ + " sig_algs=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" +#else +#define USAGE_SIG_ALGS "" +#endif + #if defined(MBEDTLS_SSL_PROTO_DTLS) #define USAGE_DTLS \ " dtls=%%d default: 0 (TLS)\n" \ @@ -393,6 +403,7 @@ int main( void ) USAGE_ETM \ USAGE_REPRODUCIBLE \ USAGE_CURVES \ + USAGE_SIG_ALGS \ USAGE_DHMLEN \ "\n" @@ -417,9 +428,9 @@ int main( void ) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 - +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 +#define SIG_ALG_LIST_SIZE 5 /* * global options @@ -472,6 +483,7 @@ struct options int reconnect_hard; /* unexpectedly reconnect from the same port */ int tickets; /* enable / disable session tickets */ const char *curves; /* list of supported elliptic curves */ + const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ int transport; /* TLS or DTLS? */ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ @@ -631,6 +643,12 @@ int main( int argc, char *argv[] ) mbedtls_net_context server_fd; io_ctx_t io_ctx; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + unsigned char buf[MAX_REQUEST_SIZE + 1]; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -833,6 +851,7 @@ int main( int argc, char *argv[] ) opt.tickets = DFL_TICKETS; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; + opt.sig_algs = DFL_SIG_ALGS; opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; opt.hs_to_max = DFL_HS_TO_MAX; @@ -1063,6 +1082,12 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "curves" ) == 0 ) opt.curves = q; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if( strcmp( p, "sig_algs" ) == 0 ) + opt.sig_algs = q; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ else if( strcmp( p, "etm" ) == 0 ) { switch( atoi( q ) ) @@ -1450,6 +1475,60 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if( opt.sig_algs != NULL ) + { + p = (char *) opt.sig_algs; + i = 0; + + /* Leave room for a final NULL in signature algorithm list */ + while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256; + } + else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384; + } + else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512; + } + else + { + mbedtls_printf( "unknown signature algorithm %s\n", q ); + mbedtls_printf( "supported signature algorithms: " ); + mbedtls_printf( "ecdsa_secp256r1_sha256 " ); + mbedtls_printf( "ecdsa_secp384r1_sha384 " ); + mbedtls_printf( "ecdsa_secp521r1_sha512 " ); + mbedtls_printf( "\n" ); + goto exit; + } + } + + if( i == ( SIG_ALG_LIST_SIZE - 1 ) && *p != '\0' ) + { + mbedtls_printf( "signature algorithm list too long, maximum %d", + SIG_ALG_LIST_SIZE - 1 ); + goto exit; + } + + sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { @@ -1785,6 +1864,11 @@ int main( int argc, char *argv[] ) } #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( opt.sig_algs != NULL ) + mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.psk_opaque != 0 ) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 83bd617c68..c7110e850e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -119,6 +119,7 @@ int main( void ) #define DFL_SNI NULL #define DFL_ALPN_STRING NULL #define DFL_CURVES NULL +#define DFL_SIG_ALGS NULL #define DFL_DHM_FILE NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_COOKIES 1 @@ -418,6 +419,15 @@ int main( void ) #define USAGE_CURVES "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +#define USAGE_SIG_ALGS \ + " sig_algs=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n" +#else +#define USAGE_SIG_ALGS "" +#endif + #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) #define USAGE_SERIALIZATION \ " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ @@ -484,6 +494,7 @@ int main( void ) USAGE_EMS \ USAGE_ETM \ USAGE_CURVES \ + USAGE_SIG_ALGS \ "\n" #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) @@ -509,8 +520,9 @@ int main( void ) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 +#define SIG_ALG_LIST_SIZE 5 #define PUT_UINT64_BE(out_be,in_le,i) \ { \ @@ -583,6 +595,7 @@ struct options int cache_timeout; /* expiration delay of session cache entries */ char *sni; /* string describing sni information */ const char *curves; /* list of supported elliptic curves */ + const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ const char *dhm_file; /* the file with the DH parameters */ int extended_ms; /* allow negotiation of extended MS? */ @@ -1326,6 +1339,12 @@ int main( int argc, char *argv[] ) size_t context_buf_len = 0; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + uint16_t sig_alg_list[SIG_ALG_LIST_SIZE]; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + int i; char *p, *q; const int *list; @@ -1498,6 +1517,7 @@ int main( int argc, char *argv[] ) opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; + opt.sig_algs = DFL_SIG_ALGS; opt.dhm_file = DFL_DHM_FILE; opt.transport = DFL_TRANSPORT; opt.cookies = DFL_COOKIES; @@ -1665,6 +1685,12 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "curves" ) == 0 ) opt.curves = q; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if( strcmp( p, "sig_algs" ) == 0 ) + opt.sig_algs = q; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && && \ + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ else if( strcmp( p, "renegotiation" ) == 0 ) { opt.renegotiation = (atoi( q )) ? @@ -2172,6 +2198,60 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if( opt.sig_algs != NULL ) + { + p = (char *) opt.sig_algs; + i = 0; + + /* Leave room for a final NULL in signature algorithm list */ + while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256; + } + else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384; + } + else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 ) + { + sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512; + } + else + { + mbedtls_printf( "unknown signature algorithm %s\n", q ); + mbedtls_printf( "supported signature algorithms: " ); + mbedtls_printf( "ecdsa_secp256r1_sha256 " ); + mbedtls_printf( "ecdsa_secp384r1_sha384 " ); + mbedtls_printf( "ecdsa_secp521r1_sha512 " ); + mbedtls_printf( "\n" ); + goto exit; + } + } + + if( i == ( SIG_ALG_LIST_SIZE - 1 ) && *p != '\0' ) + { + mbedtls_printf( "signature algorithm list too long, maximum %d", + SIG_ALG_LIST_SIZE - 1 ); + goto exit; + } + + sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && + MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + #if defined(MBEDTLS_SSL_ALPN) if( opt.alpn_string != NULL ) { @@ -2750,6 +2830,11 @@ int main( int argc, char *argv[] ) } #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if( opt.sig_algs != NULL ) + mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) From 9c6aa7bb9a37ad694de9493941b422f8d4e85887 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 13:50:43 +0100 Subject: [PATCH 0921/1065] Add default values for TLS 1.3 SigAlg configuration Signed-off-by: Hanno Becker --- library/ssl_tls.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e2fb9b66fb..4843e423dd 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6277,6 +6277,41 @@ static int ssl_preset_suiteb_hashes[] = { MBEDTLS_MD_SHA384, MBEDTLS_MD_NONE }; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +static uint16_t ssl_preset_default_sig_algs[] = { + /* ECDSA algorithms */ +#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256, +#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */ +#endif /* MBEDTLS_ECDSA_C */ + /* RSA algorithms */ +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256, +#endif + MBEDTLS_TLS13_SIG_NONE +}; + +static uint16_t ssl_preset_suiteb_sig_algs[] = { + /* ECDSA algorithms */ +#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256, +#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECDSA_C */ + MBEDTLS_TLS13_SIG_NONE +}; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -6391,6 +6426,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) conf->sig_hashes = ssl_preset_suiteb_hashes; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + conf->tls13_sig_algs = ssl_preset_suiteb_sig_algs; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif #if defined(MBEDTLS_ECP_C) @@ -6427,6 +6465,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->sig_hashes = ssl_preset_default_hashes; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + conf->tls13_sig_algs = ssl_preset_default_sig_algs; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_ECP_C) conf->curve_list = ssl_preset_default_curves; #endif From deb68ce2d1935024d24cf85e1ef78528143b917f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 10 Aug 2021 16:04:05 +0100 Subject: [PATCH 0922/1065] Fix guard around TLS 1.3 SigAlg configuration Signed-off-by: Hanno Becker --- library/ssl_tls.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4843e423dd..07d468ca72 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6463,11 +6463,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) conf->sig_hashes = ssl_preset_default_hashes; -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) conf->tls13_sig_algs = ssl_preset_default_sig_algs; #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) conf->curve_list = ssl_preset_default_curves; From 0402979ed39530a894812d9b9361de943bd8530f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 10 Aug 2021 16:45:37 +0800 Subject: [PATCH 0923/1065] Add openssl/gnutls tls1.3 feature tests. Add functions and test cases to make sure tls1.3 is available in openssl/gnutls Change-Id: I797d15117a8de96614f392e6bb2ed16b6d71ba69 Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 77 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 01265ae9b3..9ee6b761db 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -77,6 +77,14 @@ else O_LEGACY_CLI=false fi +if [ -n "${OPENSSL_NEXT:-}" ]; then + O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" + O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client" +else + O_NEXT_SRV=false + O_NEXT_CLI=false +fi + if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" else @@ -346,6 +354,57 @@ requires_openssl_legacy() { fi } +requires_openssl_next() { + if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then + if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then + OPENSSL_NEXT_AVAILABLE="YES" + else + OPENSSL_NEXT_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if tls1_3 is not available +requires_openssl_tls1_3() { + requires_openssl_next + if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then + OPENSSL_TLS1_3_AVAILABLE="NO" + fi + if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then + if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null + then + OPENSSL_TLS1_3_AVAILABLE="YES" + else + OPENSSL_TLS1_3_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_TLS1_3_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if tls1_3 is not available +requires_gnutls_tls1_3() { + requires_gnutls_next + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + GNUTLS_TLS1_3_AVAILABLE="NO" + fi + if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then + if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null + then + GNUTLS_TLS1_3_AVAILABLE="YES" + else + GNUTLS_TLS1_3_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_TLS1_3_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + # skip next test if IPv6 isn't available on this host requires_ipv6() { if [ -z "${HAS_IPV6:-}" ]; then @@ -8487,6 +8546,24 @@ run_test "export keys functionality" \ -c "EAP-TLS IV is:" \ -s "EAP-TLS IV is:" +# openssl feature tests: check if tls1.3 exists. +requires_openssl_tls1_3 +run_test "TLS1.3: Test openssl tls1_3 feature" \ + "$O_NEXT_SRV -tls1_3 -msg" \ + "$O_NEXT_CLI -tls1_3 -msg" \ + 0 \ + -c "TLS 1.3" \ + -s "TLS 1.3" + +# gnutls feature tests: check if tls1.3 exists. +requires_gnutls_tls1_3 +run_test "TLS1.3: Test gnutls tls1_3 feature" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V" \ + 0 \ + -s "Version: TLS1.3" \ + -c "Version: TLS1.3" + # TLS1.3 test cases # TODO: remove or rewrite this test case if #4832 is resolved. requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 From e043d15d75e81fef9c93aba0639a7dba165b4062 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 12 Aug 2021 06:22:32 +0100 Subject: [PATCH 0924/1065] Turn comments of 1.3 record transforms into Doxygen documentation Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 4 ++-- library/ssl_misc.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 34353daffb..960a262e43 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1342,8 +1342,8 @@ struct mbedtls_ssl_context * it references. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - /* The application data transform in TLS 1.3. - * This pointer owns the transform it references. */ + /*! The application data transform in TLS 1.3. + * This pointer owns the transform it references. */ mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_application); #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 174bad88b5..0b64e010bc 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -563,8 +563,8 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - /* TLS 1.3 transforms for 0-RTT and encrypted handshake messages. - * Those pointers own the transforms they reference. */ + /*! TLS 1.3 transforms for 0-RTT and encrypted handshake messages. + * Those pointers own the transforms they reference. */ mbedtls_ssl_transform *transform_handshake; mbedtls_ssl_transform *transform_earlydata; #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From 8ca26923eb71d7ea9615c468bac6f75fa5341eaa Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 23 Jul 2021 19:24:23 +0100 Subject: [PATCH 0925/1065] Add TLS 1.3 ciphersuites Signed-off-by: Hanno Becker --- include/mbedtls/ssl_ciphersuites.h | 7 ++++ library/ssl_ciphersuites.c | 56 ++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 812560c8a1..18e7c98767 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -256,6 +256,13 @@ extern "C" { #define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */ +/* RFC 8446, Appendix B.4 */ +#define MBEDTLS_TLS1_3_AES_128_GCM_SHA256 0x1301 /**< TLS 1.3 */ +#define MBEDTLS_TLS1_3_AES_256_GCM_SHA384 0x1302 /**< TLS 1.3 */ +#define MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256 0x1303 /**< TLS 1.3 */ +#define MBEDTLS_TLS1_3_AES_128_CCM_SHA256 0x1304 /**< TLS 1.3 */ +#define MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256 0x1305 /**< TLS 1.3 */ + /* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange. * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index a3ee157d50..1df1b26b2c 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -52,6 +52,15 @@ static const int ciphersuite_preference[] = #if defined(MBEDTLS_SSL_CIPHERSUITES) MBEDTLS_SSL_CIPHERSUITES, #else +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* TLS 1.3 ciphersuites */ + MBEDTLS_TLS1_3_AES_128_GCM_SHA256, + MBEDTLS_TLS1_3_AES_256_GCM_SHA384, + MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS1_3_AES_128_CCM_SHA256, + MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* Chacha-Poly ephemeral suites */ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, @@ -283,6 +292,53 @@ static const int ciphersuite_preference[] = static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, + MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + 0 }, + { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_SHA256_C && MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, + "TLS1-3-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, + 0 // field not used in TLS 1.3 implementation + }, +#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_CHACHAPOLY_C) && \ defined(MBEDTLS_SHA256_C) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) From e486b2d7bb5dda556590562fad909dc2c2b66642 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 23 Jul 2021 19:24:30 +0100 Subject: [PATCH 0926/1065] Document use of mbedtls_ssl_conf_ciphersuites() for TLS 1.3 Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee3379..f49bf2d98a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2521,21 +2521,45 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * order. First in the list has the highest preference. * (Overrides all version-specific lists) * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_config. + * For TLS 1.2, the notion of ciphersuite determines both + * the key exchange mechanism and the suite of symmetric + * algorithms to be used during and after the handshake. * - * Note: By default, the server chooses its preferred + * For TLS 1.3 (in development), the notion of ciphersuite + * only determines the suite of symmetric algorithmc to be + * used during and after the handshake, while key exchange + * mechanisms are configured separately. + * + * In Mbed TLS, ciphersuites for both TLS 1.2 and TLS 1.3 + * are configured via this function. For users of TLS 1.3, + * there will be separate API for the configuration of key + * exchange mechanisms. + * + * The list of ciphersuites passed to this function may + * contain a mixture of TLS 1.2 and TLS 1.3 ciphersuite + * identifiers. This is useful if negotiation of TLS 1.3 + * should be attempted, but a fallback to TLS 1.2 would + * be tolerated. + * + * \note By default, the server chooses its preferred * ciphersuite among those that the client supports. If * mbedtls_ssl_conf_preference_order() is called to prefer * the client's preferences, the server instead chooses * the client's preferred ciphersuite among those that * the server supports. * - * \param conf SSL configuration - * \param ciphersuites 0-terminated list of allowed ciphersuites + * \warning The ciphersuites array \p ciphersuites is not copied. + * It must remain valid for the lifetime the SSL + * configuration \p conf. + * + * \param conf The SSL configuration to modify. + * \param ciphersuites A 0-terminated list of IANA identifiers of supported + * ciphersuites, accessible through \c MBEDTLS_TLS_XXX + * and \c MBEDTLS_TLS1_3_XXX macros defined in + * ssl_ciphersuites.h. */ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ); + const int *ciphersuites ); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 From ae336852c59973c4642a10009b9db3160cc71215 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 24 Jul 2021 05:27:16 +0100 Subject: [PATCH 0927/1065] Add ssl-opt.sh run to TLS 1.3 test in all.sh Signed-off-by: Hanno Becker --- tests/scripts/all.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5d2710cadc..16926390c4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2454,6 +2454,8 @@ component_test_tls13_experimental_with_padding () { make msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding" make test + msg "ssl-opt.sh (TLS 1.3 experimental)" + if_build_succeeded tests/ssl-opt.sh } component_build_mingw () { From e2defad0bb9c72acc104e8f07b6c7ec252f4aa51 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 24 Jul 2021 05:59:17 +0100 Subject: [PATCH 0928/1065] Fix indentation of pre-existing code-block in ssl_tls.c Signed-off-by: Hanno Becker --- library/ssl_tls.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2306c712c7..97bb7b6470 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6337,20 +6337,20 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { - const unsigned char dhm_p[] = - MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; - const unsigned char dhm_g[] = - MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + { + const unsigned char dhm_p[] = + MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; + const unsigned char dhm_g[] = + MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; - if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, - dhm_p, sizeof( dhm_p ), - dhm_g, sizeof( dhm_g ) ) ) != 0 ) - { - return( ret ); - } - } + if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, + dhm_p, sizeof( dhm_p ), + dhm_g, sizeof( dhm_g ) ) ) != 0 ) + { + return( ret ); + } + } #endif /* From 71f1ed66c2a6c5177be777871b058a11a650795a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 24 Jul 2021 06:01:47 +0100 Subject: [PATCH 0929/1065] Add identifiers and API for configuration of TLS 1.3 key exchanges Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 76 +++++++++++++++++++++++++++++++++++++++++++ library/ssl_tls.c | 15 +++++++++ 2 files changed, 91 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f49bf2d98a..029fa42926 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -169,6 +169,30 @@ /** Invalid value in SSL config */ #define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 +/* + * TLS 1.3 Key Exchange Modes + * + * Mbed TLS internal identifiers for use with the SSL configuration API + * mbedtls_ssl_conf_tls13_key_exchange_modes(). + */ + +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_NONE 0 +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 1 ) +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 2 ) + +/* Convenience macros for sets of key exchanges. */ +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL \ + ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \ + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \ + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL \ + ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \ + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \ + ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL | \ + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) + /* * Various constants */ @@ -1069,6 +1093,11 @@ struct mbedtls_ssl_config /** Allowed ciphersuites for (D)TLS 1.2 (0-terminated) */ const int *MBEDTLS_PRIVATE(ciphersuite_list); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /** Allowed TLS 1.3 key exchange modes. */ + int MBEDTLS_PRIVATE(tls13_kex_modes); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /** Callback for printing debug output */ void (*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *); void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */ @@ -2561,6 +2590,53 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, const int *ciphersuites ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief Set the supported key exchange modes for TLS 1.3 connections. + * + * In contrast to TLS 1.2, the ciphersuite concept in TLS 1.3 does not + * include the choice of key exchange mechanism. It is therefore not + * covered by the API mbedtls_ssl_conf_ciphersuites(). See the + * documentation of mbedtls_ssl_conf_ciphersuites() for more + * information on the ciphersuite concept in TLS 1.2 and TLS 1.3. + * + * The present function is specific to TLS 1.3 and allows users to + * configure the set of supported key exchange mechanisms in TLS 1.3. + * + * \param conf The SSL configuration the change should apply to. + * \param kex_modes A bitwise combination of one or more of the following: + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK + * This flag enables pure-PSK key exchanges. + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL + * This flag enables combined PSK-ephemeral key exchanges. + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL + * This flag enables pure-ephemeral key exchanges. + * For convenience, the following pre-defined macros are + * available for combinations of the above: + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL + * Includes all of pure-PSK, PSK-ephemeral and pure-ephemeral. + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL + * Includes both pure-PSK and combined PSK-ephemeral + * key exchanges, but excludes pure-ephemeral key exchanges. + * - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL + * Includes both pure-ephemeral and combined PSK-ephemeral + * key exchanges. + * + * \note If a PSK-based key exchange mode shall be supported, applications + * must also use the APIs mbedtls_ssl_conf_psk() or + * mbedtls_ssl_conf_psk_cb() or mbedtls_ssl_conf_psk_opaque() + * to configure the PSKs to be used. + * + * \note If an ECDHE-based key exchange mode shall be supported, + * server-side applications must also provide a certificate via + * mbedtls_ssl_conf_own_cert(). + * + */ + +void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf, + const int kex_modes ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 #define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1 diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 97bb7b6470..4933980cd9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3548,6 +3548,14 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, conf->ciphersuite_list = ciphersuites; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf, + const int kex_modes ) +{ + conf->tls13_kex_modes = kex_modes; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, const mbedtls_x509_crt_profile *profile ) @@ -6353,6 +6361,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, } #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + /* + * Allow all TLS 1.3 key exchange modes by default. + */ + conf->tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* * Preset-specific defaults */ From 2c0f697fbc74795152932466d2c47e0813459724 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 24 Jul 2021 06:27:16 +0100 Subject: [PATCH 0930/1065] Support TLS 1.3 key exchange config in ssl_client2/ssl_server2 Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 56 ++++++++++++++++++++++++++++++++------ programs/ssl/ssl_server2.c | 30 ++++++++++++++++++++ 2 files changed, 77 insertions(+), 9 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 86c314c35d..f40897397c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -65,6 +65,7 @@ int main( void ) #define DFL_ECJPAKE_PW NULL #define DFL_EC_MAX_OPS -1 #define DFL_FORCE_CIPHER 0 +#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL #define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 @@ -335,6 +336,14 @@ int main( void ) #define USAGE_SERIALIZATION "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define USAGE_TLS13_KEY_EXCHANGE_MODES \ + " tls13_kex_modes=%%s default: all\n" \ + " options: psk, psk_ephemeral, ephemeral, psk_all, all\n" +#else +#define USAGE_TLS13_KEY_EXCHANGE_MODES "" +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + /* USAGE is arbitrarily split to stay under the portable string literal * length limit: 4095 bytes in C99. */ #define USAGE1 \ @@ -403,18 +412,19 @@ int main( void ) #endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #define USAGE4 \ - " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1_2)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ - " force_version=%%s default: \"\" (none)\n" \ + " allow_sha1=%%d default: 0\n" \ + " min_version=%%s default: (library default: tls1_2)\n" \ + " max_version=%%s default: (library default: tls1_2)\n" \ + " force_version=%%s default: \"\" (none)\n" \ " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ - "\n\n" \ - " force_ciphersuite= default: all enabled\n"\ - " query_config= return 0 if the specified\n" \ + "\n\n" \ + " force_ciphersuite= default: all enabled\n" \ + USAGE_TLS13_KEY_EXCHANGE_MODES \ + " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ " otherwise. The expansion of the macro\n" \ - " is printed if it is defined\n" \ - USAGE_SERIALIZATION \ + " is printed if it is defined\n" \ + USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" #define ALPN_LIST_SIZE 10 @@ -453,6 +463,9 @@ struct options const char *ecjpake_pw; /* the EC J-PAKE password */ int ec_max_ops; /* EC consecutive operations limit */ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ int renegotiation; /* enable / disable renegotiation */ int allow_legacy; /* allow legacy renegotiation */ int renegotiate; /* attempt renegotiation? */ @@ -814,6 +827,9 @@ int main( int argc, char *argv[] ) opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.ec_max_ops = DFL_EC_MAX_OPS; opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + opt.tls13_kex_modes = DFL_TLS13_KEX_MODES; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; @@ -1072,6 +1088,24 @@ int main( int argc, char *argv[] ) default: goto usage; } } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( p, "tls13_kex_modes" ) == 0 ) + { + if( strcmp( q, "psk_pure" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK; + else if( strcmp(q, "psk_ephemeral" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; + else if( strcmp(q, "ephemeral_pure" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL; + else if( strcmp(q, "ephemeral_all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL; + else if( strcmp( q, "psk_all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL; + else if( strcmp( q, "all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL; + else goto usage; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else if( strcmp( p, "min_version" ) == 0 ) { if( strcmp( q, "tls1_2" ) == 0 || @@ -1748,6 +1782,10 @@ int main( int argc, char *argv[] ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_ssl_conf_tls13_key_exchange_modes( &conf, opt.tls13_kex_modes ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + if( opt.allow_legacy != DFL_ALLOW_LEGACY ) mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); #if defined(MBEDTLS_SSL_RENEGOTIATION) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 83bd617c68..25cdb40c77 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -95,6 +95,7 @@ int main( void ) #define DFL_ECJPAKE_PW NULL #define DFL_PSK_LIST NULL #define DFL_FORCE_CIPHER 0 +#define DFL_TLS13_KEX_MODES MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL #define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 @@ -564,6 +565,9 @@ struct options char *psk_list; /* list of PSK id/key pairs for callback */ const char *ecjpake_pw; /* the EC J-PAKE password */ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ int renegotiation; /* enable / disable renegotiation */ int allow_legacy; /* allow legacy renegotiation */ int renegotiate; /* attempt renegotiation? */ @@ -1478,6 +1482,9 @@ int main( int argc, char *argv[] ) opt.psk_list = DFL_PSK_LIST; opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + opt.tls13_kex_modes = DFL_TLS13_KEX_MODES; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; @@ -1714,6 +1721,25 @@ int main( int argc, char *argv[] ) if( opt.exchanges < 0 ) goto usage; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( p, "tls13_kex_modes" ) == 0 ) + { + if( strcmp( q, "psk_pure" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK; + else if( strcmp(q, "psk_ephemeral" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; + else if( strcmp(q, "ephemeral_pure" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL; + else if( strcmp(q, "ephemeral_all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL; + else if( strcmp( q, "psk_all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL; + else if( strcmp( q, "all" ) == 0 ) + opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL; + else goto usage; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + else if( strcmp( p, "min_version" ) == 0 ) { if( strcmp( q, "tls1_2" ) == 0 || @@ -2610,6 +2636,10 @@ int main( int argc, char *argv[] ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + mbedtls_ssl_conf_tls13_key_exchange_modes( &conf, opt.tls13_kex_modes ); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + if( opt.allow_legacy != DFL_ALLOW_LEGACY ) mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); #if defined(MBEDTLS_SSL_RENEGOTIATION) From 932064d6603ef632d525e329a30c339934bd38b3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 24 Jul 2021 06:45:50 +0100 Subject: [PATCH 0931/1065] Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex parameters Those tests are so far only checking that ssl_client2/ssl_server2 recognize the arguments, nothing more. Signed-off-by: Hanno Becker --- tests/ssl-opt.sh | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 01265ae9b3..56c4a5fba7 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1453,6 +1453,40 @@ run_test "SHA-256 allowed by default in client certificate" \ "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \ 0 +# Dummy TLS 1.3 test +# Currently only checking that passing TLS 1.3 key exchange modes to +# ssl_client2/ssl_server2 example programs works. +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: PSK only" \ + "$P_SRV tls13_kex_modes=psk_pure" \ + "$P_CLI tls13_kex_modes=psk_pure" \ + 0 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: PSK-ephemeral only" \ + "$P_SRV tls13_kex_modes=psk_ephemeral" \ + "$P_CLI tls13_kex_modes=psk_ephemeral" \ + 0 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: Pure-ephemeral only" \ + "$P_SRV tls13_kex_modes=ephemeral_pure" \ + "$P_CLI tls13_kex_modes=ephemeral_pure" \ + 0 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: All ephemeral" \ + "$P_SRV tls13_kex_modes=ephemeral_all" \ + "$P_CLI tls13_kex_modes=ephemeral_all" \ + 0 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: All PSK" \ + "$P_SRV tls13_kex_modes=psk_all" \ + "$P_CLI tls13_kex_modes=psk_all" \ + 0 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +run_test "TLS 1.3, key exchange mode parameter passing: All" \ + "$P_SRV tls13_kex_modes=all" \ + "$P_CLI tls13_kex_modes=all" \ + 0 + # Tests for datagram packing run_test "DTLS: multiple records in same datagram, client and server" \ "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ From a2535931acfb8ad0b0b3aa977ce4a740b00711c9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:20:54 +0100 Subject: [PATCH 0932/1065] Add Doxygen documentation for TLS 1.3 key exchange macros Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 029fa42926..327184c2de 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -176,22 +176,27 @@ * mbedtls_ssl_conf_tls13_key_exchange_modes(). */ -#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_NONE 0 -#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) -#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 1 ) -#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 2 ) +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange, + * encompassing both externally agreed PSKs + * as well as resumption PSKs. */ +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges, + * including for example ECDHE and DHE + * key exchanges. */ +#define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges, + * using both a PSK and an ephemeral + * key exchange. */ /* Convenience macros for sets of key exchanges. */ #define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL \ ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \ MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \ - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */ #define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL \ ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK | \ - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */ #define MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \ ( MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL | \ - MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) + MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */ /* * Various constants From d4fa9bc7104d9996da72e2b1af2e6ccc6bb06806 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:21:05 +0100 Subject: [PATCH 0933/1065] Remove outdated mentioning of version-specific ciphersuite config Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 327184c2de..997cd686d8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2553,7 +2553,6 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, /** * \brief Set the list of allowed ciphersuites and the preference * order. First in the list has the highest preference. - * (Overrides all version-specific lists) * * For TLS 1.2, the notion of ciphersuite determines both * the key exchange mechanism and the suite of symmetric From 674f9480cf97f12d5cc26955c3f3b2a359f6e8a6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:21:19 +0100 Subject: [PATCH 0934/1065] Fix typo: algorithmc -> algorithms Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 997cd686d8..5d0cf3edb5 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2559,7 +2559,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * algorithms to be used during and after the handshake. * * For TLS 1.3 (in development), the notion of ciphersuite - * only determines the suite of symmetric algorithmc to be + * only determines the suite of symmetric algorithms to be * used during and after the handshake, while key exchange * mechanisms are configured separately. * From 5d045a8b89a34b8dc5e8f68f478eacb5156c2a82 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:21:30 +0100 Subject: [PATCH 0935/1065] Stick to 'ephemeral' instead of ECDHE for TLS 1.3 key exchanges Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5d0cf3edb5..70dc501c0b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2631,7 +2631,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, * mbedtls_ssl_conf_psk_cb() or mbedtls_ssl_conf_psk_opaque() * to configure the PSKs to be used. * - * \note If an ECDHE-based key exchange mode shall be supported, + * \note If a pure-ephemeral key exchange mode shall be supported, * server-side applications must also provide a certificate via * mbedtls_ssl_conf_own_cert(). * From 30319f1f889863afd60a87a292602992297d3c6c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:21:55 +0100 Subject: [PATCH 0936/1065] Remove misplaced comment in TLS 1.3 ciphersuite definitions Signed-off-by: Hanno Becker --- library/ssl_ciphersuites.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 1df1b26b2c..9a416c811d 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -334,8 +334,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, - 0 // field not used in TLS 1.3 implementation - }, + 0 }, #endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From cfa4d4b3f5b229ec8491d9bb72435d306db6039f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:22:06 +0100 Subject: [PATCH 0937/1065] ssl_client2: Adjust usage string to recognized cmd line parameter Signed-off-by: Hanno Becker --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index f40897397c..223b7bff2f 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -339,7 +339,7 @@ int main( void ) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #define USAGE_TLS13_KEY_EXCHANGE_MODES \ " tls13_kex_modes=%%s default: all\n" \ - " options: psk, psk_ephemeral, ephemeral, psk_all, all\n" + " options: psk_pure, psk_ephemeral, ephemeral_pure, ephemeral_all, psk_all, all\n" #else #define USAGE_TLS13_KEY_EXCHANGE_MODES "" #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From a9e4e6fd6f3648400b5f26913cfec349a91570b7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 2 Aug 2021 21:22:28 +0100 Subject: [PATCH 0938/1065] ssl_server2: Add usage string for TLS 1.3 key exchange modes Signed-off-by: Hanno Becker --- programs/ssl/ssl_server2.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 25cdb40c77..87558f54cb 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -433,6 +433,15 @@ int main( void ) #define USAGE_SERIALIZATION "" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define USAGE_TLS13_KEY_EXCHANGE_MODES \ + " tls13_kex_modes=%%s default: all\n" \ + " options: psk_pure, psk_ephemeral, ephemeral_pure, ephemeral_all, psk_all, all\n" +#else +#define USAGE_TLS13_KEY_EXCHANGE_MODES "" +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + + /* USAGE is arbitrarily split to stay under the portable string literal * length limit: 4095 bytes in C99. */ #define USAGE1 \ @@ -496,18 +505,19 @@ int main( void ) #define USAGE4 \ USAGE_SSL_ASYNC \ USAGE_SNI \ - " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1_2)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ - " force_version=%%s default: \"\" (none)\n" \ + " allow_sha1=%%d default: 0\n" \ + " min_version=%%s default: (library default: tls1_2)\n" \ + " max_version=%%s default: (library default: tls1_2)\n" \ + " force_version=%%s default: \"\" (none)\n" \ " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ - "\n\n" \ - " force_ciphersuite= default: all enabled\n" \ - " query_config= return 0 if the specified\n" \ + "\n\n" \ + " force_ciphersuite= default: all enabled\n" \ + USAGE_TLS13_KEY_EXCHANGE_MODES \ + " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ " otherwise. The expansion of the macro\n" \ - " is printed if it is defined\n" \ - USAGE_SERIALIZATION \ + " is printed if it is defined\n" \ + USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" #define ALPN_LIST_SIZE 10 From 7dd2f504b3ebeda92cdf7e80135db2026b0356bd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 24 Apr 2021 13:35:41 +0200 Subject: [PATCH 0939/1065] Allow configuring MBEDTLS_TLS_EXT_CID at compile time The numerical identifier of the CID extension hasn't been settled yet and different implementations use values from different drafts. Allow configuring the value at compile time. Signed-off-by: Gilles Peskine --- ChangeLog.d/tls_ext_cid-config.txt | 3 +++ include/mbedtls/mbedtls_config.h | 11 +++++++++++ include/mbedtls/ssl.h | 8 +++++++- 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/tls_ext_cid-config.txt diff --git a/ChangeLog.d/tls_ext_cid-config.txt b/ChangeLog.d/tls_ext_cid-config.txt new file mode 100644 index 0000000000..b7b1e72443 --- /dev/null +++ b/ChangeLog.d/tls_ext_cid-config.txt @@ -0,0 +1,3 @@ +Features + * The identifier of the CID TLS extension can be configured by defining + MBEDTLS_TLS_EXT_CID at compile time. diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a60db7e930..d470c0054b 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3194,6 +3194,17 @@ //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ +/** \def MBEDTLS_TLS_EXT_CID + * + * At the time of writing, the CID extension has not been assigned its + * final value. Set this configuration option to make Mbed TLS use a + * different value. + * + * A future minor revision of Mbed TLS may change the default value of + * this option to match evolving standards and usage. + */ +//#define MBEDTLS_TLS_EXT_CID 254 + /** * Complete list of ciphersuites to use, in order of preference. * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 221cee3379..167d741a03 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -425,8 +425,14 @@ /* The value of the CID extension is still TBD as of * draft-ietf-tls-dtls-connection-id-05 - * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) */ + * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05). + * + * A future minor revision of Mbed TLS may change the default value of + * this option to match evolving standards and usage. + */ +#if !defined(MBEDTLS_TLS_EXT_CID) #define MBEDTLS_TLS_EXT_CID 254 /* TBD */ +#endif #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ From 0dc86b5a2ac807deaa26fa6a7975ac1d5b4ec1d9 Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 14 Jul 2021 13:59:48 +0530 Subject: [PATCH 0940/1065] Remove dependency of builtin keys on storage The psa_open_key API depends on MBEDTLS_PSA_CRYPTO_STORAGE_C. This is unnecessary for builtin keys and so is fixed. Updated an open_fail test vector keeping with the same. Signed-off-by: Archana --- library/psa_crypto_slot_management.c | 7 ++++--- tests/suites/test_suite_psa_crypto_slot_management.data | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4131e3cc47..32a6bb259e 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -470,7 +470,8 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ) psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) { -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ + defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_status_t status; psa_key_slot_t *slot; @@ -488,11 +489,11 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) return( psa_unlock_key_slot( slot ) ); -#else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) key; *handle = PSA_KEY_HANDLE_INIT; return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } psa_status_t psa_close_key( psa_key_handle_t handle ) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 68b196d32a..1477734165 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -160,7 +160,7 @@ depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT Open not supported -depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS open_fail:1:PSA_ERROR_NOT_SUPPORTED Create not supported From f7fce9200c73bbbfc92116a94f8d1d856422096e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 13:16:08 +0800 Subject: [PATCH 0941/1065] Remove rsa_pss_rsae_sha256 from preset_sig_algs. To keep consistent with ssl_{clien2t,server2}. Change-Id: I08dbe47a3d9b778ba3acad283f608fef4e63c626 CustomizedGitHooks: yes Signed-off-by: Jerry Yu --- library/ssl_tls.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 07d468ca72..f97b47376e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6292,10 +6292,6 @@ static uint16_t ssl_preset_default_sig_algs[] = { MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512, #endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #endif /* MBEDTLS_ECDSA_C */ - /* RSA algorithms */ -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256, -#endif MBEDTLS_TLS13_SIG_NONE }; From 7899de839cf26941be5525402078752839cdf6d7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 13:09:23 +0800 Subject: [PATCH 0942/1065] fix comments and format issues Change-Id: I927d97f9d788389d6abb9edbda0f7c3e2f8e9b63 CustomizedGitHooks: yes Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 9 +++++---- library/ssl_tls.c | 9 +-------- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c62f730b3e..c867e025c4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1184,7 +1184,7 @@ struct mbedtls_ssl_config const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - const uint16_t* MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms in TLS 1.3 */ + const uint16_t *MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms for TLS 1.3 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif @@ -3036,9 +3036,10 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * \brief Configure allowed signature algorithms for use in TLS 1.3 * * \param conf The SSL configuration to use. - * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, - * with the most preferred algorithm listed first. Supported values - * are available as \c MBEDTLS_TLS13_SIG_XXX. + * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, + * terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain + * available throughout the liftime of the conf object. Supported + * values are available as \c MBEDTLS_TLS13_SIG_XXXX */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, const uint16_t* sig_algs ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f97b47376e..909a32a594 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3935,14 +3935,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -/** - * \brief Configure allowed signature algorithms for use in TLS 1.3 - * - * \param conf The SSL configuration to use. - * \param sig_algs A 0-terminated list of IANA values for TLS 1.3 signature algorithms, - * with the most preferred algorithm listed first. Supported values - * are available as \c MBEDTLS_TLS13_SIG_XXX. - */ +/* Configure allowed signature algorithms for use in TLS 1.3 */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, const uint16_t* sig_algs ) { From 7276f13c9385fdaba52be47a6a528a9e7217dd35 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 18:25:48 +0800 Subject: [PATCH 0943/1065] fix comments for sig_algs parser Change-Id: I68bd691c4b67fb18ff9d55ead34f5517b1b981de Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 17b1ccf939..08f993466d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1482,7 +1482,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final NULL in signature algorithm list */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c7110e850e..d5ec6a7cd4 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2205,7 +2205,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final NULL in signature algorithm list */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; From 8c51b73c86beca145271acdfa400631e5456fd7d Mon Sep 17 00:00:00 2001 From: lhuang04 Date: Sat, 14 Aug 2021 05:56:07 -0700 Subject: [PATCH 0944/1065] Update CMake version for CMP0090 Summary: [CMP0090](https://cmake.org/cmake/help/latest/policy/CMP0090.html) was introduced in CMake version 3.15. The CMake version guard should be greater or equal to 3.15. My cmake version is 3.14.5, and run into the following error. ``` cmake --version cmake version 3.14.5 ``` ``` CMake Error at CMakeLists.txt:338 (cmake_policy): Policy "CMP0090" is not known to this version of CMake. -- Configuring incomplete, errors occurred! Test Plan: ``` cmake ``` Signed-off-by: lhuang04 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index cf74af53c4..210aba4893 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -330,7 +330,7 @@ install( DESTINATION "cmake" FILE "MbedTLSTargets.cmake") -if(CMAKE_VERSION VERSION_GREATER 3.14) +if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15) # Do not export the package by default cmake_policy(SET CMP0090 NEW) From 447a3bee1774e260d53dd3df47ebbe00f9a26f82 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 09:55:32 +0800 Subject: [PATCH 0945/1065] fix wrong typo and format issues Change-Id: I99a4c7d28c26bfcc43bc8947485d1dfafb6974dc Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c867e025c4..f537e864a9 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3038,7 +3038,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, * terminated by \c MBEDTLS_TLS13_SIG_NONE. The list must remain - * available throughout the liftime of the conf object. Supported + * available throughout the lifetime of the conf object. Supported * values are available as \c MBEDTLS_TLS13_SIG_XXXX */ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf, diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 08f993466d..1400961b8c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1482,7 +1482,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d5ec6a7cd4..b9a789e729 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2205,7 +2205,7 @@ int main( int argc, char *argv[] ) p = (char *) opt.sig_algs; i = 0; - /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list(sig_alg_list) */ + /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */ while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' ) { q = p; From 50dde56543f28fe138f55afea72ce161f61ddf27 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 22 Jun 2021 15:51:53 +0100 Subject: [PATCH 0946/1065] Implement byte reading macros into library/ To improve readability by saving horizontal and vertical space. Removed unecessary & 0xFF. Byte reading macros implemented in library/common.h, All files containing "& 0xff" were modified. Comments/Documentation not yet added to the macro definitions. Fixes #4274 Signed-off-by: Joe Subbiani --- library/common.h | 10 ++++++++++ library/ctr_drbg.c | 8 ++++---- library/nist_kw.c | 2 +- library/psa_crypto.c | 4 ++-- library/psa_its_file.c | 16 ++++++++-------- library/ssl_msg.c | 14 +++++++------- library/ssl_ticket.c | 4 ++-- 7 files changed, 34 insertions(+), 24 deletions(-) diff --git a/library/common.h b/library/common.h index 9e4b0312b1..baef72d480 100644 --- a/library/common.h +++ b/library/common.h @@ -66,4 +66,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS +/** Byte Reading Macros + * + * To tidy up code and save horizontal and vertical space, use byte + * reading macros to cast + */ +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index b664fb0fc7..d52d9ef254 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = ( data_len >> 24 ) & 0xff; - *p++ = ( data_len >> 16 ) & 0xff; - *p++ = ( data_len >> 8 ) & 0xff; - *p++ = ( data_len ) & 0xff; + *p++ = BYTE_3( data_len ); + *p++ = BYTE_2( data_len ); + *p++ = BYTE_1( data_len ); + *p++ = BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/nist_kw.c b/library/nist_kw.c index 5054ca206b..3fff2b7f85 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -169,7 +169,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; + A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); } } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3574b9842a..b46e023e5d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = ( data_length >> 8 ) & 0xff; - *cur++ = ( data_length >> 0 ) & 0xff; + *cur++ = BYTE_1( data_length ); + *cur++ = BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 492be1c711..66043b502e 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = data_length & 0xff; - header.size[1] = ( data_length >> 8 ) & 0xff; - header.size[2] = ( data_length >> 16 ) & 0xff; - header.size[3] = ( data_length >> 24 ) & 0xff; - header.flags[0] = create_flags & 0xff; - header.flags[1] = ( create_flags >> 8 ) & 0xff; - header.flags[2] = ( create_flags >> 16 ) & 0xff; - header.flags[3] = ( create_flags >> 24 ) & 0xff; + header.size[0] = BYTE_0( data_length ); + header.size[1] = BYTE_1( data_length ); + header.size[2] = BYTE_2( data_length ); + header.size[3] = BYTE_3( data_length ); + header.flags[0] = BYTE_0( create_flags ); + header.flags[1] = BYTE_1( create_flags ); + header.flags[2] = BYTE_2( create_flags ); + header.flags[3] = BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a03f19251d..1fd9420c24 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,14 +2254,14 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); + + ssl->out_msg[6] = BYTE_2( frag_off ); + ssl->out_msg[7] = BYTE_1( frag_off ); + ssl->out_msg[8] = BYTE_0( frag_off ); - ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); - ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); - ssl->out_msg[8] = ( ( frag_off ) & 0xff ); - - ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); - ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); - ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); + ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 940e1a67a2..29d8345750 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; - state_len_bytes[1] = ( clear_len ) & 0xff; + state_len_bytes[0] = BYTE_1( clear_len ); + state_len_bytes[1] = BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 3b394509da07fd7b78a9d9396d838bd588c6ba59 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:23:44 +0100 Subject: [PATCH 0947/1065] Move BYTES_TO_U32_LE to common.h The macro BYTES_TO_U32_LE appears in poly1305.c and chacha20.c. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/chacha20.c | 7 ------- library/common.h | 14 ++++++++++++-- library/poly1305.c | 7 ------- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 78467d3fc6..9862ea535a 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -54,13 +54,6 @@ #define CHACHA20_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - #define ROTL32( value, amount ) \ ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) diff --git a/library/common.h b/library/common.h index baef72d480..500e5d4c7d 100644 --- a/library/common.h +++ b/library/common.h @@ -71,9 +71,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/** + * + */ +#define BYTES_TO_U32_LE( data, offset ) \ + ( (uint32_t) (data)[offset] \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ + | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ + ) + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/poly1305.c b/library/poly1305.c index 492d1457d4..a30b1707ed 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -52,13 +52,6 @@ #define POLY1305_BLOCK_SIZE_BYTES ( 16U ) -#define BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ - ) - /* * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. * However we provided an alternative for platforms without such a multiplier. From 30d974c232cfdff6b91856c99ac8c11de3135915 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 11:49:03 +0100 Subject: [PATCH 0948/1065] Move UINT32_BE macros to common.h 32-bit integer manipulation macros (big edian): GET_UINT32_BE and PUT_UINT32_BE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Signed-off-by: Joe Subbiani --- library/camellia.c | 23 ----------------------- library/common.h | 23 +++++++++++++++++++++++ library/des.c | 23 ----------------------- library/gcm.c | 23 ----------------------- library/nist_kw.c | 20 -------------------- library/sha1.c | 23 ----------------------- library/sha256.c | 23 ----------------------- 7 files changed, 23 insertions(+), 135 deletions(-) diff --git a/library/camellia.c b/library/camellia.c index f7e013611b..0817b1d292 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -49,29 +49,6 @@ #define CAMELLIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - static const unsigned char SIGMA_CHARS[6][8] = { { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b }, diff --git a/library/common.h b/library/common.h index 500e5d4c7d..b3b70dc62f 100644 --- a/library/common.h +++ b/library/common.h @@ -76,6 +76,29 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + /** * */ diff --git a/library/des.c b/library/des.c index eddf55e789..36ea277760 100644 --- a/library/des.c +++ b/library/des.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_DES_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Expanded DES S-boxes */ diff --git a/library/gcm.c b/library/gcm.c index 835b1b2853..c8254876dd 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -58,29 +58,6 @@ #define GCM_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - /* * Initialize a context */ diff --git a/library/nist_kw.c b/library/nist_kw.c index 3fff2b7f85..c0eed674c1 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -77,26 +77,6 @@ static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, /*! The 32-bit default integrity check value (ICV) for KWP mode. */ static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6}; -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - /* * Initialize context */ diff --git a/library/sha1.c b/library/sha1.c index 545d093109..9beaee5a54 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -48,29 +48,6 @@ #if !defined(MBEDTLS_SHA1_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { SHA1_VALIDATE( ctx != NULL ); diff --git a/library/sha256.c b/library/sha256.c index 6ec6da296a..f548c672ea 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -50,29 +50,6 @@ #if !defined(MBEDTLS_SHA256_ALT) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { SHA256_VALIDATE( ctx != NULL ); From 54c6134ff7de2ccc5d5cc2ef55f766d9a3a1fbdb Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 12:16:47 +0100 Subject: [PATCH 0949/1065] Move UINT32_LE macros to common.h 32-bit integer manipulation macros (little edian): GET_UINT32_LE and PUT_UINT32_LE appear in several files in library/. Removes duplicate code and save vertical space the macro has been moved to common.h. Improves maintainability. Also provided brief comment in common.h for BYTES_TO_U32_LE. comment/documentation will probably need to be edited further for all recent additions to library/common.h Signed-off-by: Joe Subbiani --- library/aes.c | 23 ----------------------- library/aria.c | 23 ----------------------- library/common.h | 25 ++++++++++++++++++++++++- library/md5.c | 23 ----------------------- library/psa_crypto_storage.c | 23 ----------------------- library/ripemd160.c | 23 ----------------------- 6 files changed, 24 insertions(+), 116 deletions(-) diff --git a/library/aes.c b/library/aes.c index a15a80924a..7b4fb869e0 100644 --- a/library/aes.c +++ b/library/aes.c @@ -57,29 +57,6 @@ #define AES_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - #if defined(MBEDTLS_PADLOCK_C) && \ ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) static int aes_padlock_ace = -1; diff --git a/library/aria.c b/library/aria.c index a5786b37ab..d7d2bea7c8 100644 --- a/library/aria.c +++ b/library/aria.c @@ -55,29 +55,6 @@ #define ARIA_VALIDATE( cond ) \ MBEDTLS_INTERNAL_VALIDATE( cond ) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * diff --git a/library/common.h b/library/common.h index b3b70dc62f..c2cf633c99 100644 --- a/library/common.h +++ b/library/common.h @@ -99,8 +99,31 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +} +#endif + /** - * + * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ diff --git a/library/md5.c b/library/md5.c index d7f8cee468..d8f637da83 100644 --- a/library/md5.c +++ b/library/md5.c @@ -43,29 +43,6 @@ #if !defined(MBEDTLS_MD5_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_md5_init( mbedtls_md5_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_md5_context ) ); diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 09cbab4c4d..36b518350c 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,29 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE( n, b, i ) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - /* * 16-bit integer manipulation macros (little endian) */ diff --git a/library/ripemd160.c b/library/ripemd160.c index d2ccbbec47..d60654e952 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -44,29 +44,6 @@ #if !defined(MBEDTLS_RIPEMD160_ALT) -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); From c4f3d5b38e4e1e88237f67380246c5f2fdeec7fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 23 Jun 2021 17:58:41 +0100 Subject: [PATCH 0950/1065] Add do-while protection to macros missed do-while around function-like macros (UINT32_BE and UINT_LE macros) originally present in the indivdual files, before being moved to common.h. Signed-off-by: Joe Subbiani --- library/common.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/common.h b/library/common.h index c2cf633c99..56514b3436 100644 --- a/library/common.h +++ b/library/common.h @@ -81,22 +81,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_BE #define GET_UINT32_BE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ | ( (uint32_t) (b)[(i) + 2] << 8 ) \ | ( (uint32_t) (b)[(i) + 3] ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_BE #define PUT_UINT32_BE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +} while( 0 ) #endif /* @@ -104,22 +104,22 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c */ #ifndef GET_UINT32_LE #define GET_UINT32_LE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ | ( (uint32_t) (b)[(i) + 2] << 16 ) \ | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_LE #define PUT_UINT32_LE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} +} while( 0 ) #endif /** From 6f2bb0c8efd7fb3a74ececd00b9ca507f5494efe Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 09:06:23 +0100 Subject: [PATCH 0951/1065] Remove trailing whitespace Trailing white spaces causing check_files.py to fail Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- library/ssl_msg.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index 56514b3436..b6b7d01d9d 100644 --- a/library/common.h +++ b/library/common.h @@ -67,8 +67,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_ALLOW_PRIVATE_ACCESS /** Byte Reading Macros - * - * To tidy up code and save horizontal and vertical space, use byte + * + * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ #define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) @@ -122,7 +122,7 @@ do { \ } while( 0 ) #endif -/** +/** * 32-bit integer conversion from bytes (little endian) */ #define BYTES_TO_U32_LE( data, offset ) \ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 1fd9420c24..f3dbba82b9 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2254,7 +2254,7 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - + ssl->out_msg[6] = BYTE_2( frag_off ); ssl->out_msg[7] = BYTE_1( frag_off ); ssl->out_msg[8] = BYTE_0( frag_off ); From 9aaec54e57e3ec869ad47ed0f6b67761b74f17fd Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 11:00:08 +0100 Subject: [PATCH 0952/1065] Undo use of BYTE_x macro The use of the BYTE_x macro in nist_kw did not seem appropriate in hind sight as it is working with a character array not an int Signed-off-by: Joe Subbiani --- library/nist_kw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/nist_kw.c b/library/nist_kw.c index c0eed674c1..174a1eef13 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -149,7 +149,7 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) size_t i = 0; for( i = 0; i < sizeof( t ); i++ ) { - A[i] ^= BYTE_0( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ); + A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; } } From 5ecac217f01aee0f73cffcb30e8b32f00921299f Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 13:00:03 +0100 Subject: [PATCH 0953/1065] Prefixed macros with MBEDTLS As per tests/scripts/check-names.sh, macros in library/ header files should be prefixed with MBEDTLS_ The macro functions in common.h where also indented to comply with the same test Signed-off-by: Joe Subbiani --- library/aes.c | 34 ++++++++--------- library/aria.c | 34 ++++++++--------- library/camellia.c | 22 +++++------ library/chacha20.c | 22 +++++------ library/common.h | 74 ++++++++++++++++++------------------ library/ctr_drbg.c | 8 ++-- library/des.c | 20 +++++----- library/gcm.c | 34 ++++++++--------- library/md5.c | 44 ++++++++++----------- library/nist_kw.c | 4 +- library/poly1305.c | 24 ++++++------ library/psa_crypto.c | 4 +- library/psa_crypto_storage.c | 24 ++++++------ library/psa_its_file.c | 16 ++++---- library/ripemd160.c | 46 +++++++++++----------- library/sha1.c | 46 +++++++++++----------- library/sha256.c | 24 ++++++------ library/ssl_msg.c | 12 +++--- library/ssl_ticket.c | 4 +- 19 files changed, 248 insertions(+), 248 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7b4fb869e0..db726fe36b 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - GET_UINT32_LE( RK[i], key, i << 2 ); + MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -887,10 +887,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; + MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -951,10 +951,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); - PUT_UINT32_LE( t.X[0], output, 0 ); - PUT_UINT32_LE( t.X[1], output, 4 ); - PUT_UINT32_LE( t.X[2], output, 8 ); - PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); mbedtls_platform_zeroize( &t, sizeof( t ) ); diff --git a/library/aria.c b/library/aria.c index d7d2bea7c8..a6319d3e29 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,7 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/PUT_UINT32_LE) so we need to reverse bytes here. + * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) @@ -433,21 +433,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - GET_UINT32_LE( w[0][0], key, 0 ); - GET_UINT32_LE( w[0][1], key, 4 ); - GET_UINT32_LE( w[0][2], key, 8 ); - GET_UINT32_LE( w[0][3], key, 12 ); + MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); + MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); + MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); + MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - GET_UINT32_LE( w[1][1], key, 20 ); + MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key + MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); } if( keybits == 256 ) { - GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - GET_UINT32_LE( w[1][3], key, 28 ); + MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key + MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -524,10 +524,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - GET_UINT32_LE( a, input, 0 ); - GET_UINT32_LE( b, input, 4 ); - GET_UINT32_LE( c, input, 8 ); - GET_UINT32_LE( d, input, 12 ); + MBEDTLS_GET_UINT32_LE( a, input, 0 ); + MBEDTLS_GET_UINT32_LE( b, input, 4 ); + MBEDTLS_GET_UINT32_LE( c, input, 8 ); + MBEDTLS_GET_UINT32_LE( d, input, 12 ); i = 0; while( 1 ) @@ -559,10 +559,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; - PUT_UINT32_LE( a, output, 0 ); - PUT_UINT32_LE( b, output, 4 ); - PUT_UINT32_LE( c, output, 8 ); - PUT_UINT32_LE( d, output, 12 ); + MBEDTLS_PUT_UINT32_LE( a, output, 0 ); + MBEDTLS_PUT_UINT32_LE( b, output, 4 ); + MBEDTLS_PUT_UINT32_LE( c, output, 8 ); + MBEDTLS_PUT_UINT32_LE( d, output, 12 ); return( 0 ); } diff --git a/library/camellia.c b/library/camellia.c index 0817b1d292..9aab7ab675 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); + MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - GET_UINT32_BE( KC[i], t, i * 4 ); + MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - GET_UINT32_BE( X[0], input, 0 ); - GET_UINT32_BE( X[1], input, 4 ); - GET_UINT32_BE( X[2], input, 8 ); - GET_UINT32_BE( X[3], input, 12 ); + MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); + MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); + MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); + MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; @@ -529,10 +529,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, X[0] ^= *RK++; X[1] ^= *RK++; - PUT_UINT32_BE( X[2], output, 0 ); - PUT_UINT32_BE( X[3], output, 4 ); - PUT_UINT32_BE( X[0], output, 8 ); - PUT_UINT32_BE( X[1], output, 12 ); + MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); + MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); + MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); + MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); return( 0 ); } diff --git a/library/chacha20.c b/library/chacha20.c index 9862ea535a..d0d5741c7b 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index b6b7d01d9d..6dbc808d34 100644 --- a/library/common.h +++ b/library/common.h @@ -71,61 +71,61 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * To tidy up code and save horizontal and vertical space, use byte * reading macros to cast */ -#define BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /* * 32-bit integer manipulation macros (big endian) */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_BE +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ + } while( 0 ) #endif /* * 32-bit integer manipulation macros (little endian) */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} while( 0 ) +#ifndef MBEDTLS_GET_UINT32_LE +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ + do { \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ + } while( 0 ) #endif -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} while( 0 ) +#ifndef MBEDTLS_PUT_UINT32_LE +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ + do { \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ + } while( 0 ) #endif /** * 32-bit integer conversion from bytes (little endian) */ -#define BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index d52d9ef254..68b32a366b 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,10 +152,10 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = BYTE_3( data_len ); - *p++ = BYTE_2( data_len ); - *p++ = BYTE_1( data_len ); - *p++ = BYTE_0( data_len ); + *p++ = MBEDTLS_BYTE_3( data_len ); + *p++ = MBEDTLS_BYTE_2( data_len ); + *p++ = MBEDTLS_BYTE_1( data_len ); + *p++ = MBEDTLS_BYTE_0( data_len ); p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); diff --git a/library/des.c b/library/des.c index 36ea277760..9281747de8 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - GET_UINT32_BE( X, key, 0 ); - GET_UINT32_BE( Y, key, 4 ); + MBEDTLS_GET_UINT32_BE( X, key, 0 ); + MBEDTLS_GET_UINT32_BE( Y, key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -623,8 +623,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - GET_UINT32_BE( X, input, 0 ); - GET_UINT32_BE( Y, input, 4 ); + MBEDTLS_GET_UINT32_BE( X, input, 0 ); + MBEDTLS_GET_UINT32_BE( Y, input, 4 ); DES_IP( X, Y ); @@ -722,8 +722,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, DES_FP( Y, X ); - PUT_UINT32_BE( Y, output, 0 ); - PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); + MBEDTLS_PUT_UINT32_BE( X, output, 4 ); return( 0 ); } diff --git a/library/gcm.c b/library/gcm.c index c8254876dd..3caeed26de 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - GET_UINT32_BE( hi, h, 0 ); - GET_UINT32_BE( lo, h, 4 ); + MBEDTLS_GET_UINT32_BE( hi, h, 0 ); + MBEDTLS_GET_UINT32_BE( lo, h, 4 ); vh = (uint64_t) hi << 32 | lo; - GET_UINT32_BE( hi, h, 8 ); - GET_UINT32_BE( lo, h, 12 ); + MBEDTLS_GET_UINT32_BE( hi, h, 8 ); + MBEDTLS_GET_UINT32_BE( lo, h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ @@ -200,10 +200,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { unsigned char h[16]; - PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); - PUT_UINT32_BE( ctx->HH[8], h, 4 ); - PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); - PUT_UINT32_BE( ctx->HL[8], h, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 ); mbedtls_aesni_gcm_mult( output, x, h ); return; @@ -239,10 +239,10 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], zl ^= ctx->HL[hi]; } - PUT_UINT32_BE( zh >> 32, output, 0 ); - PUT_UINT32_BE( zh, output, 4 ); - PUT_UINT32_BE( zl >> 32, output, 8 ); - PUT_UINT32_BE( zl, output, 12 ); + MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 ); + MBEDTLS_PUT_UINT32_BE( zh, output, 4 ); + MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 ); + MBEDTLS_PUT_UINT32_BE( zl, output, 12 ); } int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, @@ -278,7 +278,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, else { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); p = iv; while( iv_len > 0 ) @@ -546,10 +546,10 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, { memset( work_buf, 0x00, 16 ); - PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); - PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); - PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); - PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); + MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); + MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); for( i = 0; i < 16; i++ ) ctx->buf[i] ^= work_buf[i]; diff --git a/library/md5.c b/library/md5.c index d8f637da83..e8d00216f0 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) @@ -307,8 +307,8 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, ctx->buffer, 56 ); - PUT_UINT32_LE( high, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -316,10 +316,10 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx, /* * Output final state */ - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); return( 0 ); } diff --git a/library/nist_kw.c b/library/nist_kw.c index 174a1eef13..b8f9239992 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -223,7 +223,7 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, } memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 ); - PUT_UINT32_BE( ( in_len & 0xffffffff ), output, + MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output, KW_SEMIBLOCK_LENGTH / 2 ); memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index a30b1707ed..3c0b7c6aa9 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = BYTES_TO_U32_LE( input, offset + 0 ); - d1 = BYTES_TO_U32_LE( input, offset + 4 ); - d2 = BYTES_TO_U32_LE( input, offset + 8 ); - d3 = BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); + d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); + d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); + d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b46e023e5d..95aa0d5316 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4506,8 +4506,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = BYTE_1( data_length ); - *cur++ = BYTE_0( data_length ); + *cur++ = MBEDTLS_BYTE_1( data_length ); + *cur++ = MBEDTLS_BYTE_0( data_length ); memset( cur, 0, data_length ); cur += data_length; *cur++ = pms[0]; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 36b518350c..3646953a57 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -275,14 +275,14 @@ void psa_format_key_data_for_storage( const uint8_t *data, (psa_persistent_key_storage_format *) storage_data; memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - PUT_UINT32_LE( 0, storage_format->version, 0 ); - PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); - PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -312,11 +312,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - GET_UINT32_LE( version, storage_format->version, 0 ); + MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -333,12 +333,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); GET_UINT16_LE( attr->type, storage_format->type, 0 ); GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 66043b502e..c3b19a74ac 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,14 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = BYTE_0( data_length ); - header.size[1] = BYTE_1( data_length ); - header.size[2] = BYTE_2( data_length ); - header.size[3] = BYTE_3( data_length ); - header.flags[0] = BYTE_0( create_flags ); - header.flags[1] = BYTE_1( create_flags ); - header.flags[2] = BYTE_2( create_flags ); - header.flags[3] = BYTE_3( create_flags ); + header.size[0] = MBEDTLS_BYTE_0( data_length ); + header.size[1] = MBEDTLS_BYTE_1( data_length ); + header.size[2] = MBEDTLS_BYTE_2( data_length ); + header.size[3] = MBEDTLS_BYTE_3( data_length ); + header.flags[0] = MBEDTLS_BYTE_0( create_flags ); + header.flags[1] = MBEDTLS_BYTE_1( create_flags ); + header.flags[2] = MBEDTLS_BYTE_2( create_flags ); + header.flags[3] = MBEDTLS_BYTE_3( create_flags ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ripemd160.c b/library/ripemd160.c index d60654e952..2bed107230 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - GET_UINT32_LE( local.X[ 0], data, 0 ); - GET_UINT32_LE( local.X[ 1], data, 4 ); - GET_UINT32_LE( local.X[ 2], data, 8 ); - GET_UINT32_LE( local.X[ 3], data, 12 ); - GET_UINT32_LE( local.X[ 4], data, 16 ); - GET_UINT32_LE( local.X[ 5], data, 20 ); - GET_UINT32_LE( local.X[ 6], data, 24 ); - GET_UINT32_LE( local.X[ 7], data, 28 ); - GET_UINT32_LE( local.X[ 8], data, 32 ); - GET_UINT32_LE( local.X[ 9], data, 36 ); - GET_UINT32_LE( local.X[10], data, 40 ); - GET_UINT32_LE( local.X[11], data, 44 ); - GET_UINT32_LE( local.X[12], data, 48 ); - GET_UINT32_LE( local.X[13], data, 52 ); - GET_UINT32_LE( local.X[14], data, 56 ); - GET_UINT32_LE( local.X[15], data, 60 ); + MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); + MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); + MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); + MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); + MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); + MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); + MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); + MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); + MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); + MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); + MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); + MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); + MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); + MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); + MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); + MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; @@ -354,8 +354,8 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_LE( low, msglen, 0 ); - PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); + MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); @@ -368,11 +368,11 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, if( ret != 0 ) return( ret ); - PUT_UINT32_LE( ctx->state[0], output, 0 ); - PUT_UINT32_LE( ctx->state[1], output, 4 ); - PUT_UINT32_LE( ctx->state[2], output, 8 ); - PUT_UINT32_LE( ctx->state[3], output, 12 ); - PUT_UINT32_LE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha1.c b/library/sha1.c index 9beaee5a54..da61f65fca 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - GET_UINT32_BE( local.W[ 0], data, 0 ); - GET_UINT32_BE( local.W[ 1], data, 4 ); - GET_UINT32_BE( local.W[ 2], data, 8 ); - GET_UINT32_BE( local.W[ 3], data, 12 ); - GET_UINT32_BE( local.W[ 4], data, 16 ); - GET_UINT32_BE( local.W[ 5], data, 20 ); - GET_UINT32_BE( local.W[ 6], data, 24 ); - GET_UINT32_BE( local.W[ 7], data, 28 ); - GET_UINT32_BE( local.W[ 8], data, 32 ); - GET_UINT32_BE( local.W[ 9], data, 36 ); - GET_UINT32_BE( local.W[10], data, 40 ); - GET_UINT32_BE( local.W[11], data, 44 ); - GET_UINT32_BE( local.W[12], data, 48 ); - GET_UINT32_BE( local.W[13], data, 52 ); - GET_UINT32_BE( local.W[14], data, 56 ); - GET_UINT32_BE( local.W[15], data, 60 ); + MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); + MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); + MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); + MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); + MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); + MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); + MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); + MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); + MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); + MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); + MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); + MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); + MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); + MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); + MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); + MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) @@ -362,8 +362,8 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -371,11 +371,11 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); return( 0 ); } diff --git a/library/sha256.c b/library/sha256.c index f548c672ea..fb66340b20 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - GET_UINT32_BE( local.W[i], data, 4 * i ); + MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); for( i = 0; i < 16; i += 8 ) { @@ -355,8 +355,8 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT32_BE( high, ctx->buffer, 56 ); - PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); + MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -364,18 +364,18 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, /* * Output final state */ - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); - PUT_UINT32_BE( ctx->state[5], output, 20 ); - PUT_UINT32_BE( ctx->state[6], output, 24 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 ); #if defined(MBEDTLS_SHA224_C) if( ctx->is224 == 0 ) #endif - PUT_UINT32_BE( ctx->state[7], output, 28 ); + MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 ); return( 0 ); } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index f3dbba82b9..77904e0a1b 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2255,13 +2255,13 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ memcpy( ssl->out_msg, cur->p, 6 ); - ssl->out_msg[6] = BYTE_2( frag_off ); - ssl->out_msg[7] = BYTE_1( frag_off ); - ssl->out_msg[8] = BYTE_0( frag_off ); + ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off ); + ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off ); + ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off ); - ssl->out_msg[ 9] = BYTE_2( cur_hs_frag_len ); - ssl->out_msg[10] = BYTE_1( cur_hs_frag_len ); - ssl->out_msg[11] = BYTE_0( cur_hs_frag_len ); + ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len ); + ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len ); + ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 29d8345750..a7a55f1a75 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = BYTE_1( clear_len ); - state_len_bytes[1] = BYTE_0( clear_len ); + state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); + state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, From 33f953d8104bd0a069fb77d0ecbc13d33d927fe5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 24 Jun 2021 16:49:38 +0100 Subject: [PATCH 0954/1065] Byte Reading Macros Changelog Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt new file mode 100644 index 0000000000..3e59ca5be1 --- /dev/null +++ b/ChangeLog.d/issue4274.txt @@ -0,0 +1,9 @@ +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. \ No newline at end of file From c46997377afb35a2fc4881cd202c8c4fe5667479 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 25 Jun 2021 09:20:07 +0100 Subject: [PATCH 0955/1065] Fix formatting - Byte reading macros changelog Missing newline at the end of changelog.d/issue4274 Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt index 3e59ca5be1..f0952f4307 100644 --- a/ChangeLog.d/issue4274.txt +++ b/ChangeLog.d/issue4274.txt @@ -1,9 +1,9 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. \ No newline at end of file +Changes + * Create 4 byte reading macros in library/common.h, used in files + within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. + * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into + library/common.h. Rename with the prefix MBEDTLS_ to satisfy + test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). + * Move BYTES_TO_U32_LE macro function to library/common.h, also given + the prefix MBEDTLS_. + Fixes #4274. From 9fa9ac3612c0c542fa91c0fae003dcb37c1586a8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 5 Jul 2021 15:37:39 +0100 Subject: [PATCH 0956/1065] Move GET/PUT_UINT16_LE macros to common.h Although these only appear in one file: psa_crypto_storage.c it is tidy to give it the same prefix as the UINT32 macros and to store them in the fame file Signed-off-by: Joe Subbiani --- library/common.h | 31 ++++++++++++++++++++++++++----- library/psa_crypto_storage.c | 27 ++++----------------------- 2 files changed, 30 insertions(+), 28 deletions(-) diff --git a/library/common.h b/library/common.h index 6dbc808d34..e85cbf28d0 100644 --- a/library/common.h +++ b/library/common.h @@ -80,7 +80,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ +#define MBEDTLS_GET_UINT32_BE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ @@ -90,7 +90,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ @@ -103,7 +103,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ +#define MBEDTLS_GET_UINT32_LE(n,b,i) \ do { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ @@ -113,7 +113,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ +#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ @@ -125,11 +125,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * 32-bit integer conversion from bytes (little endian) */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ +#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) (data)[offset] \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) + +/* + * 16-bit integer manipulation macros (little endian) + */ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ +{ \ + (n) = ( (uint16_t) (b)[(i) ] ) \ + | ( (uint16_t) (b)[(i) + 1] << 8 ); \ +} +#endif + +#ifndef MBEDTLS_PUT_UINT16_LE +#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +} +#endif + + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 3646953a57..07c2cdf600 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -230,25 +230,6 @@ static psa_status_t psa_crypto_storage_get_data_length( return( PSA_SUCCESS ); } -/* - * 16-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT16_LE -#define GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - -#ifndef PUT_UINT16_LE -#define PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ -} -#endif - /** * Persistent key storage magic header. */ @@ -277,8 +258,8 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); - PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); + MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); @@ -334,8 +315,8 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, } MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - GET_UINT16_LE( attr->type, storage_format->type, 0 ); - GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); + MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); + MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); From 394bdd662b7facd32cfbb8ccd24cc0593f38ac0d Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 15:16:56 +0100 Subject: [PATCH 0957/1065] Document common.h and remove changelog Added documenttion comments to common.h and removed the changelog as it is not really necessary for refactoring. Also modified a comment in aria.c to be clearer Signed-off-by: Joe Subbiani --- ChangeLog.d/issue4274.txt | 9 ------- library/aria.c | 3 ++- library/common.h | 50 +++++++++++++++++++++++++++++++++++---- 3 files changed, 47 insertions(+), 15 deletions(-) delete mode 100644 ChangeLog.d/issue4274.txt diff --git a/ChangeLog.d/issue4274.txt b/ChangeLog.d/issue4274.txt deleted file mode 100644 index f0952f4307..0000000000 --- a/ChangeLog.d/issue4274.txt +++ /dev/null @@ -1,9 +0,0 @@ -Changes - * Create 4 byte reading macros in library/common.h, used in files - within the same directory: MBEDTLS_BYTE_0... MBEDTLS_BYTE_3. - * Move the (PUT and GET) UINT32_ (BE and LE) macro functions into - library/common.h. Rename with the prefix MBEDTLS_ to satisfy - test/scripts/check-names.sh (e.g MBEDTLS_PUT_UINT32_LE). - * Move BYTES_TO_U32_LE macro function to library/common.h, also given - the prefix MBEDTLS_. - Fixes #4274. diff --git a/library/aria.c b/library/aria.c index a6319d3e29..f4aa64107a 100644 --- a/library/aria.c +++ b/library/aria.c @@ -385,7 +385,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup. * * We chose to store bytes into 32-bit words in little-endian format (see - * GET/MBEDTLS_PUT_UINT32_LE) so we need to reverse bytes here. + * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse + * bytes here. */ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint32_t b[4], uint8_t n ) diff --git a/library/common.h b/library/common.h index e85cbf28d0..5115465e88 100644 --- a/library/common.h +++ b/library/common.h @@ -68,15 +68,36 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * To tidy up code and save horizontal and vertical space, use byte - * reading macros to cast + * Obtain the most significant byte of x using 0xff + * Using MBEDTLS_BYTE_a will shift a*8 bits + * to retrieve the next byte of information */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -/* +/** + * 32-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 32 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 32 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ + +/** * 32-bit integer manipulation macros (big endian) */ #ifndef MBEDTLS_GET_UINT32_BE @@ -99,7 +120,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } while( 0 ) #endif -/* +/** * 32-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT32_LE @@ -132,8 +153,27 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ ) +/** + * 16-bit integer manipulation macros + * + * \brief Using GET- + * From input data, take the most significant bytes + * and concatonate them as you shift along + * Using PUT- + * Read from a 16 bit integer and store each byte + * in memory, offset by a byte each, resulting in + * each byte being adjacent in memory. + * + * \param n 16 bit integer where data is accessed via + * PUT or stored using GET + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT16, i + * would increment by 2 every use assuming + * the data is being stored in the same location + */ -/* +/** * 16-bit integer manipulation macros (little endian) */ #ifndef MBEDTLS_GET_UINT16_LE From 6a5063149756e1d5d12b0497867f5c22aaa8100e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 7 Jul 2021 16:56:29 +0100 Subject: [PATCH 0958/1065] GET macros use a target variable The GET macros used to write to a macro parameter, but now they can be used to assign a value to the desired variable rather than pass it in as an argument and have it modified in the macro function. Due to this MBEDTLS_BYTES_TO_U32_LE is the same as MBEDTLS_GET_UINT32_LE and was there for replaced in the appropriate files and removed from common.h Signed-off-by: Joe Subbiani --- library/aes.c | 18 ++--- library/aria.c | 24 +++--- library/camellia.c | 14 ++-- library/chacha20.c | 22 ++--- library/common.h | 151 +++++++++++++++++++++-------------- library/des.c | 12 +-- library/gcm.c | 8 +- library/md5.c | 32 ++++---- library/nist_kw.c | 2 +- library/poly1305.c | 24 +++--- library/psa_crypto_storage.c | 16 ++-- library/ripemd160.c | 32 ++++---- library/sha1.c | 32 ++++---- library/sha256.c | 4 +- 14 files changed, 211 insertions(+), 180 deletions(-) diff --git a/library/aes.c b/library/aes.c index db726fe36b..7a44a78408 100644 --- a/library/aes.c +++ b/library/aes.c @@ -567,7 +567,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < ( keybits >> 5 ); i++ ) { - MBEDTLS_GET_UINT32_LE( RK[i], key, i << 2 ); + RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 ); } switch( ctx->nr ) @@ -850,10 +850,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { @@ -914,10 +914,10 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, uint32_t Y[4]; } t; - MBEDTLS_GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++; - MBEDTLS_GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { diff --git a/library/aria.c b/library/aria.c index f4aa64107a..320f7758ac 100644 --- a/library/aria.c +++ b/library/aria.c @@ -434,21 +434,21 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ - MBEDTLS_GET_UINT32_LE( w[0][0], key, 0 ); - MBEDTLS_GET_UINT32_LE( w[0][1], key, 4 ); - MBEDTLS_GET_UINT32_LE( w[0][2], key, 8 ); - MBEDTLS_GET_UINT32_LE( w[0][3], key, 12 ); + w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); + w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); + w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); + w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); memset( w[1], 0, 16 ); if( keybits >= 192 ) { - MBEDTLS_GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key - MBEDTLS_GET_UINT32_LE( w[1][1], key, 20 ); + w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key + w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 ); } if( keybits == 256 ) { - MBEDTLS_GET_UINT32_LE( w[1][2], key, 24 ); // 256 bit key - MBEDTLS_GET_UINT32_LE( w[1][3], key, 28 ); + w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key + w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 ); } i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 @@ -525,10 +525,10 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET( output != NULL ); - MBEDTLS_GET_UINT32_LE( a, input, 0 ); - MBEDTLS_GET_UINT32_LE( b, input, 4 ); - MBEDTLS_GET_UINT32_LE( c, input, 8 ); - MBEDTLS_GET_UINT32_LE( d, input, 12 ); + a = MBEDTLS_GET_UINT32_LE( input, 0 ); + b = MBEDTLS_GET_UINT32_LE( input, 4 ); + c = MBEDTLS_GET_UINT32_LE( input, 8 ); + d = MBEDTLS_GET_UINT32_LE( input, 12 ); i = 0; while( 1 ) diff --git a/library/camellia.c b/library/camellia.c index 9aab7ab675..4d6b468e5d 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -353,8 +353,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Prepare SIGMA values */ for( i = 0; i < 6; i++ ) { - MBEDTLS_GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 ); - MBEDTLS_GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 ); + SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); + SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); } /* @@ -365,7 +365,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, /* Store KL, KR */ for( i = 0; i < 8; i++ ) - MBEDTLS_GET_UINT32_BE( KC[i], t, i * 4 ); + KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); /* Generate KA */ for( i = 0; i < 4; ++i ) @@ -491,10 +491,10 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, NR = ctx->nr; RK = ctx->rk; - MBEDTLS_GET_UINT32_BE( X[0], input, 0 ); - MBEDTLS_GET_UINT32_BE( X[1], input, 4 ); - MBEDTLS_GET_UINT32_BE( X[2], input, 8 ); - MBEDTLS_GET_UINT32_BE( X[3], input, 12 ); + X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); + X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); + X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); + X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); X[0] ^= *RK++; X[1] ^= *RK++; diff --git a/library/chacha20.c b/library/chacha20.c index d0d5741c7b..7015f99d59 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -205,14 +205,14 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ); - ctx->state[5] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ); - ctx->state[6] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ); - ctx->state[7] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ); - ctx->state[8] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->state[9] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->state[10] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->state[11] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); + ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); + ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); + ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); + ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); return( 0 ); } @@ -228,9 +228,9 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = MBEDTLS_BYTES_TO_U32_LE( nonce, 0 ); - ctx->state[14] = MBEDTLS_BYTES_TO_U32_LE( nonce, 4 ); - ctx->state[15] = MBEDTLS_BYTES_TO_U32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); + ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); + ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); diff --git a/library/common.h b/library/common.h index 5115465e88..4ecc0162bf 100644 --- a/library/common.h +++ b/library/common.h @@ -78,38 +78,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) /** - * 32-bit integer manipulation macros + * 32-bit integer manipulation GET macros (big endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 32 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Big Endian is used when wanting to + * transmit the most signifcant bits first * - * \param n 32 bit integer where data is accessed via - * PUT or stored using GET + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data + */ +#ifndef MBEDTLS_GET_UINT32_BE +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ + ) +#endif + +/** + * 32-bit integer manipulation PUT macros (big endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Big Endian is used when wanting to + * transmit the most signifcant bits first + * + * \param n 32 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT32, i * would increment by 4 every use assuming * the data is being stored in the same location */ - -/** - * 32-bit integer manipulation macros (big endian) - */ -#ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ - } while( 0 ) -#endif - #ifndef MBEDTLS_PUT_UINT32_BE #define MBEDTLS_PUT_UINT32_BE(n,b,i) \ do { \ @@ -121,18 +128,45 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation macros (little endian) + * 32-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 32 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 32 bit + * integer + * \param offset the shift in bytes to access the next byte + * of data */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE(n,b,i) \ - do { \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ - } while( 0 ) +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ + ) #endif +/** + * 32-bit integer manipulation PUT macros (little endian) + * + * \brief Read from a 32 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param n 32 bit integer where data is accessed + * \param b const unsigned char array of data to be + * manipulated + * \param i offset in bytes, In the case of UINT32, i + * would increment by 4 every use assuming + * the data is being stored in the same location + */ #ifndef MBEDTLS_PUT_UINT32_LE #define MBEDTLS_PUT_UINT32_LE(n,b,i) \ do { \ @@ -144,46 +178,43 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer conversion from bytes (little endian) + * 16-bit integer manipulation GET macros (little endian) + * + * \brief Use this to assign an unsigned 16 bit integer + * by taking data stored adjacent in memory that + * can be accessed via on offset + * Little Endian is used when wanting to + * transmit the least signifcant bits first + * + * \param data The data used to translate to a 16 bit + * integer + * \param offset the shit in bytes to access the next byte + * of data */ -#define MBEDTLS_BYTES_TO_U32_LE( data, offset ) \ - ( (uint32_t) (data)[offset] \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \ - | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \ +#ifndef MBEDTLS_GET_UINT16_LE +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) +#endif /** - * 16-bit integer manipulation macros + * 16-bit integer manipulation PUT macros (little endian) * - * \brief Using GET- - * From input data, take the most significant bytes - * and concatonate them as you shift along - * Using PUT- - * Read from a 16 bit integer and store each byte - * in memory, offset by a byte each, resulting in - * each byte being adjacent in memory. + * \brief Read from a 16 bit integer and store each byte + * in memory, offset by a specified amount, resulting + * in each byte being adjacent in memory. + * Little Endian is used when wanting to + * transmit the least signifcant bits first * - * \param n 16 bit integer where data is accessed via - * PUT or stored using GET + * \param n 16 bit integer where data is accessed * \param b const unsigned char array of data to be * manipulated * \param i offset in bytes, In the case of UINT16, i * would increment by 2 every use assuming * the data is being stored in the same location */ - -/** - * 16-bit integer manipulation macros (little endian) - */ -#ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( n, b, i ) \ -{ \ - (n) = ( (uint16_t) (b)[(i) ] ) \ - | ( (uint16_t) (b)[(i) + 1] << 8 ); \ -} -#endif - #ifndef MBEDTLS_PUT_UINT16_LE #define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ { \ diff --git a/library/des.c b/library/des.c index 9281747de8..7f90faa044 100644 --- a/library/des.c +++ b/library/des.c @@ -400,8 +400,8 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE int i; uint32_t X, Y, T; - MBEDTLS_GET_UINT32_BE( X, key, 0 ); - MBEDTLS_GET_UINT32_BE( Y, key, 4 ); + X = MBEDTLS_GET_UINT32_BE( key, 0 ); + Y = MBEDTLS_GET_UINT32_BE( key, 4 ); /* * Permuted Choice 1 @@ -610,8 +610,8 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); @@ -697,8 +697,8 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, SK = ctx->sk; - MBEDTLS_GET_UINT32_BE( X, input, 0 ); - MBEDTLS_GET_UINT32_BE( Y, input, 4 ); + X = MBEDTLS_GET_UINT32_BE( input, 0 ); + Y = MBEDTLS_GET_UINT32_BE( input, 4 ); DES_IP( X, Y ); diff --git a/library/gcm.c b/library/gcm.c index 3caeed26de..910646b281 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -88,12 +88,12 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) return( ret ); /* pack h as two 64-bits ints, big-endian */ - MBEDTLS_GET_UINT32_BE( hi, h, 0 ); - MBEDTLS_GET_UINT32_BE( lo, h, 4 ); + hi = MBEDTLS_GET_UINT32_BE( h, 0 ); + lo = MBEDTLS_GET_UINT32_BE( h, 4 ); vh = (uint64_t) hi << 32 | lo; - MBEDTLS_GET_UINT32_BE( hi, h, 8 ); - MBEDTLS_GET_UINT32_BE( lo, h, 12 ); + hi = MBEDTLS_GET_UINT32_BE( h, 8 ); + lo = MBEDTLS_GET_UINT32_BE( h, 12 ); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ diff --git a/library/md5.c b/library/md5.c index e8d00216f0..a9bbcb488b 100644 --- a/library/md5.c +++ b/library/md5.c @@ -87,22 +87,22 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, uint32_t X[16], A, B, C, D; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); #define S(x,n) \ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) diff --git a/library/nist_kw.c b/library/nist_kw.c index b8f9239992..e2ab2566f5 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -454,7 +454,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - MBEDTLS_GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 ); + Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 ); /* * Plen is the length of the plaintext, when the input is valid. diff --git a/library/poly1305.c b/library/poly1305.c index 3c0b7c6aa9..f19574253c 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -122,10 +122,10 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, for( i = 0U; i < nblocks; i++ ) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 0 ); - d1 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 4 ); - d2 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 8 ); - d3 = MBEDTLS_BYTES_TO_U32_LE( input, offset + 12 ); + d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 ); + d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 ); + d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 ); + d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 ); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; @@ -290,15 +290,15 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = MBEDTLS_BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = MBEDTLS_BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = MBEDTLS_BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = MBEDTLS_BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU; - ctx->s[0] = MBEDTLS_BYTES_TO_U32_LE( key, 16 ); - ctx->s[1] = MBEDTLS_BYTES_TO_U32_LE( key, 20 ); - ctx->s[2] = MBEDTLS_BYTES_TO_U32_LE( key, 24 ); - ctx->s[3] = MBEDTLS_BYTES_TO_U32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 ); + ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 ); + ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 ); + ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 ); /* Initial accumulator state */ ctx->acc[0] = 0U; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 07c2cdf600..c6660b9553 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -293,11 +293,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - MBEDTLS_GET_UINT32_LE( version, storage_format->version, 0 ); + version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_DATA_INVALID ); - MBEDTLS_GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); + *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_DATA_INVALID ); @@ -314,12 +314,12 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - MBEDTLS_GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - MBEDTLS_GET_UINT16_LE( attr->type, storage_format->type, 0 ); - MBEDTLS_GET_UINT16_LE( attr->bits, storage_format->bits, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - MBEDTLS_GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 ); + attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 ); + attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 ); + attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 ); + attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) ); + attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/library/ripemd160.c b/library/ripemd160.c index 2bed107230..41d8387226 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -92,22 +92,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - MBEDTLS_GET_UINT32_LE( local.X[ 0], data, 0 ); - MBEDTLS_GET_UINT32_LE( local.X[ 1], data, 4 ); - MBEDTLS_GET_UINT32_LE( local.X[ 2], data, 8 ); - MBEDTLS_GET_UINT32_LE( local.X[ 3], data, 12 ); - MBEDTLS_GET_UINT32_LE( local.X[ 4], data, 16 ); - MBEDTLS_GET_UINT32_LE( local.X[ 5], data, 20 ); - MBEDTLS_GET_UINT32_LE( local.X[ 6], data, 24 ); - MBEDTLS_GET_UINT32_LE( local.X[ 7], data, 28 ); - MBEDTLS_GET_UINT32_LE( local.X[ 8], data, 32 ); - MBEDTLS_GET_UINT32_LE( local.X[ 9], data, 36 ); - MBEDTLS_GET_UINT32_LE( local.X[10], data, 40 ); - MBEDTLS_GET_UINT32_LE( local.X[11], data, 44 ); - MBEDTLS_GET_UINT32_LE( local.X[12], data, 48 ); - MBEDTLS_GET_UINT32_LE( local.X[13], data, 52 ); - MBEDTLS_GET_UINT32_LE( local.X[14], data, 56 ); - MBEDTLS_GET_UINT32_LE( local.X[15], data, 60 ); + local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); + local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); + local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); + local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); + local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); + local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); + local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); + local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); + local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); + local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); + local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); + local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); + local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); + local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); + local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); + local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; diff --git a/library/sha1.c b/library/sha1.c index da61f65fca..6fc9371231 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -103,22 +103,22 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, SHA1_VALIDATE_RET( ctx != NULL ); SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - MBEDTLS_GET_UINT32_BE( local.W[ 0], data, 0 ); - MBEDTLS_GET_UINT32_BE( local.W[ 1], data, 4 ); - MBEDTLS_GET_UINT32_BE( local.W[ 2], data, 8 ); - MBEDTLS_GET_UINT32_BE( local.W[ 3], data, 12 ); - MBEDTLS_GET_UINT32_BE( local.W[ 4], data, 16 ); - MBEDTLS_GET_UINT32_BE( local.W[ 5], data, 20 ); - MBEDTLS_GET_UINT32_BE( local.W[ 6], data, 24 ); - MBEDTLS_GET_UINT32_BE( local.W[ 7], data, 28 ); - MBEDTLS_GET_UINT32_BE( local.W[ 8], data, 32 ); - MBEDTLS_GET_UINT32_BE( local.W[ 9], data, 36 ); - MBEDTLS_GET_UINT32_BE( local.W[10], data, 40 ); - MBEDTLS_GET_UINT32_BE( local.W[11], data, 44 ); - MBEDTLS_GET_UINT32_BE( local.W[12], data, 48 ); - MBEDTLS_GET_UINT32_BE( local.W[13], data, 52 ); - MBEDTLS_GET_UINT32_BE( local.W[14], data, 56 ); - MBEDTLS_GET_UINT32_BE( local.W[15], data, 60 ); + local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 ); + local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 ); + local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 ); + local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 ); + local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 ); + local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 ); + local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 ); + local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 ); + local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 ); + local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 ); + local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 ); + local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 ); + local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 ); + local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 ); + local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 ); + local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 ); #define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) diff --git a/library/sha256.c b/library/sha256.c index fb66340b20..c3573f85fd 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -190,7 +190,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, for( i = 0; i < 64; i++ ) { if( i < 16 ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); else R( i ); @@ -205,7 +205,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, } #else /* MBEDTLS_SHA256_SMALLER */ for( i = 0; i < 16; i++ ) - MBEDTLS_GET_UINT32_BE( local.W[i], data, 4 * i ); + local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); for( i = 0; i < 16; i += 8 ) { From cd84d76e9b1a3b2c82d5975561aea493777abd51 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Thu, 8 Jul 2021 14:59:52 +0100 Subject: [PATCH 0959/1065] Add Character byte reading macros These cast to an unsigned char rather than a uint8_t like with MBEDTLS_BYTE_x These save alot of space and will improve maintence by replacing the appropriate code with MBEDTLS_CHAR_x Signed-off-by: Joe Subbiani --- library/aes.c | 196 +++++++++++++++++++-------------------- library/aria.c | 32 +++---- library/asn1write.c | 18 ++-- library/camellia.c | 16 ++-- library/ccm.c | 6 +- library/common.h | 9 ++ library/ecjpake.c | 18 ++-- library/ssl_cli.c | 131 ++++++++++++-------------- library/ssl_msg.c | 12 +-- library/ssl_srv.c | 94 +++++++++---------- library/ssl_tls.c | 120 ++++++++++++------------ library/ssl_tls13_keys.c | 6 +- 12 files changed, 328 insertions(+), 330 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7a44a78408..1eb3e204d8 100644 --- a/library/aes.c +++ b/library/aes.c @@ -386,7 +386,7 @@ static void aes_gen_tables( void ) { pow[i] = x; log[x] = i; - x = ( x ^ XTIME( x ) ) & 0xFF; + x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); } /* @@ -395,7 +395,7 @@ static void aes_gen_tables( void ) for( i = 0, x = 1; i < 10; i++ ) { RCON[i] = (uint32_t) x; - x = XTIME( x ) & 0xFF; + x = MBEDTLS_BYTE_0( XTIME( x ) ); } /* @@ -408,10 +408,10 @@ static void aes_gen_tables( void ) { x = pow[255 - log[i]]; - y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; + y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -424,8 +424,8 @@ static void aes_gen_tables( void ) for( i = 0; i < 256; i++ ) { x = FSb[i]; - y = XTIME( x ) & 0xFF; - z = ( y ^ x ) & 0xFF; + y = MBEDTLS_BYTE_0( XTIME( x ) ); + z = MBEDTLS_BYTE_0( y ^ x ); FT0[i] = ( (uint32_t) y ) ^ ( (uint32_t) x << 8 ) ^ @@ -577,10 +577,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 10; i++, RK += 4 ) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -593,10 +593,10 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 8; i++, RK += 6 ) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -611,20 +611,20 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, for( i = 0; i < 7; i++, RK += 8 ) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -690,10 +690,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, { for( j = 0; j < 4; j++, SK++ ) { - *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^ - AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^ - AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^ - AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] ); + *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ + AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ + AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ + AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); } } @@ -786,52 +786,52 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \ - AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \ - AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \ - AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \ - AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \ +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ + do \ + { \ + (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + \ + (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + \ + (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + \ + (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ } while( 0 ) #define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \ - AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \ + (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ \ - (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \ - AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \ + (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ \ - (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \ - AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \ + (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ \ - (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \ - AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \ + (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ + AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ + AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ + AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ } while( 0 ) /* @@ -864,28 +864,28 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); @@ -928,28 +928,28 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 ); + ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ + ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); diff --git a/library/aria.c b/library/aria.c index 320f7758ac..6bfdfbdce2 100644 --- a/library/aria.c +++ b/library/aria.c @@ -212,22 +212,22 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, const uint8_t sa[256], const uint8_t sb[256], const uint8_t sc[256], const uint8_t sd[256] ) { - *a = ( (uint32_t) sa[ *a & 0xFF] ) ^ - (((uint32_t) sb[(*a >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); - *b = ( (uint32_t) sa[ *b & 0xFF] ) ^ - (((uint32_t) sb[(*b >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); - *c = ( (uint32_t) sa[ *c & 0xFF] ) ^ - (((uint32_t) sb[(*c >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); - *d = ( (uint32_t) sa[ *d & 0xFF] ) ^ - (((uint32_t) sb[(*d >> 8) & 0xFF]) << 8) ^ - (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ + (((uint32_t) sd[ *a >> 24 ]) << 24); + *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ + (((uint32_t) sd[ *b >> 24 ]) << 24); + *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ + (((uint32_t) sd[ *c >> 24 ]) << 24); + *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ + (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ + (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ + (((uint32_t) sd[ *d >> 24 ]) << 24); } /* diff --git a/library/asn1write.c b/library/asn1write.c index 0289e89491..8555767fe2 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = ( len ) & 0xFF; - *--(*p) = ( len >> 8 ) & 0xFF; - *--(*p) = ( len >> 16 ) & 0xFF; - *--(*p) = ( len >> 24 ) & 0xFF; + *--(*p) = MBEDTLS_CHAR_0( len ); + *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_CHAR_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/camellia.c b/library/camellia.c index 4d6b468e5d..29d730ab53 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -278,14 +278,14 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX3((I0 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX4((I0 ) & 0xFF) ); - I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) | - ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) | - ((uint32_t) SBOX4((I1 >> 8) & 0xFF) << 8) | - ((uint32_t) SBOX1((I1 ) & 0xFF) ); + I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | + ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); + I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | + ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | + ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | + ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); diff --git a/library/ccm.c b/library/ccm.c index 424ee77b69..95d90dc61a 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = (unsigned char)( len_left & 0xFF ); + b[15-i] = MBEDTLS_CHAR_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); - b[1] = (unsigned char)( ( add_len ) & 0xFF ); + b[0] = MBEDTLS_CHAR_1( add_len ); + b[1] = MBEDTLS_CHAR_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 4ecc0162bf..56c3002653 100644 --- a/library/common.h +++ b/library/common.h @@ -77,6 +77,15 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) +#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) +#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) +#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) +#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) + /** * 32-bit integer manipulation GET macros (big endian) * diff --git a/library/ecjpake.c b/library/ecjpake.c index d229311420..7305dfeee1 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF ); - (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF ); - (*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF ); - (*p)[3] = (unsigned char)( ( len ) & 0xFF ); + (*p)[0] = MBEDTLS_CHAR_3( len ); + (*p)[1] = MBEDTLS_CHAR_2( len ); + (*p)[2] = MBEDTLS_CHAR_1( len ); + (*p)[3] = MBEDTLS_CHAR_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( id_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( id_len ); + *p++ = MBEDTLS_CHAR_2( id_len ); + *p++ = MBEDTLS_CHAR_1( id_len ); + *p++ = MBEDTLS_CHAR_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = (unsigned char)( len & 0xFF ); + *(*p)++ = MBEDTLS_CHAR_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 59c5460429..7d65479efb 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 5); + *p++ = MBEDTLS_CHAR_0( hostname_len + 5); - *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); + *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_CHAR_1( hostname_len ); + *p++ = MBEDTLS_CHAR_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,14 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; - *p++ = ssl->verify_data_len & 0xFF; + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -283,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( sig_alg_len ); + *p++ = MBEDTLS_CHAR_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -358,16 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); + *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -388,10 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -427,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -470,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; @@ -510,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -543,10 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -577,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -607,10 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) - & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -641,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( tlen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( tlen ); + *p++ = MBEDTLS_CHAR_0( tlen ); *olen = 4; @@ -685,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -713,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); return( 0 ); } @@ -770,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ext_len & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len ) - & 0xFF ); + *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -799,8 +788,8 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = ( ( profile_value >> 8 ) & 0xFF ); - *p++ = ( profile_value & 0xFF ); + *p++ = MBEDTLS_BYTE_1( profile_value ); + *p++ = MBEDTLS_BYTE_0( profile_value ); } else { @@ -1334,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 77904e0a1b..e0c50bcce1 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,15 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = ( ad_len_field >> 8 ) & 0xFF; - cur[1] = ( ad_len_field >> 0 ) & 0xFF; + cur[0] = MBEDTLS_CHAR_1( ad_len_field ); + cur[1] = MBEDTLS_CHAR_0( ad_len_field ); cur += 2; } @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; - ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 3d6739342d..253ab56959 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,8 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1865,8 +1865,8 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || + p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) continue; got_common_suite = 1; @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( kkpp_len ); + *p++ = MBEDTLS_CHAR_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); + buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); + buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); - buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); + buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF ); + buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ext_len & 0xFF ); + buf[2] = MBEDTLS_CHAR_1( ext_len ); + buf[3] = MBEDTLS_CHAR_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF ); - buf[7] = (unsigned char)( profile_value & 0xFF ); + buf[6] = MBEDTLS_CHAR_1( profile_value ); + buf[7] = MBEDTLS_CHAR_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ext_len ); + *p++ = MBEDTLS_CHAR_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != ( ( len >> 8 ) & 0xFF ) || - *p++ != ( ( len ) & 0xFF ) ) + if( *p++ != MBEDTLS_CHAR_1( len ) || + *p++ != MBEDTLS_CHAR_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; - ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; - ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; - ssl->out_msg[7] = ( lifetime ) & 0xFF; + ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); + ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); + ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f8cad4aeca..0655dc57eb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = (unsigned char)( ( start >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( start >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( start ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( start ); + *p++ = MBEDTLS_CHAR_6( start ); + *p++ = MBEDTLS_CHAR_5( start ); + *p++ = MBEDTLS_CHAR_4( start ); + *p++ = MBEDTLS_CHAR_3( start ); + *p++ = MBEDTLS_CHAR_2( start ); + *p++ = MBEDTLS_CHAR_1( start ); + *p++ = MBEDTLS_CHAR_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); + *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); - *p++ = (unsigned char)( session->compression & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->compression ); - *p++ = (unsigned char)( session->id_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->verify_result ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->verify_result ); + *p++ = MBEDTLS_CHAR_2( session->verify_result ); + *p++ = MBEDTLS_CHAR_1( session->verify_result ); + *p++ = MBEDTLS_CHAR_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( cert_len ); + *p++ = MBEDTLS_CHAR_1( cert_len ); + *p++ = MBEDTLS_CHAR_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_2( session->ticket_len ); + *p++ = MBEDTLS_CHAR_1( session->ticket_len ); + *p++ = MBEDTLS_CHAR_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); + *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 8 ) & 0xFF, - ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 0 ) & 0xFF, + MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session_len ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( session_len ); + *p++ = MBEDTLS_CHAR_2( session_len ); + *p++ = MBEDTLS_CHAR_1( session_len ); + *p++ = MBEDTLS_CHAR_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF ); + *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); + *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window_top ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); - *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->in_window ) & 0xFF ); + *p++ = MBEDTLS_CHAR_7( ssl->in_window ); + *p++ = MBEDTLS_CHAR_6( ssl->in_window ); + *p++ = MBEDTLS_CHAR_5( ssl->in_window ); + *p++ = MBEDTLS_CHAR_4( ssl->in_window ); + *p++ = MBEDTLS_CHAR_3( ssl->in_window ); + *p++ = MBEDTLS_CHAR_2( ssl->in_window ); + *p++ = MBEDTLS_CHAR_1( ssl->in_window ); + *p++ = MBEDTLS_CHAR_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->mtu ) & 0xFF ); + *p++ = MBEDTLS_CHAR_1( ssl->mtu ); + *p++ = MBEDTLS_CHAR_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 902f99ea81..9e629cb0b3 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF ); + *p++ = MBEDTLS_CHAR_0( desired_length ); /* Add label incl. prefix */ - *p++ = (unsigned char)( total_label_len & 0xFF ); + *p++ = MBEDTLS_CHAR_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = (unsigned char)( clen & 0xFF ); + *p++ = MBEDTLS_CHAR_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 635231a71ef0a055bad5dd46e66bfdcff1027c98 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:53:07 +0100 Subject: [PATCH 0960/1065] Improve common.h macro documentation Imrpoved the descriptions of the macros and parameters and changing the name of the MBEDTLS_PUT_UINT... macro parameters to be more descriptive Signed-off-by: Joe Subbiani --- library/common.h | 140 ++++++++++++++++++----------------------------- 1 file changed, 52 insertions(+), 88 deletions(-) diff --git a/library/common.h b/library/common.h index 56c3002653..f7a9c9da6d 100644 --- a/library/common.h +++ b/library/common.h @@ -87,18 +87,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * 32-bit integer manipulation GET macros (big endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * big-endian order (MSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE #define MBEDTLS_GET_UINT32_BE( data , offset ) \ @@ -111,44 +106,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (big endian) + * Put in memory a 32 bits unsigned integer in big-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Big Endian is used when wanting to - * transmit the most signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ } while( 0 ) #endif /** - * 32-bit integer manipulation GET macros (little endian) + * Get the unsigned 32 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 32 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 32 bit - * integer - * \param offset the shift in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE #define MBEDTLS_GET_UINT32_LE( data, offset ) \ @@ -161,44 +144,32 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 32-bit integer manipulation PUT macros (little endian) + * Put in memory a 32 bits unsigned integer in little-endian order. * - * \brief Read from a 32 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 32 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT32, i - * would increment by 4 every use assuming - * the data is being stored in the same location + * \param n 32 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 32 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE(n,b,i) \ - do { \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ + do { \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ } while( 0 ) #endif /** - * 16-bit integer manipulation GET macros (little endian) + * Get the unsigned 16 bits integer corresponding to four bytes in + * little-endian order (LSB first). * - * \brief Use this to assign an unsigned 16 bit integer - * by taking data stored adjacent in memory that - * can be accessed via on offset - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param data The data used to translate to a 16 bit - * integer - * \param offset the shit in bytes to access the next byte - * of data + * \param data Base address of the memory to get the four bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned + * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE #define MBEDTLS_GET_UINT16_LE( data, offset ) \ @@ -209,26 +180,19 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * 16-bit integer manipulation PUT macros (little endian) + * Put in memory a 16 bits unsigned integer in little-endian order. * - * \brief Read from a 16 bit integer and store each byte - * in memory, offset by a specified amount, resulting - * in each byte being adjacent in memory. - * Little Endian is used when wanting to - * transmit the least signifcant bits first - * - * \param n 16 bit integer where data is accessed - * \param b const unsigned char array of data to be - * manipulated - * \param i offset in bytes, In the case of UINT16, i - * would increment by 2 every use assuming - * the data is being stored in the same location + * \param n 16 bits unsigned integer to put in memory + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, b, i ) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ } #endif From 54550f7fca255769c4a2d9f5e089caddde4b0c6c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 11:59:48 +0100 Subject: [PATCH 0961/1065] Replace 3 byte shift with appropriate macro aria.c has a shift by 3 bytes, but does not use the 0xff masking. aparently this is not a problem and it is tidier to use the maco. Signed-off-by: Joe Subbiani --- library/aria.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/aria.c b/library/aria.c index 6bfdfbdce2..bc05c4a319 100644 --- a/library/aria.c +++ b/library/aria.c @@ -215,19 +215,19 @@ static inline void aria_sl( uint32_t *a, uint32_t *b, *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ - (((uint32_t) sd[ *a >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ - (((uint32_t) sd[ *b >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ - (((uint32_t) sd[ *c >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ - (((uint32_t) sd[ *d >> 24 ]) << 24); + (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); } /* From f5462d989c8674805d3566cf4d85029da0f18717 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Tue, 13 Jul 2021 12:13:19 +0100 Subject: [PATCH 0962/1065] Remove trailing whitespaces Signed-off-by: Joe Subbiani --- library/common.h | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/common.h b/library/common.h index f7a9c9da6d..87f0d66bc7 100644 --- a/library/common.h +++ b/library/common.h @@ -87,12 +87,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * big-endian order (MSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and most significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and most significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE @@ -108,10 +108,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in big-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the most significant + * \param offset Offset from \p base where to put the most significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE @@ -125,12 +125,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 32 bits integer corresponding to four bytes in + * Get the unsigned 32 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 32 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 32 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE @@ -146,10 +146,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 32 bits unsigned integer in little-endian order. * - * \param n 32 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 32 + * \param n 32 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 32 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to four bytes in * little-endian order (LSB first). * * \param data Base address of the memory to get the four bytes from. - * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * \param offset Offset from \p base of the first and least significant + * byte of the four bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE @@ -182,10 +182,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** * Put in memory a 16 bits unsigned integer in little-endian order. * - * \param n 16 bits unsigned integer to put in memory - * \param data Base address of the memory where to put the 16 + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 * bits unsigned integer in. - * \param offset Offset from \p base where to put the least significant + * \param offset Offset from \p base where to put the least significant * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE From bf7ea84f83d7fbef2103cae2564fe7258e6847c9 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:05:51 +0100 Subject: [PATCH 0963/1065] Replace "four bytes" with "two bytes" in macro documentation When writing the documentation 4 bytes was written instead of 2 for MBEDTLS_UINT16_LE Signed-off-by: Joe Subbiani --- library/common.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/common.h b/library/common.h index 87f0d66bc7..28017f9742 100644 --- a/library/common.h +++ b/library/common.h @@ -163,12 +163,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c #endif /** - * Get the unsigned 16 bits integer corresponding to four bytes in + * Get the unsigned 16 bits integer corresponding to two bytes in * little-endian order (LSB first). * - * \param data Base address of the memory to get the four bytes from. + * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and least significant - * byte of the four bytes to build the 16 bits unsigned + * byte of the two bytes to build the 16 bits unsigned * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE From 2194dc477a65c0c18f592168b5e5f765c475bc9c Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 14 Jul 2021 12:31:31 +0100 Subject: [PATCH 0964/1065] Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x The CHAR macros casted to an unsigned char which in this project is garunteed to be 8 bits - the same as uint8_t (which BYTE casts to) therefore, instances of CHAR have been swapped with BYTE and the number of macros have been cut down Signed-off-by: Joe Subbiani --- library/asn1write.c | 18 +++--- library/ccm.c | 6 +- library/common.h | 17 +++--- library/ecjpake.c | 18 +++--- library/ssl_cli.c | 116 ++++++++++++++++++------------------- library/ssl_msg.c | 4 +- library/ssl_srv.c | 86 ++++++++++++++-------------- library/ssl_tls.c | 120 +++++++++++++++++++-------------------- library/ssl_tls13_keys.c | 6 +- 9 files changed, 194 insertions(+), 197 deletions(-) diff --git a/library/asn1write.c b/library/asn1write.c index 8555767fe2..dc61854137 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -60,8 +60,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 3 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = 0x82; return( 3 ); } @@ -71,9 +71,9 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 4 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = 0x83; return( 4 ); } @@ -85,10 +85,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_ if( *p - start < 5 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - *--(*p) = MBEDTLS_CHAR_0( len ); - *--(*p) = MBEDTLS_CHAR_1( len ); - *--(*p) = MBEDTLS_CHAR_2( len ); - *--(*p) = MBEDTLS_CHAR_3( len ); + *--(*p) = MBEDTLS_BYTE_0( len ); + *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_2( len ); + *--(*p) = MBEDTLS_BYTE_3( len ); *--(*p) = 0x84; return( 5 ); } diff --git a/library/ccm.c b/library/ccm.c index 95d90dc61a..0188075f5e 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -200,7 +200,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, memcpy( b + 1, iv, iv_len ); for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = MBEDTLS_CHAR_0( len_left ); + b[15-i] = MBEDTLS_BYTE_0( len_left ); if( len_left > 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -221,8 +221,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_CHAR_1( add_len ); - b[1] = MBEDTLS_CHAR_0( add_len ); + b[0] = MBEDTLS_BYTE_1( add_len ); + b[1] = MBEDTLS_BYTE_0( add_len ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index 28017f9742..e0f8b99baa 100644 --- a/library/common.h +++ b/library/common.h @@ -25,6 +25,8 @@ #include "mbedtls/build_info.h" +#include + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -72,19 +74,14 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * Using MBEDTLS_BYTE_a will shift a*8 bits * to retrieve the next byte of information */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) +#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) - -#define MBEDTLS_CHAR_0( x ) ( (unsigned char) ( ( x ) & 0xff ) ) -#define MBEDTLS_CHAR_1( x ) ( (unsigned char) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_CHAR_2( x ) ( (unsigned char) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_CHAR_3( x ) ( (unsigned char) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_CHAR_4( x ) ( (unsigned char) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_CHAR_5( x ) ( (unsigned char) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_CHAR_6( x ) ( (unsigned char) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_CHAR_7( x ) ( (unsigned char) ( ( ( x ) >> 56 ) & 0xff ) ) +#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) +#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) +#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) +#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) /** * Get the unsigned 32 bits integer corresponding to four bytes in diff --git a/library/ecjpake.c b/library/ecjpake.c index 7305dfeee1..a599b1ba48 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,10 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_CHAR_3( len ); - (*p)[1] = MBEDTLS_CHAR_2( len ); - (*p)[2] = MBEDTLS_CHAR_1( len ); - (*p)[3] = MBEDTLS_CHAR_0( len ); + (*p)[0] = MBEDTLS_BYTE_3( len ); + (*p)[1] = MBEDTLS_BYTE_2( len ); + (*p)[2] = MBEDTLS_BYTE_1( len ); + (*p)[3] = MBEDTLS_BYTE_0( len ); *p += 4 + len; @@ -223,10 +223,10 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_CHAR_3( id_len ); - *p++ = MBEDTLS_CHAR_2( id_len ); - *p++ = MBEDTLS_CHAR_1( id_len ); - *p++ = MBEDTLS_CHAR_0( id_len ); + *p++ = MBEDTLS_BYTE_3( id_len ); + *p++ = MBEDTLS_BYTE_2( id_len ); + *p++ = MBEDTLS_BYTE_1( id_len ); + *p++ = MBEDTLS_BYTE_0( id_len ); if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -366,7 +366,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, goto cleanup; } - *(*p)++ = MBEDTLS_CHAR_0( len ); + *(*p)++ = MBEDTLS_BYTE_0( len ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ *p += len; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 7d65479efb..9e0db96c48 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,18 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len + 5); - *p++ = MBEDTLS_CHAR_0( hostname_len + 5); + *p++ = MBEDTLS_BYTE_1( hostname_len + 5); + *p++ = MBEDTLS_BYTE_0( hostname_len + 5); - *p++ = MBEDTLS_CHAR_1( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); + *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_CHAR_1( hostname_len ); - *p++ = MBEDTLS_CHAR_0( hostname_len ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_BYTE_1( hostname_len ); + *p++ = MBEDTLS_BYTE_0( hostname_len ); memcpy( p, ssl->hostname, hostname_len ); @@ -181,12 +181,12 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); *p++ = 0x00; - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len + 1 ); - *p++ = MBEDTLS_CHAR_0( ssl->verify_data_len ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); + *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len ); memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); @@ -281,14 +281,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); - *p++ = MBEDTLS_CHAR_1( sig_alg_len ); - *p++ = MBEDTLS_CHAR_0( sig_alg_len ); + *p++ = MBEDTLS_BYTE_1( sig_alg_len ); + *p++ = MBEDTLS_BYTE_0( sig_alg_len ); *olen = 6 + sig_alg_len; @@ -356,14 +356,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_CHAR_1( elliptic_curve_len ); - *p++ = MBEDTLS_CHAR_0( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); + *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); *olen = 6 + elliptic_curve_len; @@ -384,8 +384,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -421,8 +421,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +464,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; @@ -504,11 +504,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +537,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -569,8 +569,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -599,8 +599,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -631,11 +631,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_1( tlen ); - *p++ = MBEDTLS_CHAR_0( tlen ); + *p++ = MBEDTLS_BYTE_1( tlen ); + *p++ = MBEDTLS_BYTE_0( tlen ); *olen = 4; @@ -675,8 +675,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); /* * opaque ProtocolName<1..2^8-1>; @@ -703,12 +703,12 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); return( 0 ); } @@ -760,12 +760,12 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_CHAR_1( ext_len & 0xFF00 ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -776,7 +776,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = MBEDTLS_CHAR_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); + *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); for( protection_profiles_index=0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; @@ -1323,8 +1323,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index e0c50bcce1..989c59874f 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2481,8 +2481,8 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_CHAR_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_CHAR_0( ssl->handshake->out_msg_seq ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); ++( ssl->handshake->out_msg_seq ); } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 253ab56959..96b08ab8f6 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1971,11 +1971,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * } ConnectionId; */ - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2016,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2042,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2067,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2091,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2132,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); *p++ = 0x00; *p++ = 1; @@ -2162,8 +2162,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); *p++ = 0x00; *p++ = 2; @@ -2200,8 +2200,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2212,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_CHAR_1( kkpp_len ); - *p++ = MBEDTLS_CHAR_0( kkpp_len ); + *p++ = MBEDTLS_BYTE_1( kkpp_len ); + *p++ = MBEDTLS_BYTE_0( kkpp_len ); *olen = kkpp_len + 4; } @@ -2238,18 +2238,18 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_ALPN ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_CHAR_1( *olen - 4 ); - buf[3] = MBEDTLS_CHAR_0( *olen - 4 ); + buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); + buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); - buf[4] = MBEDTLS_CHAR_1( *olen - 6 ); - buf[5] = MBEDTLS_CHAR_0( *olen - 6 ); + buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); + buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); - buf[6] = MBEDTLS_CHAR_0( *olen - 7 ); + buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } @@ -2294,15 +2294,15 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_CHAR_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_CHAR_0( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); + buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_CHAR_1( ext_len ); - buf[3] = MBEDTLS_CHAR_0( ext_len ); + buf[2] = MBEDTLS_BYTE_1( ext_len ); + buf[3] = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2311,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_CHAR_1( profile_value ); - buf[7] = MBEDTLS_CHAR_0( profile_value ); + buf[6] = MBEDTLS_BYTE_1( profile_value ); + buf[7] = MBEDTLS_BYTE_0( profile_value ); } else { @@ -2648,8 +2648,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_CHAR_1( ext_len ); - *p++ = MBEDTLS_CHAR_0( ext_len ); + *p++ = MBEDTLS_BYTE_1( ext_len ); + *p++ = MBEDTLS_BYTE_0( ext_len ); p += ext_len; } @@ -3478,8 +3478,8 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } - if( *p++ != MBEDTLS_CHAR_1( len ) || - *p++ != MBEDTLS_CHAR_0( len ) ) + if( *p++ != MBEDTLS_BYTE_1( len ) || + *p++ != MBEDTLS_BYTE_0( len ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); @@ -4223,13 +4223,13 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_CHAR_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_CHAR_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_CHAR_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_CHAR_0( lifetime ); + ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); + ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); + ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); + ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - ssl->out_msg[8] = MBEDTLS_CHAR_1( tlen ); - ssl->out_msg[9] = MBEDTLS_CHAR_0( tlen ); + ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); + ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); ssl->out_msglen = 10 + tlen; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0655dc57eb..381eb9e03b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4582,8 +4582,8 @@ static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), }; /* @@ -4664,14 +4664,14 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_CHAR_7( start ); - *p++ = MBEDTLS_CHAR_6( start ); - *p++ = MBEDTLS_CHAR_5( start ); - *p++ = MBEDTLS_CHAR_4( start ); - *p++ = MBEDTLS_CHAR_3( start ); - *p++ = MBEDTLS_CHAR_2( start ); - *p++ = MBEDTLS_CHAR_1( start ); - *p++ = MBEDTLS_CHAR_0( start ); + *p++ = MBEDTLS_BYTE_7( start ); + *p++ = MBEDTLS_BYTE_6( start ); + *p++ = MBEDTLS_BYTE_5( start ); + *p++ = MBEDTLS_BYTE_4( start ); + *p++ = MBEDTLS_BYTE_3( start ); + *p++ = MBEDTLS_BYTE_2( start ); + *p++ = MBEDTLS_BYTE_1( start ); + *p++ = MBEDTLS_BYTE_0( start ); } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,22 +4687,22 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); - *p++ = MBEDTLS_CHAR_0( session->compression ); + *p++ = MBEDTLS_BYTE_0( session->compression ); - *p++ = MBEDTLS_CHAR_0( session->id_len ); + *p++ = MBEDTLS_BYTE_0( session->id_len ); memcpy( p, session->id, 32 ); p += 32; memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_CHAR_3( session->verify_result ); - *p++ = MBEDTLS_CHAR_2( session->verify_result ); - *p++ = MBEDTLS_CHAR_1( session->verify_result ); - *p++ = MBEDTLS_CHAR_0( session->verify_result ); + *p++ = MBEDTLS_BYTE_3( session->verify_result ); + *p++ = MBEDTLS_BYTE_2( session->verify_result ); + *p++ = MBEDTLS_BYTE_1( session->verify_result ); + *p++ = MBEDTLS_BYTE_0( session->verify_result ); } /* @@ -4719,9 +4719,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( cert_len ); - *p++ = MBEDTLS_CHAR_1( cert_len ); - *p++ = MBEDTLS_CHAR_0( cert_len ); + *p++ = MBEDTLS_BYTE_2( cert_len ); + *p++ = MBEDTLS_BYTE_1( cert_len ); + *p++ = MBEDTLS_BYTE_0( cert_len ); if( session->peer_cert != NULL ) { @@ -4762,9 +4762,9 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_2( session->ticket_len ); - *p++ = MBEDTLS_CHAR_1( session->ticket_len ); - *p++ = MBEDTLS_CHAR_0( session->ticket_len ); + *p++ = MBEDTLS_BYTE_2( session->ticket_len ); + *p++ = MBEDTLS_BYTE_1( session->ticket_len ); + *p++ = MBEDTLS_BYTE_0( session->ticket_len ); if( session->ticket != NULL ) { @@ -4772,10 +4772,10 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_CHAR_3( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_2( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_1( session->ticket_lifetime ); - *p++ = MBEDTLS_CHAR_0( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); + *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -4793,7 +4793,7 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, used += 1; if( used <= buf_len ) - *p++ = MBEDTLS_CHAR_0( session->encrypt_then_mac ); + *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac ); #endif return( used ); @@ -5568,11 +5568,11 @@ static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_CHAR_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_CHAR_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_CHAR_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), }; /* @@ -5713,10 +5713,10 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( session_len ); - *p++ = MBEDTLS_CHAR_2( session_len ); - *p++ = MBEDTLS_CHAR_1( session_len ); - *p++ = MBEDTLS_CHAR_0( session_len ); + *p++ = MBEDTLS_BYTE_3( session_len ); + *p++ = MBEDTLS_BYTE_2( session_len ); + *p++ = MBEDTLS_BYTE_1( session_len ); + *p++ = MBEDTLS_BYTE_0( session_len ); ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5757,33 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_3( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_2( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_1( ssl->badmac_seen ); - *p++ = MBEDTLS_CHAR_0( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); + *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_7( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); - *p++ = MBEDTLS_CHAR_7( ssl->in_window ); - *p++ = MBEDTLS_CHAR_6( ssl->in_window ); - *p++ = MBEDTLS_CHAR_5( ssl->in_window ); - *p++ = MBEDTLS_CHAR_4( ssl->in_window ); - *p++ = MBEDTLS_CHAR_3( ssl->in_window ); - *p++ = MBEDTLS_CHAR_2( ssl->in_window ); - *p++ = MBEDTLS_CHAR_1( ssl->in_window ); - *p++ = MBEDTLS_CHAR_0( ssl->in_window ); + *p++ = MBEDTLS_BYTE_7( ssl->in_window ); + *p++ = MBEDTLS_BYTE_6( ssl->in_window ); + *p++ = MBEDTLS_BYTE_5( ssl->in_window ); + *p++ = MBEDTLS_BYTE_4( ssl->in_window ); + *p++ = MBEDTLS_BYTE_3( ssl->in_window ); + *p++ = MBEDTLS_BYTE_2( ssl->in_window ); + *p++ = MBEDTLS_BYTE_1( ssl->in_window ); + *p++ = MBEDTLS_BYTE_0( ssl->in_window ); } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5806,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_CHAR_1( ssl->mtu ); - *p++ = MBEDTLS_CHAR_0( ssl->mtu ); + *p++ = MBEDTLS_BYTE_1( ssl->mtu ); + *p++ = MBEDTLS_BYTE_0( ssl->mtu ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 9e629cb0b3..7aec21dffe 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -113,17 +113,17 @@ static void ssl_tls1_3_hkdf_encode_label( #endif *p++ = 0; - *p++ = MBEDTLS_CHAR_0( desired_length ); + *p++ = MBEDTLS_BYTE_0( desired_length ); /* Add label incl. prefix */ - *p++ = MBEDTLS_CHAR_0( total_label_len ); + *p++ = MBEDTLS_BYTE_0( total_label_len ); memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); p += sizeof(tls1_3_label_prefix); memcpy( p, label, llen ); p += llen; /* Add context value */ - *p++ = MBEDTLS_CHAR_0( clen ); + *p++ = MBEDTLS_BYTE_0( clen ); if( clen != 0 ) memcpy( p, ctx, clen ); From 99edd6c8105740b58ad3261da7ed47c42658b36e Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 12:29:49 +0100 Subject: [PATCH 0965/1065] Add UINT64 GET and PUT macros Copy over the GET/PUT_UINT64_LE/BE macros from aes.c and sha512.c Add the MBEDTLS_ prefix to all 4 macros. Modify the GET_UINT64 macros to no longer take a target variable as a parameter, so when the macro function is called it must be assigned to a variable in the same statement. Signed-off-by: Joe Subbiani --- library/aes.c | 37 +++----------------- library/common.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ library/sha512.c | 39 +++------------------ 3 files changed, 99 insertions(+), 68 deletions(-) diff --git a/library/aes.c b/library/aes.c index 1eb3e204d8..8e3358c494 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1074,35 +1074,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_XTS) -/* Endianess with 64 bits values */ -#ifndef GET_UINT64_LE -#define GET_UINT64_LE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ - | ( (uint64_t) (b)[(i) + 6] << 48 ) \ - | ( (uint64_t) (b)[(i) + 5] << 40 ) \ - | ( (uint64_t) (b)[(i) + 4] << 32 ) \ - | ( (uint64_t) (b)[(i) + 3] << 24 ) \ - | ( (uint64_t) (b)[(i) + 2] << 16 ) \ - | ( (uint64_t) (b)[(i) + 1] << 8 ) \ - | ( (uint64_t) (b)[(i) ] ); \ -} -#endif - -#ifndef PUT_UINT64_LE -#define PUT_UINT64_LE(n,b,i) \ -{ \ - (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) ] = (unsigned char) ( (n) ); \ -} -#endif - typedef unsigned char mbedtls_be128[16]; /* @@ -1118,14 +1089,14 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16], { uint64_t a, b, ra, rb; - GET_UINT64_LE( a, x, 0 ); - GET_UINT64_LE( b, x, 8 ); + a = MBEDTLS_GET_UINT64_LE( x, 0 ); + b = MBEDTLS_GET_UINT64_LE( x, 8 ); ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); rb = ( a >> 63 ) | ( b << 1 ); - PUT_UINT64_LE( ra, r, 0 ); - PUT_UINT64_LE( rb, r, 8 ); + MBEDTLS_PUT_UINT64_LE( ra, r, 0 ); + MBEDTLS_PUT_UINT64_LE( rb, r, 8 ); } /* diff --git a/library/common.h b/library/common.h index e0f8b99baa..ce2f04007e 100644 --- a/library/common.h +++ b/library/common.h @@ -193,5 +193,96 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * big-endian order (MSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_BE +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in big-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_BE +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +} +#endif + +/** + * Get the unsigned 64 bits integer corresponding to eight bytes in + * little-endian order (LSB first). + * + * \param data Base address of the memory to get the eight bytes from. + * \param offset Offset from \p base of the first and least significant + * byte of the eight bytes to build the 64 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT64_LE +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ + ) +#endif + +/** + * Put in memory a 64 bits unsigned integer in little-endian order. + * + * \param n 64 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 64 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the least significant + * byte of the 64 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT64_LE +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ + ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ + ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ + ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ + ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ + ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ + ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ + ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +} +#endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/sha512.c b/library/sha512.c index 6511c6e36a..2b4cc547e4 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -56,44 +56,13 @@ #if !defined(MBEDTLS_SHA512_ALT) -/* - * 64-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT64_BE -#define GET_UINT64_BE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ - | ( (uint64_t) (b)[(i) + 1] << 48 ) \ - | ( (uint64_t) (b)[(i) + 2] << 40 ) \ - | ( (uint64_t) (b)[(i) + 3] << 32 ) \ - | ( (uint64_t) (b)[(i) + 4] << 24 ) \ - | ( (uint64_t) (b)[(i) + 5] << 16 ) \ - | ( (uint64_t) (b)[(i) + 6] << 8 ) \ - | ( (uint64_t) (b)[(i) + 7] ); \ -} -#endif /* GET_UINT64_BE */ - -#ifndef PUT_UINT64_BE -#define PUT_UINT64_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 7] = (unsigned char) ( (n) ); \ -} -#endif /* PUT_UINT64_BE */ - #if defined(MBEDTLS_SHA512_SMALLER) static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) { - PUT_UINT64_BE(n, b, i); + MBEDTLS_PUT_UINT64_BE(n, b, i); } #else -#define sha512_put_uint64_be PUT_UINT64_BE +#define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE #endif /* MBEDTLS_SHA512_SMALLER */ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) @@ -261,7 +230,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, { if( i < 16 ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } else { @@ -281,7 +250,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, #else /* MBEDTLS_SHA512_SMALLER */ for( i = 0; i < 16; i++ ) { - GET_UINT64_BE( local.W[i], data, i << 3 ); + local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); } for( ; i < 80; i++ ) From fbeb692dd09efbb5d81304637e490ad1a2208ce5 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 14:27:50 +0100 Subject: [PATCH 0966/1065] Use byte reading macros in places not using a byte mask byte shifting opertations throughout library/ were only replaced with the byte reading macros when an 0xff mask was being used. The byte reading macros are now more widley used, however they have not been used in all cases of a byte shift operation, as it detracted from the immediate readability or otherwise did not seem appropriate. Signed-off-by: Joe Subbiani --- library/base64.c | 6 +++--- library/chacha20.c | 8 ++++---- library/chachapoly.c | 32 ++++++++++++++++---------------- library/dhm.c | 4 ++-- library/ecp.c | 4 ++-- library/pkcs12.c | 8 ++++---- library/poly1305.c | 36 ++++++++++++++++++------------------ library/ssl_cli.c | 40 ++++++++++++++++++++-------------------- library/ssl_cookie.c | 8 ++++---- library/ssl_msg.c | 28 ++++++++++++++-------------- library/ssl_srv.c | 30 +++++++++++++++--------------- library/ssl_tls.c | 28 ++++++++++++++-------------- library/x509write_crt.c | 4 ++-- 13 files changed, 118 insertions(+), 118 deletions(-) diff --git a/library/base64.c b/library/base64.c index 1a05226efa..9cf5dd41d4 100644 --- a/library/base64.c +++ b/library/base64.c @@ -319,9 +319,9 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, if( ++n == 4 ) { n = 0; - if( j > 0 ) *p++ = (unsigned char)( x >> 16 ); - if( j > 1 ) *p++ = (unsigned char)( x >> 8 ); - if( j > 2 ) *p++ = (unsigned char)( x ); + if( j > 0 ) *p++ = MBEDTLS_BYTE_2( x ); + if( j > 1 ) *p++ = MBEDTLS_BYTE_1( x ); + if( j > 2 ) *p++ = MBEDTLS_BYTE_0( x ); } } diff --git a/library/chacha20.c b/library/chacha20.c index 7015f99d59..0e057f0e3c 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,10 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = (unsigned char)( working_state[i] ); - keystream[offset + 1U] = (unsigned char)( working_state[i] >> 8 ); - keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 ); - keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 ); + keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); + keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); + keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); + keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 77d547731c..696d97bf01 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,22 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = (unsigned char)( ctx->aad_len ); - len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 ); - len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 ); - len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 ); - len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 ); - len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 ); - len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 ); - len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 ); - len_block[ 8] = (unsigned char)( ctx->ciphertext_len ); - len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 ); - len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 ); - len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 ); - len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 ); - len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 ); - len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 ); - len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 ); + len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); + len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); + len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); + len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); + len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); + len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); + len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); + len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); + len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); + len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); + len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); + len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); + len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); + len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); + len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); + len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/dhm.c b/library/dhm.c index 29ce75598c..2ce0ed4fde 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -270,8 +270,8 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \ p + 2, \ ( n ) ) ); \ - *p++ = (unsigned char)( ( n ) >> 8 ); \ - *p++ = (unsigned char)( ( n ) ); \ + *p++ = MBEDTLS_BYTE_1( n ); \ + *p++ = MBEDTLS_BYTE_0( n ); \ p += ( n ); \ } while( 0 ) diff --git a/library/ecp.c b/library/ecp.c index b608ff1bd7..fdfc960069 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,8 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = curve_info->tls_id >> 8; - buf[1] = curve_info->tls_id & 0xFF; + buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); + buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); return( 0 ); } diff --git a/library/pkcs12.c b/library/pkcs12.c index 04b1a6dab3..8f64bc6395 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -285,8 +285,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = salt_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - salt_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); } // pwd_block += B @@ -294,8 +294,8 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, for( i = v; i > 0; i-- ) { j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = (unsigned char) (j >> 8); - pwd_block[i - 1] = j & 0xFF; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); } } diff --git a/library/poly1305.c b/library/poly1305.c index f19574253c..333aade94a 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -62,8 +62,8 @@ static uint64_t mul64( uint32_t a, uint32_t b ) /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; const uint16_t bl = (uint16_t) b; - const uint16_t ah = a >> 16; - const uint16_t bh = b >> 16; + const uint16_t ah = MBEDTLS_BYTE_2( a ); + const uint16_t bh = MBEDTLS_BYTE_2( b ); /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; @@ -250,22 +250,22 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = (unsigned char)( acc0 ); - mac[ 1] = (unsigned char)( acc0 >> 8 ); - mac[ 2] = (unsigned char)( acc0 >> 16 ); - mac[ 3] = (unsigned char)( acc0 >> 24 ); - mac[ 4] = (unsigned char)( acc1 ); - mac[ 5] = (unsigned char)( acc1 >> 8 ); - mac[ 6] = (unsigned char)( acc1 >> 16 ); - mac[ 7] = (unsigned char)( acc1 >> 24 ); - mac[ 8] = (unsigned char)( acc2 ); - mac[ 9] = (unsigned char)( acc2 >> 8 ); - mac[10] = (unsigned char)( acc2 >> 16 ); - mac[11] = (unsigned char)( acc2 >> 24 ); - mac[12] = (unsigned char)( acc3 ); - mac[13] = (unsigned char)( acc3 >> 8 ); - mac[14] = (unsigned char)( acc3 >> 16 ); - mac[15] = (unsigned char)( acc3 >> 24 ); + mac[ 0] = MBEDTLS_BYTE_0( acc0 ); + mac[ 1] = MBEDTLS_BYTE_1( acc0 ); + mac[ 2] = MBEDTLS_BYTE_2( acc0 ); + mac[ 3] = MBEDTLS_BYTE_3( acc0 ); + mac[ 4] = MBEDTLS_BYTE_0( acc1 ); + mac[ 5] = MBEDTLS_BYTE_1( acc1 ); + mac[ 6] = MBEDTLS_BYTE_2( acc1 ); + mac[ 7] = MBEDTLS_BYTE_3( acc1 ); + mac[ 8] = MBEDTLS_BYTE_0( acc2 ); + mac[ 9] = MBEDTLS_BYTE_1( acc2 ); + mac[10] = MBEDTLS_BYTE_2( acc2 ); + mac[11] = MBEDTLS_BYTE_3( acc2 ); + mac[12] = MBEDTLS_BYTE_0( acc3 ); + mac[13] = MBEDTLS_BYTE_1( acc3 ); + mac[14] = MBEDTLS_BYTE_2( acc3 ); + mac[15] = MBEDTLS_BYTE_3( acc3 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9e0db96c48..729784a6eb 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -352,8 +352,8 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, grp_id++ ) { info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; - elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id ); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); @@ -857,10 +857,10 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1143,8 +1143,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = (unsigned char)( ciphersuites[i] >> 8 ); - *p++ = (unsigned char)( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); + *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1159,8 +1159,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); n++; } @@ -2745,8 +2745,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); - ssl->out_msg[offset+1] = (unsigned char)( *olen ); + ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); + ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); *olen += 2; } #endif @@ -3503,8 +3503,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[5] = (unsigned char)( content_len ); + ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -3719,8 +3719,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); memcpy( ssl->out_msg + header_len, ssl->conf->psk_identity, @@ -3771,8 +3771,8 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, (int) mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ), @@ -4054,8 +4054,8 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); - ssl->out_msg[5 + offset] = (unsigned char)( n ); + ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 40b8913b8b..4f1c07bde6 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,10 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = (unsigned char)( t >> 24 ); - (*p)[1] = (unsigned char)( t >> 16 ); - (*p)[2] = (unsigned char)( t >> 8 ); - (*p)[3] = (unsigned char)( t ); + (*p)[0] = MBEDTLS_BYTE_3( t ); + (*p)[1] = MBEDTLS_BYTE_2( t ); + (*p)[2] = MBEDTLS_BYTE_1( t ); + (*p)[3] = MBEDTLS_BYTE_0( t ); *p += 4; #if defined(MBEDTLS_THREADING_C) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 989c59874f..304e7f22b7 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2451,9 +2451,9 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, */ if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); - ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); - ssl->out_msg[3] = (unsigned char)( hs_len ); + ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len ); + ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len ); + ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len ); /* * DTLS has additional fields in the Handshake layer, @@ -2566,8 +2566,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( len ); if( ssl->transform_out != NULL ) { @@ -2607,8 +2607,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->out_len[1] = (unsigned char)( rec.data_len ); + ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3180,12 +3180,12 @@ static int ssl_check_dtls_clihlo_cookie( /* Go back and fill length fields */ obuf[27] = (unsigned char)( *olen - 28 ); - obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); + obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 ); + obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); + obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); - obuf[12] = (unsigned char)( ( *olen - 13 ) ); + obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); + obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4565,8 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 ); - ssl->in_len[1] = (unsigned char)( rec.data_len ); + ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); + ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 96b08ab8f6..232846ff08 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2494,10 +2494,10 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); + *p++ = MBEDTLS_BYTE_3( t ); + *p++ = MBEDTLS_BYTE_2( t ); + *p++ = MBEDTLS_BYTE_1( t ); + *p++ = MBEDTLS_BYTE_0( t ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2578,9 +2578,9 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); - *p++ = (unsigned char)( ssl->session_negotiate->compression ); + *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); @@ -2785,8 +2785,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = (unsigned char)( sa_len >> 8 ); - p[1] = (unsigned char)( sa_len ); + p[0] = MBEDTLS_BYTE_1( sa_len ); + p[1] = MBEDTLS_BYTE_0( sa_len ); sa_len += 2; p += sa_len; } @@ -2826,8 +2826,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = (unsigned char)( dn_size >> 8 ); - *p++ = (unsigned char)( dn_size ); + *p++ = MBEDTLS_BYTE_1( dn_size ); + *p++ = MBEDTLS_BYTE_0( dn_size ); memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; @@ -2841,8 +2841,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); - ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); + ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); + ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -3320,8 +3320,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) if( signature_len != 0 ) { - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len ); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", ssl->out_msg + ssl->out_msglen, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 381eb9e03b..33f026f4d1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,8 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = (unsigned char)( len >> 8 ); - *(p++) = (unsigned char)( len ); + *(p++) = MBEDTLS_BYTE_1( len ); + *(p++) = MBEDTLS_BYTE_0( len ); p += len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); @@ -1550,8 +1550,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = (unsigned char)( zlen >> 8 ); - *(p++) = (unsigned char)( zlen ); + *(p++) = MBEDTLS_BYTE_1( zlen ); + *(p++) = MBEDTLS_BYTE_0( zlen ); p += zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, @@ -1568,8 +1568,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); + *(p++) = MBEDTLS_BYTE_1( psk_len ); + *(p++) = MBEDTLS_BYTE_0( psk_len ); if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1746,17 +1746,17 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - ssl->out_msg[i ] = (unsigned char)( n >> 16 ); - ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); - ssl->out_msg[i + 2] = (unsigned char)( n ); + ssl->out_msg[i ] = MBEDTLS_BYTE_2( n ); + ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n ); + ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n ); i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); i += n; crt = crt->next; } - ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); - ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); - ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); + ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 ); + ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 ); + ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 ); ssl->out_msglen = i; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c8169f1feb..0daf0683e9 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,8 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = (unsigned char)( key_usage ); - ku[1] = (unsigned char)( key_usage >> 8 ); + ku[0] = MBEDTLS_BYTE_0( key_usage ); + ku[1] = MBEDTLS_BYTE_1( key_usage ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From b6511b04fa8891a92fe45b42315ca9c4ec9439ac Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 15:02:55 +0100 Subject: [PATCH 0967/1065] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/chacha20.c | 5 +---- library/chachapoly.c | 18 ++---------------- library/ssl_cookie.c | 5 +---- 3 files changed, 4 insertions(+), 24 deletions(-) diff --git a/library/chacha20.c b/library/chacha20.c index 0e057f0e3c..658f046901 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -164,10 +164,7 @@ static void chacha20_block( const uint32_t initial_state[16], { size_t offset = i * 4U; - keystream[offset ] = MBEDTLS_BYTE_0( working_state[i] ); - keystream[offset + 1U] = MBEDTLS_BYTE_1( working_state[i] ); - keystream[offset + 2U] = MBEDTLS_BYTE_2( working_state[i] ); - keystream[offset + 3U] = MBEDTLS_BYTE_3( working_state[i] ); + MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); } mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); diff --git a/library/chachapoly.c b/library/chachapoly.c index 696d97bf01..dc75b2030a 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -263,22 +263,8 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, /* The lengths of the AAD and ciphertext are processed by * Poly1305 as the final 128-bit block, encoded as little-endian integers. */ - len_block[ 0] = MBEDTLS_BYTE_0( ctx->aad_len ); - len_block[ 1] = MBEDTLS_BYTE_1( ctx->aad_len ); - len_block[ 2] = MBEDTLS_BYTE_2( ctx->aad_len ); - len_block[ 3] = MBEDTLS_BYTE_3( ctx->aad_len ); - len_block[ 4] = MBEDTLS_BYTE_4( ctx->aad_len ); - len_block[ 5] = MBEDTLS_BYTE_5( ctx->aad_len ); - len_block[ 6] = MBEDTLS_BYTE_6( ctx->aad_len ); - len_block[ 7] = MBEDTLS_BYTE_7( ctx->aad_len ); - len_block[ 8] = MBEDTLS_BYTE_0( ctx->ciphertext_len ); - len_block[ 9] = MBEDTLS_BYTE_1( ctx->ciphertext_len ); - len_block[10] = MBEDTLS_BYTE_2( ctx->ciphertext_len ); - len_block[11] = MBEDTLS_BYTE_3( ctx->ciphertext_len ); - len_block[12] = MBEDTLS_BYTE_4( ctx->ciphertext_len ); - len_block[13] = MBEDTLS_BYTE_5( ctx->ciphertext_len ); - len_block[14] = MBEDTLS_BYTE_6( ctx->ciphertext_len ); - len_block[15] = MBEDTLS_BYTE_7( ctx->ciphertext_len ); + MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); + MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); if( ret != 0 ) diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 4f1c07bde6..986b1410b0 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -165,10 +165,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, t = ctx->serial++; #endif - (*p)[0] = MBEDTLS_BYTE_3( t ); - (*p)[1] = MBEDTLS_BYTE_2( t ); - (*p)[2] = MBEDTLS_BYTE_1( t ); - (*p)[3] = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE(t, *p, 0); *p += 4; #if defined(MBEDTLS_THREADING_C) From 4919bb46b02a7032518951d5ff5f9168a8876859 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:14:07 +0100 Subject: [PATCH 0968/1065] Remove use of byte reading macro for uint16 Accidently used MBEDTLS_BYTE_16 for a uint16 variable Signed-off-by: Joe Subbiani --- library/poly1305.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/poly1305.c b/library/poly1305.c index 333aade94a..9e90d67b1a 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,9 +61,9 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; - const uint16_t ah = MBEDTLS_BYTE_2( a ); - const uint16_t bh = MBEDTLS_BYTE_2( b ); + const uint16_t bl = (uint16_t) b; + const uint16_t ah = a >> 16; + const uint16_t bh = b >> 16; /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; From 51b147add0abc84098c680ad7eac86d6dd3e10d6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 16 Jul 2021 17:47:17 +0100 Subject: [PATCH 0969/1065] Remove trailing white space Signed-off-by: Joe Subbiani --- library/poly1305.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/poly1305.c b/library/poly1305.c index 9e90d67b1a..1f35f1d501 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -61,7 +61,7 @@ static uint64_t mul64( uint32_t a, uint32_t b ) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; - const uint16_t bl = (uint16_t) b; + const uint16_t bl = (uint16_t) b; const uint16_t ah = a >> 16; const uint16_t bh = b >> 16; From 6dd73645533dfaf489906c5ee30e9bb816b652a6 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 11:56:54 +0100 Subject: [PATCH 0970/1065] Replace instances of byte reading macros with PUT Instances of a group of byte reading macros which are equivilant to MBEDTLS_PUT_UINTx_yz Signed-off-by: Joe Subbiani --- library/common.h | 34 ++++++++++++++++++++++++++++++++++ library/poly1305.c | 20 ++++---------------- library/psa_its_file.c | 10 ++-------- library/ssl_cli.c | 15 +++++---------- library/ssl_msg.c | 21 +++++++-------------- library/ssl_srv.c | 34 ++++++++++------------------------ library/ssl_ticket.c | 3 +-- library/x509write_crt.c | 3 +-- 8 files changed, 64 insertions(+), 76 deletions(-) diff --git a/library/common.h b/library/common.h index ce2f04007e..3e8f88bf34 100644 --- a/library/common.h +++ b/library/common.h @@ -193,6 +193,40 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c } #endif +/** + * Get the unsigned 16 bits integer corresponding to two bytes in + * big-endian order (LSB first). + * + * \param data Base address of the memory to get the two bytes from. + * \param offset Offset from \p base of the first and most significant + * byte of the two bytes to build the 16 bits unsigned + * integer from. + */ +#ifndef MBEDTLS_GET_UINT16_BE +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ) +#endif + +/** + * Put in memory a 16 bits unsigned integer in big-endian order. + * + * \param n 16 bits unsigned integer to put in memory. + * \param data Base address of the memory where to put the 16 + * bits unsigned integer in. + * \param offset Offset from \p base where to put the most significant + * byte of the 16 bits unsigned integer \p n. + */ +#ifndef MBEDTLS_PUT_UINT16_BE +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +} +#endif + /** * Get the unsigned 64 bits integer corresponding to eight bytes in * big-endian order (MSB first). diff --git a/library/poly1305.c b/library/poly1305.c index 1f35f1d501..7375a0c572 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -250,22 +250,10 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); /* Compute MAC (128 least significant bits of the accumulator) */ - mac[ 0] = MBEDTLS_BYTE_0( acc0 ); - mac[ 1] = MBEDTLS_BYTE_1( acc0 ); - mac[ 2] = MBEDTLS_BYTE_2( acc0 ); - mac[ 3] = MBEDTLS_BYTE_3( acc0 ); - mac[ 4] = MBEDTLS_BYTE_0( acc1 ); - mac[ 5] = MBEDTLS_BYTE_1( acc1 ); - mac[ 6] = MBEDTLS_BYTE_2( acc1 ); - mac[ 7] = MBEDTLS_BYTE_3( acc1 ); - mac[ 8] = MBEDTLS_BYTE_0( acc2 ); - mac[ 9] = MBEDTLS_BYTE_1( acc2 ); - mac[10] = MBEDTLS_BYTE_2( acc2 ); - mac[11] = MBEDTLS_BYTE_3( acc2 ); - mac[12] = MBEDTLS_BYTE_0( acc3 ); - mac[13] = MBEDTLS_BYTE_1( acc3 ); - mac[14] = MBEDTLS_BYTE_2( acc3 ); - mac[15] = MBEDTLS_BYTE_3( acc3 ); + MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); + MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); + MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); + MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); } void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index c3b19a74ac..c4782cdba3 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -191,14 +191,8 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, size_t n; memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - header.size[0] = MBEDTLS_BYTE_0( data_length ); - header.size[1] = MBEDTLS_BYTE_1( data_length ); - header.size[2] = MBEDTLS_BYTE_2( data_length ); - header.size[3] = MBEDTLS_BYTE_3( data_length ); - header.flags[0] = MBEDTLS_BYTE_0( create_flags ); - header.flags[1] = MBEDTLS_BYTE_1( create_flags ); - header.flags[2] = MBEDTLS_BYTE_2( create_flags ); - header.flags[3] = MBEDTLS_BYTE_3( create_flags ); + MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); + MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); psa_its_fill_filename( uid, filename ); stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 729784a6eb..3a0e6df6f4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -703,12 +703,10 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); return( 0 ); } @@ -2745,8 +2743,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { - ssl->out_msg[offset+0] = MBEDTLS_BYTE_1( *olen ); - ssl->out_msg[offset+1] = MBEDTLS_BYTE_0( *olen ); + MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); *olen += 2; } #endif @@ -3503,8 +3500,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = mbedtls_dhm_get_len( &ssl->handshake->dhm_ctx ); - ssl->out_msg[4] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( content_len ); + MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); header_len = 6; ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, @@ -4054,8 +4050,7 @@ sign: return( ret ); } - ssl->out_msg[4 + offset] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[5 + offset] = MBEDTLS_BYTE_0( n ); + MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 304e7f22b7..2fe801a283 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -454,15 +454,13 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, *cur = rec->cid_len; cur++; - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - cur[0] = MBEDTLS_CHAR_1( ad_len_field ); - cur[1] = MBEDTLS_CHAR_0( ad_len_field ); + MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 ); cur += 2; } @@ -2481,8 +2479,7 @@ int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl, /* Write message_seq and update it, except for HelloRequest */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { - ssl->out_msg[4] = MBEDTLS_BYTE_1( ssl->handshake->out_msg_seq ); - ssl->out_msg[5] = MBEDTLS_BYTE_0( ssl->handshake->out_msg_seq ); + MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); ++( ssl->handshake->out_msg_seq ); } else @@ -2566,8 +2563,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) ssl->conf->transport, ssl->out_hdr + 1 ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = MBEDTLS_BYTE_1( len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); if( ssl->transform_out != NULL ) { @@ -2607,8 +2603,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) memcpy( ssl->out_cid, rec.cid, rec.cid_len ); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - ssl->out_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->out_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); } protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); @@ -3184,8 +3179,7 @@ static int ssl_check_dtls_clihlo_cookie( obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); - obuf[11] = MBEDTLS_BYTE_1( *olen - 13 ); - obuf[12] = MBEDTLS_BYTE_0( *olen - 13 ); + MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); } @@ -4565,8 +4559,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - ssl->in_len[0] = MBEDTLS_BYTE_1( rec.data_len ); - ssl->in_len[1] = MBEDTLS_BYTE_0( rec.data_len ); + MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); return( 0 ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 232846ff08..a791b80764 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2238,16 +2238,13 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); *olen = 7 + strlen( ssl->alpn_chosen ); - buf[2] = MBEDTLS_BYTE_1( *olen - 4 ); - buf[3] = MBEDTLS_BYTE_0( *olen - 4 ); + MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); - buf[4] = MBEDTLS_BYTE_1( *olen - 6 ); - buf[5] = MBEDTLS_BYTE_0( *olen - 6 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); @@ -2294,15 +2291,13 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, } /* extension */ - buf[0] = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - buf[1] = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - buf[2] = MBEDTLS_BYTE_1( ext_len ); - buf[3] = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); /* protection profile length: 2 */ buf[4] = 0x00; @@ -2311,8 +2306,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) { - buf[6] = MBEDTLS_BYTE_1( profile_value ); - buf[7] = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); } else { @@ -2785,8 +2779,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - p[0] = MBEDTLS_BYTE_1( sa_len ); - p[1] = MBEDTLS_BYTE_0( sa_len ); + MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); sa_len += 2; p += sa_len; } @@ -2841,8 +2834,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = MBEDTLS_BYTE_1( total_dn_size ); - ssl->out_msg[5 + ct_len + sa_len] = MBEDTLS_BYTE_0( total_dn_size ); + MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); ret = mbedtls_ssl_write_handshake_msg( ssl ); @@ -4223,14 +4215,8 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) tlen = 0; } - ssl->out_msg[4] = MBEDTLS_BYTE_3( lifetime ); - ssl->out_msg[5] = MBEDTLS_BYTE_2( lifetime ); - ssl->out_msg[6] = MBEDTLS_BYTE_1( lifetime ); - ssl->out_msg[7] = MBEDTLS_BYTE_0( lifetime ); - - ssl->out_msg[8] = MBEDTLS_BYTE_1( tlen ); - ssl->out_msg[9] = MBEDTLS_BYTE_0( tlen ); - + MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); ssl->out_msglen = 10 + tlen; /* diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index a7a55f1a75..bce9a1cd71 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -245,8 +245,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, { goto cleanup; } - state_len_bytes[0] = MBEDTLS_BYTE_1( clear_len ); - state_len_bytes[1] = MBEDTLS_BYTE_0( clear_len ); + MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); /* Encrypt and authenticate */ if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 0daf0683e9..17b3e7966b 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -251,8 +251,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); c = buf + 5; - ku[0] = MBEDTLS_BYTE_0( key_usage ); - ku[1] = MBEDTLS_BYTE_1( key_usage ); + MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); if( ret < 0 ) From 5241e343ded7655e4baa95a493002ec93ae458c1 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 19 Jul 2021 15:29:18 +0100 Subject: [PATCH 0971/1065] Improve consitency throughout library/common.h Replace the contents of MBEDTLS_PUT_UINTx_yz contained inconsitent but similar/duplicate code to the MBEDTLS_BYTE_x macros. Therefore the contents of the macros now utilise the byte reading macros. MBEDTLS_PUT_UINT64_LE's written order was also not consitent with the other PUT macros, so that was modified. Documentation comment said LSB instead of MSB and that has also been resolved. Signed-off-by: Joe Subbiani --- library/common.h | 166 +++++++++++++++++++++++------------------------ 1 file changed, 83 insertions(+), 83 deletions(-) diff --git a/library/common.h b/library/common.h index 3e8f88bf34..ba0396c58c 100644 --- a/library/common.h +++ b/library/common.h @@ -93,12 +93,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ +#define MBEDTLS_GET_UINT32_BE( data , offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] << 24 ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] ) \ ) #endif @@ -112,13 +112,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ +} #endif /** @@ -131,12 +131,12 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ - ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ +#define MBEDTLS_GET_UINT32_LE( data, offset ) \ + ( \ + ( (uint32_t) ( data )[( offset ) ] ) \ + | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ ) #endif @@ -150,13 +150,13 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ - do { \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - ( data )[( offset ) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ - } while( 0 ) +#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ +} #endif /** @@ -169,10 +169,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ +#define MBEDTLS_GET_UINT16_LE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] ) \ + | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ ) #endif @@ -186,16 +186,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ } #endif /** * Get the unsigned 16 bits integer corresponding to two bytes in - * big-endian order (LSB first). + * big-endian order (MSB first). * * \param data Base address of the memory to get the two bytes from. * \param offset Offset from \p base of the first and most significant @@ -203,10 +203,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ - ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ +#define MBEDTLS_GET_UINT16_BE( data, offset ) \ + ( \ + ( (uint16_t) ( data )[( offset ) ] << 8 ) \ + | ( (uint16_t) ( data )[( offset ) + 1] ) \ ) #endif @@ -220,10 +220,10 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - ( data )[( offset ) + 1] = (unsigned char) ( ( (n) ) & 0xFF ); \ +#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -237,16 +237,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ +#define MBEDTLS_GET_UINT64_BE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) ] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) + 7] ) \ ) #endif @@ -260,16 +260,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ } #endif @@ -283,16 +283,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * integer from. */ #ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ - ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ +#define MBEDTLS_GET_UINT64_LE( data, offset ) \ + ( \ + ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ + | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ + | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ + | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ + | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ + | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ + | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ + | ( (uint64_t) ( data )[( offset ) ] ) \ ) #endif @@ -306,16 +306,16 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) + 7] = (unsigned char) ( (n) >> 56 ); \ - ( data )[( offset ) + 6] = (unsigned char) ( (n) >> 48 ); \ - ( data )[( offset ) + 5] = (unsigned char) ( (n) >> 40 ); \ - ( data )[( offset ) + 4] = (unsigned char) ( (n) >> 32 ); \ - ( data )[( offset ) + 3] = (unsigned char) ( (n) >> 24 ); \ - ( data )[( offset ) + 2] = (unsigned char) ( (n) >> 16 ); \ - ( data )[( offset ) + 1] = (unsigned char) ( (n) >> 8 ); \ - ( data )[( offset ) ] = (unsigned char) ( (n) ); \ +#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ +{ \ + ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ + ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ + ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ + ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ + ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ + ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ + ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ + ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ } #endif From d0687856afdc603112b39edf5443dfe539eaee40 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 15:22:47 +0100 Subject: [PATCH 0972/1065] Improve documentation and add more uses of MBEDTLS_PUT minor changes, such as improving the documentation for the byte reading macros, and using MBEDTLS_PUT_UINT16_xy in place of byte reading macro combinations Signed-off-by: Joe Subbiani --- library/ccm.c | 3 +-- library/common.h | 5 ++--- library/ecp.c | 3 +-- library/ssl_cli.c | 2 +- 4 files changed, 5 insertions(+), 8 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 0188075f5e..a21a37f55f 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -221,8 +221,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = add; memset( b, 0, 16 ); - b[0] = MBEDTLS_BYTE_1( add_len ); - b[1] = MBEDTLS_BYTE_0( add_len ); + MBEDTLS_PUT_UINT16_BE( add_len, b, 0 ); use_len = len_left < 16 - 2 ? len_left : 16 - 2; memcpy( b + 2, src, use_len ); diff --git a/library/common.h b/library/common.h index ba0396c58c..d740c7338c 100644 --- a/library/common.h +++ b/library/common.h @@ -70,9 +70,8 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Obtain the most significant byte of x using 0xff - * Using MBEDTLS_BYTE_a will shift a*8 bits - * to retrieve the next byte of information + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) diff --git a/library/ecp.c b/library/ecp.c index fdfc960069..0212069c83 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1012,8 +1012,7 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - buf[0] = MBEDTLS_BYTE_1( curve_info->tls_id ); - buf[1] = MBEDTLS_BYTE_0( curve_info->tls_id ); + MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 ); return( 0 ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 3a0e6df6f4..0e25b6c60a 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -762,7 +762,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_1( ext_len & 0xFF00 ); + *p++ = MBEDTLS_BYTE_1( ext_len ); *p++ = MBEDTLS_BYTE_0( ext_len ); /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ From 9ab1866b0d0adace1c6c7ac65e0d8c586ad5a320 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Wed, 21 Jul 2021 16:35:48 +0100 Subject: [PATCH 0973/1065] Remove trailing whitespace Signed-off-by: Joe Subbiani --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index d740c7338c..780ce378de 100644 --- a/library/common.h +++ b/library/common.h @@ -70,7 +70,7 @@ extern void (*mbedtls_test_hook_test_fail)( const char * test, int line, const c /** Byte Reading Macros * - * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th + * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) From ce0e6a9dea61fa7153c189b2c3b3a07a82e322db Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 17 Aug 2021 15:24:32 +0200 Subject: [PATCH 0974/1065] Require MESSAGE flag in PSA MAC setup. Signed-off-by: Mateusz Starzyk --- library/psa_crypto.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3574b9842a..f87323c497 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2329,7 +2329,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, status = psa_get_and_lock_key_slot_with_policy( key, &slot, - is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -2514,8 +2514,9 @@ static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, uint8_t operation_mac_size = 0; status = psa_get_and_lock_key_slot_with_policy( - key, &slot, - is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH, + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, alg ); if( status != PSA_SUCCESS ) goto exit; From cb0a7cd142257658c116a10c9d2926ba1b46bab6 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 19 Aug 2021 15:11:50 +0200 Subject: [PATCH 0975/1065] Fix mac_key_policy test function Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 150a3f43e3..3fe512e8e7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -818,7 +818,7 @@ void mac_key_policy( int policy_usage_arg, mbedtls_test_update_key_usage_flags( policy_usage ) ); status = psa_mac_sign_setup( &operation, key, exercise_alg ); - if( ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) == 0 ) + if( ( mbedtls_test_update_key_usage_flags(policy_usage) & PSA_KEY_USAGE_SIGN_MESSAGE ) == 0 ) TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); else TEST_EQUAL( status, expected_status ); @@ -827,7 +827,7 @@ void mac_key_policy( int policy_usage_arg, memset( mac, 0, sizeof( mac ) ); status = psa_mac_verify_setup( &operation, key, exercise_alg ); - if( ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) == 0 ) + if( ( mbedtls_test_update_key_usage_flags(policy_usage) & PSA_KEY_USAGE_VERIFY_MESSAGE ) == 0 ) TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); else TEST_EQUAL( status, expected_status ); From 1f6c3aeb63a40c22af17311ea3a8cf6e3f02e554 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 11:44:44 +0100 Subject: [PATCH 0976/1065] Tidy up ssl_*.c grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 121 +++++++++++++++++++++++----------------------- library/ssl_srv.c | 59 +++++++++++----------- library/ssl_tls.c | 62 +++++++----------------- 3 files changed, 106 insertions(+), 136 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e25b6c60a..df32cfdb67 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -136,18 +136,19 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SERVERNAME ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 5); - *p++ = MBEDTLS_BYTE_0( hostname_len + 5); + MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( hostname_len + 3 ); - *p++ = MBEDTLS_BYTE_0( hostname_len + 3 ); + MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); - *p++ = MBEDTLS_BYTE_1( hostname_len ); - *p++ = MBEDTLS_BYTE_0( hostname_len ); + + MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 ); + p += 2; memcpy( p, ssl->hostname, hostname_len ); @@ -181,8 +182,8 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* * Secure renegotiation */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; *p++ = 0x00; *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); @@ -281,14 +282,14 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SIG_ALG ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SIG_ALG ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len + 2 ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len + 2 ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( sig_alg_len ); - *p++ = MBEDTLS_BYTE_0( sig_alg_len ); + MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 ); + p += 2; *olen = 6 + sig_alg_len; @@ -356,14 +357,14 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len + 2 ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len + 2 ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( elliptic_curve_len ); - *p++ = MBEDTLS_BYTE_0( elliptic_curve_len ); + MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 ); + p += 2; *olen = 6 + elliptic_curve_len; @@ -384,8 +385,8 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, ( "client hello, adding supported_point_formats extension" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -421,8 +422,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; /* * We may need to send ClientHello multiple times for Hello verification. @@ -464,8 +465,8 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; @@ -504,11 +505,11 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); /* Add extension ID + size */ - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -537,8 +538,8 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -569,8 +570,8 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -599,8 +600,8 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -631,11 +632,11 @@ static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, /* The addition is safe here since the ticket length is 16 bit. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; - *p++ = MBEDTLS_BYTE_1( tlen ); - *p++ = MBEDTLS_BYTE_0( tlen ); + MBEDTLS_PUT_UINT16_BE( tlen, p, 0 ); + p += 2; *olen = 4; @@ -675,8 +676,8 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ALPN ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ALPN ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + p += 2; /* * opaque ProtocolName<1..2^8-1>; @@ -758,12 +759,11 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_USE_SRTP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_USE_SRTP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 ); + p += 2; - - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* micro-optimization: @@ -786,8 +786,9 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", profile_value ) ); - *p++ = MBEDTLS_BYTE_1( profile_value ); - *p++ = MBEDTLS_BYTE_0( profile_value ); + MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); + p += 2; + } else { @@ -855,10 +856,8 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -1141,8 +1140,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); n++; - *p++ = MBEDTLS_BYTE_1( ciphersuites[i] ); - *p++ = MBEDTLS_BYTE_0( ciphersuites[i] ); + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 ); + p += 2; } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -1157,8 +1156,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 ); + p += 2; n++; } @@ -1321,8 +1320,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index a791b80764..c63af7a32a 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1970,12 +1970,11 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * opaque cid<0..2^8-1>; * } ConnectionId; */ - - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_CID ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_CID ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; *p++ = (uint8_t) ssl->own_cid_len; memcpy( p, ssl->own_cid, ssl->own_cid_len ); @@ -2016,8 +2015,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2042,8 +2041,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2067,8 +2066,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SESSION_TICKET ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SESSION_TICKET ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 0x00; @@ -2091,8 +2090,8 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + p += 2; #if defined(MBEDTLS_SSL_RENEGOTIATION) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) @@ -2132,8 +2131,8 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 1; @@ -2162,8 +2161,8 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + p += 2; *p++ = 0x00; *p++ = 2; @@ -2200,8 +2199,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + p += 2; ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, p + 2, end - p - 2, &kkpp_len, @@ -2212,8 +2211,8 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, return; } - *p++ = MBEDTLS_BYTE_1( kkpp_len ); - *p++ = MBEDTLS_BYTE_0( kkpp_len ); + MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + p += 2; *olen = kkpp_len + 4; } @@ -2488,10 +2487,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) t = mbedtls_time( NULL ); - *p++ = MBEDTLS_BYTE_3( t ); - *p++ = MBEDTLS_BYTE_2( t ); - *p++ = MBEDTLS_BYTE_1( t ); - *p++ = MBEDTLS_BYTE_0( t ); + MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + p += 4; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, (long long) t ) ); @@ -2572,8 +2569,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - *p++ = MBEDTLS_BYTE_1( ssl->session_negotiate->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", @@ -2642,8 +2639,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { - *p++ = MBEDTLS_BYTE_1( ext_len ); - *p++ = MBEDTLS_BYTE_0( ext_len ); + MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + p += 2; p += ext_len; } @@ -2819,8 +2816,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) break; } - *p++ = MBEDTLS_BYTE_1( dn_size ); - *p++ = MBEDTLS_BYTE_0( dn_size ); + MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 ); + p += 2; memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 33f026f4d1..abf4c0f5f2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4664,14 +4664,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, { start = (uint64_t) session->start; - *p++ = MBEDTLS_BYTE_7( start ); - *p++ = MBEDTLS_BYTE_6( start ); - *p++ = MBEDTLS_BYTE_5( start ); - *p++ = MBEDTLS_BYTE_4( start ); - *p++ = MBEDTLS_BYTE_3( start ); - *p++ = MBEDTLS_BYTE_2( start ); - *p++ = MBEDTLS_BYTE_1( start ); - *p++ = MBEDTLS_BYTE_0( start ); + MBEDTLS_PUT_UINT64_BE( start, p, 0 ); + p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -4687,8 +4681,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( session->ciphersuite ); - *p++ = MBEDTLS_BYTE_0( session->ciphersuite ); + MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 ); + p += 2; *p++ = MBEDTLS_BYTE_0( session->compression ); @@ -4699,10 +4693,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, memcpy( p, session->master, 48 ); p += 48; - *p++ = MBEDTLS_BYTE_3( session->verify_result ); - *p++ = MBEDTLS_BYTE_2( session->verify_result ); - *p++ = MBEDTLS_BYTE_1( session->verify_result ); - *p++ = MBEDTLS_BYTE_0( session->verify_result ); + MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 ); + p += 4; } /* @@ -4772,10 +4764,8 @@ static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session, p += session->ticket_len; } - *p++ = MBEDTLS_BYTE_3( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_2( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_1( session->ticket_lifetime ); - *p++ = MBEDTLS_BYTE_0( session->ticket_lifetime ); + MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 ); + p += 4; } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5713,10 +5703,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4 + session_len; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( session_len ); - *p++ = MBEDTLS_BYTE_2( session_len ); - *p++ = MBEDTLS_BYTE_1( session_len ); - *p++ = MBEDTLS_BYTE_0( session_len ); + MBEDTLS_PUT_UINT32_BE( session_len, p, 0 ); + p += 4; ret = ssl_session_save( ssl->session, 1, p, session_len, &session_len ); @@ -5757,33 +5745,19 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 4; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_3( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_2( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_1( ssl->badmac_seen ); - *p++ = MBEDTLS_BYTE_0( ssl->badmac_seen ); + MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 ); + p += 4; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_7( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window_top ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window_top ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 ); + p += 8; - *p++ = MBEDTLS_BYTE_7( ssl->in_window ); - *p++ = MBEDTLS_BYTE_6( ssl->in_window ); - *p++ = MBEDTLS_BYTE_5( ssl->in_window ); - *p++ = MBEDTLS_BYTE_4( ssl->in_window ); - *p++ = MBEDTLS_BYTE_3( ssl->in_window ); - *p++ = MBEDTLS_BYTE_2( ssl->in_window ); - *p++ = MBEDTLS_BYTE_1( ssl->in_window ); - *p++ = MBEDTLS_BYTE_0( ssl->in_window ); + MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 ); + p += 8; } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -5806,8 +5780,8 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, used += 2; if( used <= buf_len ) { - *p++ = MBEDTLS_BYTE_1( ssl->mtu ); - *p++ = MBEDTLS_BYTE_0( ssl->mtu ); + MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 ); + p += 2; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ From e4603eece9aa216190edb5edd0dd3f51cf47df48 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 13:05:30 +0100 Subject: [PATCH 0977/1065] Compress byte reading macros in if statements exchange MBEDTLS_BYTE_x in if statements with MBEDTLS_GET_UINT16_BE Signed-off-by: Joe Subbiani --- library/ssl_srv.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c63af7a32a..1841b55790 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1848,8 +1848,7 @@ read_record_header: for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) for( i = 0; ciphersuites[i] != 0; i++ ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; @@ -1865,8 +1864,7 @@ read_record_header: for( i = 0; ciphersuites[i] != 0; i++ ) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { - if( p[0] != MBEDTLS_BYTE_1( ciphersuites[i] ) || - p[1] != MBEDTLS_BYTE_0( ciphersuites[i] )) + if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) continue; got_common_suite = 1; From 94180e708ff9496f7b3bc6bfe50bdaab7226ba34 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Fri, 20 Aug 2021 16:20:44 +0100 Subject: [PATCH 0978/1065] Minor coding style improvement Signed-off-by: Joe Subbiani --- library/ssl_cli.c | 4 +--- library/ssl_srv.c | 3 +-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index df32cfdb67..9120aa2f75 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -788,7 +788,6 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, profile_value ) ); MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); p += 2; - } else { @@ -1321,8 +1320,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* No need to check for space here, because the extension * writing functions already took care of that. */ MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 1841b55790..b8c4314846 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2638,8 +2638,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 ) { MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); - p += 2; - p += ext_len; + p += 2 + ext_len; } ssl->out_msglen = p - buf; From 3879c345ec95be0150b9d076b47a8f83edd250a4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 23 Aug 2021 10:56:06 +0200 Subject: [PATCH 0979/1065] Fix typo in the changelog for chunked CCM. Signed-off-by: Mateusz Starzyk --- ChangeLog.d/chunked_ccm.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/chunked_ccm.txt b/ChangeLog.d/chunked_ccm.txt index 4e3065f906..67faecca5e 100644 --- a/ChangeLog.d/chunked_ccm.txt +++ b/ChangeLog.d/chunked_ccm.txt @@ -3,6 +3,6 @@ Changes The multi-part functions: mbedtls_ccm_starts(), mbedtls_ccm_set_lengths(), mbedtls_ccm_update_ad(), mbedtls_ccm_update(), mbedtls_ccm_finish() were introduced in mbedTLS 3.0 release, however their implementation was - postponed util now. + postponed until now. Implemented functions support chunked data input for both CCM and CCM* algorithms. From 90cc33aad60b14a7425f751c0d0f2494ac2dd782 Mon Sep 17 00:00:00 2001 From: Andrey Starodubtsev Date: Mon, 23 Aug 2021 12:14:56 +0300 Subject: [PATCH 0980/1065] Misprint was fixed Signed-off-by: Andrey Starodubtsev --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f08fc89a5b..3cb896cb4c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -602,7 +602,7 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * \param ctx Context for the receive callback (typically a file descriptor) * \param buf Buffer to write the received data to * \param len Length of the receive buffer - * \param timeout Maximum nomber of millisecondes to wait for data + * \param timeout Maximum number of milliseconds to wait for data * 0 means no timeout (potentially waiting forever) * * \return The callback must return the number of bytes received, From a5cb0d24d4737fa02ff9c0df315a582558c0ecc8 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 23 Aug 2021 11:35:25 +0100 Subject: [PATCH 0981/1065] Tidy up grouped MBEDTLS_BYTE_x macros exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz and then shift the pointer afterwards. Easier to read as you can see how big the data is that you are putting in, and in the case of UINT32 AND UINT64 it saves some vertical space. Signed-off-by: Joe Subbiani --- library/ctr_drbg.c | 7 ++----- library/ecjpake.c | 11 +++-------- library/ssl_tls.c | 18 ++++++++---------- 3 files changed, 13 insertions(+), 23 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 68b32a366b..93a7cdcd1f 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -152,11 +152,8 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - *p++ = MBEDTLS_BYTE_3( data_len ); - *p++ = MBEDTLS_BYTE_2( data_len ); - *p++ = MBEDTLS_BYTE_1( data_len ); - *p++ = MBEDTLS_BYTE_0( data_len ); - p += 3; + MBEDTLS_PUT_UINT32_BE( data_len, p, 0); + p += 4 + 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); p[data_len] = 0x80; diff --git a/library/ecjpake.c b/library/ecjpake.c index a599b1ba48..738a97719c 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -180,10 +180,7 @@ static int ecjpake_write_len_point( unsigned char **p, if( ret != 0 ) return( ret ); - (*p)[0] = MBEDTLS_BYTE_3( len ); - (*p)[1] = MBEDTLS_BYTE_2( len ); - (*p)[2] = MBEDTLS_BYTE_1( len ); - (*p)[3] = MBEDTLS_BYTE_0( len ); + MBEDTLS_PUT_UINT32_BE( len, *p, 0 ); *p += 4 + len; @@ -223,10 +220,8 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, if( end - p < 4 ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - *p++ = MBEDTLS_BYTE_3( id_len ); - *p++ = MBEDTLS_BYTE_2( id_len ); - *p++ = MBEDTLS_BYTE_1( id_len ); - *p++ = MBEDTLS_BYTE_0( id_len ); + MBEDTLS_PUT_UINT32_BE( id_len, p, 0 ); + p += 4; if( end < p || (size_t)( end - p ) < id_len ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index abf4c0f5f2..5cd47e6ce5 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1487,8 +1487,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -1528,9 +1528,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - *(p++) = MBEDTLS_BYTE_1( len ); - *(p++) = MBEDTLS_BYTE_0( len ); - p += len; + MBEDTLS_PUT_UINT16_BE( len, p, 0 ); + p += 2 + len; MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } @@ -1550,9 +1549,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch return( ret ); } - *(p++) = MBEDTLS_BYTE_1( zlen ); - *(p++) = MBEDTLS_BYTE_0( zlen ); - p += zlen; + MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); + p += 2 + zlen; MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, MBEDTLS_DEBUG_ECDH_Z ); @@ -1568,8 +1566,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end - p < 2 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = MBEDTLS_BYTE_1( psk_len ); - *(p++) = MBEDTLS_BYTE_0( psk_len ); + MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + p += 2; if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); From d07f4fc30fec6dcb6d79313b13ebd928559eef24 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 24 Aug 2021 11:01:23 +0200 Subject: [PATCH 0982/1065] Use separate expected results for MAC sign and verify key policy. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_psa_crypto.data | 54 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 16 +++--- 2 files changed, 33 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e3e9a5225a..bc4edb2b7b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -418,111 +418,111 @@ key_attributes_init: PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, VERIFY_HASH -> VERIFY_HASH+MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_SUCCESS PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE} depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS PSA key policy: MAC, SIGN_MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, VERIFY_MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_SUCCESS PSA key policy: MAC, SIGN+VERIFY_MESSAGE depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS PSA key policy: MAC, neither sign nor verify depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, wrong algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, alg=0 in policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: MAC, ANY_HASH in policy is not meaningful depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: CMAC, sign-verify, tag length > min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS:PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length = min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS:PSA_SUCCESS PSA key policy: CMAC, sign-verify, tag length < min-length policy depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, default tag length > min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length = min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS PSA key policy: HMAC, sign-verify, default tag length < min-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, min-length policy used as algorithm depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_INVALID_ARGUMENT PSA key policy: HMAC, sign-verify, tag length > exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: HMAC, sign-verify, tag length = exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS:PSA_SUCCESS PSA key policy: HMAC, sign-verify, tag length < exact-length policy depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED PSA key policy: cipher, encrypt | decrypt depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3fe512e8e7..cde28a8e75 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -792,7 +792,8 @@ void mac_key_policy( int policy_usage_arg, int key_type_arg, data_t *key_data, int exercise_alg_arg, - int expected_status_arg ) + int expected_status_sign_arg, + int expected_status_verify_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -802,7 +803,8 @@ void mac_key_policy( int policy_usage_arg, psa_algorithm_t exercise_alg = exercise_alg_arg; psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; - psa_status_t expected_status = expected_status_arg; + psa_status_t expected_status_sign = expected_status_sign_arg; + psa_status_t expected_status_verify = expected_status_verify_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; PSA_ASSERT( psa_crypto_init( ) ); @@ -818,19 +820,13 @@ void mac_key_policy( int policy_usage_arg, mbedtls_test_update_key_usage_flags( policy_usage ) ); status = psa_mac_sign_setup( &operation, key, exercise_alg ); - if( ( mbedtls_test_update_key_usage_flags(policy_usage) & PSA_KEY_USAGE_SIGN_MESSAGE ) == 0 ) - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - else - TEST_EQUAL( status, expected_status ); + TEST_EQUAL( status, expected_status_sign ); psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); status = psa_mac_verify_setup( &operation, key, exercise_alg ); - if( ( mbedtls_test_update_key_usage_flags(policy_usage) & PSA_KEY_USAGE_VERIFY_MESSAGE ) == 0 ) - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - else - TEST_EQUAL( status, expected_status ); + TEST_EQUAL( status, expected_status_verify ); exit: psa_mac_abort( &operation ); From cadebe5343c40d2e17b4acb24b5024290f63d98d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 10:36:45 +0800 Subject: [PATCH 0983/1065] fix several format and comment issues Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 70dc501c0b..d328d23cdb 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2582,7 +2582,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * the server supports. * * \warning The ciphersuites array \p ciphersuites is not copied. - * It must remain valid for the lifetime the SSL + * It must remain valid for the lifetime of the SSL * configuration \p conf. * * \param conf The SSL configuration to modify. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4933980cd9..834a23983f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3549,7 +3549,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf, +void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf, const int kex_modes ) { conf->tls13_kex_modes = kex_modes; From 69e0ec46b7db6c90539e360f2275a41821fbdd8b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 10:44:15 +0800 Subject: [PATCH 0984/1065] Replace SHA512_C with SHA384_C Signed-off-by: Jerry Yu --- library/ssl_ciphersuites.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 9a416c811d..b10a9634ef 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -295,14 +295,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA256_C) { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, From 31c01d303eddf649ba076fb0e6ee5d1405b16ee8 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 10:49:06 +0800 Subject: [PATCH 0985/1065] Rename available values for tls13_kex_modes Rename `psk_pure` to `psk` and `ephemeral_pure` to `ephemeral` Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 6 +++--- programs/ssl/ssl_server2.c | 6 +++--- tests/ssl-opt.sh | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 223b7bff2f..f583f2267c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -339,7 +339,7 @@ int main( void ) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #define USAGE_TLS13_KEY_EXCHANGE_MODES \ " tls13_kex_modes=%%s default: all\n" \ - " options: psk_pure, psk_ephemeral, ephemeral_pure, ephemeral_all, psk_all, all\n" + " options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n" #else #define USAGE_TLS13_KEY_EXCHANGE_MODES "" #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ @@ -1091,11 +1091,11 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) else if( strcmp( p, "tls13_kex_modes" ) == 0 ) { - if( strcmp( q, "psk_pure" ) == 0 ) + if( strcmp( q, "psk" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK; else if( strcmp(q, "psk_ephemeral" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; - else if( strcmp(q, "ephemeral_pure" ) == 0 ) + else if( strcmp(q, "ephemeral" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL; else if( strcmp(q, "ephemeral_all" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 87558f54cb..a339bbf53c 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -436,7 +436,7 @@ int main( void ) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #define USAGE_TLS13_KEY_EXCHANGE_MODES \ " tls13_kex_modes=%%s default: all\n" \ - " options: psk_pure, psk_ephemeral, ephemeral_pure, ephemeral_all, psk_all, all\n" + " options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n" #else #define USAGE_TLS13_KEY_EXCHANGE_MODES "" #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ @@ -1734,11 +1734,11 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) else if( strcmp( p, "tls13_kex_modes" ) == 0 ) { - if( strcmp( q, "psk_pure" ) == 0 ) + if( strcmp( q, "psk" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK; else if( strcmp(q, "psk_ephemeral" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; - else if( strcmp(q, "ephemeral_pure" ) == 0 ) + else if( strcmp(q, "ephemeral" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL; else if( strcmp(q, "ephemeral_all" ) == 0 ) opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 56c4a5fba7..6066bc702a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1458,8 +1458,8 @@ run_test "SHA-256 allowed by default in client certificate" \ # ssl_client2/ssl_server2 example programs works. requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS 1.3, key exchange mode parameter passing: PSK only" \ - "$P_SRV tls13_kex_modes=psk_pure" \ - "$P_CLI tls13_kex_modes=psk_pure" \ + "$P_SRV tls13_kex_modes=psk" \ + "$P_CLI tls13_kex_modes=psk" \ 0 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS 1.3, key exchange mode parameter passing: PSK-ephemeral only" \ @@ -1468,8 +1468,8 @@ run_test "TLS 1.3, key exchange mode parameter passing: PSK-ephemeral only" \ 0 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS 1.3, key exchange mode parameter passing: Pure-ephemeral only" \ - "$P_SRV tls13_kex_modes=ephemeral_pure" \ - "$P_CLI tls13_kex_modes=ephemeral_pure" \ + "$P_SRV tls13_kex_modes=ephemeral" \ + "$P_CLI tls13_kex_modes=ephemeral" \ 0 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS 1.3, key exchange mode parameter passing: All ephemeral" \ From d85a52c508b49c337b9c5bb294c2636daa4d7aa7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 10:55:07 +0800 Subject: [PATCH 0986/1065] Add mask for kex_modes Signed-off-by: Jerry Yu --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 834a23983f..8a65b70adb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3552,7 +3552,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf, const int kex_modes ) { - conf->tls13_kex_modes = kex_modes; + conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ From 1ebcd55aface9312859044d43f3b3ae6decc59fa Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 30 Aug 2021 17:09:03 +0200 Subject: [PATCH 0987/1065] Extend mac_key_policy test. Add checks for psa_mac_compute and psa_mac_verify. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_psa_crypto.function | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cde28a8e75..8df2ceafef 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -822,6 +822,23 @@ void mac_key_policy( int policy_usage_arg, status = psa_mac_sign_setup( &operation, key, exercise_alg ); TEST_EQUAL( status, expected_status_sign ); + /* Calculate the MAC, one-shot case. */ + uint8_t input[128] = {0}; + size_t mac_len; + TEST_EQUAL( psa_mac_compute( key, exercise_alg, + input, 128, + mac, PSA_MAC_MAX_SIZE, &mac_len ), + expected_status_sign ); + + /* Verify correct MAC, one-shot case. */ + status = psa_mac_verify( key, exercise_alg, input, 128, + mac, mac_len ); + + if( expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS ) + TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); + else + TEST_EQUAL( status, expected_status_verify ); + psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); From e28d49b3b666d10677fd555090eaf75081267943 Mon Sep 17 00:00:00 2001 From: Kenneth Soerensen Date: Thu, 3 Jan 2019 12:39:29 +0100 Subject: [PATCH 0988/1065] Remove compiler warning if only MBEDTLS_PK_PARSE_C is defined Warning reported with IAR compiler: "mbedtls\library\pkparse.c",1167 Warning[Pe550]: variable "ret" was set but never used Signed-off-by: Kenneth Soerensen --- library/pkparse.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index fe6aaca338..b2d3bb0747 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1370,8 +1370,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ - if( ( ret = pk_parse_key_pkcs8_unencrypted_der( - pk, key, keylen, f_rng, p_rng ) ) == 0 ) + ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen, f_rng, p_rng ); + if( ret == 0 ) { return( 0 ); } From e40ae6bbed2af4b792b1704359fac3b6669052de Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 1 Sep 2021 12:47:49 +0200 Subject: [PATCH 0989/1065] Fix typo Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 8aacfce55e..c78af48e4a 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -86,7 +86,7 @@ typedef struct mbedtls_ccm_context size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */ size_t MBEDTLS_PRIVATE(processed); /*!< Track how many bytes of input data were processed (chunked input). - Used indepenedantly for both auth data + Used independently for both auth data and plaintext/ciphertext. This variable is set to zero after auth data input is finished. */ From 7251eda6ff7106752eab172862cc74f476e2b049 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 1 Sep 2021 13:26:44 +0200 Subject: [PATCH 0990/1065] Replace BAD_SEQUENCE error with BAD_INPUT Signed-off-by: Mateusz Starzyk --- include/mbedtls/ccm.h | 2 -- library/ccm.c | 6 +++--- tests/suites/test_suite_ccm.function | 8 ++++---- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index c78af48e4a..6f991fefbd 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -61,8 +61,6 @@ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /** Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F -/** CCM functions called in the wrong sequence. */ -#define MBEDTLS_ERR_CCM_BAD_SEQUENCE -0x0011 #ifdef __cplusplus extern "C" { diff --git a/library/ccm.c b/library/ccm.c index 0a904613ed..d9d25cecd9 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -270,7 +270,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, { if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) { - return MBEDTLS_ERR_CCM_BAD_SEQUENCE; + return MBEDTLS_ERR_CCM_BAD_INPUT; } if( !(ctx->state & CCM_STATE__AUTH_DATA_STARTED) ) @@ -444,12 +444,12 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, if( ctx->add_len > 0 && !( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) ) { - return MBEDTLS_ERR_CCM_BAD_SEQUENCE; + return MBEDTLS_ERR_CCM_BAD_INPUT; } if( ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len ) { - return MBEDTLS_ERR_CCM_BAD_SEQUENCE; + return MBEDTLS_ERR_CCM_BAD_INPUT; } /* diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 48c4fe919d..128bd86d98 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -559,7 +559,7 @@ void mbedtls_ccm_incomplete_ad( int cipher_id, int mode, TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len/2) ); ASSERT_ALLOC( output, 16 ); - TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) ); exit: mbedtls_free( output ); @@ -585,7 +585,7 @@ void mbedtls_ccm_full_ad_and_overflow( int cipher_id, int mode, // pass full auth data TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); // pass 1 extra byte - TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_update_ad( &ctx, add->x, 1) ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, 1) ); exit: mbedtls_ccm_free( &ctx ); } @@ -644,7 +644,7 @@ void mbedtls_ccm_incomplete_update( int cipher_id, int mode, output = NULL; ASSERT_ALLOC( output, 16 ); - TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) ); exit: mbedtls_free( output ); @@ -699,7 +699,7 @@ void mbedtls_ccm_instant_finish( int cipher_id, int mode, TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 16, 16, 16 ) ); ASSERT_ALLOC( output, 16 ); - TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_SEQUENCE, mbedtls_ccm_finish( &ctx, output, 16 ) ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) ); exit: mbedtls_free( output ); From ab46aa0436eb60b4ff15af69758d41fcfe8f7254 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 10:48:26 +0800 Subject: [PATCH 0991/1065] Upgrade gnutls-next to 3.7.2 v3.7.2 introduces DISABLE_TLS13_COMPAT_MODE. That can be used to verify if TLS13 COMPATIBLE is not available. Change-Id: Id68748e92504835b5a63b2565a618f728e7222f6 Signed-off-by: Jerry Yu --- tests/compat-in-docker.sh | 4 ++-- tests/docker/bionic/Dockerfile | 18 +++++++++--------- tests/ssl-opt-in-docker.sh | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/compat-in-docker.sh b/tests/compat-in-docker.sh index aef0a07289..3a1cd2144c 100755 --- a/tests/compat-in-docker.sh +++ b/tests/compat-in-docker.sh @@ -42,13 +42,13 @@ esac case "${GNUTLS_CLI:-default}" in "legacy") export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";; - "next") export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";; + "next") export GNUTLS_CLI="/usr/local/gnutls-3.7.2/bin/gnutls-cli";; *) ;; esac case "${GNUTLS_SERV:-default}" in "legacy") export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";; - "next") export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";; + "next") export GNUTLS_SERV="/usr/local/gnutls-3.7.2/bin/gnutls-serv";; *) ;; esac diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index 1d24aa3268..41789c677c 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -137,29 +137,29 @@ RUN cd /tmp \ ENV GNUTLS_CLI=/usr/local/gnutls-3.4.10/bin/gnutls-cli ENV GNUTLS_SERV=/usr/local/gnutls-3.4.10/bin/gnutls-serv -# Build libnettle 3.4 (needed by gnutls next) +# Build libnettle 3.7.3 (needed by gnutls next) RUN cd /tmp \ - && wget https://ftp.gnu.org/gnu/nettle/nettle-3.4.1.tar.gz -qO- | tar xz \ - && cd nettle-3.4.1 \ + && wget https://ftp.gnu.org/gnu/nettle/nettle-3.7.3.tar.gz -qO- | tar xz \ + && cd nettle-3.7.3 \ && ./configure --disable-documentation \ && make ${MAKEFLAGS_PARALLEL} \ && make install \ && /sbin/ldconfig \ && rm -rf /tmp/nettle* -# Build gnutls next (3.6.5) +# Build gnutls next (3.7.2) RUN cd /tmp \ - && wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.5.tar.xz -qO- | tar xJ \ - && cd gnutls-3.6.5 \ - && ./configure --prefix=/usr/local/gnutls-3.6.5 --exec_prefix=/usr/local/gnutls-3.6.5 \ + && wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.2.tar.xz -qO- | tar xJ \ + && cd gnutls-3.7.2 \ + && ./configure --prefix=/usr/local/gnutls-3.7.2 --exec_prefix=/usr/local/gnutls-3.7.2 \ --with-included-libtasn1 --with-included-unistring --without-p11-kit \ --disable-shared --disable-guile --disable-doc \ && make ${MAKEFLAGS_PARALLEL} \ && make install \ && rm -rf /tmp/gnutls* -ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.6.5/bin/gnutls-cli -ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.6.5/bin/gnutls-serv +ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.7.2/bin/gnutls-cli +ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.7.2/bin/gnutls-serv RUN pip3 install --no-cache-dir \ mbed-host-tests \ diff --git a/tests/ssl-opt-in-docker.sh b/tests/ssl-opt-in-docker.sh index 401a69c569..e7bb01d8ca 100755 --- a/tests/ssl-opt-in-docker.sh +++ b/tests/ssl-opt-in-docker.sh @@ -42,13 +42,13 @@ esac case "${GNUTLS_CLI:-default}" in "legacy") export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";; - "next") export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";; + "next") export GNUTLS_CLI="/usr/local/gnutls-3.7.2/bin/gnutls-cli";; *) ;; esac case "${GNUTLS_SERV:-default}" in "legacy") export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";; - "next") export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";; + "next") export GNUTLS_SERV="/usr/local/gnutls-3.7.2/bin/gnutls-serv";; *) ;; esac From b12d81d1a30656305e3dd8dc39b9489bc3988002 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 10:56:08 +0800 Subject: [PATCH 0992/1065] Add feature tests for gnutls-next Test NO_TICKETS and DISABLE_TLS13_COMPAT_MODE Change-Id: Idf21b36bd64c7eefe4e0e6fb875b2e06ebb0aa07 Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 46 +++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 43 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ad925f0f0c..bf5d9dbd97 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -405,6 +405,44 @@ requires_gnutls_tls1_3() { fi } +# check %NO_TICKETS option +requires_gnutls_next_no_ticket() { + requires_gnutls_next + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + GNUTLS_NO_TICKETS_AVAILABLE="NO" + fi + if [ -z "${GNUTLS_NO_TICKETS_AVAILABLE:-}" ]; then + if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep NO_TICKETS >/dev/null + then + GNUTLS_NO_TICKETS_AVAILABLE="YES" + else + GNUTLS_NO_TICKETS_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_NO_TICKETS_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# check %%DISABLE_TLS13_COMPAT_MODE option +requires_gnutls_next_disable_tls13_compat() { + requires_gnutls_next + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO" + fi + if [ -z "${GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE:-}" ]; then + if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep DISABLE_TLS13_COMPAT_MODE >/dev/null + then + GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="YES" + else + GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + # skip next test if IPv6 isn't available on this host requires_ipv6() { if [ -z "${HAS_IPV6:-}" ]; then @@ -8589,11 +8627,13 @@ run_test "TLS1.3: Test openssl tls1_3 feature" \ -c "TLS 1.3" \ -s "TLS 1.3" -# gnutls feature tests: check if tls1.3 exists. +# gnutls feature tests: check if tls1.3,NO_TICKETS and DISABLE_TLS13_COMPAT_MODE exist. requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat run_test "TLS1.3: Test gnutls tls1_3 feature" \ - "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Version: TLS1.3" \ -c "Version: TLS1.3" From 64f0b5f454092950fb4ddc5eff5b415a2bad71d7 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 2 Sep 2021 11:50:38 +0200 Subject: [PATCH 0993/1065] Return BAD_INPUT error for CCM context's erroneous state Signed-off-by: Mateusz Starzyk --- library/ccm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index d9d25cecd9..ca95b8eeb7 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -263,7 +263,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, if( ctx->state & CCM_STATE__ERROR ) { - return ret; + return MBEDTLS_ERR_CCM_BAD_INPUT; } if( ctx->add_len > 0 && add_len > 0 ) @@ -339,7 +339,7 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx, if( ctx->state & CCM_STATE__ERROR ) { - return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + return MBEDTLS_ERR_CCM_BAD_INPUT; } if( ctx->processed + input_len > ctx->plaintext_len ) From 75261df2e3c9d9e892291e23b7af375a91386e71 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 2 Sep 2021 17:40:08 +0800 Subject: [PATCH 0994/1065] fix comment issues Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index bf5d9dbd97..3e199e2881 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -405,7 +405,7 @@ requires_gnutls_tls1_3() { fi } -# check %NO_TICKETS option +# Check %NO_TICKETS option requires_gnutls_next_no_ticket() { requires_gnutls_next if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then @@ -424,7 +424,7 @@ requires_gnutls_next_no_ticket() { fi } -# check %%DISABLE_TLS13_COMPAT_MODE option +# Check %DISABLE_TLS13_COMPAT_MODE option requires_gnutls_next_disable_tls13_compat() { requires_gnutls_next if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then @@ -8627,7 +8627,7 @@ run_test "TLS1.3: Test openssl tls1_3 feature" \ -c "TLS 1.3" \ -s "TLS 1.3" -# gnutls feature tests: check if tls1.3,NO_TICKETS and DISABLE_TLS13_COMPAT_MODE exist. +# gnutls feature tests: check if TLS 1.3 is supported as well as the NO_TICKETS and DISABLE_TLS13_COMPAT_MODE options. requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat From df2507301b12e9247cad8dbb94e5bee144ed8ec0 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 2 Sep 2021 12:36:02 +0200 Subject: [PATCH 0995/1065] Use AES-128 for multipart CCM corner cases tests Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 112 +++++++++++++++---------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 91aa98bd43..c8f6351633 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1550,110 +1550,110 @@ CCM* decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" -CCM encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM encrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM encrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM encrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM encrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM decrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM decrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM decrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM decrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* encrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* encrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* encrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* encrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* encrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* encrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* decrypt, overflow ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* decrypt, incomplete ad NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* decrypt, full ad and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" -CCM* decrypt, overflow update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* decrypt, incomplete update NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM* decrypt, full update and overflow NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) +CCM* decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C -mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181" +mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" -CCM encrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" +CCM encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" -CCM decrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" +CCM decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" -CCM* encrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" +CCM* encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" -CCM* decrypt, instant finish NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a" +CCM* decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" From beb3f41f2f528277d86840ec7bdbefce8d7194cd Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 16 Aug 2021 15:00:55 +0800 Subject: [PATCH 0996/1065] Add handshake_set_state helper function Signed-off-by: Jerry Yu --- library/ssl_misc.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b4f841a373..36754a3237 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1323,4 +1323,14 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + +static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, + int state ) +{ + ssl->state = state; +} + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #endif /* ssl_misc.h */ From a13c7e739cf3200d4784e1fbbf1b0412d9aee467 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 17 Aug 2021 10:44:40 +0800 Subject: [PATCH 0997/1065] add dummy client hello process Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 3 +++ library/ssl_tls13_client.c | 51 ++++++++++++++++++++++++++++++++++++-- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2909dc8e5b..54be3a5b9f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -573,6 +573,9 @@ typedef enum MBEDTLS_SSL_HANDSHAKE_OVER, MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + MBEDTLS_SSL_ENCRYPTED_EXTENSIONS, +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ } mbedtls_ssl_states; diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 368b5572db..d619d80ed9 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -26,11 +26,58 @@ #if defined(MBEDTLS_SSL_CLI_C) #include "ssl_misc.h" +#include + +static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) { - ((void) ssl); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + int ret = 0; + + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + + switch( ssl->state ) + { + case MBEDTLS_SSL_HELLO_REQUEST: + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); + break; + + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_client_hello_process( ssl ); + break; + + case MBEDTLS_SSL_SERVER_HELLO: + // Stop here : we haven't finished whole flow + ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} + +static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) +{ + int ret = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + /* client_hello_process haven't finished */ + ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + return ret; } #endif /* MBEDTLS_SSL_CLI_C */ From 65dd2ccfe696d6cfaecfc376038db1d71dc1c28e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 16:38:40 +0800 Subject: [PATCH 0998/1065] Add dummy stages for `client_hello_process` Signed-off-by: Jerry Yu --- library/CMakeLists.txt | 1 + library/Makefile | 1 + library/ssl_misc.h | 37 ++++++++++++++++++++ library/ssl_tls13_client.c | 54 ++++++++++++++++++++++++++++++ library/ssl_tls13_generic.c | 67 +++++++++++++++++++++++++++++++++++++ 5 files changed, 160 insertions(+) create mode 100644 library/ssl_tls13_generic.c diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 5adc128c96..a5d692cbe4 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -106,6 +106,7 @@ set(src_tls ssl_tls13_keys.c ssl_tls13_server.c ssl_tls13_client.c + ssl_tls13_generic.c ) if(CMAKE_COMPILER_IS_GNUCC) diff --git a/library/Makefile b/library/Makefile index 8c58fb8501..13cd7db0c6 100644 --- a/library/Makefile +++ b/library/Makefile @@ -169,6 +169,7 @@ OBJS_TLS= \ ssl_tls13_keys.o \ ssl_tls13_client.o \ ssl_tls13_server.o \ + ssl_tls13_generic.o \ # This line is intentionally left blank .SILENT: diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 36754a3237..4c3f6c0d5e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -26,6 +26,7 @@ #include "mbedtls/ssl.h" #include "mbedtls/cipher.h" +#include "mbedtls/debug.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" @@ -102,6 +103,30 @@ #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ +#define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__ + +#define MBEDTLS_SSL_PROC_CHK( fn, args ) \ + do { \ + ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ + if( ret != 0 ) \ + { \ + if( ret > 0 ) \ + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; \ + MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \ + goto cleanup; \ + } \ + } while( 0 ) + +#define MBEDTLS_SSL_PROC_CHK_NEG( fn, args ) \ + do { \ + ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ + if( ret < 0 ) \ + { \ + MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \ + goto cleanup; \ + } \ + } while( 0 ) + /* * DTLS retransmission states, see RFC 6347 4.2.4 * @@ -1331,6 +1356,18 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, ssl->state = state; } +int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, + unsigned hs_type, + unsigned char **buf, + size_t *buflen ); +int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, + size_t buf_len, + size_t msg_len ); +void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, + unsigned hs_type, + size_t total_hs_len ); + + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* ssl_misc.h */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d619d80ed9..46c071b6bb 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -28,6 +28,7 @@ #include "ssl_misc.h" #include +/* Main entry point; orchestrates the other functions */ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) @@ -66,20 +67,73 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) return( ret ); } + +static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ); +static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, + unsigned char* buf, size_t buflen, + size_t* len_without_binders, + size_t* len_with_binders ); +static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ); + static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) { int ret = 0; + unsigned char *buf; + size_t buf_len, msg_len; + size_t len_without_binders = 0; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare, ( ssl ) ); + + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, ( ssl, + MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) ); + + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, ( ssl, buf, buf_len, + &len_without_binders, + &msg_len ) ); + + mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + msg_len ); + ssl->handshake->update_checksum( ssl, buf, len_without_binders ); + + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, ( ssl, buf_len, msg_len ) ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); +cleanup: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); /* client_hello_process haven't finished */ ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; return ret; } +static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, + unsigned char* buf, size_t buflen, + size_t* len_without_binders, + size_t* len_with_binders ) +{ + ((void) ssl); + ((void) buf); + ((void) buflen); + ((void) len_without_binders); + ((void) len_with_binders); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) +{ + ((void) ssl); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + #endif /* MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c new file mode 100644 index 0000000000..51c8fe3bd5 --- /dev/null +++ b/library/ssl_tls13_generic.c @@ -0,0 +1,67 @@ +/* + * TLS 1.3 functionality shared between client and server + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_SSL_TLS_C) + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + +#include "ssl_misc.h" + +int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, + unsigned hs_type, + unsigned char **buf, + size_t *buflen ) +{ + ((void) ssl); + ((void) hs_type); + ((void) buf); + ((void) buflen); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, + size_t buf_len, + size_t msg_len ) +{ + ((void) ssl); + ((void) buf_len); + ((void) msg_len); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, + unsigned hs_type, + size_t total_hs_len ) +{ + unsigned char hs_hdr[4]; + + /* Build HS header for checksum update. */ + hs_hdr[0] = hs_type; + hs_hdr[1] = (unsigned char)( total_hs_len >> 16 ); + hs_hdr[2] = (unsigned char)( total_hs_len >> 8 ); + hs_hdr[3] = (unsigned char)( total_hs_len >> 0 ); + + ssl->handshake->update_checksum( ssl, hs_hdr, sizeof( hs_hdr ) ); +} + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#endif /* MBEDTLS_SSL_TLS_C */ From c8a392c47e1c71b67b90c47f509f47fc57cefdc9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 16:46:28 +0800 Subject: [PATCH 0999/1065] Implement stages except write_partial Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 34 ++++++++++++++++++++++++++-------- library/ssl_tls13_generic.c | 24 ++++++++++++++++-------- 2 files changed, 42 insertions(+), 16 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 46c071b6bb..b06147c0c9 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -99,7 +99,6 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) ); MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, ( ssl, buf_len, msg_len ) ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); cleanup: @@ -111,8 +110,31 @@ cleanup: static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) { - ((void) ssl); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + int ret; + size_t rand_bytes_len; + + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } + + rand_bytes_len = 32; + + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); + return( ret ); + } + + return( 0 ); +} + +static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) +{ + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + + return( 0 ); } static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, @@ -128,11 +150,7 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } -static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) -{ - ((void) ssl); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -} + #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 51c8fe3bd5..5aa5d8a014 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -23,6 +23,8 @@ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#include "mbedtls/error.h" + #include "ssl_misc.h" int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, @@ -30,21 +32,27 @@ int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned char **buf, size_t *buflen ) { - ((void) ssl); - ((void) hs_type); - ((void) buf); - ((void) buflen); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + *buf = ssl->out_msg + 4; + *buflen = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; + + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = hs_type; + + return( 0 ); } int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t buf_len, size_t msg_len ) { - ((void) ssl); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) buf_len); - ((void) msg_len); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + ssl->out_msglen = msg_len + 4; + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext, ( ssl, 0 ) ); + +cleanup: + return( ret ); } void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, From 93bcd61a414c9e320b149a9d1e66009cd94dfd87 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 12:47:24 +0800 Subject: [PATCH 1000/1065] Add field into handshake params Add `extensions_present` field. It represents which are present. Signed-off-by: Jerry Yu --- library/ssl_misc.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 4c3f6c0d5e..5f15b8da77 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -103,6 +103,21 @@ #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ +/* List of extensions used in extensions_present of mbedtls_ssl_handshake_params */ +#define MBEDTLS_SSL_EXT_NONE 0 +#define MBEDTLS_SSL_EXT_PRE_SHARED_KEY ( 1 << 0 ) +#define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 1 ) +#define MBEDTLS_SSL_EXT_SIGNATURE_ALGORITHM ( 1 << 2 ) +#define MBEDTLS_SSL_EXT_SUPPORTED_GROUPS ( 1 << 3 ) +#define MBEDTLS_SSL_EXT_MAX_FRAGMENT_LENGTH ( 1 << 4 ) +#define MBEDTLS_SSL_EXT_ALPN ( 1 << 5 ) +#define MBEDTLS_SSL_EXT_SUPPORTED_VERSION ( 1 << 6 ) +#define MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ( 1 << 7 ) +#define MBEDTLS_SSL_EXT_EARLY_DATA ( 1 << 8 ) +#define MBEDTLS_SSL_EXT_SERVERNAME ( 1 << 9 ) +#define MBEDTLS_SSL_EXT_COOKIE ( 1 << 10 ) +#define MBEDTLS_SSL_EXT_CID ( 1 << 11 ) + #define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__ #define MBEDTLS_SSL_PROC_CHK( fn, args ) \ @@ -631,6 +646,9 @@ struct mbedtls_ssl_handshake_params int max_major_ver; /*!< max. major version client*/ int max_minor_ver; /*!< max. minor version client*/ int cli_exts; /*!< client extension presence*/ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + int extensions_present; /*!< extension presence; Each bitfield represents an extension and defined as \c MBEDTLS_SSL_EXT_XXX */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) int new_session_ticket; /*!< use NewSessionTicket? */ From 7984d9931e549d040a75b964dd8a24dfd96f0b3d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Aug 2021 10:31:29 +0800 Subject: [PATCH 1001/1065] Add tls1.3 extension IANA values Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 54be3a5b9f..f988c0d8f1 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -474,6 +474,8 @@ #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 +#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* Renamed in TLS 1.3 */ + #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 #define MBEDTLS_TLS_EXT_SIG_ALG 13 @@ -487,6 +489,15 @@ #define MBEDTLS_TLS_EXT_SESSION_TICKET 35 +/* TLS 1.3 */ +#define MBEDTLS_TLS_EXT_PRE_SHARED_KEY 41 +#define MBEDTLS_TLS_EXT_EARLY_DATA 42 +#define MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS 43 +#define MBEDTLS_TLS_EXT_COOKIE 44 +#define MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES 45 + +#define MBEDTLS_TLS_EXT_KEY_SHARES 51 + /* The value of the CID extension is still TBD as of * draft-ietf-tls-dtls-connection-id-05 * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05). From bc20bdd3a9f271ac0605716714111090436d18d9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 15:59:48 +0800 Subject: [PATCH 1002/1065] Implement write_partial with dummy exts Signed-off-by: Jerry Yu --- library/ssl_misc.h | 3 + library/ssl_tls13_client.c | 293 +++++++++++++++++++++++++++++++++++- library/ssl_tls13_generic.c | 34 +++++ 3 files changed, 327 insertions(+), 3 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 5f15b8da77..dfb5634974 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1385,6 +1385,9 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, unsigned hs_type, size_t total_hs_len ); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +int mbedtls_ssl_write_signature_algorithms_ext(mbedtls_ssl_context* ssl, unsigned char* buf, unsigned char* end, size_t* olen); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index b06147c0c9..fbc8fd5fb4 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -25,6 +25,8 @@ #if defined(MBEDTLS_SSL_CLI_C) +#include + #include "ssl_misc.h" #include @@ -137,20 +139,305 @@ static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) return( 0 ); } +/* Write extensions */ + +static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ); + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + +static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ); + +static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ); + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, size_t* len_without_binders, size_t* len_with_binders ) +{ + /* Extensions */ + + /* extension_start + * Used during extension writing where the + * buffer pointer to the beginning of the + * extension list must be kept to write + * the total extension list size in the end. + */ + + int ret; + unsigned char* extension_start; + size_t cur_ext_len; /* Size of the current extension */ + size_t total_ext_len; /* Size of list of extensions */ + + /* Length information */ + size_t rand_bytes_len; + size_t version_len; + + /* Buffer management */ + unsigned char* start = buf; + unsigned char* end = buf + buflen; + + /* Ciphersuite-related variables */ + const int* ciphersuites; + const mbedtls_ssl_ciphersuite_t* ciphersuite_info; + size_t i; /* used to iterate through ciphersuite list */ + /* ciphersuite_start points to the start of the ciphersuite list, i.e. to the length field*/ + unsigned char* ciphersuite_start; + size_t ciphersuite_count; + + /* Keeping track of the included extensions */ + ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; + + rand_bytes_len = 32; + + /* NOTE: + * Even for DTLS 1.3, we are writing a TLS handshake header here. + * The actual DTLS 1.3 handshake header is inserted in + * the record writing routine mbedtls_ssl_write_record(). + * + * For cTLS the length, and the version field + * are elided. The random bytes are shorter. + */ + version_len = 2; + + if( ssl->conf->max_major_ver == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " + "consider using mbedtls_ssl_config_defaults()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + ssl->major_ver = ssl->conf->min_major_ver; + ssl->minor_ver = ssl->conf->min_minor_ver; + + /* For TLS 1.3 we use the legacy version number {0x03, 0x03} + * instead of the true version number. + * + * For DTLS 1.3 we use the legacy version number + * {254,253}. + * + * In cTLS the version number is elided. + */ + *buf++ = 0x03; + *buf++ = 0x03; + buflen -= version_len; + + /* Write random bytes */ + memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, rand_bytes_len ); + + buf += rand_bytes_len; + buflen -= rand_bytes_len; + + /* Versions of TLS before TLS 1.3 supported a + * "session resumption" feature which has been merged with pre-shared + * keys in this version. A client which has a + * cached session ID set by a pre-TLS 1.3 server SHOULD set this + * field to that value. In compatibility mode, + * this field MUST be non-empty, so a client not offering a + * pre-TLS 1.3 session MUST generate a new 32-byte value. This value + * need not be random but SHOULD be unpredictable to avoid + * implementations fixating on a specific value ( also known as + * ossification ). Otherwise, it MUST be set as a zero-length vector + * ( i.e., a zero-valued single byte length field ). + */ + if( buflen < 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + *buf++ = 0; /* session id length set to zero */ + buflen -= 1; + + /* + * Ciphersuite list + * + * This is a list of the symmetric cipher options supported by + * the client, specifically the record protection algorithm + * ( including secret key length ) and a hash to be used with + * HKDF, in descending order of client preference. + */ + ciphersuites = ssl->conf->ciphersuite_list; + + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + /* Skip writing ciphersuite length for now */ + ciphersuite_count = 0; + ciphersuite_start = buf; + buf += 2; + buflen -= 2; + + for ( i = 0; ciphersuites[i] != 0; i++ ) + { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + + if( ciphersuite_info == NULL ) + continue; + + if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || + ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + continue; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", + (unsigned int) ciphersuites[i], ciphersuite_info->name ) ); + + ciphersuite_count++; + + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + *buf++ = (unsigned char)( ciphersuites[i] >> 8 ); + *buf++ = (unsigned char)( ciphersuites[i] ); + + buflen -= 2; + + } + + /* write ciphersuite length now */ + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); + *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", ciphersuite_count ) ); + + /* For every TLS 1.3 ClientHello, this vector MUST contain exactly + * one byte set to zero, which corresponds to the 'null' compression + * method in prior versions of TLS. + * + * For cTLS this field is elided. + */ + if( buflen < 2 /* for ciphersuite list length */ ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + *buf++ = 1; + *buf++ = MBEDTLS_SSL_COMPRESS_NULL; + + buflen -= 2; + + /* First write extensions, then the total length */ + extension_start = buf; + total_ext_len = 0; + buf += 2; + + /* Supported Versions Extension is mandatory with TLS 1.3. + * + * For cTLS we only need to provide it if there is more than one version + * and currently there is only one. + */ + ssl_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + total_ext_len += cur_ext_len; + buf += cur_ext_len; + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + /* The supported_groups and the key_share extensions are + * REQUIRED for ECDHE ciphersuites. + */ + ret = ssl_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); + if( ret != 0 ) + return( ret ); + + total_ext_len += cur_ext_len; + buf += cur_ext_len; + + /* The supported_signature_algorithms extension is REQUIRED for + * certificate authenticated ciphersuites. */ + ret = mbedtls_ssl_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len ); + if( ret != 0 ) + return( ret ); + + total_ext_len += cur_ext_len; + buf += cur_ext_len; + + /* We need to send the key shares under three conditions: + * 1 ) A certificate-based ciphersuite is being offered. In this case + * supported_groups and supported_signature extensions have been successfully added. + * 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the + * psk_key_exchange_modes has been added as the last extension. + * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above ) + */ + + ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); + if( ret != 0 ) + return( ret ); + + total_ext_len += cur_ext_len; + buf += cur_ext_len; +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + + /* Add more extensions here */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET , + total_ext_len ) ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); + + /* Write extension length */ + *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); + *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); + + *len_without_binders = buf - start; + *len_with_binders = ( extension_start + total_ext_len ) - start; + return( 0 ); +} + +static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ) { ((void) ssl); ((void) buf); - ((void) buflen); - ((void) len_without_binders); - ((void) len_with_binders); + ((void) end); + ((void) olen); +} + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + +static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + ((void) olen); return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } +static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + ((void) olen); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 5aa5d8a014..7ec7423ea0 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -70,6 +70,40 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, ssl->handshake->update_checksum( ssl, hs_hdr, sizeof( hs_hdr ) ); } +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + +/* + * mbedtls_ssl_write_signature_algorithms_ext( ) + * + * enum { + * .... + * ecdsa_secp256r1_sha256( 0x0403 ), + * ecdsa_secp384r1_sha384( 0x0503 ), + * ecdsa_secp521r1_sha512( 0x0603 ), + * .... + * } SignatureScheme; + * + * struct { + * SignatureScheme supported_signature_algorithms<2..2^16-2>; + * } SignatureSchemeList; + * + * Only if we handle at least one key exchange that needs signatures. + */ + +int mbedtls_ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, + unsigned char* buf, + unsigned char* end, + size_t* olen ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + ((void) olen); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_TLS_C */ From ef6b36b484ea00bae37c5833d14b15127d76ea98 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 16:29:02 +0800 Subject: [PATCH 1003/1065] add supported versions extension Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 42 ++++++++++++++++++++++++++++++++++---- 1 file changed, 38 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fbc8fd5fb4..0b10b12f41 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -400,15 +400,49 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, return( 0 ); } +/* + * ssl_write_supported_versions_ext(): + * + * struct { + * ProtocolVersion versions<2..254>; + * } SupportedVersions; + */ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, size_t* olen ) { - ((void) ssl); - ((void) buf); - ((void) end); - ((void) olen); + unsigned char *p = buf; + + *olen = 0; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); + + if( end < p || (size_t)( end - p ) < 7 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + + /* total length */ + *p++ = 0x00; + *p++ = 3; + + /* length of next field */ + *p++ = 0x2; + + /* This implementation only supports a single TLS version, and only + * advertises a single value. + */ + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); + + *olen = 7; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) From 32cd5b19dc15ece9669e6e40a1730301082297ff Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Aug 2021 18:07:13 +0800 Subject: [PATCH 1004/1065] fix unused variable warning Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0b10b12f41..f6e145b294 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -173,8 +173,9 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, * extension list must be kept to write * the total extension list size in the end. */ - +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) int ret; +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ unsigned char* extension_start; size_t cur_ext_len; /* Size of the current extension */ size_t total_ext_len; /* Size of list of extensions */ From b3317e1a01d2754e7ca1a9fbfb1566a8b5798d83 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 14:30:22 +0800 Subject: [PATCH 1005/1065] Add extension types in rfc8446 Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f988c0d8f1..b7b22c20d4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -472,31 +472,37 @@ #define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 +#define MBEDTLS_TLS_EXT_STATUS_REQUEST 5 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 -#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* Renamed in TLS 1.3 */ - +#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 -#define MBEDTLS_TLS_EXT_SIG_ALG 13 - +#define MBEDTLS_TLS_EXT_SIG_ALG 13 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_USE_SRTP 14 - +#define MBEDTLS_TLS_EXT_HEARTBEAT 15 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_ALPN 16 +#define MBEDTLS_TLS_EXT_SCT 18 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 19 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 20 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ #define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ #define MBEDTLS_TLS_EXT_SESSION_TICKET 35 -/* TLS 1.3 */ -#define MBEDTLS_TLS_EXT_PRE_SHARED_KEY 41 -#define MBEDTLS_TLS_EXT_EARLY_DATA 42 -#define MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS 43 -#define MBEDTLS_TLS_EXT_COOKIE 44 -#define MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES 45 +#define MBEDTLS_TLS_EXT_PRE_SHARED_KEY 41 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_EARLY_DATA 42 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS 43 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_COOKIE 44 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES 45 /* RFC 8446 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_KEY_SHARES 51 +#define MBEDTLS_TLS_EXT_CERT_AUTH 47 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_OID_FILTERS 48 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_POST_HANDSHAKE_AUTH 49 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SIG_ALG_CERT 50 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_KEY_SHARE 51 /* RFC 8446 TLS 1.3 */ /* The value of the CID extension is still TBD as of * draft-ietf-tls-dtls-connection-id-05 From 8e7ca0432ef291e1e0502e352cf830cfbabdd875 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 15:31:37 +0800 Subject: [PATCH 1006/1065] fix extensions_present issues fix comments for the mask values. follow same order as IANA values. Signed-off-by: Jerry Yu --- library/ssl_misc.h | 46 +++++++++++++++++++++++++++++++--------------- 1 file changed, 31 insertions(+), 15 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index dfb5634974..bda2a7a1a6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -103,20 +103,34 @@ #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ -/* List of extensions used in extensions_present of mbedtls_ssl_handshake_params */ -#define MBEDTLS_SSL_EXT_NONE 0 -#define MBEDTLS_SSL_EXT_PRE_SHARED_KEY ( 1 << 0 ) -#define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 1 ) -#define MBEDTLS_SSL_EXT_SIGNATURE_ALGORITHM ( 1 << 2 ) -#define MBEDTLS_SSL_EXT_SUPPORTED_GROUPS ( 1 << 3 ) -#define MBEDTLS_SSL_EXT_MAX_FRAGMENT_LENGTH ( 1 << 4 ) -#define MBEDTLS_SSL_EXT_ALPN ( 1 << 5 ) -#define MBEDTLS_SSL_EXT_SUPPORTED_VERSION ( 1 << 6 ) -#define MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ( 1 << 7 ) -#define MBEDTLS_SSL_EXT_EARLY_DATA ( 1 << 8 ) -#define MBEDTLS_SSL_EXT_SERVERNAME ( 1 << 9 ) -#define MBEDTLS_SSL_EXT_COOKIE ( 1 << 10 ) -#define MBEDTLS_SSL_EXT_CID ( 1 << 11 ) +/* + * Mask of TLS 1.3 handshake extensions used in extensions_present + * of mbedtls_ssl_handshake_params. + */ +#define MBEDTLS_SSL_EXT_NONE 0 + +#define MBEDTLS_SSL_EXT_SERVERNAME ( 1 << 0 ) +#define MBEDTLS_SSL_EXT_MAX_FRAGMENT_LENGTH ( 1 << 1 ) +#define MBEDTLS_SSL_EXT_STATUS_REQUEST ( 1 << 2 ) +#define MBEDTLS_SSL_EXT_SUPPORTED_GROUPS ( 1 << 3 ) +#define MBEDTLS_SSL_EXT_SIG_ALG ( 1 << 4 ) +#define MBEDTLS_SSL_EXT_USE_SRTP ( 1 << 5 ) +#define MBEDTLS_SSL_EXT_HEARTBEAT ( 1 << 6 ) +#define MBEDTLS_SSL_EXT_ALPN ( 1 << 7 ) +#define MBEDTLS_SSL_EXT_SCT ( 1 << 8 ) +#define MBEDTLS_SSL_EXT_SERV_CERT_TYPE ( 1 << 9 ) +#define MBEDTLS_SSL_EXT_CLI_CERT_TYPE ( 1 << 10 ) +#define MBEDTLS_SSL_EXT_PADDING ( 1 << 11 ) +#define MBEDTLS_SSL_EXT_PRE_SHARED_KEY ( 1 << 12 ) +#define MBEDTLS_SSL_EXT_EARLY_DATA ( 1 << 13 ) +#define MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS ( 1 << 14 ) +#define MBEDTLS_SSL_EXT_COOKIE ( 1 << 15 ) +#define MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ( 1 << 16 ) +#define MBEDTLS_SSL_EXT_CERT_AUTH ( 1 << 17 ) +#define MBEDTLS_SSL_EXT_OID_FILTERS ( 1 << 18 ) +#define MBEDTLS_SSL_EXT_POST_HANDSHAKE_AUTH ( 1 << 19 ) +#define MBEDTLS_SSL_EXT_SIG_ALG_CERT ( 1 << 20 ) +#define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 21 ) #define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__ @@ -647,7 +661,9 @@ struct mbedtls_ssl_handshake_params int max_minor_ver; /*!< max. minor version client*/ int cli_exts; /*!< client extension presence*/ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - int extensions_present; /*!< extension presence; Each bitfield represents an extension and defined as \c MBEDTLS_SSL_EXT_XXX */ + int extensions_present; /*!< extension presence; Each bitfield + represents an extension and defined + as \c MBEDTLS_SSL_EXT_XXX */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) From c7ddeec22988235608aa7a4f3647b14d74546a53 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 16:23:47 +0800 Subject: [PATCH 1007/1065] Remove `len_without_binders` Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f6e145b294..2cada0deca 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -73,8 +73,7 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ); static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, - size_t* len_without_binders, - size_t* len_with_binders ); + size_t *len_with_binders ); static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ); static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) @@ -82,7 +81,6 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) int ret = 0; unsigned char *buf; size_t buf_len, msg_len; - size_t len_without_binders = 0; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); @@ -91,13 +89,11 @@ static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) ); - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, ( ssl, buf, buf_len, - &len_without_binders, - &msg_len ) ); + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, ( ssl, buf, buf_len, &msg_len ) ); mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, msg_len ); - ssl->handshake->update_checksum( ssl, buf, len_without_binders ); + ssl->handshake->update_checksum( ssl, buf, 0 ); MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) ); MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, ( ssl, buf_len, msg_len ) ); @@ -162,8 +158,7 @@ static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, unsigned char* buf, size_t buflen, - size_t* len_without_binders, - size_t* len_with_binders ) + size_t *len_with_binders ) { /* Extensions */ @@ -396,7 +391,6 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); - *len_without_binders = buf - start; *len_with_binders = ( extension_start + total_ext_len ) - start; return( 0 ); } From 708202b7d08812f3859b854cd8e534e4154655b0 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 16:28:36 +0800 Subject: [PATCH 1008/1065] Move random function check move to `ssl_conf_check` Signed-off-by: Jerry Yu --- library/ssl_tls.c | 6 ++++++ library/ssl_tls13_client.c | 6 ------ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 07b51003ab..1c8c7bd734 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3182,6 +3182,12 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl) if( ret != 0 ) return( ret ); + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } + /* Space for further checks */ return( 0 ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 2cada0deca..036c5e5537 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -111,12 +111,6 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) int ret; size_t rand_bytes_len; - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } - rand_bytes_len = 32; if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len ) ) != 0 ) From 6f13f64aa668155a91e39e99f361687927a4b6f6 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 17:18:15 +0800 Subject: [PATCH 1009/1065] fix various format issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 4 +- library/ssl_tls13_client.c | 94 ++++++++++++++++++-------------------- 2 files changed, 47 insertions(+), 51 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index bda2a7a1a6..9cf1e4ff39 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1402,7 +1402,9 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, size_t total_hs_len ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -int mbedtls_ssl_write_signature_algorithms_ext(mbedtls_ssl_context* ssl, unsigned char* buf, unsigned char* end, size_t* olen); +int mbedtls_ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, unsigned char *end, + size_t *olen); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 036c5e5537..62b6ce18f8 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -30,8 +30,10 @@ #include "ssl_misc.h" #include +#define CLIENT_HELLO_RAND_BYTES_LEN 32 +#define CLIENT_HELLO_VERSION_LEN 2 /* Main entry point; orchestrates the other functions */ -static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); +static int ssl_client_hello_process( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) { @@ -70,13 +72,13 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) } -static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ); -static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, - unsigned char* buf, size_t buflen, +static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ); +static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t buflen, size_t *len_with_binders ); -static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ); +static int ssl_client_hello_postprocess( mbedtls_ssl_context *ssl ); -static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) +static int ssl_client_hello_process( mbedtls_ssl_context *ssl ) { int ret = 0; unsigned char *buf; @@ -106,14 +108,13 @@ cleanup: return ret; } -static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl ) +static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ) { int ret; - size_t rand_bytes_len; - rand_bytes_len = 32; - - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, rand_bytes_len ) ) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, + ssl->handshake->randbytes, + CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); return( ret ); @@ -131,27 +132,27 @@ static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) /* Write extensions */ -static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ); +static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ); + unsigned char *buf, + unsigned char *end, + size_t *olen ); static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ); + unsigned char *buf, + unsigned char *end, + size_t *olen ); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, - unsigned char* buf, size_t buflen, +static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t buflen, size_t *len_with_binders ) { /* Extensions */ @@ -169,10 +170,6 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, size_t cur_ext_len; /* Size of the current extension */ size_t total_ext_len; /* Size of list of extensions */ - /* Length information */ - size_t rand_bytes_len; - size_t version_len; - /* Buffer management */ unsigned char* start = buf; unsigned char* end = buf + buflen; @@ -188,8 +185,6 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, /* Keeping track of the included extensions */ ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; - rand_bytes_len = 32; - /* NOTE: * Even for DTLS 1.3, we are writing a TLS handshake header here. * The actual DTLS 1.3 handshake header is inserted in @@ -198,7 +193,6 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, * For cTLS the length, and the version field * are elided. The random bytes are shorter. */ - version_len = 2; if( ssl->conf->max_major_ver == 0 ) { @@ -218,16 +212,18 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, * * In cTLS the version number is elided. */ + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN); *buf++ = 0x03; *buf++ = 0x03; - buflen -= version_len; + buflen -= CLIENT_HELLO_VERSION_LEN; /* Write random bytes */ - memcpy( buf, ssl->handshake->randbytes, rand_bytes_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, rand_bytes_len ); + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN); + memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, CLIENT_HELLO_RAND_BYTES_LEN ); - buf += rand_bytes_len; - buflen -= rand_bytes_len; + buf += CLIENT_HELLO_RAND_BYTES_LEN; + buflen -= CLIENT_HELLO_RAND_BYTES_LEN; /* Versions of TLS before TLS 1.3 supported a * "session resumption" feature which has been merged with pre-shared @@ -396,10 +392,10 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl, * ProtocolVersion versions<2..254>; * } SupportedVersions; */ -static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) +static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { unsigned char *p = buf; @@ -407,11 +403,7 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); - if( end < p || (size_t)( end - p ) < 7 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); @@ -432,14 +424,16 @@ static void ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); *olen = 7; + + return( 0 ); } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); @@ -449,9 +443,9 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, } static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); From e885b7698062920884a4e6b85b08129d2ab8c334 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 17:32:34 +0800 Subject: [PATCH 1010/1065] fix too long lines Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 62b6ce18f8..d293629857 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -59,7 +59,7 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_SERVER_HELLO: // Stop here : we haven't finished whole flow - ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); break; @@ -88,17 +88,20 @@ static int ssl_client_hello_process( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, ( ssl, - MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, + ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + &buf, &buf_len ) ); - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, ( ssl, buf, buf_len, &msg_len ) ); + MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, + ( ssl, buf, buf_len, &msg_len ) ); mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, msg_len ); ssl->handshake->update_checksum( ssl, buf, 0 ); MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, ( ssl, buf_len, msg_len ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, + ( ssl, buf_len, msg_len ) ); cleanup: @@ -112,8 +115,8 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ) { int ret; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, - ssl->handshake->randbytes, + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, + ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); @@ -177,8 +180,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, /* Ciphersuite-related variables */ const int* ciphersuites; const mbedtls_ssl_ciphersuite_t* ciphersuite_info; - size_t i; /* used to iterate through ciphersuite list */ - /* ciphersuite_start points to the start of the ciphersuite list, i.e. to the length field*/ + /* ciphersuite_start points to the start of + the ciphersuite list, i.e. to the length field*/ unsigned char* ciphersuite_start; size_t ciphersuite_count; @@ -220,7 +223,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, /* Write random bytes */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN); memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, CLIENT_HELLO_RAND_BYTES_LEN ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", + buf, CLIENT_HELLO_RAND_BYTES_LEN ); buf += CLIENT_HELLO_RAND_BYTES_LEN; buflen -= CLIENT_HELLO_RAND_BYTES_LEN; @@ -268,7 +272,7 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, buf += 2; buflen -= 2; - for ( i = 0; ciphersuites[i] != 0; i++ ) + for ( size_t i = 0; ciphersuites[i] != 0; i++ ) { ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); @@ -280,7 +284,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, continue; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", - (unsigned int) ciphersuites[i], ciphersuite_info->name ) ); + (unsigned int) ciphersuites[i], + ciphersuite_info->name ) ); ciphersuite_count++; @@ -301,7 +306,9 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", ciphersuite_count ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, + ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", + ciphersuite_count ) ); /* For every TLS 1.3 ClientHello, this vector MUST contain exactly * one byte set to zero, which corresponds to the 'null' compression @@ -421,7 +428,8 @@ static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, ssl->conf->transport, p ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", + ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); *olen = 7; From 2ac64193ad5cafa401e69d40b1ff7bc93a584cda Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 18:38:58 +0800 Subject: [PATCH 1011/1065] Apply MBEDTLS_PUT_xyz Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 24 ++++++++++++------------ library/ssl_tls13_generic.c | 8 ++++---- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d293629857..cd929ce7ed 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -216,8 +216,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, * In cTLS the version number is elided. */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN); - *buf++ = 0x03; - *buf++ = 0x03; + MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0); + buf += 2; buflen -= CLIENT_HELLO_VERSION_LEN; /* Write random bytes */ @@ -295,16 +295,16 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } - *buf++ = (unsigned char)( ciphersuites[i] >> 8 ); - *buf++ = (unsigned char)( ciphersuites[i] ); + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], buf, 0); + buf += 2; buflen -= 2; } /* write ciphersuite length now */ - *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 >> 8 ); - *ciphersuite_start++ = (unsigned char)( ciphersuite_count*2 ); + MBEDTLS_PUT_UINT16_BE( ciphersuite_count*2, ciphersuite_start, 0); + ciphersuite_start += 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", @@ -385,8 +385,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); /* Write extension length */ - *extension_start++ = (unsigned char)( ( total_ext_len >> 8 ) & 0xFF ); - *extension_start++ = (unsigned char)( ( total_ext_len ) & 0xFF ); + MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0); + extension_start += 2; *len_with_binders = ( extension_start + total_ext_len ) - start; return( 0 ); @@ -412,12 +412,12 @@ static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS ) & 0xFF ); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0); /* total length */ - *p++ = 0x00; - *p++ = 3; + MBEDTLS_PUT_UINT16_BE( 3, p, 2); + + p+=4; /* length of next field */ *p++ = 0x2; diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 7ec7423ea0..4a0493a940 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -62,10 +62,10 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, unsigned char hs_hdr[4]; /* Build HS header for checksum update. */ - hs_hdr[0] = hs_type; - hs_hdr[1] = (unsigned char)( total_hs_len >> 16 ); - hs_hdr[2] = (unsigned char)( total_hs_len >> 8 ); - hs_hdr[3] = (unsigned char)( total_hs_len >> 0 ); + hs_hdr[0] = MBEDTLS_BYTE_0( hs_type ); + hs_hdr[1] = MBEDTLS_BYTE_2( total_hs_len ); + hs_hdr[2] = MBEDTLS_BYTE_1( total_hs_len ); + hs_hdr[3] = MBEDTLS_BYTE_0( total_hs_len ); ssl->handshake->update_checksum( ssl, hs_hdr, sizeof( hs_hdr ) ); } From 55b90386004e882922bbb045144e047865ba2fd2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 18:42:05 +0800 Subject: [PATCH 1012/1065] fix coding style issue Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index cd929ce7ed..8996e8adcb 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -107,7 +107,7 @@ cleanup: MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); /* client_hello_process haven't finished */ - ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; return ret; } From f443681f561e604740f6626f8fb411c52e2bf696 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 22:59:56 +0800 Subject: [PATCH 1013/1065] fix function name conversion issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 12 ++++---- library/ssl_tls.c | 2 +- library/ssl_tls13_client.c | 55 +++++++++++++++++++------------------ library/ssl_tls13_generic.c | 10 +++---- 4 files changed, 40 insertions(+), 39 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9cf1e4ff39..016dfe162e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -949,7 +949,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ); #endif @@ -1385,24 +1385,24 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, - int state ) + mbedtls_ssl_states state ) { ssl->state = state; } -int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, size_t *buflen ); -int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t buf_len, size_t msg_len ); -void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, +void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, unsigned hs_type, size_t total_hs_len ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -int mbedtls_ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1c8c7bd734..831cc52ac0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5181,7 +5181,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) - ret = mbedtls_ssl_handshake_client_step_tls1_3( ssl ); + ret = mbedtls_ssl_tls13_handshake_client_step( ssl ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 8996e8adcb..ceb692ea56 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -33,9 +33,9 @@ #define CLIENT_HELLO_RAND_BYTES_LEN 32 #define CLIENT_HELLO_VERSION_LEN 2 /* Main entry point; orchestrates the other functions */ -static int ssl_client_hello_process( mbedtls_ssl_context *ssl ); +static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; @@ -54,7 +54,7 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) break; case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_client_hello_process( ssl ); + ret = ssl_tls13_write_client_hello( ssl ); break; case MBEDTLS_SSL_SERVER_HELLO: @@ -72,13 +72,13 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) } -static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ); -static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, +static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ); +static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, size_t *len_with_binders ); -static int ssl_client_hello_postprocess( mbedtls_ssl_context *ssl ); +static int ssl_tls13_finalize_client_hello( mbedtls_ssl_context *ssl ); -static int ssl_client_hello_process( mbedtls_ssl_context *ssl ) +static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) { int ret = 0; unsigned char *buf; @@ -86,21 +86,21 @@ static int ssl_client_hello_process( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare, ( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_client_hello, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_start_handshake_msg, ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) ); - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, + MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_exts_client_hello, ( ssl, buf, buf_len, &msg_len ) ); - mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, msg_len ); ssl->handshake->update_checksum( ssl, buf, 0 ); - MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, + MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello, ( ssl ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg, ( ssl, buf_len, msg_len ) ); cleanup: @@ -111,7 +111,7 @@ cleanup: return ret; } -static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ) +static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) { int ret; @@ -126,7 +126,7 @@ static int ssl_client_hello_prepare( mbedtls_ssl_context *ssl ) return( 0 ); } -static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) +static int ssl_tls13_finalize_client_hello( mbedtls_ssl_context* ssl ) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); @@ -135,26 +135,26 @@ static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl ) /* Write extensions */ -static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ); -static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, size_t *len_with_binders ) { @@ -337,7 +337,7 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, * For cTLS we only need to provide it if there is more than one version * and currently there is only one. */ - ssl_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); total_ext_len += cur_ext_len; buf += cur_ext_len; @@ -345,7 +345,7 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, /* The supported_groups and the key_share extensions are * REQUIRED for ECDHE ciphersuites. */ - ret = ssl_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); @@ -354,7 +354,8 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, /* The supported_signature_algorithms extension is REQUIRED for * certificate authenticated ciphersuites. */ - ret = mbedtls_ssl_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len ); + ret = mbedtls_ssl_tls13_write_signature_algorithms_ext( ssl, buf, + end, &cur_ext_len ); if( ret != 0 ) return( ret ); @@ -369,7 +370,7 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above ) */ - ret = ssl_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); @@ -393,13 +394,13 @@ static int ssl_client_hello_write_partial( mbedtls_ssl_context *ssl, } /* - * ssl_write_supported_versions_ext(): + * ssl_tls13_write_supported_versions_ext(): * * struct { * ProtocolVersion versions<2..254>; * } SupportedVersions; */ -static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) @@ -438,7 +439,7 @@ static int ssl_write_supported_versions_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) @@ -450,7 +451,7 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } -static int ssl_write_key_shares_ext( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 4a0493a940..be44141518 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -27,7 +27,7 @@ #include "ssl_misc.h" -int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, size_t *buflen ) @@ -41,7 +41,7 @@ int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, return( 0 ); } -int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t buf_len, size_t msg_len ) { @@ -55,7 +55,7 @@ cleanup: return( ret ); } -void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, +void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, unsigned hs_type, size_t total_hs_len ) { @@ -73,7 +73,7 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* - * mbedtls_ssl_write_signature_algorithms_ext( ) + * mbedtls_ssl_tls13_write_signature_algorithms_ext( ) * * enum { * .... @@ -90,7 +90,7 @@ void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, * Only if we handle at least one key exchange that needs signatures. */ -int mbedtls_ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char* buf, unsigned char* end, size_t* olen ) From d532fe77206296f428aba403416e394bb0a1dc7c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 26 Aug 2021 23:11:55 +0800 Subject: [PATCH 1014/1065] write client hello also in hello reqeust Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ceb692ea56..0a07e06c40 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -49,10 +49,11 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) switch( ssl->state ) { + /* + * ssl->state is initialized as HELLO_REQUEST. It is same + * with CLIENT_HELLO status + */ case MBEDTLS_SSL_HELLO_REQUEST: - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); - break; - case MBEDTLS_SSL_CLIENT_HELLO: ret = ssl_tls13_write_client_hello( ssl ); break; From 9e42f6efd36a661f177da276487a5242fd1006fc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 15:14:01 +0800 Subject: [PATCH 1015/1065] Revert "Move random function check" This reverts commit cc88b34f7942f57ea0fd27ee4b3e29f49c91f10e. It causes many test fail. It should be re-considered. Signed-off-by: Jerry Yu --- library/ssl_tls.c | 6 ------ library/ssl_tls13_client.c | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 831cc52ac0..c43f95ee1b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3182,12 +3182,6 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl) if( ret != 0 ) return( ret ); - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } - /* Space for further checks */ return( 0 ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0a07e06c40..f5a6e20cab 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -116,6 +116,12 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) { int ret; + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) From 9176c3ad8c58b68d1770dcdf46fd90bbd5072968 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 14:58:49 +0800 Subject: [PATCH 1016/1065] trim spaces Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f5a6e20cab..3611f70b0d 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -49,7 +49,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) switch( ssl->state ) { - /* + /* * ssl->state is initialized as HELLO_REQUEST. It is same * with CLIENT_HELLO status */ @@ -361,7 +361,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, /* The supported_signature_algorithms extension is REQUIRED for * certificate authenticated ciphersuites. */ - ret = mbedtls_ssl_tls13_write_signature_algorithms_ext( ssl, buf, + ret = mbedtls_ssl_tls13_write_signature_algorithms_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); From 92c6b402d7ccf127d4700b49af5a9977c908ee3f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 16:59:09 +0800 Subject: [PATCH 1017/1065] Remove prototype of static functions Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 318 +++++++++++++++++-------------------- 1 file changed, 147 insertions(+), 171 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 3611f70b0d..41b133437d 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -32,135 +32,82 @@ #define CLIENT_HELLO_RAND_BYTES_LEN 32 #define CLIENT_HELLO_VERSION_LEN 2 -/* Main entry point; orchestrates the other functions */ -static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - - switch( ssl->state ) - { - /* - * ssl->state is initialized as HELLO_REQUEST. It is same - * with CLIENT_HELLO status - */ - case MBEDTLS_SSL_HELLO_REQUEST: - case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_tls13_write_client_hello( ssl ); - break; - - case MBEDTLS_SSL_SERVER_HELLO: - // Stop here : we haven't finished whole flow - ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - return( ret ); -} - - -static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ); -static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t buflen, - size_t *len_with_binders ); -static int ssl_tls13_finalize_client_hello( mbedtls_ssl_context *ssl ); - -static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - unsigned char *buf; - size_t buf_len, msg_len; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - - MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_client_hello, ( ssl ) ); - - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_start_handshake_msg, - ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, - &buf, &buf_len ) ); - - MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_exts_client_hello, - ( ssl, buf, buf_len, &msg_len ) ); - - mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, - msg_len ); - ssl->handshake->update_checksum( ssl, buf, 0 ); - - MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg, - ( ssl, buf_len, msg_len ) ); - -cleanup: - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); - /* client_hello_process haven't finished */ - ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - return ret; -} - -static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) -{ - int ret; - - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } - - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, - ssl->handshake->randbytes, - CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); - return( ret ); - } - - return( 0 ); -} - -static int ssl_tls13_finalize_client_hello( mbedtls_ssl_context* ssl ) -{ - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); - - return( 0 ); -} /* Write extensions */ +/* + * ssl_tls13_write_supported_versions_ext(): + * + * struct { + * ProtocolVersion versions<2..254>; + * } SupportedVersions; + */ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, - size_t *olen ); + size_t *olen ) +{ + unsigned char *p = buf; + + *olen = 0; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); + + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); + + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0); + + /* total length */ + MBEDTLS_PUT_UINT16_BE( 3, p, 2); + p+=4; + + /* length of next field */ + *p++ = 0x2; + + /* This implementation only supports a single TLS version, and only + * advertises a single value. + */ + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", + ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); + + *olen = 7; + + return( 0 ); +} #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ); + unsigned char *buf, + unsigned char *end, + size_t *olen ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + ((void) olen); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, - size_t *olen ); + size_t *olen ) +{ + ((void) ssl); + ((void) buf); + ((void) end); + ((void) olen); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ +/* Functions for ClientHello */ + static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, size_t *len_with_binders ) @@ -344,7 +291,9 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, * For cTLS we only need to provide it if there is more than one version * and currently there is only one. */ - ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + if( ret != 0 ) + return( ret ); total_ext_len += cur_ext_len; buf += cur_ext_len; @@ -400,77 +349,104 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, return( 0 ); } -/* - * ssl_tls13_write_supported_versions_ext(): - * - * struct { - * ProtocolVersion versions<2..254>; - * } SupportedVersions; - */ -static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +static int ssl_tls13_finalize_client_hello( mbedtls_ssl_context* ssl ) { - unsigned char *p = buf; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); + return( 0 ); +} - *olen = 0; +static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) +{ + int ret; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided" ) ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); - - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0); - - /* total length */ - MBEDTLS_PUT_UINT16_BE( 3, p, 2); - - p+=4; - - /* length of next field */ - *p++ = 0x2; - - /* This implementation only supports a single TLS version, and only - * advertises a single value. - */ - mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, - ssl->conf->transport, p ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", - ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); - - *olen = 7; + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, + ssl->handshake->randbytes, + CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); + return( ret ); + } return( 0 ); } -#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - -static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +/* + * ClientHello Main entry point. + * orchestrates the other functions. + */ +static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) { - ((void) ssl); - ((void) buf); - ((void) end); - ((void) olen); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + int ret = 0; + unsigned char *buf; + size_t buf_len, msg_len; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + + MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_client_hello, ( ssl ) ); + + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_start_handshake_msg, + ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + &buf, &buf_len ) ); + + MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_exts_client_hello, + ( ssl, buf, buf_len, &msg_len ) ); + + mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + msg_len ); + ssl->handshake->update_checksum( ssl, buf, 0 ); + + MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello, ( ssl ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg, + ( ssl, buf_len, msg_len ) ); + +cleanup: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + return ret; } -static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) { - ((void) ssl); - ((void) buf); - ((void) end); - ((void) olen); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -} + int ret = 0; -#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + + switch( ssl->state ) + { + /* + * ssl->state is initialized as HELLO_REQUEST. It is same + * with CLIENT_HELLO status + */ + case MBEDTLS_SSL_HELLO_REQUEST: + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_tls13_write_client_hello( ssl ); + break; + + case MBEDTLS_SSL_SERVER_HELLO: + // Stop here : we haven't finished whole flow + ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS ); + break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} #endif /* MBEDTLS_SSL_CLI_C */ From 275619336a78c6879f82168e00fa6b510ee63ccc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 17:07:38 +0800 Subject: [PATCH 1018/1065] fix name conversion issue for tls13 server entry Signed-off-by: Jerry Yu --- library/ssl_misc.h | 2 +- library/ssl_tls.c | 2 +- library/ssl_tls13_server.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 016dfe162e..10b07b751a 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -950,7 +950,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ); #endif int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c43f95ee1b..360419240f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5189,7 +5189,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) ) - ret = mbedtls_ssl_handshake_server_step_tls1_3( ssl ); + ret = mbedtls_ssl_tls13_handshake_server_step( ssl ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index a56727741b..0dcd7ed602 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -25,7 +25,7 @@ #include "ssl_misc.h" -int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ) { ((void) ssl); return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); From 5cc8f0a0d849407adac6e033a80a0b8cf34eb58a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 17:21:44 +0800 Subject: [PATCH 1019/1065] Add simple document for tls13 functions Signed-off-by: Jerry Yu --- library/ssl_misc.h | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 10b07b751a..8c38cd06e1 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -132,8 +132,15 @@ #define MBEDTLS_SSL_EXT_SIG_ALG_CERT ( 1 << 20 ) #define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 21 ) +/* + * Helper macros for function call with returen check. + */ +/* utils for strip parens in marcro */ #define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__ +/* + * Exit and print debug message when return none zero value + */ #define MBEDTLS_SSL_PROC_CHK( fn, args ) \ do { \ ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ @@ -146,6 +153,9 @@ } \ } while( 0 ) +/* + * Exit and print debug message when return negative value + */ #define MBEDTLS_SSL_PROC_CHK_NEG( fn, args ) \ do { \ ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ @@ -949,7 +959,18 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +/** + * \brief TLS1.3 client side state machine entry + * + * \param ssl SSL context + */ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); + +/** + * \brief TLS1.3 server side state machine entry + * + * \param ssl SSL context + */ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ); #endif @@ -1390,18 +1411,30 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, ssl->state = state; } +/* + * Write tls13 handshake message header + */ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, size_t *buflen ); +/* + * Write tls13 handshake message tail + */ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t buf_len, size_t msg_len ); +/* + * Update checksum with handshake header + */ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, unsigned hs_type, size_t total_hs_len ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +/* + * Write TLS1.3 Signature Algorithm extesion + */ int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen); From c4d22444d65c6483e349f3019ed38454c41176e8 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Aug 2021 20:04:33 +0800 Subject: [PATCH 1020/1065] fix undeclared variable error Signed-off-by: Jerry Yu # Conflicts: # library/ssl_tls13_client.c --- library/ssl_tls13_client.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 41b133437d..a03aa8e461 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -112,7 +112,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, size_t *len_with_binders ) { - /* Extensions */ + /* Extensions */ /* extension_start * Used during extension writing where the @@ -120,9 +120,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, * extension list must be kept to write * the total extension list size in the end. */ -#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) int ret; -#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ unsigned char* extension_start; size_t cur_ext_len; /* Size of the current extension */ size_t total_ext_len; /* Size of list of extensions */ From 995ecd396ffbba84dcf84d3399c6fd270ec1b820 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Aug 2021 17:53:49 +0800 Subject: [PATCH 1021/1065] fix wrong iana values and comments Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 14 +++++++------- library/ssl_misc.h | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b7b22c20d4..540ff1fc52 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -472,21 +472,21 @@ #define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 -#define MBEDTLS_TLS_EXT_STATUS_REQUEST 5 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_STATUS_REQUEST 5 /* RFC 6066 TLS 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 -#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* RFC 8422,7919 TLS 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 #define MBEDTLS_TLS_EXT_SIG_ALG 13 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_USE_SRTP 14 -#define MBEDTLS_TLS_EXT_HEARTBEAT 15 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_HEARTBEAT 15 /* RFC 6520 TLS 1.3 */ #define MBEDTLS_TLS_EXT_ALPN 16 -#define MBEDTLS_TLS_EXT_SCT 18 /* RFC 8446 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 19 /* RFC 8446 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 20 /* RFC 8446 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 8446 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SCT 18 /* RFC 6962 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 19 /* RFC 7259 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 20 /* RFC 7250 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 7685 TLS 1.3 */ #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ #define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8c38cd06e1..32017f3458 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -118,8 +118,8 @@ #define MBEDTLS_SSL_EXT_HEARTBEAT ( 1 << 6 ) #define MBEDTLS_SSL_EXT_ALPN ( 1 << 7 ) #define MBEDTLS_SSL_EXT_SCT ( 1 << 8 ) -#define MBEDTLS_SSL_EXT_SERV_CERT_TYPE ( 1 << 9 ) -#define MBEDTLS_SSL_EXT_CLI_CERT_TYPE ( 1 << 10 ) +#define MBEDTLS_SSL_EXT_CLI_CERT_TYPE ( 1 << 9 ) +#define MBEDTLS_SSL_EXT_SERV_CERT_TYPE ( 1 << 10 ) #define MBEDTLS_SSL_EXT_PADDING ( 1 << 11 ) #define MBEDTLS_SSL_EXT_PRE_SHARED_KEY ( 1 << 12 ) #define MBEDTLS_SSL_EXT_EARLY_DATA ( 1 << 13 ) From eecfbf001cb6dff76bb6756e259818ce40fc38d1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Aug 2021 18:32:07 +0800 Subject: [PATCH 1022/1065] fix format issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 23 ++++++++-------- library/ssl_tls13_client.c | 55 +++++++++++++++++++------------------ library/ssl_tls13_generic.c | 23 ++++++++-------- 3 files changed, 53 insertions(+), 48 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 32017f3458..50aee6ffd2 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1405,8 +1405,8 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, - mbedtls_ssl_states state ) +static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl, + mbedtls_ssl_states state ) { ssl->state = state; } @@ -1415,29 +1415,30 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl, * Write tls13 handshake message header */ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, - unsigned hs_type, - unsigned char **buf, - size_t *buflen ); + unsigned hs_type, + unsigned char **buf, + size_t *buflen ); /* * Write tls13 handshake message tail */ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, - size_t buf_len, - size_t msg_len ); + size_t buf_len, + size_t msg_len ); /* * Update checksum with handshake header */ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, - unsigned hs_type, - size_t total_hs_len ); + unsigned hs_type, + size_t total_hs_len ); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * Write TLS1.3 Signature Algorithm extesion */ int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, unsigned char *end, - size_t *olen); + unsigned char *buf, + unsigned char *end, + size_t *olen); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a03aa8e461..ef9836d195 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -43,9 +43,9 @@ * } SupportedVersions; */ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) + unsigned char *buf, + unsigned char *end, + size_t *olen ) { unsigned char *p = buf; @@ -55,11 +55,11 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0); + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0 ); /* total length */ MBEDTLS_PUT_UINT16_BE( 3, p, 2); - p+=4; + p += 4; /* length of next field */ *p++ = 0x2; @@ -67,11 +67,13 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, /* This implementation only supports a single TLS version, and only * advertises a single value. */ - mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version( ssl->conf->max_major_ver, + ssl->conf->max_minor_ver, + ssl->conf->transport, p ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [%d:%d]", - ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); + ssl->conf->max_major_ver, + ssl->conf->max_minor_ver ) ); *olen = 7; @@ -81,9 +83,9 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); @@ -93,9 +95,9 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, } static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); @@ -109,8 +111,9 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, /* Functions for ClientHello */ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t buflen, - size_t *len_with_binders ) + unsigned char *buf, + size_t buflen, + size_t *len_with_binders ) { /* Extensions */ @@ -121,20 +124,20 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, * the total extension list size in the end. */ int ret; - unsigned char* extension_start; + unsigned char *extension_start; size_t cur_ext_len; /* Size of the current extension */ size_t total_ext_len; /* Size of list of extensions */ /* Buffer management */ - unsigned char* start = buf; - unsigned char* end = buf + buflen; + unsigned char *start = buf; + unsigned char *end = buf + buflen; /* Ciphersuite-related variables */ - const int* ciphersuites; - const mbedtls_ssl_ciphersuite_t* ciphersuite_info; + const int *ciphersuites; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; /* ciphersuite_start points to the start of the ciphersuite list, i.e. to the length field*/ - unsigned char* ciphersuite_start; + unsigned char *ciphersuite_start; size_t ciphersuite_count; /* Keeping track of the included extensions */ @@ -167,13 +170,13 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, * * In cTLS the version number is elided. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN); + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN ); MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0); buf += 2; buflen -= CLIENT_HELLO_VERSION_LEN; /* Write random bytes */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN); + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN ); memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, CLIENT_HELLO_RAND_BYTES_LEN ); @@ -255,7 +258,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, } /* write ciphersuite length now */ - MBEDTLS_PUT_UINT16_BE( ciphersuite_count*2, ciphersuite_start, 0); + MBEDTLS_PUT_UINT16_BE( ciphersuite_count*2, ciphersuite_start, 0 ); ciphersuite_start += 2; MBEDTLS_SSL_DEBUG_MSG( 3, @@ -340,7 +343,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); /* Write extension length */ - MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0); + MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 ); extension_start += 2; *len_with_binders = ( extension_start + total_ext_len ) - start; diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index be44141518..4b087baa26 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -28,9 +28,9 @@ #include "ssl_misc.h" int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, - unsigned hs_type, - unsigned char **buf, - size_t *buflen ) + unsigned hs_type, + unsigned char **buf, + size_t *buflen ) { *buf = ssl->out_msg + 4; *buflen = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; @@ -42,8 +42,8 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, } int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, - size_t buf_len, - size_t msg_len ) + size_t buf_len, + size_t msg_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) buf_len); @@ -56,8 +56,8 @@ cleanup: } void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, - unsigned hs_type, - size_t total_hs_len ) + unsigned hs_type, + size_t total_hs_len ) { unsigned char hs_hdr[4]; @@ -90,10 +90,11 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, * Only if we handle at least one key exchange that needs signatures. */ -int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char* buf, - unsigned char* end, - size_t* olen ) +int mbedtls_ssl_tls13_write_signature_algorithms_ext( + mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); From e41dec015846b3e0d461654f6ef06814d10bde61 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 10:57:07 +0800 Subject: [PATCH 1023/1065] Rename write signature algorithms function To keep similar name with other place. Signed-off-by: Jerry Yu --- library/ssl_misc.h | 8 ++++---- library/ssl_tls13_client.c | 3 +-- library/ssl_tls13_generic.c | 11 +++++------ 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 50aee6ffd2..6b0bf574b6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1435,10 +1435,10 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, /* * Write TLS1.3 Signature Algorithm extesion */ -int mbedtls_ssl_tls13_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen); +int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ef9836d195..dce83f427b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -311,8 +311,7 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, /* The supported_signature_algorithms extension is REQUIRED for * certificate authenticated ciphersuites. */ - ret = mbedtls_ssl_tls13_write_signature_algorithms_ext( ssl, buf, - end, &cur_ext_len ); + ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 4b087baa26..1713d4c813 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -73,7 +73,7 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* - * mbedtls_ssl_tls13_write_signature_algorithms_ext( ) + * mbedtls_ssl_tls13_write_sig_alg_ext( ) * * enum { * .... @@ -90,11 +90,10 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, * Only if we handle at least one key exchange that needs signatures. */ -int mbedtls_ssl_tls13_write_signature_algorithms_ext( - mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); From 08906d006b01566791587a2a9e6e9623bbea7a93 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 11:05:27 +0800 Subject: [PATCH 1024/1065] fix name conversion issues Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index dce83f427b..80386c80d3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -30,8 +30,8 @@ #include "ssl_misc.h" #include -#define CLIENT_HELLO_RAND_BYTES_LEN 32 -#define CLIENT_HELLO_VERSION_LEN 2 +#define CLIENT_HELLO_RANDOM_LEN 32 +#define CLIENT_HELLO_LEGACY_VERSION_LEN 2 /* Write extensions */ @@ -110,7 +110,7 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, /* Functions for ClientHello */ -static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, +static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, size_t *len_with_binders ) @@ -170,19 +170,19 @@ static int ssl_tls13_write_exts_client_hello( mbedtls_ssl_context *ssl, * * In cTLS the version number is elided. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_VERSION_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0); - buf += 2; - buflen -= CLIENT_HELLO_VERSION_LEN; + buf += CLIENT_HELLO_LEGACY_VERSION_LEN; + buflen -= CLIENT_HELLO_LEGACY_VERSION_LEN; /* Write random bytes */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RAND_BYTES_LEN ); - memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RAND_BYTES_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN ); + memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", - buf, CLIENT_HELLO_RAND_BYTES_LEN ); + buf, CLIENT_HELLO_RANDOM_LEN ); - buf += CLIENT_HELLO_RAND_BYTES_LEN; - buflen -= CLIENT_HELLO_RAND_BYTES_LEN; + buf += CLIENT_HELLO_RANDOM_LEN; + buflen -= CLIENT_HELLO_RANDOM_LEN; /* Versions of TLS before TLS 1.3 supported a * "session resumption" feature which has been merged with pre-shared @@ -367,7 +367,7 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->handshake->randbytes, - CLIENT_HELLO_RAND_BYTES_LEN ) ) != 0 ) + CLIENT_HELLO_RANDOM_LEN ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); return( ret ); @@ -394,7 +394,7 @@ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) ); - MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_exts_client_hello, + MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_client_hello_body, ( ssl, buf, buf_len, &msg_len ) ); mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, From 159c5a0e12b3769b14ae7c7e7aab2fe310eafd05 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 12:51:25 +0800 Subject: [PATCH 1025/1065] fix comments issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 6 +++--- library/ssl_tls13_client.c | 42 +++++++++++++++++++++++++++++--------- 2 files changed, 35 insertions(+), 13 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 6b0bf574b6..b1f5f36f55 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1412,14 +1412,14 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl, } /* - * Write tls13 handshake message header + * Write TLS 1.3 handshake message header */ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, size_t *buflen ); /* - * Write tls13 handshake message tail + * Write TLS 1.3 handshake message tail */ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t buf_len, @@ -1433,7 +1433,7 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* - * Write TLS1.3 Signature Algorithm extesion + * Write TLS 1.3 Signature Algorithm extension */ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf, diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 80386c80d3..f30d408230 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -51,17 +51,24 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, *olen = 0; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) ); + /* + * ExtensionType 2 + * ExtensionLength 2 + * VersionSLength 1 + * Version 2 + */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); + /* Write Extension Type */ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0 ); - /* total length */ + /* Write Extension Length */ MBEDTLS_PUT_UINT16_BE( 3, p, 2); p += 4; - /* length of next field */ + /* Length of the SupportedVersions field data */ *p++ = 0x2; /* This implementation only supports a single TLS version, and only @@ -108,7 +115,7 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -/* Functions for ClientHello */ +/* Functions for writing ClientHello message */ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -319,11 +326,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, buf += cur_ext_len; /* We need to send the key shares under three conditions: - * 1 ) A certificate-based ciphersuite is being offered. In this case - * supported_groups and supported_signature extensions have been successfully added. - * 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the + * 1) A certificate-based ciphersuite is being offered. In this case + * supported_groups and supported_signature extensions have been + * successfully added. + * 2) A PSK-based ciphersuite with ECDHE is offered. In this case the * psk_key_exchange_modes has been added as the last extension. - * 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above ) + * 3) Or, in case all ciphers are supported ( which includes #1 and #2 + * from above ) */ ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); @@ -377,8 +386,21 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) } /* - * ClientHello Main entry point. - * orchestrates the other functions. + * Write ClientHello handshake message. + * + * Structure of this message: + * + * uint16 ProtocolVersion; + * opaque Random[32]; + * uint8 CipherSuite[2]; // Cryptographic suite selector + * struct { + * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 + * Random random; + * opaque legacy_session_id<0..32>; + * CipherSuite cipher_suites<2..2^16-2>; + * opaque legacy_compression_methods<1..2^8-1>; + * Extension extensions<8..2^16-1>; + * } ClientHello; */ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) { From 67d4ed5b22d846d05144989ad2ba33cb0656cb17 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 13:12:43 +0800 Subject: [PATCH 1026/1065] force change state type Signed-off-by: Jerry Yu --- library/ssl_misc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b1f5f36f55..e93e55b633 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1408,7 +1408,7 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl, mbedtls_ssl_states state ) { - ssl->state = state; + ssl->state = ( int ) state; } /* From 6a643100029d4e739f0f45d5290b81fd3d9e836d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 14:40:36 +0800 Subject: [PATCH 1027/1065] Cleanup client_hello body. cleanup `ssl_tls13_write_client_hello_body`, fix comments issues. And move ciphersuites to separate function Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 186 ++++++++++++++++++------------------- 1 file changed, 89 insertions(+), 97 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f30d408230..f9cfff5217 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -115,8 +115,79 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -/* Functions for writing ClientHello message */ +/* Write ciphersuites + * CipherSuite cipher_suites<2..2^16-2>; + */ +static int ssl_tls13_write_client_hello_ciphersuites( + mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) +{ + /* Ciphersuite-related variables */ + const int *ciphersuites; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + /* ciphersuite_start points to the start of + the ciphersuite list, i.e. to the length field*/ + unsigned char *ciphersuite_start, *ciphersuite_iter; + size_t buf_len; + *olen = 0 ; + + /* + * Ciphersuite list + * + * This is a list of the symmetric cipher options supported by + * the client, specifically the record protection algorithm + * ( including secret key length ) and a hash to be used with + * HKDF, in descending order of client preference. + */ + ciphersuites = ssl->conf->ciphersuite_list; + + /* Check available spaces for ciphersuite */ + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); + + /* Write ciphersuites */ + ciphersuite_start = buf + 2; + ciphersuite_iter = ciphersuite_start; + + for ( size_t i = 0; ciphersuites[i] != 0; i++ ) + { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + + if( ciphersuite_info == NULL ) + continue; + + if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || + ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + continue; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", + (unsigned int) ciphersuites[i], + ciphersuite_info->name ) ); + + /* Check for available spaces */ + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); + + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], ciphersuite_iter, 0); + ciphersuite_iter += 2; + + } + + buf_len = ciphersuite_iter - ciphersuite_start; + + /* write ciphersuite buf length */ + MBEDTLS_PUT_UINT16_BE( buf_len, buf, 0 ); + + + MBEDTLS_SSL_DEBUG_MSG( 3, + ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", + buf_len/2 ) ); + + return( 0 ); +} + +/* Functions for writing ClientHello message */ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, @@ -139,13 +210,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *start = buf; unsigned char *end = buf + buflen; - /* Ciphersuite-related variables */ - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - /* ciphersuite_start points to the start of - the ciphersuite list, i.e. to the length field*/ - unsigned char *ciphersuite_start; - size_t ciphersuite_count; + *len_with_binders = 0; /* Keeping track of the included extensions */ ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; @@ -169,7 +234,9 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ssl->major_ver = ssl->conf->min_major_ver; ssl->minor_ver = ssl->conf->min_minor_ver; - /* For TLS 1.3 we use the legacy version number {0x03, 0x03} + /* Write legacy_version + * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 + * For TLS 1.3 we use the legacy version number {0x03, 0x03} * instead of the true version number. * * For DTLS 1.3 we use the legacy version number @@ -180,16 +247,16 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0); buf += CLIENT_HELLO_LEGACY_VERSION_LEN; - buflen -= CLIENT_HELLO_LEGACY_VERSION_LEN; - /* Write random bytes */ + /* Write random bytes + Random random + */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN ); memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, CLIENT_HELLO_RANDOM_LEN ); buf += CLIENT_HELLO_RANDOM_LEN; - buflen -= CLIENT_HELLO_RANDOM_LEN; /* Versions of TLS before TLS 1.3 supported a * "session resumption" feature which has been merged with pre-shared @@ -203,74 +270,14 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * ossification ). Otherwise, it MUST be set as a zero-length vector * ( i.e., a zero-valued single byte length field ). */ - if( buflen < 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 1 ); *buf++ = 0; /* session id length set to zero */ - buflen -= 1; - /* - * Ciphersuite list - * - * This is a list of the symmetric cipher options supported by - * the client, specifically the record protection algorithm - * ( including secret key length ) and a hash to be used with - * HKDF, in descending order of client preference. - */ - ciphersuites = ssl->conf->ciphersuite_list; - - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - /* Skip writing ciphersuite length for now */ - ciphersuite_count = 0; - ciphersuite_start = buf; - buf += 2; - buflen -= 2; - - for ( size_t i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - - if( ciphersuite_info == NULL ) - continue; - - if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || - ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) - continue; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", - (unsigned int) ciphersuites[i], - ciphersuite_info->name ) ); - - ciphersuite_count++; - - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - MBEDTLS_PUT_UINT16_BE( ciphersuites[i], buf, 0); - - buf += 2; - buflen -= 2; - - } - - /* write ciphersuite length now */ - MBEDTLS_PUT_UINT16_BE( ciphersuite_count*2, ciphersuite_start, 0 ); - ciphersuite_start += 2; - - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", - ciphersuite_count ) ); + /* Write ciphersuites */ + ret = ssl_tls13_write_client_hello_ciphersuites( ssl, buf, end, &cur_ext_len ); + if( ret != 0) + return( ret ); + buf += cur_ext_len; /* For every TLS 1.3 ClientHello, this vector MUST contain exactly * one byte set to zero, which corresponds to the 'null' compression @@ -278,20 +285,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * * For cTLS this field is elided. */ - if( buflen < 2 /* for ciphersuite list length */ ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); *buf++ = 1; *buf++ = MBEDTLS_SSL_COMPRESS_NULL; - buflen -= 2; /* First write extensions, then the total length */ extension_start = buf; - total_ext_len = 0; buf += 2; /* Supported Versions Extension is mandatory with TLS 1.3. @@ -302,7 +302,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); - total_ext_len += cur_ext_len; buf += cur_ext_len; #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) @@ -312,8 +311,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); - - total_ext_len += cur_ext_len; buf += cur_ext_len; /* The supported_signature_algorithms extension is REQUIRED for @@ -321,8 +318,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); - - total_ext_len += cur_ext_len; buf += cur_ext_len; /* We need to send the key shares under three conditions: @@ -338,13 +333,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); - - total_ext_len += cur_ext_len; buf += cur_ext_len; + #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Add more extensions here */ + total_ext_len = buf - extension_start - 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET , total_ext_len ) ); @@ -354,7 +349,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 ); extension_start += 2; - *len_with_binders = ( extension_start + total_ext_len ) - start; + *len_with_binders = buf - start; return( 0 ); } @@ -390,9 +385,6 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) * * Structure of this message: * - * uint16 ProtocolVersion; - * opaque Random[32]; - * uint8 CipherSuite[2]; // Cryptographic suite selector * struct { * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 * Random random; From a2cf7bd2436f3ad506272547e3674bc40a827527 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 16:12:00 +0800 Subject: [PATCH 1028/1065] fix comment issues Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 10 +++++----- library/ssl_misc.h | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 540ff1fc52..b0491bfead 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -472,19 +472,19 @@ #define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 -#define MBEDTLS_TLS_EXT_STATUS_REQUEST 5 /* RFC 6066 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_STATUS_REQUEST 5 /* RFC 6066 TLS 1.2 and 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 -#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* RFC 8422,7919 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS 10 /* RFC 8422,7919 TLS 1.2 and 1.3 */ #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 #define MBEDTLS_TLS_EXT_SIG_ALG 13 /* RFC 8446 TLS 1.3 */ #define MBEDTLS_TLS_EXT_USE_SRTP 14 -#define MBEDTLS_TLS_EXT_HEARTBEAT 15 /* RFC 6520 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_HEARTBEAT 15 /* RFC 6520 TLS 1.2 and 1.3 */ #define MBEDTLS_TLS_EXT_ALPN 16 -#define MBEDTLS_TLS_EXT_SCT 18 /* RFC 6962 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 19 /* RFC 7259 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_SCT 18 /* RFC 6962 TLS 1.2 and 1.3 */ +#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 19 /* RFC 7250 TLS 1.3 */ #define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 20 /* RFC 7250 TLS 1.3 */ #define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 7685 TLS 1.3 */ #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e93e55b633..6b17667bfe 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -960,14 +960,14 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) /** - * \brief TLS1.3 client side state machine entry + * \brief TLS 1.3 client side state machine entry * * \param ssl SSL context */ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ); /** - * \brief TLS1.3 server side state machine entry + * \brief TLS 1.3 server side state machine entry * * \param ssl SSL context */ From b7ab336b3a98c2d2e8c8ff0bd5d328647e01849a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 16:16:19 +0800 Subject: [PATCH 1029/1065] fix format issue Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f9cfff5217..736cd208e4 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -65,7 +65,7 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0 ); /* Write Extension Length */ - MBEDTLS_PUT_UINT16_BE( 3, p, 2); + MBEDTLS_PUT_UINT16_BE( 3, p, 2 ); p += 4; /* Length of the SupportedVersions field data */ @@ -169,7 +169,7 @@ static int ssl_tls13_write_client_hello_ciphersuites( /* Check for available spaces */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - MBEDTLS_PUT_UINT16_BE( ciphersuites[i], ciphersuite_iter, 0); + MBEDTLS_PUT_UINT16_BE( ciphersuites[i], ciphersuite_iter, 0 ); ciphersuite_iter += 2; } @@ -245,7 +245,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * In cTLS the version number is elided. */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); - MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0); + MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0 ); buf += CLIENT_HELLO_LEGACY_VERSION_LEN; /* Write random bytes From f171e836eb58f79f315f0d12cde0c50847a22647 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Aug 2021 18:31:09 +0800 Subject: [PATCH 1030/1065] fix lenght mismatch error Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 736cd208e4..41d2a321ec 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -184,6 +184,8 @@ static int ssl_tls13_write_client_hello_ciphersuites( ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", buf_len/2 ) ); + *olen = ciphersuite_iter - buf; + return( 0 ); } From 1bc2c1f1a3086a0d20c0251580f1ecd7564a0e7c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 1 Sep 2021 12:57:29 +0800 Subject: [PATCH 1031/1065] fix various issues fix comments, format and name conversion issues Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 6 +- library/ssl_tls13_client.c | 240 ++++++++++++++++-------------------- library/ssl_tls13_generic.c | 8 ++ 3 files changed, 120 insertions(+), 134 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b0491bfead..f533859959 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -484,9 +484,9 @@ #define MBEDTLS_TLS_EXT_ALPN 16 #define MBEDTLS_TLS_EXT_SCT 18 /* RFC 6962 TLS 1.2 and 1.3 */ -#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 19 /* RFC 7250 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 20 /* RFC 7250 TLS 1.3 */ -#define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 7685 TLS 1.3 */ +#define MBEDTLS_TLS_EXT_CLI_CERT_TYPE 19 /* RFC 7250 TLS 1.2 and 1.3 */ +#define MBEDTLS_TLS_EXT_SERV_CERT_TYPE 20 /* RFC 7250 TLS 1.2 and 1.3 */ +#define MBEDTLS_TLS_EXT_PADDING 21 /* RFC 7685 TLS 1.2 and 1.3 */ #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ #define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 41d2a321ec..944e5b50c3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -31,7 +31,7 @@ #include #define CLIENT_HELLO_RANDOM_LEN 32 -#define CLIENT_HELLO_LEGACY_VERSION_LEN 2 +#define CLIENT_HELLO_LEGACY_VERSION_LEN 2 /* Write extensions */ @@ -54,25 +54,31 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) ); /* - * ExtensionType 2 - * ExtensionLength 2 - * VersionSLength 1 - * Version 2 + * Reserve space for extension header. + * + * extension_type 2 + * extension_data_length 2 + * version_length 1 + * versions 2 */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); - /* Write Extension Type */ + /* Write extension_type */ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0 ); - /* Write Extension Length */ + /* Write extension_data_length */ MBEDTLS_PUT_UINT16_BE( 3, p, 2 ); p += 4; - /* Length of the SupportedVersions field data */ + /* Length of versions */ *p++ = 0x2; - /* This implementation only supports a single TLS version, and only - * advertises a single value. + /* Write values of supported version. + * + * They are come from configuration values. And + * ssl_conf_check has valided the values. + * + * Currently, only one vesrion is advertised. */ mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, @@ -115,22 +121,22 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -/* Write ciphersuites +/* + * Functions for writing ClientHello message. + */ +/* Write cipher_suites * CipherSuite cipher_suites<2..2^16-2>; */ -static int ssl_tls13_write_client_hello_ciphersuites( +static int ssl_tls13_write_client_hello_cipher_suites( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) { - /* Ciphersuite-related variables */ - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - /* ciphersuite_start points to the start of - the ciphersuite list, i.e. to the length field*/ - unsigned char *ciphersuite_start, *ciphersuite_iter; - size_t buf_len; + const int *cipher_suite_list; + unsigned char *cipher_suites_start; /* start of the cipher_suite_list */ + unsigned char *cipher_suites_iter; /* iteration of the cipher_suite_list */ + size_t cipher_suites_len; *olen = 0 ; @@ -142,164 +148,146 @@ static int ssl_tls13_write_client_hello_ciphersuites( * ( including secret key length ) and a hash to be used with * HKDF, in descending order of client preference. */ - ciphersuites = ssl->conf->ciphersuite_list; + cipher_suite_list = ssl->conf->ciphersuite_list; - /* Check available spaces for ciphersuite */ + /* Check there is space for the cipher suite list length (2 bytes). */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - /* Write ciphersuites */ - ciphersuite_start = buf + 2; - ciphersuite_iter = ciphersuite_start; + /* Write cipher_suite_list */ + cipher_suites_start = buf + 2; + cipher_suites_iter = cipher_suites_start; - for ( size_t i = 0; ciphersuites[i] != 0; i++ ) + for ( size_t i = 0; cipher_suite_list[i] != 0; i++ ) { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + int cipher_suite = cipher_suite_list[i]; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite ); if( ciphersuite_info == NULL ) continue; - if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) continue; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", - (unsigned int) ciphersuites[i], + (unsigned int) cipher_suite, ciphersuite_info->name ) ); - /* Check for available spaces */ + /* Check there is space for the cipher suite identifier (2 bytes). */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - - MBEDTLS_PUT_UINT16_BE( ciphersuites[i], ciphersuite_iter, 0 ); - ciphersuite_iter += 2; - + MBEDTLS_PUT_UINT16_BE( cipher_suite, cipher_suites_iter, 0 ); + cipher_suites_iter += 2; } - buf_len = ciphersuite_iter - ciphersuite_start; - - /* write ciphersuite buf length */ - MBEDTLS_PUT_UINT16_BE( buf_len, buf, 0 ); - - + /* Write the cipher_suite_list length in number of bytes */ + cipher_suites_len = cipher_suites_iter - cipher_suites_start; + MBEDTLS_PUT_UINT16_BE( cipher_suites_len, buf, 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites", - buf_len/2 ) ); + ( "client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites", + cipher_suites_len/2 ) ); - *olen = ciphersuite_iter - buf; + /* Output the total length of cipher_suites field. */ + *olen = cipher_suites_iter - buf; return( 0 ); } -/* Functions for writing ClientHello message */ +/* + * Structure of ClientHello message: + * + * struct { + * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 + * Random random; + * opaque legacy_session_id<0..32>; + * CipherSuite cipher_suites<2..2^16-2>; + * opaque legacy_compression_methods<1..2^8-1>; + * Extension extensions<8..2^16-1>; + * } ClientHello; + */ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *buf, size_t buflen, - size_t *len_with_binders ) + size_t *olen ) { - /* Extensions */ - /* extension_start - * Used during extension writing where the - * buffer pointer to the beginning of the - * extension list must be kept to write - * the total extension list size in the end. - */ int ret; - unsigned char *extension_start; - size_t cur_ext_len; /* Size of the current extension */ - size_t total_ext_len; /* Size of list of extensions */ + unsigned char *extension_start; /* Start of extensions buffer */ + size_t cur_ext_len; /* Size of the current extension */ + size_t total_ext_len; /* Size of list of extensions */ /* Buffer management */ unsigned char *start = buf; unsigned char *end = buf + buflen; - *len_with_binders = 0; - - /* Keeping track of the included extensions */ - ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; - - /* NOTE: - * Even for DTLS 1.3, we are writing a TLS handshake header here. - * The actual DTLS 1.3 handshake header is inserted in - * the record writing routine mbedtls_ssl_write_record(). - * - * For cTLS the length, and the version field - * are elided. The random bytes are shorter. - */ - - if( ssl->conf->max_major_ver == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " - "consider using mbedtls_ssl_config_defaults()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + *olen = 0; + /* No validation needed here. It has been done by ssl_conf_check() */ ssl->major_ver = ssl->conf->min_major_ver; ssl->minor_ver = ssl->conf->min_minor_ver; - /* Write legacy_version + /* + * Write legacy_version * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 - * For TLS 1.3 we use the legacy version number {0x03, 0x03} + * + * For TLS 1.3 we use the legacy version number {0x03, 0x03} * instead of the true version number. - * - * For DTLS 1.3 we use the legacy version number - * {254,253}. - * - * In cTLS the version number is elided. */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0 ); buf += CLIENT_HELLO_LEGACY_VERSION_LEN; - /* Write random bytes - Random random - */ + /* Write the random bytes ( random ).*/ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN ); memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf, CLIENT_HELLO_RANDOM_LEN ); - buf += CLIENT_HELLO_RANDOM_LEN; - /* Versions of TLS before TLS 1.3 supported a - * "session resumption" feature which has been merged with pre-shared - * keys in this version. A client which has a - * cached session ID set by a pre-TLS 1.3 server SHOULD set this - * field to that value. In compatibility mode, - * this field MUST be non-empty, so a client not offering a - * pre-TLS 1.3 session MUST generate a new 32-byte value. This value - * need not be random but SHOULD be unpredictable to avoid - * implementations fixating on a specific value ( also known as - * ossification ). Otherwise, it MUST be set as a zero-length vector - * ( i.e., a zero-valued single byte length field ). + /* + * Write legacy_session_id + * + * Versions of TLS before TLS 1.3 supported a "session resumption" feature + * which has been merged with pre-shared keys in this version. A client + * which has a cached session ID set by a pre-TLS 1.3 server SHOULD set + * this field to that value. In compatibility mode, this field MUST be + * non-empty, so a client not offering a pre-TLS 1.3 session MUST generate + * a new 32-byte value. This value need not be random but SHOULD be + * unpredictable to avoid implementations fixating on a specific value + * ( also known as ossification ). Otherwise, it MUST be set as a zero-length + * vector ( i.e., a zero-valued single byte length field ). */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 1 ); *buf++ = 0; /* session id length set to zero */ - /* Write ciphersuites */ - ret = ssl_tls13_write_client_hello_ciphersuites( ssl, buf, end, &cur_ext_len ); + /* Write cipher_suites */ + ret = ssl_tls13_write_client_hello_cipher_suites( ssl, buf, end, &cur_ext_len ); if( ret != 0) return( ret ); buf += cur_ext_len; - /* For every TLS 1.3 ClientHello, this vector MUST contain exactly + /* Write legacy_compression_methods + * + * For every TLS 1.3 ClientHello, this vector MUST contain exactly * one byte set to zero, which corresponds to the 'null' compression * method in prior versions of TLS. - * - * For cTLS this field is elided. */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); *buf++ = 1; *buf++ = MBEDTLS_SSL_COMPRESS_NULL; + /* Write extensions */ + + /* Keeping track of the included extensions */ + ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; /* First write extensions, then the total length */ + MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); extension_start = buf; buf += 2; - /* Supported Versions Extension is mandatory with TLS 1.3. + /* Write supported_versions extension * - * For cTLS we only need to provide it if there is more than one version - * and currently there is only one. + * Supported Versions Extension is mandatory with TLS 1.3. */ ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) @@ -307,22 +295,18 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, buf += cur_ext_len; #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - /* The supported_groups and the key_share extensions are - * REQUIRED for ECDHE ciphersuites. + /* Write supported_groups extension + * + * It is REQUIRED for ECDHE cipher_suites. */ ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); buf += cur_ext_len; - /* The supported_signature_algorithms extension is REQUIRED for - * certificate authenticated ciphersuites. */ - ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len ); - if( ret != 0 ) - return( ret ); - buf += cur_ext_len; - - /* We need to send the key shares under three conditions: + /* Write key_share extension + * + * We need to send the key shares under three conditions: * 1) A certificate-based ciphersuite is being offered. In this case * supported_groups and supported_signature extensions have been * successfully added. @@ -331,27 +315,32 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * 3) Or, in case all ciphers are supported ( which includes #1 and #2 * from above ) */ - ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); if( ret != 0 ) return( ret ); buf += cur_ext_len; + /* Write signature_algorithms extension + * + * It is REQUIRED for certificate authenticated cipher_suites. + */ + ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len ); + if( ret != 0 ) + return( ret ); + buf += cur_ext_len; + #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Add more extensions here */ + /* Write the length of the list of extensions. */ total_ext_len = buf - extension_start - 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET , total_ext_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); - - /* Write extension length */ MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 ); - extension_start += 2; - *len_with_binders = buf - start; + *olen = buf - start; return( 0 ); } @@ -384,17 +373,6 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) /* * Write ClientHello handshake message. - * - * Structure of this message: - * - * struct { - * ProtocolVersion legacy_version = 0x0303; // TLS v1.2 - * Random random; - * opaque legacy_session_id<0..32>; - * CipherSuite cipher_suites<2..2^16-2>; - * opaque legacy_compression_methods<1..2^8-1>; - * Extension extensions<8..2^16-1>; - * } ClientHello; */ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) { diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 1713d4c813..f33c2f636b 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -32,6 +32,13 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned char **buf, size_t *buflen ) { + /* + * Reserve 4 bytes for hanshake header. ( Section 4,RFC 8446 ) + * ... + * HandshakeType msg_type; + * uint24 length; + * ... + */ *buf = ssl->out_msg + 4; *buflen = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; @@ -48,6 +55,7 @@ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) buf_len); + /* Add reserved 4 bytes for handshake header */ ssl->out_msglen = msg_len + 4; MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext, ( ssl, 0 ) ); From 790656a0a61961296552b75b446bc3f4c50d1b32 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 1 Sep 2021 15:51:48 +0800 Subject: [PATCH 1032/1065] fix name conversion issues fix name conversion issues in `ssl_tls13_write_client_hello_body` Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 944e5b50c3..d354087413 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -211,9 +211,9 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, { int ret; - unsigned char *extension_start; /* Start of extensions buffer */ - size_t cur_ext_len; /* Size of the current extension */ - size_t total_ext_len; /* Size of list of extensions */ + unsigned char *extensions_len_ptr; /* pointer of extensions length */ + size_t output_len; /* Length of buffer used by function */ + size_t extensions_len; /* Length of the list of extensions*/ /* Buffer management */ unsigned char *start = buf; @@ -260,10 +260,10 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, *buf++ = 0; /* session id length set to zero */ /* Write cipher_suites */ - ret = ssl_tls13_write_client_hello_cipher_suites( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_client_hello_cipher_suites( ssl, buf, end, &output_len ); if( ret != 0) return( ret ); - buf += cur_ext_len; + buf += output_len; /* Write legacy_compression_methods * @@ -282,27 +282,27 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, /* First write extensions, then the total length */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - extension_start = buf; + extensions_len_ptr = buf; buf += 2; /* Write supported_versions extension * * Supported Versions Extension is mandatory with TLS 1.3. */ - ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &output_len ); if( ret != 0 ) return( ret ); - buf += cur_ext_len; + buf += output_len; #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Write supported_groups extension * * It is REQUIRED for ECDHE cipher_suites. */ - ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &output_len ); if( ret != 0 ) return( ret ); - buf += cur_ext_len; + buf += output_len; /* Write key_share extension * @@ -315,30 +315,30 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * 3) Or, in case all ciphers are supported ( which includes #1 and #2 * from above ) */ - ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len ); + ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &output_len ); if( ret != 0 ) return( ret ); - buf += cur_ext_len; + buf += output_len; /* Write signature_algorithms extension * * It is REQUIRED for certificate authenticated cipher_suites. */ - ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len ); + ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &output_len ); if( ret != 0 ) return( ret ); - buf += cur_ext_len; + buf += output_len; #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Add more extensions here */ /* Write the length of the list of extensions. */ - total_ext_len = buf - extension_start - 2; + extensions_len = buf - extensions_len_ptr - 2; + MBEDTLS_PUT_UINT16_BE( extensions_len, extensions_len_ptr, 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET , - total_ext_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extension_start, total_ext_len ); - MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 ); + extensions_len ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extensions_len_ptr, extensions_len ); *olen = buf - start; return( 0 ); From 0c63af6ed6576aebdb8dcc3ec9852ae42b53c75e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 2 Sep 2021 12:59:12 +0800 Subject: [PATCH 1033/1065] fix comment issues Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 35 +++++++++++++++++------------------ library/ssl_tls13_generic.c | 4 ++-- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d354087413..373efff10f 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -54,7 +54,7 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) ); /* - * Reserve space for extension header. + * Check space for extension header. * * extension_type 2 * extension_data_length 2 @@ -73,12 +73,11 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, /* Length of versions */ *p++ = 0x2; - /* Write values of supported version. + /* Write values of supported versions. * - * They are come from configuration values. And - * ssl_conf_check has valided the values. + * They are defined by the configuration. * - * Currently, only one vesrion is advertised. + * Currently, only one version is advertised. */ mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, @@ -133,9 +132,9 @@ static int ssl_tls13_write_client_hello_cipher_suites( unsigned char *end, size_t *olen ) { - const int *cipher_suite_list; - unsigned char *cipher_suites_start; /* start of the cipher_suite_list */ - unsigned char *cipher_suites_iter; /* iteration of the cipher_suite_list */ + const int *ciphersuite_list; + unsigned char *cipher_suites_start; /* Start of the cipher_suites list */ + unsigned char *cipher_suites_iter; /* Iteration over the cipher_suites list */ size_t cipher_suites_len; *olen = 0 ; @@ -148,18 +147,18 @@ static int ssl_tls13_write_client_hello_cipher_suites( * ( including secret key length ) and a hash to be used with * HKDF, in descending order of client preference. */ - cipher_suite_list = ssl->conf->ciphersuite_list; + ciphersuite_list = ssl->conf->ciphersuite_list; /* Check there is space for the cipher suite list length (2 bytes). */ MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - /* Write cipher_suite_list */ + /* Write cipher_suites */ cipher_suites_start = buf + 2; cipher_suites_iter = cipher_suites_start; - for ( size_t i = 0; cipher_suite_list[i] != 0; i++ ) + for ( size_t i = 0; ciphersuite_list[i] != 0; i++ ) { - int cipher_suite = cipher_suite_list[i]; + int cipher_suite = ciphersuite_list[i]; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite ); @@ -179,7 +178,7 @@ static int ssl_tls13_write_client_hello_cipher_suites( cipher_suites_iter += 2; } - /* Write the cipher_suite_list length in number of bytes */ + /* Write the cipher_suites length in number of bytes */ cipher_suites_len = cipher_suites_iter - cipher_suites_start; MBEDTLS_PUT_UINT16_BE( cipher_suites_len, buf, 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, @@ -211,7 +210,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, { int ret; - unsigned char *extensions_len_ptr; /* pointer of extensions length */ + unsigned char *extensions_len_ptr; /* Pointer of extensions length */ size_t output_len; /* Length of buffer used by function */ size_t extensions_len; /* Length of the list of extensions*/ @@ -392,8 +391,8 @@ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) ( ssl, buf, buf_len, &msg_len ) ); mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, - msg_len ); - ssl->handshake->update_checksum( ssl, buf, 0 ); + msg_len ); + ssl->handshake->update_checksum( ssl, buf, msg_len ); MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello, ( ssl ) ); MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg, @@ -420,8 +419,8 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) switch( ssl->state ) { /* - * ssl->state is initialized as HELLO_REQUEST. It is same - * with CLIENT_HELLO status + * ssl->state is initialized as HELLO_REQUEST. It is the same + * as CLIENT_HELLO state. */ case MBEDTLS_SSL_HELLO_REQUEST: case MBEDTLS_SSL_CLIENT_HELLO: diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index f33c2f636b..fb6da346fc 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -30,7 +30,7 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, - size_t *buflen ) + size_t *buf_len ) { /* * Reserve 4 bytes for hanshake header. ( Section 4,RFC 8446 ) @@ -40,7 +40,7 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, * ... */ *buf = ssl->out_msg + 4; - *buflen = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; + *buf_len = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = hs_type; From 2c0fbf3405aa1d71f8f2d966a06399454a53afce Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 2 Sep 2021 13:53:46 +0800 Subject: [PATCH 1034/1065] modify proc_chk macros - change the parameter - remove debug output - remove return value modify Signed-off-by: Jerry Yu --- library/ssl_misc.h | 17 ++++------------- library/ssl_tls13_client.c | 23 +++++++++++++---------- library/ssl_tls13_generic.c | 2 +- 3 files changed, 18 insertions(+), 24 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 6b17667bfe..e16c674cb0 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -26,7 +26,6 @@ #include "mbedtls/ssl.h" #include "mbedtls/cipher.h" -#include "mbedtls/debug.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" @@ -135,33 +134,25 @@ /* * Helper macros for function call with returen check. */ -/* utils for strip parens in marcro */ -#define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__ - /* * Exit and print debug message when return none zero value */ -#define MBEDTLS_SSL_PROC_CHK( fn, args ) \ +#define MBEDTLS_SSL_PROC_CHK( f ) \ do { \ - ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ + ret = ( f ); \ if( ret != 0 ) \ { \ - if( ret > 0 ) \ - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; \ - MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \ goto cleanup; \ } \ } while( 0 ) - /* * Exit and print debug message when return negative value */ -#define MBEDTLS_SSL_PROC_CHK_NEG( fn, args ) \ +#define MBEDTLS_SSL_PROC_CHK_NEG( f ) \ do { \ - ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \ + ret = ( f ); \ if( ret < 0 ) \ { \ - MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \ goto cleanup; \ } \ } while( 0 ) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 373efff10f..6b89273353 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -381,22 +381,25 @@ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_client_hello, ( ssl ) ); + MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_client_hello( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_start_handshake_msg, - ( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, - &buf, &buf_len ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + &buf, &buf_len ) ); - MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_client_hello_body, - ( ssl, buf, buf_len, &msg_len ) ); + MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_client_hello_body( ssl, buf, + buf_len, + &msg_len ) ); - mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, + mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, + MBEDTLS_SSL_HS_CLIENT_HELLO, msg_len ); ssl->handshake->update_checksum( ssl, buf, msg_len ); - MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello, ( ssl ) ); - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg, - ( ssl, buf_len, msg_len ) ); + MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_client_hello( ssl ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg( ssl, + buf_len, + msg_len ) ); cleanup: diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index fb6da346fc..3c49a379bd 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -57,7 +57,7 @@ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, /* Add reserved 4 bytes for handshake header */ ssl->out_msglen = msg_len + 4; - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext, ( ssl, 0 ) ); + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext( ssl, 0 ) ); cleanup: return( ret ); From ef387d79a467c77b68605bcfd91a2981518e9b62 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 2 Sep 2021 13:59:41 +0800 Subject: [PATCH 1035/1065] change prototype of write body To keep consistence with others Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 6b89273353..262481c6a7 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -205,7 +205,7 @@ static int ssl_tls13_write_client_hello_cipher_suites( */ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, unsigned char *buf, - size_t buflen, + unsigned char *end, size_t *olen ) { @@ -216,7 +216,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, /* Buffer management */ unsigned char *start = buf; - unsigned char *end = buf + buflen; *olen = 0; @@ -388,7 +387,7 @@ static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl ) &buf, &buf_len ) ); MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_client_hello_body( ssl, buf, - buf_len, + buf + buf_len, &msg_len ) ); mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl, From 3050f054f23e1f1b8e23df6d7593aa97848e6159 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 2 Sep 2021 12:38:51 +0200 Subject: [PATCH 1036/1065] Subtract 1 from input in CCM's incomplete data tests Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.function | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 128bd86d98..57f13e3d85 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -533,8 +533,8 @@ void mbedtls_ccm_overflow_ad( int cipher_id, int mode, TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); // use hardcoded values for msg length and tag length. They are not a part of this test - // set half of auth data length to provoke an overflow - TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len / 2, 16, 16 ) ); + // subtract 1 from configured auth data length to provoke an overflow + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len - 1, 16, 16 ) ); TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); exit: @@ -556,7 +556,7 @@ void mbedtls_ccm_incomplete_ad( int cipher_id, int mode, // use hardcoded values for msg length and tag length. They are not a part of this test TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, 16 ) ); - TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len/2) ); + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len - 1) ); ASSERT_ALLOC( output, 16 ); TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) ); @@ -605,8 +605,8 @@ void mbedtls_ccm_overflow_update( int cipher_id, int mode, TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); // use hardcoded value for tag length. It is a not a part of this test - // set half of msg length to provoke an overflow - TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len / 2, 16 ) ); + // subtract 1 from configured msg length to provoke an overflow + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len - 1, 16 ) ); TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); @@ -639,7 +639,7 @@ void mbedtls_ccm_incomplete_update( int cipher_id, int mode, ASSERT_ALLOC( output, msg->len ); olen = 0xdeadbeef; - TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len/2, output, msg->len, &olen ) ); + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len - 1, output, msg->len, &olen ) ); mbedtls_free( output ); output = NULL; From 8c02bb4b7194631f1a901745400ac76e1180f1a3 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 3 Sep 2021 21:09:22 +0800 Subject: [PATCH 1037/1065] fix various comment issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 6 +++--- library/ssl_tls13_client.c | 16 +++++----------- 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e16c674cb0..7035c278cf 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -132,10 +132,10 @@ #define MBEDTLS_SSL_EXT_KEY_SHARE ( 1 << 21 ) /* - * Helper macros for function call with returen check. + * Helper macros for function call with return check. */ /* - * Exit and print debug message when return none zero value + * Exit when return non-zero value */ #define MBEDTLS_SSL_PROC_CHK( f ) \ do { \ @@ -146,7 +146,7 @@ } \ } while( 0 ) /* - * Exit and print debug message when return negative value + * Exit when return negative value */ #define MBEDTLS_SSL_PROC_CHK_NEG( f ) \ do { \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 262481c6a7..f8779a09fd 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -164,8 +164,8 @@ static int ssl_tls13_write_client_hello_cipher_suites( ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite ); if( ciphersuite_info == NULL ) continue; - if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 || - ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + if( !( MBEDTLS_SSL_MINOR_VERSION_4 > ciphersuite_info->min_minor_ver && + MBEDTLS_SSL_MINOR_VERSION_4 < ciphersuite_info->max_minor_ver ) ) continue; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", @@ -173,7 +173,7 @@ static int ssl_tls13_write_client_hello_cipher_suites( ciphersuite_info->name ) ); /* Check there is space for the cipher suite identifier (2 bytes). */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR( cipher_suites_iter, end, 2 ); MBEDTLS_PUT_UINT16_BE( cipher_suite, cipher_suites_iter, 0 ); cipher_suites_iter += 2; } @@ -210,7 +210,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, { int ret; - unsigned char *extensions_len_ptr; /* Pointer of extensions length */ + unsigned char *extensions_len_ptr; /* Pointer to extensions length */ size_t output_len; /* Length of buffer used by function */ size_t extensions_len; /* Length of the list of extensions*/ @@ -362,7 +362,7 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl ) ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); return( ret ); } @@ -410,12 +410,6 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Handshake completed but ssl->handshake is NULL.\n" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); switch( ssl->state ) From dbfb7bd873dfa8e5bf9afb5aae3aa2680e9e2fd4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Sat, 4 Sep 2021 09:58:58 +0800 Subject: [PATCH 1038/1065] fix various issues - wrong cipher suite filter condition - name conversion - format issue Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 6 +++--- library/ssl_tls13_generic.c | 4 +++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f8779a09fd..2a62dc6fdd 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -164,8 +164,8 @@ static int ssl_tls13_write_client_hello_cipher_suites( ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( cipher_suite ); if( ciphersuite_info == NULL ) continue; - if( !( MBEDTLS_SSL_MINOR_VERSION_4 > ciphersuite_info->min_minor_ver && - MBEDTLS_SSL_MINOR_VERSION_4 < ciphersuite_info->max_minor_ver ) ) + if( !( MBEDTLS_SSL_MINOR_VERSION_4 >= ciphersuite_info->min_minor_ver && + MBEDTLS_SSL_MINOR_VERSION_4 <= ciphersuite_info->max_minor_ver ) ) continue; MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s", @@ -259,7 +259,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, /* Write cipher_suites */ ret = ssl_tls13_write_client_hello_cipher_suites( ssl, buf, end, &output_len ); - if( ret != 0) + if( ret != 0 ) return( ret ); buf += output_len; diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 3c49a379bd..ca4c167132 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -53,10 +53,12 @@ int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl, size_t msg_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t msg_len_with_header; ((void) buf_len); /* Add reserved 4 bytes for handshake header */ - ssl->out_msglen = msg_len + 4; + msg_len_with_header = msg_len + 4; + ssl->out_msglen = msg_len_with_header; MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_handshake_msg_ext( ssl, 0 ) ); cleanup: From cd975e4645bbf6057d0aff68866bb655a822b202 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 2 Sep 2021 13:25:19 +0200 Subject: [PATCH 1039/1065] Extend CCM corner cases tests. Add tests for passing incomplete input data in the first call and too much data in the second call. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 32 ++++++++++++ tests/suites/test_suite_ccm.function | 77 ++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index c8f6351633..169a885f94 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1562,6 +1562,10 @@ CCM encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" +CCM encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" + CCM encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" @@ -1574,6 +1578,10 @@ CCM encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T= depends_on:MBEDTLS_AES_C mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" +CCM encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" + CCM decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" @@ -1586,6 +1594,10 @@ CCM decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" +CCM decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" + CCM decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" @@ -1598,6 +1610,10 @@ CCM decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T= depends_on:MBEDTLS_AES_C mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" +CCM decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" + CCM* encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" @@ -1614,6 +1630,10 @@ CCM* encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" +CCM* encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" + CCM* encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" @@ -1622,6 +1642,10 @@ CCM* encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T depends_on:MBEDTLS_AES_C mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" +CCM* encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" + CCM* decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" @@ -1634,6 +1658,10 @@ CCM* decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" +CCM* decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" + CCM* decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" @@ -1646,6 +1674,10 @@ CCM* decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T depends_on:MBEDTLS_AES_C mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" +CCM* decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" + CCM encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 57f13e3d85..311ccc429d 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -591,6 +591,41 @@ exit: } /* END_CASE */ +/* Provide incomplete auth data on first update_ad. + * Provide too much auth data on second update_ad */ +/* BEGIN_CASE */ +void mbedtls_ccm_incomplete_ad_and_overflow( int cipher_id, int mode, + data_t * key, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + + /* New auth buffer containing same data as original one, + * with added extra byte at the end */ + uint8_t* add_extended = NULL; + ASSERT_ALLOC( add_extended, add->len + 1 ); + if( add_extended ) + { + memcpy( add_extended, add->x, add->len ); + add_extended[add->len] = 0xAB; // some magic value + } + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for msg length and tag length. They are not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) ); + + // pass incomplete auth data + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add_extended, add->len - 1) ); + // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte) + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add_extended + add->len - 1, 2) ); +exit: + mbedtls_free( add_extended ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + /* Provide too much plaintext/ciphertext */ /* BEGIN_CASE */ void mbedtls_ccm_overflow_update( int cipher_id, int mode, @@ -683,6 +718,48 @@ exit: } /* END_CASE */ +/* Provide incomplete plaintext/ciphertext of first update + * Provide too much plaintext/ciphertext on second update */ +/* BEGIN_CASE */ +void mbedtls_ccm_incomplete_update_overflow( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + /* New plaintext/ciphertext buffer containing same data as original one, + * with added extra byte at the end */ + uint8_t* msg_extended = NULL; + ASSERT_ALLOC( msg_extended, msg->len + 1 ); + if( msg_extended ) + { + memcpy( msg_extended, msg->x, msg->len ); + msg_extended[msg->len] = 0xAB; // some magic value + } + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded value for tag length. It is a not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, msg->len + 1 ); + // pass incomplete text + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg_extended, msg->len - 1, output, msg->len + 1, &olen ) ); + // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte) + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \ + mbedtls_ccm_update( &ctx, msg_extended + msg->len - 1, 2, output + msg->len - 1, 2, &olen ) ); +exit: + mbedtls_free( msg_extended ); + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + /* Finish without passing any auth data or plaintext/ciphertext input */ /* BEGIN_CASE */ void mbedtls_ccm_instant_finish( int cipher_id, int mode, From 5d7f6b1fd5ae89282d3cd0806a37dcfca14d06bc Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 2 Sep 2021 15:11:14 +0200 Subject: [PATCH 1040/1065] Remove rendundat ctx->add_len check. Signed-off-by: Mateusz Starzyk --- library/ccm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ccm.c b/library/ccm.c index ca95b8eeb7..15efff79f0 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -266,7 +266,7 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_INPUT; } - if( ctx->add_len > 0 && add_len > 0 ) + if( add_len > 0 ) { if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) { From efec38bb292f9c74050c3816443333eae7be5d5a Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 3 Sep 2021 11:59:26 +0200 Subject: [PATCH 1041/1065] Extend CCM corner cases tests. Add tests covering skipped update() or update_ad() for empty plaintext/ciphertext and empty auth data. Test vector for P=0, A=0 generated using python's cryptography.hazmat library. Python script used for test vector generation: ``` import os from cryptography.hazmat.primitives.ciphers.aead import AESCCM def encrypt(key, iv, plaintext, associated_data): key = bytes.fromhex(key) iv = bytes.fromhex(iv) plaintext = bytes.fromhex(plaintext) associated_data = bytes.fromhex(associated_data) aesccm = AESCCM(key) ct = aesccm.encrypt(iv, plaintext, associated_data) return ct.hex() def decrypt(key, associated_data, iv, ciphertext): key = bytes.fromhex(key) associated_data = bytes.fromhex(associated_data) iv = bytes.fromhex(iv) ciphertext = bytes.fromhex(ciphertext) aesccm = AESCCM(key) pt = aesccm.decrypt(iv, ciphertext, associated_data) return pt.hex() key = "54caf96ef6d448734700aadab50faf7a" plaintext = "" iv = "a3803e752ae849c910d8da36af" aad = "" encrypted = encrypt(key, iv, plaintext, aad) print(f"key: {key}") print(f"iv: {iv}") print(f"encrypted: {encrypted}") print("--------------------------------------") decrypted = decrypt( key, aad, iv, encrypted ) print(f"decrypted: {decrypted}") ``` Results: ``` key: 54caf96ef6d448734700aadab50faf7a iv: a3803e752ae849c910d8da36af encrypted: eba8347baa6d61f87b67c2dd7c6d2053 -------------------------------------- decrypted: ``` Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 48 ++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 169a885f94..05c20fd40b 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -174,6 +174,10 @@ CCM encrypt and tag RFC 3610 #24 depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"ABF21C0B02FEB88F856DF4A37381BCE3CC128517D4":"008D493B30AE8B3C9696766CFA":"6E37A6EF546D955D34AB6059":"F32905B88A641B04B9C9FFB58CC390900F3DA12AB16DCE9E82EFA16DA62059" +CCM encrypt and tag AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + CCM encrypt and tag NIST VTT AES-128 #1 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43b1a6bc8d0d22d6d1ca95c18593cca5":"a2b381c7d1545c408fe29817a21dc435a154c87256346b05":"9882578e750b9682c6ca7f8f86":"2084f3861c9ad0ccee7c63a7e05aece5db8b34bd8724cc06b4ca99a7f9c4914f":"cc69ed76985e0ed4c8365a72775e5a19bfccc71aeb116c85a8c74677" @@ -1518,6 +1522,22 @@ CCM-Camellia encrypt and tag RFC 5528 #24 depends_on:MBEDTLS_CAMELLIA_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F" +CCM encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM* encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM* decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + CCM encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" @@ -1534,6 +1554,22 @@ CCM* decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" +CCM encrypt, skip update AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM decrypt, skip update AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM* encrypt, skip update AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + +CCM* decrypt, skip update AES-128 (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" + CCM encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" @@ -1689,3 +1725,15 @@ mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d3208 CCM* decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" + +CCM encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" + +CCM decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" + +CCM* encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" + +CCM* decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) +mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" From 83e4c1270a24c7a63ea1cb8f799478172ecdaa96 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 3 Sep 2021 14:07:21 +0200 Subject: [PATCH 1042/1065] Add CCM tests for passing unexpected input. Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ccm.data | 7 +++++ tests/suites/test_suite_ccm.function | 47 ++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 05c20fd40b..591e0d9067 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -1737,3 +1737,10 @@ mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf CCM* decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" + +CCM pass unexpected auth data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +mbedtls_ccm_unexpected_ad::MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" + +CCM encrypt, unexpected ciphertext/plaintext data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) +depends_on:MBEDTLS_AES_C +mbedtls_ccm_unexpected_text:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 311ccc429d..472be64540 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -542,6 +542,53 @@ exit: } /* END_CASE */ +/* Provide unexpected auth data */ +/* BEGIN_CASE */ +void mbedtls_ccm_unexpected_ad( int cipher_id, int mode, + data_t * key, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded values for msg length and tag length. They are not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 0, 16, 16 ) ); + + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); +exit: + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + +/* Provide unexpected plaintext/ciphertext data */ +/* BEGIN_CASE */ +void mbedtls_ccm_unexpected_text( int cipher_id, int mode, + data_t * key, data_t * msg, data_t * iv, + data_t * add ) +{ + mbedtls_ccm_context ctx; + uint8_t *output = NULL; + size_t olen; + + mbedtls_ccm_init( &ctx ); + TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); + TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) ); + // use hardcoded value for tag length. It is not a part of this test + TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, 16 ) ); + + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) ); + + ASSERT_ALLOC( output, msg->len ); + olen = 0xdeadbeef; + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) ); +exit: + mbedtls_free( output ); + mbedtls_ccm_free( &ctx ); +} +/* END_CASE */ + /* Provide incomplete auth data and finish */ /* BEGIN_CASE */ void mbedtls_ccm_incomplete_ad( int cipher_id, int mode, From bbe09526b78746e37ebdfcb4d62a0f66581412a4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Sep 2021 21:17:54 +0800 Subject: [PATCH 1043/1065] fix name conversion issues Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 74 +++++++++++++++++++------------------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 2a62dc6fdd..fe2e6f850b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -133,8 +133,8 @@ static int ssl_tls13_write_client_hello_cipher_suites( size_t *olen ) { const int *ciphersuite_list; - unsigned char *cipher_suites_start; /* Start of the cipher_suites list */ - unsigned char *cipher_suites_iter; /* Iteration over the cipher_suites list */ + unsigned char *cipher_suites_ptr; /* Start of the cipher_suites list */ + unsigned char *p; /* Iteration over the cipher_suites list */ size_t cipher_suites_len; *olen = 0 ; @@ -153,8 +153,8 @@ static int ssl_tls13_write_client_hello_cipher_suites( MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); /* Write cipher_suites */ - cipher_suites_start = buf + 2; - cipher_suites_iter = cipher_suites_start; + cipher_suites_ptr = buf + 2; + p = cipher_suites_ptr; for ( size_t i = 0; ciphersuite_list[i] != 0; i++ ) { @@ -173,20 +173,20 @@ static int ssl_tls13_write_client_hello_cipher_suites( ciphersuite_info->name ) ); /* Check there is space for the cipher suite identifier (2 bytes). */ - MBEDTLS_SSL_CHK_BUF_PTR( cipher_suites_iter, end, 2 ); - MBEDTLS_PUT_UINT16_BE( cipher_suite, cipher_suites_iter, 0 ); - cipher_suites_iter += 2; + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_PUT_UINT16_BE( cipher_suite, p, 0 ); + p += 2; } /* Write the cipher_suites length in number of bytes */ - cipher_suites_len = cipher_suites_iter - cipher_suites_start; + cipher_suites_len = p - cipher_suites_ptr; MBEDTLS_PUT_UINT16_BE( cipher_suites_len, buf, 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites", cipher_suites_len/2 ) ); /* Output the total length of cipher_suites field. */ - *olen = cipher_suites_iter - buf; + *olen = p - buf; return( 0 ); } @@ -215,7 +215,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, size_t extensions_len; /* Length of the list of extensions*/ /* Buffer management */ - unsigned char *start = buf; + unsigned char *p = buf; *olen = 0; @@ -230,16 +230,16 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * For TLS 1.3 we use the legacy version number {0x03, 0x03} * instead of the true version number. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); - MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0 ); - buf += CLIENT_HELLO_LEGACY_VERSION_LEN; + MBEDTLS_SSL_CHK_BUF_PTR( p, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); + MBEDTLS_PUT_UINT16_BE( 0x0303, p, 0 ); + p += CLIENT_HELLO_LEGACY_VERSION_LEN; /* Write the random bytes ( random ).*/ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN ); - memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR( p, end, CLIENT_HELLO_RANDOM_LEN ); + memcpy( p, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", - buf, CLIENT_HELLO_RANDOM_LEN ); - buf += CLIENT_HELLO_RANDOM_LEN; + p, CLIENT_HELLO_RANDOM_LEN ); + p += CLIENT_HELLO_RANDOM_LEN; /* * Write legacy_session_id @@ -254,14 +254,14 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * ( also known as ossification ). Otherwise, it MUST be set as a zero-length * vector ( i.e., a zero-valued single byte length field ). */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 1 ); - *buf++ = 0; /* session id length set to zero */ + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 1 ); + *p++ = 0; /* session id length set to zero */ /* Write cipher_suites */ - ret = ssl_tls13_write_client_hello_cipher_suites( ssl, buf, end, &output_len ); + ret = ssl_tls13_write_client_hello_cipher_suites( ssl, p, end, &output_len ); if( ret != 0 ) return( ret ); - buf += output_len; + p += output_len; /* Write legacy_compression_methods * @@ -269,9 +269,9 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * one byte set to zero, which corresponds to the 'null' compression * method in prior versions of TLS. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - *buf++ = 1; - *buf++ = MBEDTLS_SSL_COMPRESS_NULL; + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + *p++ = 1; + *p++ = MBEDTLS_SSL_COMPRESS_NULL; /* Write extensions */ @@ -279,28 +279,28 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE; /* First write extensions, then the total length */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); - extensions_len_ptr = buf; - buf += 2; + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + extensions_len_ptr = p; + p += 2; /* Write supported_versions extension * * Supported Versions Extension is mandatory with TLS 1.3. */ - ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &output_len ); + ret = ssl_tls13_write_supported_versions_ext( ssl, p, end, &output_len ); if( ret != 0 ) return( ret ); - buf += output_len; + p += output_len; #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Write supported_groups extension * * It is REQUIRED for ECDHE cipher_suites. */ - ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &output_len ); + ret = ssl_tls13_write_supported_groups_ext( ssl, p, end, &output_len ); if( ret != 0 ) return( ret ); - buf += output_len; + p += output_len; /* Write key_share extension * @@ -313,32 +313,32 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * 3) Or, in case all ciphers are supported ( which includes #1 and #2 * from above ) */ - ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &output_len ); + ret = ssl_tls13_write_key_shares_ext( ssl, p, end, &output_len ); if( ret != 0 ) return( ret ); - buf += output_len; + p += output_len; /* Write signature_algorithms extension * * It is REQUIRED for certificate authenticated cipher_suites. */ - ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &output_len ); + ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, p, end, &output_len ); if( ret != 0 ) return( ret ); - buf += output_len; + p += output_len; #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Add more extensions here */ /* Write the length of the list of extensions. */ - extensions_len = buf - extensions_len_ptr - 2; + extensions_len = p - extensions_len_ptr - 2; MBEDTLS_PUT_UINT16_BE( extensions_len, extensions_len_ptr, 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET , extensions_len ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", extensions_len_ptr, extensions_len ); - *olen = buf - start; + *olen = p - buf; return( 0 ); } From 4e388286af740564055f004e99ae133f65b9aece Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Sep 2021 21:28:08 +0800 Subject: [PATCH 1044/1065] fix usage of iteration Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fe2e6f850b..b10e33bfbf 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -132,9 +132,9 @@ static int ssl_tls13_write_client_hello_cipher_suites( unsigned char *end, size_t *olen ) { + unsigned char *p = buf; /* Iteration over the cipher_suites list */ const int *ciphersuite_list; unsigned char *cipher_suites_ptr; /* Start of the cipher_suites list */ - unsigned char *p; /* Iteration over the cipher_suites list */ size_t cipher_suites_len; *olen = 0 ; @@ -150,12 +150,11 @@ static int ssl_tls13_write_client_hello_cipher_suites( ciphersuite_list = ssl->conf->ciphersuite_list; /* Check there is space for the cipher suite list length (2 bytes). */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + p += 2; /* Write cipher_suites */ - cipher_suites_ptr = buf + 2; - p = cipher_suites_ptr; - + cipher_suites_ptr = p; for ( size_t i = 0; ciphersuite_list[i] != 0; i++ ) { int cipher_suite = ciphersuite_list[i]; From fec982eacc184b08d00eaeb118c06918147bcfe7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 7 Sep 2021 17:26:06 +0800 Subject: [PATCH 1045/1065] fix coding style issues Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index b10e33bfbf..41c7a4d144 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -31,7 +31,6 @@ #include #define CLIENT_HELLO_RANDOM_LEN 32 -#define CLIENT_HELLO_LEGACY_VERSION_LEN 2 /* Write extensions */ @@ -132,7 +131,7 @@ static int ssl_tls13_write_client_hello_cipher_suites( unsigned char *end, size_t *olen ) { - unsigned char *p = buf; /* Iteration over the cipher_suites list */ + unsigned char *p = buf; const int *ciphersuite_list; unsigned char *cipher_suites_ptr; /* Start of the cipher_suites list */ size_t cipher_suites_len; @@ -229,9 +228,9 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl, * For TLS 1.3 we use the legacy version number {0x03, 0x03} * instead of the true version number. */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, CLIENT_HELLO_LEGACY_VERSION_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); MBEDTLS_PUT_UINT16_BE( 0x0303, p, 0 ); - p += CLIENT_HELLO_LEGACY_VERSION_LEN; + p += 2; /* Write the random bytes ( random ).*/ MBEDTLS_SSL_CHK_BUF_PTR( p, end, CLIENT_HELLO_RANDOM_LEN ); From ddae0f5642c1a63e3d648f1176e66aa06a854749 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 24 Aug 2021 15:39:44 +0200 Subject: [PATCH 1046/1065] Clarify psa_get_and_lock_transparent_key_slot_with_policy() purpose Clarify the purpose of psa_get_and_lock_transparent_key_slot_with_policy() and define it even when MBEDTLS_PSA_CRYPTO_SE_C is disabled for the purpose of static drivers. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4670a06e2d..d88836b0a0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -944,16 +944,16 @@ error: /** Get a key slot containing a transparent key and lock it. * * A transparent key is a key for which the key material is directly - * available, as opposed to a key in a secure element. + * available, as opposed to a key in a secure element and/or to be used + * by a secure element. * - * This is a temporary function to use instead of - * psa_get_and_lock_key_slot_with_policy() until secure element support is - * fully implemented. + * This is a temporary function that may be used instead of + * psa_get_and_lock_key_slot_with_policy() when there is no opaque key support + * for a cryptographic operation. * * On success, the returned key slot is locked. It is the responsibility of the * caller to unlock the key slot when it does not access it anymore. */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, @@ -965,7 +965,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( if( status != PSA_SUCCESS ) return( status ); - if( psa_key_slot_is_external( *p_slot ) ) + if( psa_key_lifetime_is_external( (*p_slot)->attr.lifetime ) ) { psa_unlock_key_slot( *p_slot ); *p_slot = NULL; @@ -974,11 +974,6 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( return( PSA_SUCCESS ); } -#else /* MBEDTLS_PSA_CRYPTO_SE_C */ -/* With no secure element support, all keys are transparent. */ -#define psa_get_and_lock_transparent_key_slot_with_policy( key, p_slot, usage, alg ) \ - psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg ) -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { From 512ad813182862a9b6e64db2da4cd55b561dc0bd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 24 Aug 2021 15:50:05 +0200 Subject: [PATCH 1047/1065] psa: Fix slot number key attribute Slot number key attribute is specific of dynamically registered drivers and should thus not be computed/ returned in case of keys associated to drivers implementing the new unified driver interface. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d88836b0a0..7a6bb37834 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1201,7 +1201,7 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, MBEDTLS_PSA_KA_MASK_DUAL_USE ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_key_slot_is_external( slot ) ) + if( psa_get_se_driver_entry( slot->attr.lifetime ) != NULL ) psa_set_key_slot_number( attributes, psa_key_slot_get_slot_number( slot ) ); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From 9b8b69c30a8d1d842388f7840e79d770fdf5cac0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 24 Aug 2021 16:00:51 +0200 Subject: [PATCH 1048/1065] psa: Remove buggy report of RSA public exponent for opaque keys The report of RSA public exponent for opaque keys is not supported. Do not attempt to compute the RSA public exponent of an RSA opaque key associated to a driver implementing the new driver interface when MBEDTLS_PSA_CRYPTO_SE_C is disabled. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7a6bb37834..e57184919b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1212,14 +1212,11 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* TODO: reporting the public exponent for opaque keys * is not yet implemented. * https://github.com/ARMmbed/mbed-crypto/issues/216 */ - if( psa_key_slot_is_external( slot ) ) - break; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + if( ! psa_key_lifetime_is_external( slot->attr.lifetime ) ) { mbedtls_rsa_context *rsa = NULL; From 3b097eb68f41e6b037dcd12981348d246be2c8d7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 24 Aug 2021 18:05:41 +0200 Subject: [PATCH 1049/1065] psa: Remove psa_key_slot_is_external() Remove psa_key_slot_is_external() that is not used anymore. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e57184919b..e962e29cb4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -322,13 +322,6 @@ psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) -static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) -{ - return( psa_key_lifetime_is_external( slot->attr.lifetime ) ); -} -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - /* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the * current test driver in key_management.c is using this function * when accelerators are used for ECC key pair and public key. From d8a83dc17235b13a3ed1bd7db8afde1d3111fc73 Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 14 Jun 2021 10:04:16 +0530 Subject: [PATCH 1050/1065] Sizing of key buffer for opaque keys Create a new sizing function for determining the size required for key storage based on the input key data. This is required for key imports where the key length might need to be derived from the data. Signed-off-by: Archana --- library/psa_crypto.c | 30 ++++++++++++----- library/psa_crypto_driver_wrappers.c | 49 +++++++++++++++++++++++++--- library/psa_crypto_driver_wrappers.h | 6 ++++ 3 files changed, 73 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e962e29cb4..d70dccbf7d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1891,6 +1891,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; size_t bits; + size_t storage_size = data_length; *key = MBEDTLS_SVC_KEY_ID_INIT; @@ -1906,12 +1907,18 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, goto exit; /* In the case of a transparent key or an opaque key stored in local - * storage (thus not in the case of generating a key in a secure element - * or cryptoprocessor with storage), we have to allocate a buffer to - * hold the generated key material. */ + * storage, we have to allocate a buffer to hold the generated key + * material. */ if( slot->key.data == NULL ) { - status = psa_allocate_buffer_to_slot( slot, data_length ); + if( psa_key_lifetime_is_external( attributes->core.lifetime ) ) + { + status = psa_driver_wrapper_get_key_buffer_size_from_key_data( attributes, data, + data_length , &storage_size ); + if( status != PSA_SUCCESS ) + goto exit; + } + status = psa_allocate_buffer_to_slot( slot, storage_size ); if( status != PSA_SUCCESS ) goto exit; } @@ -4142,6 +4149,7 @@ static psa_status_t psa_generate_derived_key_internal( { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); + size_t storage_size = bytes; psa_status_t status; if( ! key_type_is_raw_bytes( slot->attr.type ) ) @@ -4160,15 +4168,21 @@ static psa_status_t psa_generate_derived_key_internal( psa_des_set_key_parity( data, bytes ); #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ - status = psa_allocate_buffer_to_slot( slot, bytes ); - if( status != PSA_SUCCESS ) - goto exit; - slot->attr.bits = (psa_key_bits_t) bits; psa_key_attributes_t attributes = { .core = slot->attr }; + if( psa_key_lifetime_is_external( attributes.core.lifetime ) ) + { + status = psa_driver_wrapper_get_key_buffer_size( &attributes, &storage_size ); + if( status != PSA_SUCCESS ) + goto exit; + } + status = psa_allocate_buffer_to_slot( slot, storage_size ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_driver_wrapper_import_key( &attributes, data, bytes, slot->key.data, diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 38d0e300e2..2974d6f93d 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -380,8 +380,49 @@ psa_status_t psa_driver_wrapper_verify_hash( } } +/** calculate the key buffer size required to store the key material of a key + * associated with an opaque driver from input key data. + * + * + * \param[in] attributes The key attributes + * \param[in] data The input key data. + * \param[in] data_length The input data length. + * \param[out] key_buffer_size Minimum buffer size to contain the key material. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_NOT_SUPPORTED + */ +psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *key_buffer_size ) +{ + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + psa_key_type_t key_type = attributes->core.type; + + *key_buffer_size = 0; + switch( location ) + { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + *key_buffer_size = mbedtls_test_opaque_size_function( key_type, + PSA_BYTES_TO_BITS( data_length ) ); + return( ( *key_buffer_size != 0 ) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ + + default: + (void)key_type; + (void)data; + (void)data_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + /** Get the key buffer size required to store the key material of a key - * associated with an opaque driver without storage. + * associated with an opaque driver. * * \param[in] attributes The key attributes. * \param[out] key_buffer_size Minimum buffer size to contain the key material @@ -389,11 +430,11 @@ psa_status_t psa_driver_wrapper_verify_hash( * \retval #PSA_SUCCESS * The minimum size for a buffer to contain the key material has been * returned successfully. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size in bits of the key is not valid. * \retval #PSA_ERROR_NOT_SUPPORTED * The type and/or the size in bits of the key or the combination of * the two is not supported. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is declared with a lifetime not known to us. */ psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, @@ -426,7 +467,7 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( default: (void)key_type; (void)key_bits; - return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_ERROR_INVALID_ARGUMENT ); } } diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 38a6ee82a7..99455a8a6c 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -85,6 +85,12 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, size_t *key_buffer_size ); +psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *key_buffer_size ); + psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); From 4d7ae1d8cfb1046f681d51eb9dd3c5ae05c3274f Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 7 Jul 2021 02:50:22 +0530 Subject: [PATCH 1051/1065] Add test driver support for opaque key import -Add test driver support to import/export while wrapping keys meant to be stored in the PSA core as opaque( emulating an SE without storage ). -Export validate_unstructured_key_bit_size as psa_validate_unstructured_key_bit_size, thereby changing its scope. -Improve the import/export test cases in test_suite_psa_crypto to also cover opaque keys, thereby avoiding duplication. Signed-off-by: Archana --- library/psa_crypto.c | 23 +- library/psa_crypto_core.h | 19 + library/psa_crypto_driver_wrappers.c | 16 +- library/psa_crypto_ecp.c | 4 +- library/psa_crypto_ecp.h | 4 +- library/psa_crypto_rsa.c | 4 +- library/psa_crypto_rsa.h | 4 +- tests/include/test/drivers/key_management.h | 24 ++ tests/include/test/drivers/size.h | 33 -- tests/include/test/drivers/test_driver.h | 1 - .../src/drivers/test_driver_key_management.c | 350 +++++++++++++++--- tests/src/drivers/test_driver_size.c | 97 ----- tests/suites/test_suite_psa_crypto.data | 316 +++++++++++++--- tests/suites/test_suite_psa_crypto.function | 35 +- 14 files changed, 650 insertions(+), 280 deletions(-) delete mode 100644 tests/include/test/drivers/size.h delete mode 100644 tests/src/drivers/test_driver_size.c diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d70dccbf7d..cea165cbbc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -430,8 +430,8 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ -static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, - size_t bits ) +psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type, + size_t bits ) { /* Check that the bit size is acceptable for the key type */ switch( type ) @@ -560,14 +560,14 @@ psa_status_t psa_import_key_into_slot( /* Ensure that the bytes-to-bits conversion hasn't overflown. */ if( data_length > SIZE_MAX / 8 ) - return( PSA_ERROR_NOT_SUPPORTED ); + return( status ); /* Enforce a size limit, and in particular ensure that the bit * size fits in its representation type. */ if( ( *bits ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + return( status ); - status = validate_unstructured_key_bit_size( type, *bits ); + status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1907,8 +1907,9 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, goto exit; /* In the case of a transparent key or an opaque key stored in local - * storage, we have to allocate a buffer to hold the generated key - * material. */ + * storage( thus not in the case of the old-style secure element interface + * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the + * imported key material. */ if( slot->key.data == NULL ) { if( psa_key_lifetime_is_external( attributes->core.lifetime ) ) @@ -5061,7 +5062,7 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation( if( key_type_is_raw_bytes( type ) ) { - status = validate_unstructured_key_bit_size( type, bits ); + status = psa_validate_unstructured_key_bit_size( type, bits ); if( status != PSA_SUCCESS ) return( status ); } @@ -5171,9 +5172,9 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, goto exit; /* In the case of a transparent key or an opaque key stored in local - * storage (thus not in the case of generating a key in a secure element - * or cryptoprocessor with storage), we have to allocate a buffer to - * hold the generated key material. */ + * storage( thus not in the case of the old-style secure element interface + * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the + * imported key material. */ if( slot->key.data == NULL ) { if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 91757b5fdb..4a3fa5079b 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -528,4 +528,23 @@ psa_status_t psa_verify_hash_builtin( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); +/** + * \brief Validate the key bit size for unstructured keys. + * + * \note Check that the bit size is acceptable for a given key type for + * unstructured keys. + * + * \param[in] type The key type + * \param[in] bits The number of bits of the key + * + * \retval #PSA_SUCCESS + * The key type and size are valid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size in bits of the key is not valid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The type and/or the size in bits of the key or the combination of + * the two is not supported. + */ +psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type, + size_t bits ); #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 2974d6f93d..e145dd4d62 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -459,7 +459,7 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( return( PSA_SUCCESS ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); + *key_buffer_size = mbedtls_test_opaque_size_function( key_type, key_bits ); return( ( *key_buffer_size != 0 ) ? PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -607,10 +607,18 @@ psa_status_t psa_driver_wrapper_import_key( data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits ) ); - + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: - /* Importing a key with external storage in not yet supported. - * Return in error indicating that the lifetime is not valid. */ (void)status; return( PSA_ERROR_INVALID_ARGUMENT ); } diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3ce232c6b2..144ba1c1b3 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -572,7 +572,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( +psa_status_t mbedtls_test_driver_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -583,7 +583,7 @@ psa_status_t mbedtls_transparent_test_driver_ecp_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( +psa_status_t mbedtls_test_driver_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index 0c2b92895f..dc9e887eff 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -224,13 +224,13 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( #if defined(PSA_CRYPTO_DRIVER_TEST) -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( +psa_status_t mbedtls_test_driver_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( +psa_status_t mbedtls_test_driver_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index d85b86c45d..2c357c91ce 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -611,7 +611,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( +psa_status_t mbedtls_test_driver_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -622,7 +622,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( +psa_status_t mbedtls_test_driver_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index 41a90f78ec..55406843d3 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -218,13 +218,13 @@ psa_status_t mbedtls_psa_rsa_verify_hash( #if defined(PSA_CRYPTO_DRIVER_TEST) -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( +psa_status_t mbedtls_test_driver_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( +psa_status_t mbedtls_test_driver_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 16e1f755ca..3cde1aaff9 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -49,6 +49,21 @@ static inline mbedtls_test_driver_key_management_hooks_t return( v ); } +/* + * In order to convert the plain text keys to Opaque, the size of the key is + * padded up by PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE in addition to xor mangling + * the key. The pad prefix needs to be accounted for while sizing for the key. + */ +#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX 0xBEEFED00U +#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE sizeof( PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX ) + +size_t mbedtls_test_opaque_get_base_size(); + +size_t mbedtls_test_opaque_size_function( + const psa_key_type_t key_type, + const size_t key_bits ); + + extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; @@ -84,6 +99,15 @@ psa_status_t mbedtls_test_transparent_import_key( size_t *key_buffer_length, size_t *bits); +psa_status_t mbedtls_test_opaque_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits); + psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h deleted file mode 100644 index 4e3301c4ae..0000000000 --- a/tests/include/test/drivers/size.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Test driver for context size functions - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_TEST_DRIVERS_SIZE_H -#define PSA_CRYPTO_TEST_DRIVERS_SIZE_H - -#include "mbedtls/build_info.h" - -#if defined(PSA_CRYPTO_DRIVER_TEST) -#include - -size_t mbedtls_test_size_function( - const psa_key_type_t key_type, - const size_t key_bits ); - -#endif /* PSA_CRYPTO_DRIVER_TEST */ -#endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 5b60932d3a..47e92b7071 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -28,6 +28,5 @@ #include "test/drivers/mac.h" #include "test/drivers/key_management.h" #include "test/drivers/signature.h" -#include "test/drivers/size.h" #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index afa1fc261e..7ad7f73bdb 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -56,6 +56,88 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +/* + * This macro returns the base size for the key context when SE does not support storage. + * It is the size of the metadata that gets added to the wrapped key. + * In its test functionality the metadata is just some padded prefixing to the key. + */ +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE + + +size_t mbedtls_test_opaque_size_function( + const psa_key_type_t key_type, + const size_t key_bits ) +{ + size_t key_buffer_size = 0; + + key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ); + if( key_buffer_size == 0 ) + return( key_buffer_size ); + /* Include spacing for base size overhead over the key size + * */ + key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; + return( key_buffer_size ); +} + +size_t mbedtls_test_opaque_get_base_size() +{ + return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; +} + +/* + * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the clear key. + * It expects the clear and wrap buffers to be passed in. + * key_buffer_size is the size of the clear key to be wrapped. + * wrap_buffer_size is the size of the output buffer wrap_key. + * The argument key_buffer_length is filled with the wrapped key_size on success. + * */ +static psa_status_t mbedtls_test_opaque_wrap_key( + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *wrap_key, + size_t wrap_buffer_size, + size_t *key_buffer_length ) +{ + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX; + if( key_buffer_size + opaque_key_base_size > wrap_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + /* Write in the opaque pad prefix */ + memcpy( wrap_key, &prefix, opaque_key_base_size); + wrap_key += opaque_key_base_size; + *key_buffer_length = key_buffer_size + opaque_key_base_size; + while( key_buffer_size-- ) + wrap_key[key_buffer_size] = key_buffer[key_buffer_size] ^ 0xFF; + return( PSA_SUCCESS ); +} + +/* + * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix and unwraps + * the wrapped key. It expects the clear and wrap buffers to be passed in. + * wrapped_key_buffer_size is the size of the wrapped key, + * key_buffer_size is the size of the output buffer clear_key. + * The argument key_buffer_length is filled with the unwrapped(clear) key_size on success. + * */ +static psa_status_t mbedtls_test_opaque_unwrap_key( + const uint8_t *wrapped_key, + size_t wrapped_key_buffer_size, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length) +{ + /* Remove the pad prefis from the wrapped key */ + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + size_t clear_key_size = wrapped_key_buffer_size - opaque_key_base_size; + wrapped_key += opaque_key_base_size; + if( clear_key_size > key_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *key_buffer_length = clear_key_size; + while( clear_key_size-- ) + key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF; + return( PSA_SUCCESS ); +} + psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) @@ -131,7 +213,7 @@ psa_status_t mbedtls_test_transparent_import_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( type ) ) { - status = mbedtls_transparent_test_driver_ecp_import_key( + status = mbedtls_test_driver_ecp_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -143,7 +225,7 @@ psa_status_t mbedtls_test_transparent_import_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_RSA( type ) ) { - status = mbedtls_transparent_test_driver_rsa_import_key( + status = mbedtls_test_driver_rsa_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -165,69 +247,178 @@ psa_status_t mbedtls_test_transparent_import_key( return( status ); } + +psa_status_t mbedtls_test_opaque_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits) +{ + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type = psa_get_key_type( attributes ); + /* This buffer will be used as an intermediate placeholder for the clear + * key till we wrap it */ + uint8_t *key_buffer_temp; + key_buffer_temp = mbedtls_calloc( 1, key_buffer_size ); + + if( !key_buffer_temp ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) + { + *bits = PSA_BYTES_TO_BITS( data_length ); + + /* Ensure that the bytes-to-bits conversion hasn't overflown. */ + if( data_length > SIZE_MAX / 8 ) + goto exit; + + /* Enforce a size limit, and in particular ensure that the bit + * size fits in its representation type. */ + if( ( *bits ) > PSA_MAX_KEY_BITS ) + goto exit; + + status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Copy the key material accounting for opaque key padding. */ + memcpy( key_buffer_temp, data, data_length ); + *key_buffer_length = data_length; + } +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + else if( PSA_KEY_TYPE_IS_ECC( type ) ) + { + status = mbedtls_test_driver_ecp_import_key( + attributes, + data, data_length, + key_buffer_temp, + key_buffer_size, + key_buffer_length, bits ); + if( status != PSA_SUCCESS ) + goto exit; + } + else +#endif +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_RSA( type ) ) + { + status = mbedtls_test_driver_rsa_import_key( + attributes, + data, data_length, + key_buffer_temp, + key_buffer_size, + key_buffer_length, bits ); + if( status != PSA_SUCCESS ) + goto exit; + } + else +#endif + { + status = PSA_ERROR_INVALID_ARGUMENT; + (void)data; + (void)data_length; + (void)key_buffer; + (void)key_buffer_size; + (void)key_buffer_length; + (void)bits; + (void)type; + goto exit; + } + status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length, + key_buffer, key_buffer_size, key_buffer_length ); +exit: + free( key_buffer_temp ); + return( status ); +} + psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) + if( key_length == sizeof( psa_drv_slot_number_t ) ) { - /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the private key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, mbedtls_test_driver_ecdsa_key, + sizeof( mbedtls_test_driver_ecdsa_key ) ); + *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); + return( PSA_SUCCESS ); + + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + /* This is the AES slot. Verify the key's attributes before + * returning the key. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 128 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, mbedtls_test_driver_aes_key, + sizeof( mbedtls_test_driver_aes_key ) ); + *data_length = sizeof( mbedtls_test_driver_aes_key ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } } - - /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - - switch( slot_number ) + else { - case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: - /* This is the ECDSA slot. Verify the key's attributes before - * returning the private key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + /* This buffer will be used as an intermediate placeholder for the opaque key + * till we unwrap the key into key_buffer */ + uint8_t *key_buffer_temp; + size_t status = PSA_ERROR_BUFFER_TOO_SMALL; + psa_key_type_t type = psa_get_key_type( attributes ); - if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_ecdsa_key, - sizeof( mbedtls_test_driver_ecdsa_key ) ); - *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); - return( PSA_SUCCESS ); - - case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: - /* This is the AES slot. Verify the key's attributes before - * returning the key. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 128 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_aes_key, - sizeof( mbedtls_test_driver_aes_key ) ); - *data_length = sizeof( mbedtls_test_driver_aes_key ); - return( PSA_SUCCESS ); - - default: - return( PSA_ERROR_DOES_NOT_EXIST ); + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) || + PSA_KEY_TYPE_IS_RSA( type ) || + PSA_KEY_TYPE_IS_ECC( type ) ) + { + key_buffer_temp = mbedtls_calloc( 1, key_length ); + if( !key_buffer_temp ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( key_buffer_temp, key, key_length ); + status = mbedtls_test_opaque_unwrap_key( key_buffer_temp, key_length, + data, data_size, data_length ); + mbedtls_free( key_buffer_temp ); + return( status ); + } } + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_export_public_key( @@ -258,7 +449,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { - status = mbedtls_transparent_test_driver_ecp_export_public_key( + status = mbedtls_test_driver_ecp_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ); @@ -269,7 +460,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { - status = mbedtls_transparent_test_driver_rsa_export_public_key( + status = mbedtls_test_driver_rsa_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ); @@ -293,8 +484,48 @@ psa_status_t mbedtls_test_opaque_export_public_key( { if( key_length != sizeof( psa_drv_slot_number_t ) ) { - /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + psa_key_type_t key_type = psa_get_key_type( attributes ); + uint8_t *key_buffer_temp; + key_buffer_temp = mbedtls_calloc( 1, key_length ); + if( !key_buffer_temp ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_ECC( key_type ) ) + { + status = mbedtls_test_opaque_unwrap_key( key, key_length, + key_buffer_temp, key_length, data_length ); + if( status == PSA_SUCCESS ) + status = mbedtls_test_driver_ecp_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); + } + else + #endif + #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) + if( PSA_KEY_TYPE_IS_RSA( key_type ) ) + { + status = mbedtls_test_opaque_unwrap_key( key, key_length, + key_buffer_temp, key_length, data_length ); + if( status == PSA_SUCCESS ) + status = mbedtls_test_driver_rsa_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); + } + else + #endif + { + status = PSA_ERROR_NOT_SUPPORTED; + (void)key; + (void)key_length; + (void)key_type; + } + mbedtls_free( key_buffer_temp ); + return( status ); } /* Assume this is a builtin key based on the key material length. */ @@ -384,5 +615,4 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( return( PSA_ERROR_DOES_NOT_EXIST ); } } - #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c deleted file mode 100644 index 033cf32de0..0000000000 --- a/tests/src/drivers/test_driver_size.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Test driver for retrieving key context size. - * Only used by opaque drivers. - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) - -#include "test/drivers/size.h" -#include "psa/crypto.h" - -typedef struct { - unsigned int context; -} test_driver_key_context_t; - -/* - * This macro returns the base size for the key context. It is the size of the - * driver specific information stored in each key context. - */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) - -/* - * Number of bytes included in every key context for a key pair. - * - * This pair size is for an ECC 256-bit private/public key pair. - * Based on this value, the size of the private key can be derived by - * subtracting the public key size below from this one. - */ -#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 - -/* - * Number of bytes included in every key context for a public key. - * - * For ECC public keys, it needs 257 bits so 33 bytes. - */ -#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 - -/* - * Every key context for a symmetric key includes this many times the key size. - */ -#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 - -/* - * If this is true for a key pair, the key context includes space for the public key. - * If this is false, no additional space is added for the public key. - * - * For this instance, store the public key with the private one. - */ -#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 - -size_t mbedtls_test_size_function( - const psa_key_type_t key_type, - const size_t key_bits ) -{ - size_t key_buffer_size = 0; - - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) - { - int public_key_overhead = - ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) - ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); - key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + - public_key_overhead; - } - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { - key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; - } - else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && - !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) - { - key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * - ( ( key_bits + 7 ) / 8 ) ); - } - - return( key_buffer_size ); -} -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bc4edb2b7b..89254cd374 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2,25 +2,49 @@ PSA compile-time sanity checks static_checks: PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128 depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:128:0:PSA_SUCCESS:1 PSA import/export AES-192 depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:192:0:PSA_SUCCESS:1 PSA import/export AES-256 depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:256:0:PSA_SUCCESS:1 + +PSA import/export raw: 1 bytes, opaque +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):8:0:PSA_SUCCESS:1 + +PSA import/export raw: 1 bytes, larger buffer, opaque +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):8:1:PSA_SUCCESS:1 + +PSA import/export raw: 2 bytes, buffer too small, opaque +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export AES-128, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):128:0:PSA_SUCCESS:1 + +PSA import/export AES-192, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):192:0:PSA_SUCCESS:1 + +PSA import/export AES-256, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import: bad usage flag import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT @@ -31,55 +55,107 @@ import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMEN PSA import/export RSA public key: good, 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_SUCCESS:0 + +PSA import/export RSA public key: good, 1024-bit, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (+1 byte), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (*2-1), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:161:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (*2), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:162:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (*2+1), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:163:PSA_SUCCESS:1 + +PSA import/export RSA public key: export buffer too small, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export RSA keypair: good, 1024-bit, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (+1 byte), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (*2-1), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:609:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (*2), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:610:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (*2+1), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:611:PSA_SUCCESS:1 + +PSA import/export RSA keypair: export buffer too small, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export RSA keypair: trailing garbage ignored, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C @@ -99,27 +175,51 @@ import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43 PSA import/export-public RSA public key: good, 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export-public RSA public key: good, 1024-bit, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export-public RSA keypair: good, 1024-bit, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export-public RSA public key: buffer too small, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export-public RSA keypair: buffer too small, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1016:0:PSA_SUCCESS:1 + +PSA import/export RSA public key: 1016-bit (good), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 + +PSA import/export RSA keypair: 1016-bit (good), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -139,75 +239,75 @@ import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d0952 PSA import/export EC secp224r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224 -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224 -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384 -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384 -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export EC curve25519 key pair: good (already properly masked) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 -import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1 +import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:1 PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 -import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:0 +import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:0 PSA import/export-public EC curve25519: accept unmasked input depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 -import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public EC curve25519: accept masked input depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 -import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 @@ -227,23 +327,23 @@ import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c2 PSA import/export-public: cannot export-public a symmetric key depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" PSA import/export EC secp256r1 public key: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 -import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 +import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export curve25519 public key: good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 -import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1 +import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:1 PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 @@ -251,29 +351,137 @@ import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc PSA import/export AES key: policy forbids export depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:0:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export EC secp224r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):224:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp224r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" + +PSA import/export EC secp256r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp256r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +PSA import/export EC secp384r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp384r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +PSA import/export EC secp521r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp521r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +PSA import/export EC brainpool256r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY::PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool256r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +PSA import/export EC brainpool384r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool384r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +PSA import/export EC brainpool512r1 key pair: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):512:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool512r1: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +PSA import/export EC curve25519 key pair: good (already properly masked), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 + +PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:0 + +PSA import/export-public EC curve25519: accept unmasked input, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +PSA import/export-public EC curve25519: accept masked input, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +PSA import/export-public: cannot export-public a symmetric key, opaque +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" + +PSA import/export EC secp256r1 public key: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 + +PSA import/export EC secp521r1 public key: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 + +PSA import/export EC brainpoolP256r1 public key: good, opaque +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 + +PSA import/export curve25519 public key: good, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 + +PSA import/export AES key: policy forbids export, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):128:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export HMAC key: policy forbids export, opaque +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export RSA keypair: policy forbids export (crypt), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export RSA keypair: policy forbids export (sign), opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. PSA import/export RSA public key: import PEM depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 +import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 PSA import/export RSA keypair: import PEM depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 PSA import: reject raw data key of length 0 # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8df2ceafef..7e9a743e7e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -15,6 +15,9 @@ #include "test/asn1_helpers.h" #include "test/psa_crypto_helpers.h" #include "test/psa_exercise_key.h" +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "test/drivers/test_driver.h" +#endif /* If this comes up, it's a bug in the test code or in the test data. */ #define UNUSED 0xdeadbeef @@ -484,6 +487,7 @@ exit: void import_export( data_t *data, int type_arg, int usage_arg, int alg_arg, + int lifetime_arg, int expected_bits, int export_size_delta, int expected_export_status_arg, @@ -494,6 +498,7 @@ void import_export( data_t *data, psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; psa_status_t status; + psa_key_lifetime_t lifetime = lifetime_arg; unsigned char *exported = NULL; unsigned char *reexported = NULL; size_t export_size; @@ -508,6 +513,7 @@ void import_export( data_t *data, ASSERT_ALLOC( reexported, export_size ); PSA_ASSERT( psa_crypto_init( ) ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, usage_arg ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); @@ -543,8 +549,11 @@ void import_export( data_t *data, * this validates the canonical representations. For canonical inputs, * this doesn't directly validate the implementation, but it still helps * by cross-validating the test data with the sanity check code. */ - if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) ) - goto exit; + if( !psa_key_lifetime_is_external( lifetime ) ) + { + if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) ) + goto exit; + } if( canonical_input ) ASSERT_COMPARE( data->x, data->len, exported, exported_length ); @@ -552,17 +561,17 @@ void import_export( data_t *data, { mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, - &key2 ) ); + &key2 ) ); PSA_ASSERT( psa_export_key( key2, - reexported, - export_size, - &reexported_length ) ); + reexported, + export_size, + &reexported_length ) ); ASSERT_COMPARE( exported, exported_length, - reexported, reexported_length ); + reexported, reexported_length ); PSA_ASSERT( psa_destroy_key( key2 ) ); } TEST_ASSERT( exported_length <= - PSA_EXPORT_KEY_OUTPUT_SIZE( type, + PSA_EXPORT_KEY_OUTPUT_SIZE( type, psa_get_key_bits( &got_attributes ) ) ); TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); @@ -577,7 +586,7 @@ exit: * thus reset them as required. */ psa_reset_key_attributes( &got_attributes ); - + psa_destroy_key( key ) ; mbedtls_free( exported ); mbedtls_free( reexported ); PSA_DONE( ); @@ -588,6 +597,7 @@ exit: void import_export_public_key( data_t *data, int type_arg, int alg_arg, + int lifetime_arg, int export_size_delta, int expected_export_status_arg, data_t *expected_public_key ) @@ -597,6 +607,7 @@ void import_export_public_key( data_t *data, psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; psa_status_t status; + psa_key_lifetime_t lifetime = lifetime_arg; unsigned char *exported = NULL; size_t export_size = expected_public_key->len + export_size_delta; size_t exported_length = INVALID_EXPORT_LENGTH; @@ -604,6 +615,7 @@ void import_export_public_key( data_t *data, PSA_ASSERT( psa_crypto_init( ) ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); @@ -614,8 +626,8 @@ void import_export_public_key( data_t *data, /* Export the public key */ ASSERT_ALLOC( exported, export_size ); status = psa_export_public_key( key, - exported, export_size, - &exported_length ); + exported, export_size, + &exported_length ); TEST_EQUAL( status, expected_export_status ); if( status == PSA_SUCCESS ) { @@ -632,7 +644,6 @@ void import_export_public_key( data_t *data, ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, exported, exported_length ); } - exit: /* * Key attributes may have been returned by psa_get_key_attributes() From 6ed4bda2c69cc81cec1a92364a8c116718dc05e7 Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 4 Aug 2021 10:47:15 +0530 Subject: [PATCH 1052/1065] pre-existing validation extended The validation against key width and max key bits is extended to all key types from the existing validation for only symmetric keys. Signed-off-by: Archana --- library/psa_crypto.c | 20 ++++++++++--------- .../src/drivers/test_driver_key_management.c | 9 --------- 2 files changed, 11 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cea165cbbc..aea9f9c72b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -558,15 +558,6 @@ psa_status_t psa_import_key_into_slot( { *bits = PSA_BYTES_TO_BITS( data_length ); - /* Ensure that the bytes-to-bits conversion hasn't overflown. */ - if( data_length > SIZE_MAX / 8 ) - return( status ); - - /* Enforce a size limit, and in particular ensure that the bit - * size fits in its representation type. */ - if( ( *bits ) > PSA_MAX_KEY_BITS ) - return( status ); - status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1901,6 +1892,10 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( data_length == 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + /* Ensure that the bytes-to-bits conversion hasn't overflown. */ + if( data_length > SIZE_MAX / 8 ) + return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, &slot, &driver ); if( status != PSA_SUCCESS ) @@ -1941,6 +1936,13 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, goto exit; } + /* Enforce a size limit, and in particular ensure that the bit + * size fits in its representation type.*/ + if( bits > PSA_MAX_KEY_BITS ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } status = psa_validate_optional_attributes( slot, attributes ); if( status != PSA_SUCCESS ) goto exit; diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 7ad7f73bdb..0f6a2bd583 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -271,15 +271,6 @@ psa_status_t mbedtls_test_opaque_import_key( { *bits = PSA_BYTES_TO_BITS( data_length ); - /* Ensure that the bytes-to-bits conversion hasn't overflown. */ - if( data_length > SIZE_MAX / 8 ) - goto exit; - - /* Enforce a size limit, and in particular ensure that the bit - * size fits in its representation type. */ - if( ( *bits ) > PSA_MAX_KEY_BITS ) - goto exit; - status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); if( status != PSA_SUCCESS ) goto exit; From 8a180368fb16b922b9508ed52951c65a58cb6640 Mon Sep 17 00:00:00 2001 From: Archana Date: Mon, 5 Jul 2021 02:18:48 +0530 Subject: [PATCH 1053/1065] Add opaque test driver support for copy key A minimal test driver extension is added to support copy of opaque keys within the same location. Test vector support is extended to cover opaque keys. Signed-off-by: Archana --- library/psa_crypto.c | 57 ++- library/psa_crypto_driver_wrappers.c | 41 ++ library/psa_crypto_driver_wrappers.h | 4 + tests/include/test/drivers/key_management.h | 9 + .../src/drivers/test_driver_key_management.c | 20 + tests/suites/test_suite_psa_crypto.data | 358 ++++++++++++------ tests/suites/test_suite_psa_crypto.function | 25 +- 7 files changed, 378 insertions(+), 136 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index aea9f9c72b..ee16983416 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2015,10 +2015,11 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; psa_se_drv_table_entry_t *driver = NULL; + size_t storage_size = 0; *target_key = MBEDTLS_SVC_KEY_ID_INIT; - status = psa_get_and_lock_transparent_key_slot_with_policy( + status = psa_get_and_lock_key_slot_with_policy( source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; @@ -2038,31 +2039,49 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, &target_slot, &driver ); if( status != PSA_SUCCESS ) goto exit; - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) + if( PSA_KEY_LIFETIME_GET_LOCATION( target_slot->attr.lifetime ) != + PSA_KEY_LIFETIME_GET_LOCATION( source_slot->attr.lifetime ) ) { - /* Copying to a secure element is not implemented yet. */ + /* + * If the source and target keys are stored across different locations, + * the source key would need to be exported as plaintext and re-imported + * in the other location. This has security implications which have not + * been fully mapped.For now, this can be acheived through + * appropriate API invocations from the application, if needed. + * */ status = PSA_ERROR_NOT_SUPPORTED; goto exit; } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - + /* + * When the source and target keys are within the same location, + * - For transparent keys it is a blind copy sans any driver invocation, + * - For opaque keys this translates to an invocation of the drivers' + * copy_key entry point through the dispatch layer. + * */ if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) ) { - /* - * Copying through an opaque driver is not implemented yet, consider - * a lifetime with an external location as an invalid parameter for - * now. - */ - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; + status = psa_driver_wrapper_get_key_buffer_size( &actual_attributes, + &storage_size ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_allocate_buffer_to_slot( target_slot, storage_size ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_driver_wrapper_copy_key( &actual_attributes, + source_slot->key.data, + source_slot->key.bytes, + target_slot->key.data, + target_slot->key.bytes, + &target_slot->key.bytes ); + if( status != PSA_SUCCESS ) + goto exit; + } + else + { + status = psa_copy_key_material( source_slot, target_slot ); + if( status != PSA_SUCCESS ) + goto exit; } - - status = psa_copy_key_material( source_slot, target_slot ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_finish_key_creation( target_slot, driver, target_key ); exit: if( status != PSA_SUCCESS ) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index e145dd4d62..1597b00d0f 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -782,6 +782,47 @@ psa_status_t psa_driver_wrapper_get_builtin_key( } } +psa_status_t psa_driver_wrapper_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key, size_t source_key_size, + uint8_t *target_key_buffer, size_t target_buffer_size, size_t *key_length ) +{ + psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + /* Copying to a secure element is not implemented yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + + switch( location ) + { +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_copy_key( attributes, source_key, + source_key_size, + target_key_buffer, + target_buffer_size, + key_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + (void)source_key; + (void)source_key_size; + (void)target_key_buffer; + (void)target_buffer_size; + (void)key_length; + status = PSA_ERROR_INVALID_ARGUMENT; + } + return( status ); +} + /* * Cipher functions */ diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 99455a8a6c..7c45fbfce2 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -100,6 +100,10 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +psa_status_t psa_driver_wrapper_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key, size_t source_key_size, + uint8_t *target_key_buffer, size_t target_buffer_size, size_t *key_length ); /* * Cipher functions */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 3cde1aaff9..ed0b5ebbca 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -113,5 +113,14 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +psa_status_t mbedtls_test_opaque_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key, + size_t source_key_size, + uint8_t *target_key_buffer, + size_t target_buffer_size, + size_t *key_length ); + + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 0f6a2bd583..fec0a3e484 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -606,4 +606,24 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( return( PSA_ERROR_DOES_NOT_EXIST ); } } + +psa_status_t mbedtls_test_opaque_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key_buffer, size_t source_key_buffer_size, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) +{ + /* This is a case where the opaque test driver emulates an SE without storage. + * With that all key context is stored in the wrapped buffer. + * So no additional house keeping is necessary to reference count the + * copied keys. This could change when the opaque test driver is extended + * to support SE with storage, or to emulate an SE without storage but + * still holding some slot references */ + if( source_key_buffer_size > key_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + memcpy( key_buffer, source_key_buffer, source_key_buffer_size ); + *key_buffer_length = source_key_buffer_size; + (void)attributes; + return( PSA_SUCCESS ); +} + #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 89254cd374..94a4c71f56 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -23,28 +23,28 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:256:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):8:0:PSA_SUCCESS:1 +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):8:1:PSA_SUCCESS:1 +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small, opaque depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128, opaque depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):128:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_SUCCESS:1 PSA import/export AES-192, opaque depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):192:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):192:0:PSA_SUCCESS:1 PSA import/export AES-256, opaque depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import: bad usage flag import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT @@ -107,55 +107,55 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import/export RSA public key: good, 1024-bit, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:162:PSA_SUCCESS:1 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:609:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:610:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:611:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C @@ -191,19 +191,19 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export-public RSA public key: good, 1024-bit, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small, opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C @@ -215,11 +215,11 @@ import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5f PSA import/export RSA public key: 1016-bit (good), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -367,55 +367,55 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import/export EC secp224r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY::PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY::PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS @@ -423,55 +423,55 @@ import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51 PSA import/export EC curve25519 key pair: good (already properly masked), opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 +import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output), opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:0 +import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:0 PSA import/export-public EC curve25519: accept unmasked input, opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public EC curve25519: accept masked input, opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public: cannot export-public a symmetric key, opaque depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" PSA import/export EC secp256r1 public key: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 +import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good, opaque depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 +import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export curve25519 public key: good, opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 +import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export, opaque depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):128:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export, opaque depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):256:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, PSA_CRYPTO_TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. @@ -1049,225 +1049,361 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KE key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy key: raw, 1 byte -copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 +copy_success:PSA_KEY_USAGE_COPY:0:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:0:PSA_KEY_USAGE_COPY:0:0 Copy key: AES, copy attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, same usage flags depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-EXPORT) depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-COPY) depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, 1 more usage flag depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, 2 more usage flags depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #1 depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #2 depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, extended usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0 depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + +Copy key: raw, 1 byte, opaque +depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY:0:0 + +Copy key: AES, copy attributes, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 + +Copy key: AES, same usage flags, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 + +Copy key: AES, fewer usage flags (-EXPORT), opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 + +Copy key: AES, fewer usage flags (-COPY), opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 + +Copy key: AES, 1 more usage flag, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 + +Copy key: AES, 2 more usage flags, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 + +Copy key: AES, intersect usage flags #1, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 + +Copy key: AES, intersect usage flags #2, opaque +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 + +Copy key: RSA key pair, same usage flags, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, extended usage flags, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, fewer usage flags, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, more usage flags, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, intersect usage flags #0, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, intersect usage flags #1, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, wildcard algorithm in source, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, wildcard algorithm in target, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +Copy key: RSA key pair, wildcard algorithm in source and target, opaque +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 + +Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + +Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + +Copy key: source=ECDSA+ECDH, target=ECDSA+0, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 + +Copy key: source=ECDSA+ECDH, target=0+ECDH, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH + +Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH, opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + +Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag -copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED +copy_fail:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED Copy key: AES, no COPY flag depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED +copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED Copy fail: AES, incompatible target policy depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=MAC, target=MAC extended usage flags depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0 Copy key: source=MAC min-length, target=MAC length > min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy key: source=MAC min-length, target=MAC length = min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy fail: source=MAC min-length, target=MAC length < min-length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=MAC min-length, target=MAC min-length, src > tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy key: source=MAC min-length, target=MAC min-length, src = tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=MAC min-length, target=MAC min-length, src < tgt depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0 Copy fail: source=MAC, target=MAC min-length > length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=MAC, target=MAC min-length = length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=MAC, target=MAC min-length < length depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC -copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=AEAD min-length, target=AEAD length > min-length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD length = min-length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0 Copy fail: source=AEAD min-length, target=AEAD length < min-length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=AEAD min-length, target=AEAD min-length, src > tgt depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD min-length, src = tgt depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD min-length, src < tgt depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 + +Copy key: source=MAC, target=MAC min-length = length, opaque +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 + +Copy key: source=MAC, target=MAC min-length < length, opaque +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 + +Copy key: source=AEAD min-length, target=AEAD length > min-length, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 + +Copy key: source=AEAD min-length, target=AEAD length = min-length, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0 + +Copy key: source=AEAD min-length, target=AEAD min-length, src > tgt, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 + +Copy key: source=AEAD min-length, target=AEAD min-length, src = tgt, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION )::PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 + +Copy key: source=AEAD min-length, target=AEAD min-length, src < tgt, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy fail: source=AEAD, target=AEAD min-length > length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy key: source=AEAD, target=AEAD min-length = length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD, target=AEAD min-length < length depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 + +Copy key: source=AEAD, target=AEAD min-length = length, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 + +Copy key: source=AEAD, target=AEAD min-length < length, opaque +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 Copy fail: RSA, incompatible target policy (source wildcard) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect type in attributes depends_on:PSA_WANT_KEY_TYPE_AES -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect size in attributes -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: AES, invalid persistent key identifier in attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT Copy fail: AES, invalid lifetime (unknown location) in attributes -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT, 11):PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_DRIVERS +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 11):PSA_ERROR_INVALID_ARGUMENT + +Copy fail: AES, across locations (unsupported) in attributes +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0):PSA_ERROR_NOT_SUPPORTED Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7e9a743e7e..2b5727345d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -17,6 +17,9 @@ #include "test/psa_exercise_key.h" #if defined(PSA_CRYPTO_DRIVER_TEST) #include "test/drivers/test_driver.h" +#define TEST_DRIVER_LOCATION PSA_CRYPTO_TEST_DRIVER_LOCATION +#else +#define TEST_DRIVER_LOCATION 0x7fffff #endif /* If this comes up, it's a bug in the test code or in the test data. */ @@ -1305,10 +1308,12 @@ exit: /* BEGIN_CASE */ void copy_success( int source_usage_arg, int source_alg_arg, int source_alg2_arg, + unsigned int source_lifetime_arg, int type_arg, data_t *material, int copy_attributes, int target_usage_arg, int target_alg_arg, int target_alg2_arg, + unsigned int target_lifetime_arg, int expected_usage_arg, int expected_alg_arg, int expected_alg2_arg ) { @@ -1317,6 +1322,8 @@ void copy_success( int source_usage_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; psa_algorithm_t expected_alg2 = expected_alg2_arg; + psa_key_lifetime_t source_lifetime = source_lifetime_arg; + psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *export_buffer = NULL; @@ -1328,6 +1335,7 @@ void copy_success( int source_usage_arg, psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); psa_set_key_type( &source_attributes, type_arg ); + psa_set_key_lifetime( &source_attributes, source_lifetime); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_key ) ); @@ -1337,9 +1345,8 @@ void copy_success( int source_usage_arg, if( copy_attributes ) { target_attributes = source_attributes; - /* Set volatile lifetime to reset the key identifier to 0. */ - psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE ); } + psa_set_key_lifetime( &target_attributes, target_lifetime); if( target_usage_arg != -1 ) psa_set_key_usage_flags( &target_attributes, target_usage_arg ); @@ -1348,6 +1355,7 @@ void copy_success( int source_usage_arg, if( target_alg2_arg != -1 ) psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + /* Copy the key. */ PSA_ASSERT( psa_copy_key( source_key, &target_attributes, &target_key ) ); @@ -1375,10 +1383,13 @@ void copy_success( int source_usage_arg, export_buffer, length ); } - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg ) ) - goto exit; - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg2 ) ) - goto exit; + if( !psa_key_lifetime_is_external( target_lifetime ) ) + { + if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg ) ) + goto exit; + if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg2 ) ) + goto exit; + } PSA_ASSERT( psa_destroy_key( target_key ) ); @@ -1398,6 +1409,7 @@ exit: /* BEGIN_CASE */ void copy_fail( int source_usage_arg, int source_alg_arg, int source_alg2_arg, + int source_lifetime_arg, int type_arg, data_t *material, int target_type_arg, int target_bits_arg, int target_usage_arg, @@ -1418,6 +1430,7 @@ void copy_fail( int source_usage_arg, psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); psa_set_key_type( &source_attributes, type_arg ); + psa_set_key_lifetime( &source_attributes, source_lifetime_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_key ) ); From 449608bc610aa4c126f064b8cd6ac1339c6356dc Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 8 Sep 2021 15:36:05 +0530 Subject: [PATCH 1054/1065] Code style improvements Signed-off-by: Archana --- library/psa_crypto.c | 32 ++--- library/psa_crypto_core.h | 2 +- library/psa_crypto_driver_wrappers.c | 35 ++--- library/psa_crypto_driver_wrappers.h | 3 +- tests/include/test/drivers/key_management.h | 15 +-- .../src/drivers/test_driver_key_management.c | 127 +++++++++--------- 6 files changed, 107 insertions(+), 107 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ee16983416..b105890fb3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -431,7 +431,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type, - size_t bits ) + size_t bits ) { /* Check that the bit size is acceptable for the key type */ switch( type ) @@ -558,7 +558,8 @@ psa_status_t psa_import_key_into_slot( { *bits = PSA_BYTES_TO_BITS( data_length ); - status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); + status = psa_validate_unstructured_key_bit_size( attributes->core.type, + *bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1892,7 +1893,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( data_length == 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* Ensure that the bytes-to-bits conversion hasn't overflown. */ + /* Ensure that the bytes-to-bits conversion cannot overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -1902,15 +1903,15 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, goto exit; /* In the case of a transparent key or an opaque key stored in local - * storage( thus not in the case of the old-style secure element interface - * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the - * imported key material. */ + * storage ( thus not in the case of importing a key in a secure element + * with storage ( MBEDTLS_PSA_CRYPTO_SE_C ) ),we have to allocate a + * buffer to hold the imported key material. */ if( slot->key.data == NULL ) { if( psa_key_lifetime_is_external( attributes->core.lifetime ) ) { - status = psa_driver_wrapper_get_key_buffer_size_from_key_data( attributes, data, - data_length , &storage_size ); + status = psa_driver_wrapper_get_key_buffer_size_from_key_data( + attributes, data, data_length, &storage_size ); if( status != PSA_SUCCESS ) goto exit; } @@ -2046,7 +2047,7 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, * If the source and target keys are stored across different locations, * the source key would need to be exported as plaintext and re-imported * in the other location. This has security implications which have not - * been fully mapped.For now, this can be acheived through + * been fully mapped. For now, this can be achieved through * appropriate API invocations from the application, if needed. * */ status = PSA_ERROR_NOT_SUPPORTED; @@ -2054,14 +2055,14 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, } /* * When the source and target keys are within the same location, - * - For transparent keys it is a blind copy sans any driver invocation, + * - For transparent keys it is a blind copy without any driver invocation, * - For opaque keys this translates to an invocation of the drivers' * copy_key entry point through the dispatch layer. * */ if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) ) { status = psa_driver_wrapper_get_key_buffer_size( &actual_attributes, - &storage_size ); + &storage_size ); if( status != PSA_SUCCESS ) goto exit; status = psa_allocate_buffer_to_slot( target_slot, storage_size ); @@ -4197,7 +4198,8 @@ static psa_status_t psa_generate_derived_key_internal( if( psa_key_lifetime_is_external( attributes.core.lifetime ) ) { - status = psa_driver_wrapper_get_key_buffer_size( &attributes, &storage_size ); + status = psa_driver_wrapper_get_key_buffer_size( &attributes, + &storage_size ); if( status != PSA_SUCCESS ) goto exit; } @@ -5193,9 +5195,9 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, goto exit; /* In the case of a transparent key or an opaque key stored in local - * storage( thus not in the case of the old-style secure element interface - * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the - * imported key material. */ + * storage ( thus not in the case of generating a key in a secure element + * with storage ( MBEDTLS_PSA_CRYPTO_SE_C ) ),we have to allocate a + * buffer to hold the generated key material. */ if( slot->key.data == NULL ) { if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 4a3fa5079b..8c91b04d03 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -546,5 +546,5 @@ psa_status_t psa_verify_hash_builtin( * the two is not supported. */ psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type, - size_t bits ); + size_t bits ); #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 1597b00d0f..00c17063af 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -380,10 +380,9 @@ psa_status_t psa_driver_wrapper_verify_hash( } } -/** calculate the key buffer size required to store the key material of a key +/** Calculate the key buffer size required to store the key material of a key * associated with an opaque driver from input key data. * - * * \param[in] attributes The key attributes * \param[in] data The input key data. * \param[in] data_length The input data length. @@ -399,7 +398,8 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( size_t data_length, size_t *key_buffer_size ) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); psa_key_type_t key_type = attributes->core.type; *key_buffer_size = 0; @@ -459,7 +459,8 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( return( PSA_SUCCESS ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - *key_buffer_size = mbedtls_test_opaque_size_function( key_type, key_bits ); + *key_buffer_size = mbedtls_test_opaque_size_function( key_type, + key_bits ); return( ( *key_buffer_size != 0 ) ? PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -785,20 +786,12 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_status_t psa_driver_wrapper_copy_key( psa_key_attributes_t *attributes, const uint8_t *source_key, size_t source_key_size, - uint8_t *target_key_buffer, size_t target_buffer_size, size_t *key_length ) + uint8_t *target_key_buffer, size_t target_key_buffer_size, + size_t *target_key_buffer_length ) { - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; - - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - /* Copying to a secure element is not implemented yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { @@ -808,16 +801,16 @@ psa_status_t psa_driver_wrapper_copy_key( return( mbedtls_test_opaque_copy_key( attributes, source_key, source_key_size, target_key_buffer, - target_buffer_size, - key_length ) ); + target_key_buffer_size, + target_key_buffer_length) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void)source_key; (void)source_key_size; (void)target_key_buffer; - (void)target_buffer_size; - (void)key_length; + (void)target_key_buffer_size; + (void)target_key_buffer_length; status = PSA_ERROR_INVALID_ARGUMENT; } return( status ); diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 7c45fbfce2..c186228fa0 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -103,7 +103,8 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_status_t psa_driver_wrapper_copy_key( psa_key_attributes_t *attributes, const uint8_t *source_key, size_t source_key_size, - uint8_t *target_key_buffer, size_t target_buffer_size, size_t *key_length ); + uint8_t *target_key_buffer, size_t target_key_buffer_size, + size_t *target_key_buffer_length ); /* * Cipher functions */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index ed0b5ebbca..16ee0b2160 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -51,19 +51,18 @@ static inline mbedtls_test_driver_key_management_hooks_t /* * In order to convert the plain text keys to Opaque, the size of the key is - * padded up by PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE in addition to xor mangling - * the key. The pad prefix needs to be accounted for while sizing for the key. + * padded up by PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE in addition to + * xor mangling the key. The pad prefix needs to be accounted for while + * sizing for the key. */ #define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX 0xBEEFED00U -#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE sizeof( PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX ) - -size_t mbedtls_test_opaque_get_base_size(); +#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE sizeof( \ + PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX ) size_t mbedtls_test_opaque_size_function( const psa_key_type_t key_type, const size_t key_bits ); - extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; @@ -118,8 +117,8 @@ psa_status_t mbedtls_test_opaque_copy_key( const uint8_t *source_key, size_t source_key_size, uint8_t *target_key_buffer, - size_t target_buffer_size, - size_t *key_length ); + size_t target_key_buffer_size, + size_t *target_key_buffer_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index fec0a3e484..2683edcd8c 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -58,11 +58,13 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = /* - * This macro returns the base size for the key context when SE does not support storage. - * It is the size of the metadata that gets added to the wrapped key. - * In its test functionality the metadata is just some padded prefixing to the key. + * This macro returns the base size for the key context when SE does not + * support storage. It is the size of the metadata that gets added to the + * wrapped key. In its test functionality the metadata is just some padded + * prefixing to the key. */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \ + PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE size_t mbedtls_test_opaque_size_function( @@ -80,62 +82,70 @@ size_t mbedtls_test_opaque_size_function( return( key_buffer_size ); } -size_t mbedtls_test_opaque_get_base_size() +static size_t mbedtls_test_opaque_get_base_size() { return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; } /* - * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the clear key. - * It expects the clear and wrap buffers to be passed in. - * key_buffer_size is the size of the clear key to be wrapped. - * wrap_buffer_size is the size of the output buffer wrap_key. - * The argument key_buffer_length is filled with the wrapped key_size on success. + * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the + * clear key. It expects the clear and wrap buffers to be passed in. + * key_length is the size of the clear key to be wrapped. + * wrapped_key_buffer_size is the size of the output buffer wrap_key. + * The argument wrapped_key_buffer_length is filled with the wrapped + * key_size on success. * */ static psa_status_t mbedtls_test_opaque_wrap_key( - const uint8_t *key_buffer, - size_t key_buffer_size, - uint8_t *wrap_key, - size_t wrap_buffer_size, - size_t *key_buffer_length ) + const uint8_t *key, + size_t key_length, + uint8_t *wrapped_key_buffer, + size_t wrapped_key_buffer_size, + size_t *wrapped_key_buffer_length ) { - size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); - uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX; - if( key_buffer_size + opaque_key_base_size > wrap_buffer_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - /* Write in the opaque pad prefix */ - memcpy( wrap_key, &prefix, opaque_key_base_size); - wrap_key += opaque_key_base_size; - *key_buffer_length = key_buffer_size + opaque_key_base_size; - while( key_buffer_size-- ) - wrap_key[key_buffer_size] = key_buffer[key_buffer_size] ^ 0xFF; - return( PSA_SUCCESS ); + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX; + + if( key_length + opaque_key_base_size > wrapped_key_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + /* Write in the opaque pad prefix */ + memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size); + wrapped_key_buffer += opaque_key_base_size; + *wrapped_key_buffer_length = key_length + opaque_key_base_size; + + while( key_length-- ) + wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF; + return( PSA_SUCCESS ); } /* - * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix and unwraps - * the wrapped key. It expects the clear and wrap buffers to be passed in. - * wrapped_key_buffer_size is the size of the wrapped key, + * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix + * and unwraps the wrapped key. It expects the clear and wrap buffers to be + * passed in. + * wrapped_key_length is the size of the wrapped key, * key_buffer_size is the size of the output buffer clear_key. - * The argument key_buffer_length is filled with the unwrapped(clear) key_size on success. + * The argument key_buffer_length is filled with the unwrapped(clear) + * key_size on success. * */ static psa_status_t mbedtls_test_opaque_unwrap_key( const uint8_t *wrapped_key, - size_t wrapped_key_buffer_size, + size_t wrapped_key_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - /* Remove the pad prefis from the wrapped key */ - size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); - size_t clear_key_size = wrapped_key_buffer_size - opaque_key_base_size; - wrapped_key += opaque_key_base_size; - if( clear_key_size > key_buffer_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - *key_buffer_length = clear_key_size; - while( clear_key_size-- ) - key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF; - return( PSA_SUCCESS ); + /* Remove the pad prefix from the wrapped key */ + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + size_t clear_key_size = wrapped_key_length - opaque_key_base_size; + + wrapped_key += opaque_key_base_size; + if( clear_key_size > key_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + *key_buffer_length = clear_key_size; + while( clear_key_size-- ) + key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF; + return( PSA_SUCCESS ); } psa_status_t mbedtls_test_transparent_generate_key( @@ -257,21 +267,22 @@ psa_status_t mbedtls_test_opaque_import_key( size_t *key_buffer_length, size_t *bits) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); - /* This buffer will be used as an intermediate placeholder for the clear - * key till we wrap it */ + /* This buffer will be used as an intermediate placeholder for + * the clear key till we wrap it */ uint8_t *key_buffer_temp; - key_buffer_temp = mbedtls_calloc( 1, key_buffer_size ); - if( !key_buffer_temp ) + key_buffer_temp = mbedtls_calloc( 1, key_buffer_size ); + if( key_buffer_temp == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) { *bits = PSA_BYTES_TO_BITS( data_length ); - status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits ); + status = psa_validate_unstructured_key_bit_size( attributes->core.type, + *bits ); if( status != PSA_SUCCESS ) goto exit; @@ -311,13 +322,6 @@ psa_status_t mbedtls_test_opaque_import_key( #endif { status = PSA_ERROR_INVALID_ARGUMENT; - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; goto exit; } status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length, @@ -389,10 +393,10 @@ psa_status_t mbedtls_test_opaque_export_key( } else { - /* This buffer will be used as an intermediate placeholder for the opaque key - * till we unwrap the key into key_buffer */ + /* This buffer will be used as an intermediate placeholder for + * the opaque key till we unwrap the key into key_buffer */ uint8_t *key_buffer_temp; - size_t status = PSA_ERROR_BUFFER_TOO_SMALL; + size_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) || @@ -400,7 +404,7 @@ psa_status_t mbedtls_test_opaque_export_key( PSA_KEY_TYPE_IS_ECC( type ) ) { key_buffer_temp = mbedtls_calloc( 1, key_length ); - if( !key_buffer_temp ) + if( key_buffer_temp == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); memcpy( key_buffer_temp, key, key_length ); status = mbedtls_test_opaque_unwrap_key( key_buffer_temp, key_length, @@ -475,12 +479,14 @@ psa_status_t mbedtls_test_opaque_export_public_key( { if( key_length != sizeof( psa_drv_slot_number_t ) ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t key_type = psa_get_key_type( attributes ); uint8_t *key_buffer_temp; + key_buffer_temp = mbedtls_calloc( 1, key_length ); - if( !key_buffer_temp ) + if( key_buffer_temp == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); + #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( key_type ) ) @@ -512,7 +518,6 @@ psa_status_t mbedtls_test_opaque_export_public_key( { status = PSA_ERROR_NOT_SUPPORTED; (void)key; - (void)key_length; (void)key_type; } mbedtls_free( key_buffer_temp ); From 374fe5b8d2da303166dffaa27ddcc47f8367471e Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 8 Sep 2021 15:50:28 +0530 Subject: [PATCH 1055/1065] Handle zeroed attributes key bits and type in copy The target attributes for key copy could have key bits and type zeroed. If so, they need to be overwritten/ inherited from the source key. This is now forcefully overwritten after validating the optional attributes. As a result assigning attributes type and bits after copy are no longer necessary. Signed-off-by: Archana --- library/psa_crypto.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b105890fb3..906e9b4579 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2000,9 +2000,6 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, if( status != PSA_SUCCESS ) return( status ); - target->attr.type = source->attr.type; - target->attr.bits = source->attr.bits; - return( PSA_SUCCESS ); } @@ -2030,6 +2027,15 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) goto exit; + /* The actual attributes that we received from the user could have + * zero values for key bits and type.These optional attributes + * have been validated and so it is safe to inherit these + * from the source key. + * */ + actual_attributes.core.bits = source_slot->attr.bits; + actual_attributes.core.type = source_slot->attr.type; + + status = psa_restrict_key_policy( source_slot->attr.type, &actual_attributes.core.policy, &source_slot->attr.policy ); @@ -2065,9 +2071,11 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, &storage_size ); if( status != PSA_SUCCESS ) goto exit; + status = psa_allocate_buffer_to_slot( target_slot, storage_size ); if( status != PSA_SUCCESS ) goto exit; + status = psa_driver_wrapper_copy_key( &actual_attributes, source_slot->key.data, source_slot->key.bytes, From 74d99c6bfcf911945185317802177d380a9b4623 Mon Sep 17 00:00:00 2001 From: Archana Date: Wed, 8 Sep 2021 18:50:20 +0530 Subject: [PATCH 1056/1065] Add a test to validate copy to read only lifetime Signed-off-by: Archana --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 94a4c71f56..25234fb6a8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1401,6 +1401,10 @@ Copy fail: AES, invalid lifetime (unknown location) in attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_DRIVERS copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 11):PSA_ERROR_INVALID_ARGUMENT +Copy fail: AES, copy to a readonly lifetime in attributes +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_READ_ONLY, 0 ):PSA_ERROR_INVALID_ARGUMENT + Copy fail: AES, across locations (unsupported) in attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0):PSA_ERROR_NOT_SUPPORTED From a316b7e42b231f8bb7dd34f567ae9242292c0728 Mon Sep 17 00:00:00 2001 From: Archana Date: Thu, 9 Sep 2021 08:45:19 +0530 Subject: [PATCH 1057/1065] Rebase and update signature for curve448 tests Also include the opaque test cases for curve448 vectors. Signed-off-by: Archana --- tests/suites/test_suite_psa_crypto.data | 30 ++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 25234fb6a8..a0efba3bd6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -311,19 +311,19 @@ import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fb PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 -import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:1 +import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:1 PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 -import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 +import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:0 PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 -import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" +import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 -import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" +import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public: cannot export-public a symmetric key depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C @@ -347,7 +347,7 @@ import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 -import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:448:0:PSA_SUCCESS:0 +import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:0 PSA import/export AES key: policy forbids export depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES @@ -437,6 +437,22 @@ PSA import/export-public EC curve25519: accept masked input, opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:1 + +PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 + +PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" + +PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" + PSA import/export-public: cannot export-public a symmetric key, opaque depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" @@ -457,6 +473,10 @@ PSA import/export curve25519 public key: good, opaque depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 +PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice), opaque +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 + PSA import/export AES key: policy forbids export, opaque depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_ERROR_NOT_PERMITTED:1 From 9a2b6ff8f24a81cf837476d55b8c0d2aee3f99af Mon Sep 17 00:00:00 2001 From: Archana Date: Thu, 9 Sep 2021 12:28:24 +0530 Subject: [PATCH 1058/1065] Fix test vector dependency Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with test drivers. Signed-off-by: Archana --- tests/suites/test_suite_psa_crypto.data | 182 ++++++++++++------------ 1 file changed, 91 insertions(+), 91 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a0efba3bd6..d9eafc0277 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -23,27 +23,27 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:256:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_CRYPTO_DRIVER_TEST import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_CRYPTO_DRIVER_TEST import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_CRYPTO_DRIVER_TEST import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_SUCCESS:1 PSA import/export AES-192, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):192:0:PSA_SUCCESS:1 PSA import/export AES-256, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import: bad usage flag @@ -106,55 +106,55 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_SUCCESS:0 PSA import/export RSA public key: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated @@ -190,19 +190,19 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) @@ -214,11 +214,11 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1016:0:PSA_SUCCESS:1 PSA import/export RSA public key: 1016-bit (good), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) @@ -366,131 +366,131 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export EC secp224r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY::PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export EC curve25519 key pair: good (already properly masked), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:0 PSA import/export-public EC curve25519: accept unmasked input, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public EC curve25519: accept masked input, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:1 PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public: cannot export-public a symmetric key, opaque -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" PSA import/export EC secp256r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export curve25519 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 PSA import/export AES key: policy forbids export, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export, opaque -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:PSA_CRYPTO_DRIVER_TEST import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS @@ -1164,99 +1164,99 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KE copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy key: raw, 1 byte, opaque -depends_on:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY:0:0 Copy key: AES, copy attributes, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, same usage flags, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-EXPORT), opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-COPY), opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, 1 more usage flag, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, 2 more usage flags, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #1, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #2, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, extended usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag @@ -1335,31 +1335,31 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy key: source=MAC, target=MAC min-length = length, opaque -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=MAC, target=MAC min-length < length, opaque -depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0 Copy key: source=AEAD min-length, target=AEAD length > min-length, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD length = min-length, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0 Copy key: source=AEAD min-length, target=AEAD min-length, src > tgt, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD min-length, src = tgt, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION )::PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD min-length, target=AEAD min-length, src < tgt, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0 Copy fail: source=AEAD, target=AEAD min-length > length @@ -1375,11 +1375,11 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 Copy key: source=AEAD, target=AEAD min-length = length, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0 Copy key: source=AEAD, target=AEAD min-length < length, opaque -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 Copy fail: RSA, incompatible target policy (source wildcard) @@ -1426,7 +1426,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_READ_ONLY, 0 ):PSA_ERROR_INVALID_ARGUMENT Copy fail: AES, across locations (unsupported) in attributes -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_DRIVERS +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0):PSA_ERROR_NOT_SUPPORTED Hash operation object initializers zero properly From 9d17bf42152a6ae2731d6cbcb6e4a8dc39c69f49 Mon Sep 17 00:00:00 2001 From: Archana Date: Fri, 10 Sep 2021 06:22:44 +0530 Subject: [PATCH 1059/1065] Styling and refactoring Signed-off-by: Archana --- library/psa_crypto.c | 30 +++++---------- library/psa_crypto_driver_wrappers.c | 17 +++++++-- library/psa_crypto_driver_wrappers.h | 2 +- tests/include/test/drivers/key_management.h | 2 +- .../src/drivers/test_driver_key_management.c | 37 ++++++++++--------- tests/suites/test_suite_psa_crypto.function | 14 +++---- 6 files changed, 53 insertions(+), 49 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 906e9b4579..bcbaa3d68a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1991,18 +1991,6 @@ exit: } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, - psa_key_slot_t *target ) -{ - psa_status_t status = psa_copy_key_material_into_slot( target, - source->key.data, - source->key.bytes ); - if( status != PSA_SUCCESS ) - return( status ); - - return( PSA_SUCCESS ); -} - psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, const psa_key_attributes_t *specified_attributes, mbedtls_svc_key_id_t *target_key ) @@ -2027,13 +2015,13 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) goto exit; - /* The actual attributes that we received from the user could have - * zero values for key bits and type.These optional attributes - * have been validated and so it is safe to inherit these - * from the source key. + /* The target key type and number of bits have been validated by + * psa_validate_optional_attributes() to be either equal to zero or + * equal to the ones of the source key. So it is safe to inherit + * them from the source key now." * */ - actual_attributes.core.bits = source_slot->attr.bits; - actual_attributes.core.type = source_slot->attr.type; + actual_attributes.core.bits = source_slot->attr.bits; + actual_attributes.core.type = source_slot->attr.type; status = psa_restrict_key_policy( source_slot->attr.type, @@ -2050,7 +2038,7 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, PSA_KEY_LIFETIME_GET_LOCATION( source_slot->attr.lifetime ) ) { /* - * If the source and target keys are stored across different locations, + * If the source and target keys are stored in different locations, * the source key would need to be exported as plaintext and re-imported * in the other location. This has security implications which have not * been fully mapped. For now, this can be achieved through @@ -2087,7 +2075,9 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, } else { - status = psa_copy_key_material( source_slot, target_slot ); + status = psa_copy_key_material_into_slot( target_slot, + source_slot->key.data, + source_slot->key.bytes ); if( status != PSA_SUCCESS ) goto exit; } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 00c17063af..4123d8a560 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -785,7 +785,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_status_t psa_driver_wrapper_copy_key( psa_key_attributes_t *attributes, - const uint8_t *source_key, size_t source_key_size, + const uint8_t *source_key, size_t source_key_length, uint8_t *target_key_buffer, size_t target_key_buffer_size, size_t *target_key_buffer_length ) { @@ -793,13 +793,24 @@ psa_status_t psa_driver_wrapper_copy_key( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + /* Copying to a secure element is not implemented yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + switch( location ) { #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( mbedtls_test_opaque_copy_key( attributes, source_key, - source_key_size, + source_key_length, target_key_buffer, target_key_buffer_size, target_key_buffer_length) ); @@ -807,7 +818,7 @@ psa_status_t psa_driver_wrapper_copy_key( #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void)source_key; - (void)source_key_size; + (void)source_key_length; (void)target_key_buffer; (void)target_key_buffer_size; (void)target_key_buffer_length; diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index c186228fa0..c6e3d51a39 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -102,7 +102,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_status_t psa_driver_wrapper_copy_key( psa_key_attributes_t *attributes, - const uint8_t *source_key, size_t source_key_size, + const uint8_t *source_key, size_t source_key_length, uint8_t *target_key_buffer, size_t target_key_buffer_size, size_t *target_key_buffer_length ); /* diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 16ee0b2160..d147568cdc 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -115,7 +115,7 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( psa_status_t mbedtls_test_opaque_copy_key( psa_key_attributes_t *attributes, const uint8_t *source_key, - size_t source_key_size, + size_t source_key_length, uint8_t *target_key_buffer, size_t target_key_buffer_size, size_t *target_key_buffer_length); diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 2683edcd8c..61ebc8aa1a 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -75,7 +75,7 @@ size_t mbedtls_test_opaque_size_function( key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ); if( key_buffer_size == 0 ) - return( key_buffer_size ); + return( 0 ); /* Include spacing for base size overhead over the key size * */ key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; @@ -109,7 +109,7 @@ static psa_status_t mbedtls_test_opaque_wrap_key( return( PSA_ERROR_BUFFER_TOO_SMALL ); /* Write in the opaque pad prefix */ - memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size); + memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size ); wrapped_key_buffer += opaque_key_base_size; *wrapped_key_buffer_length = key_length + opaque_key_base_size; @@ -136,7 +136,12 @@ static psa_status_t mbedtls_test_opaque_unwrap_key( { /* Remove the pad prefix from the wrapped key */ size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); - size_t clear_key_size = wrapped_key_length - opaque_key_base_size; + size_t clear_key_size; + + /* Check for underflow */ + if( wrapped_key_length < opaque_key_base_size ) + return( PSA_ERROR_DATA_CORRUPT ); + clear_key_size = wrapped_key_length - opaque_key_base_size; wrapped_key += opaque_key_base_size; if( clear_key_size > key_buffer_size ) @@ -281,11 +286,14 @@ psa_status_t mbedtls_test_opaque_import_key( { *bits = PSA_BYTES_TO_BITS( data_length ); - status = psa_validate_unstructured_key_bit_size( attributes->core.type, + status = psa_validate_unstructured_key_bit_size( type, *bits ); if( status != PSA_SUCCESS ) goto exit; + if( data_length > key_buffer_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + /* Copy the key material accounting for opaque key padding. */ memcpy( key_buffer_temp, data, data_length ); *key_buffer_length = data_length; @@ -327,7 +335,7 @@ psa_status_t mbedtls_test_opaque_import_key( status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length, key_buffer, key_buffer_size, key_buffer_length ); exit: - free( key_buffer_temp ); + mbedtls_free( key_buffer_temp ); return( status ); } @@ -395,21 +403,15 @@ psa_status_t mbedtls_test_opaque_export_key( { /* This buffer will be used as an intermediate placeholder for * the opaque key till we unwrap the key into key_buffer */ - uint8_t *key_buffer_temp; - size_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) || PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) { - key_buffer_temp = mbedtls_calloc( 1, key_length ); - if( key_buffer_temp == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( key_buffer_temp, key, key_length ); - status = mbedtls_test_opaque_unwrap_key( key_buffer_temp, key_length, + status = mbedtls_test_opaque_unwrap_key( key, key_length, data, data_size, data_length ); - mbedtls_free( key_buffer_temp ); return( status ); } } @@ -614,7 +616,7 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( psa_status_t mbedtls_test_opaque_copy_key( psa_key_attributes_t *attributes, - const uint8_t *source_key_buffer, size_t source_key_buffer_size, + const uint8_t *source_key, size_t source_key_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { /* This is a case where the opaque test driver emulates an SE without storage. @@ -623,10 +625,11 @@ psa_status_t mbedtls_test_opaque_copy_key( * copied keys. This could change when the opaque test driver is extended * to support SE with storage, or to emulate an SE without storage but * still holding some slot references */ - if( source_key_buffer_size > key_buffer_size ) + if( source_key_length > key_buffer_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( key_buffer, source_key_buffer, source_key_buffer_size ); - *key_buffer_length = source_key_buffer_size; + + memcpy( key_buffer, source_key, source_key_length ); + *key_buffer_length = source_key_length; (void)attributes; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2b5727345d..01e5d5939b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -564,18 +564,18 @@ void import_export( data_t *data, { mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, - &key2 ) ); + &key2 ) ); PSA_ASSERT( psa_export_key( key2, - reexported, - export_size, - &reexported_length ) ); + reexported, + export_size, + &reexported_length ) ); ASSERT_COMPARE( exported, exported_length, reexported, reexported_length ); PSA_ASSERT( psa_destroy_key( key2 ) ); } TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, - psa_get_key_bits( &got_attributes ) ) ); + psa_get_key_bits( &got_attributes ) ) ); TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); destroy: @@ -629,8 +629,8 @@ void import_export_public_key( data_t *data, /* Export the public key */ ASSERT_ALLOC( exported, export_size ); status = psa_export_public_key( key, - exported, export_size, - &exported_length ); + exported, export_size, + &exported_length ); TEST_EQUAL( status, expected_export_status ); if( status == PSA_SUCCESS ) { From 55dffe58a010298d81aa23832e2a3e4abb6d00f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Sep 2021 09:33:28 +0200 Subject: [PATCH 1060/1065] Document the internal function psa_cipher_update_ecb Signed-off-by: Gilles Peskine --- library/psa_crypto_cipher.c | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index d8c722bb1b..f67b1ffed2 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -255,10 +255,30 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, iv, iv_length ) ) ); } -/* Process input for which the algorithm is set to ECB mode. This requires - * manual processing, since the PSA API is defined as being able to process - * arbitrary-length calls to psa_cipher_update() with ECB mode, but the - * underlying mbedtls_cipher_update only takes full blocks. */ +/** Process input for which the algorithm is set to ECB mode. + * + * This requires manual processing, since the PSA API is defined as being + * able to process arbitrary-length calls to psa_cipher_update() with ECB mode, + * but the underlying mbedtls_cipher_update only takes full blocks. + * + * \param ctx The mbedtls cipher context to use. It must have been + * set up for ECB. + * \param[in] input The input plaintext or ciphertext to process. + * \param input_length The number of bytes to process from \p input. + * This does not need to be aligned to a block boundary. + * If there is a partial block at the end of the input, + * it is stored in \p ctx for future processing. + * \param output The buffer where the output is written. + * \param output_size The size of \p output in bytes. + * It must be at least `floor((p + input_length) / BS)` + * where `p` is the number of bytes in the unprocessed + * partial block in \p ctx (`0 <= p <= BS - 1`) and + * `BS` is the block size. + * \param output_length On success, the number of bytes written to \p output. + * \c 0 on error. + * + * \return #PSA_SUCCESS or an error from a hardware accelerator + */ static psa_status_t psa_cipher_update_ecb( mbedtls_cipher_context_t *ctx, const uint8_t *input, From 1716f3286419bc68071d69db15daa5480c68df70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Sep 2021 09:36:28 +0200 Subject: [PATCH 1061/1065] psa_cipher_update_ecb: remove parameter output_size This parameter was set but not used, which was pointless. Clang 14 detects this and legitimately complains. Remove the parameter. This is an internal function, only called once. The caller already has a sufficient check on the output buffer size which applies in more cases, so there is no real gain in robustness in adding the same check inside the internal function. Signed-off-by: Gilles Peskine --- ChangeLog.d/psa_cipher_update_ecp.txt | 2 ++ library/psa_crypto_cipher.c | 9 ++------- 2 files changed, 4 insertions(+), 7 deletions(-) create mode 100644 ChangeLog.d/psa_cipher_update_ecp.txt diff --git a/ChangeLog.d/psa_cipher_update_ecp.txt b/ChangeLog.d/psa_cipher_update_ecp.txt new file mode 100644 index 0000000000..1c3fbc6b18 --- /dev/null +++ b/ChangeLog.d/psa_cipher_update_ecp.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935. diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index f67b1ffed2..5c78c23114 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -268,9 +268,8 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, * This does not need to be aligned to a block boundary. * If there is a partial block at the end of the input, * it is stored in \p ctx for future processing. - * \param output The buffer where the output is written. - * \param output_size The size of \p output in bytes. - * It must be at least `floor((p + input_length) / BS)` + * \param output The buffer where the output is written. Its size + * must be at least `floor((p + input_length) / BS)` * where `p` is the number of bytes in the unprocessed * partial block in \p ctx (`0 <= p <= BS - 1`) and * `BS` is the block size. @@ -284,7 +283,6 @@ static psa_status_t psa_cipher_update_ecb( const uint8_t *input, size_t input_length, uint8_t *output, - size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -324,7 +322,6 @@ static psa_status_t psa_cipher_update_ecb( goto exit; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; ctx->unprocessed_len = 0; } @@ -345,7 +342,6 @@ static psa_status_t psa_cipher_update_ecb( input += block_size; output += internal_output_length; - output_size -= internal_output_length; *output_length += internal_output_length; } @@ -400,7 +396,6 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, input, input_length, output, - output_size, output_length ); } else From d87d87371f4e3d51be50313a4c2ec26a38ba6d21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Sep 2021 12:20:51 +0200 Subject: [PATCH 1062/1065] Fix the size in bytes Signed-off-by: Gilles Peskine --- library/psa_crypto_cipher.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 5c78c23114..2268fc5850 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -268,11 +268,11 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, * This does not need to be aligned to a block boundary. * If there is a partial block at the end of the input, * it is stored in \p ctx for future processing. - * \param output The buffer where the output is written. Its size - * must be at least `floor((p + input_length) / BS)` - * where `p` is the number of bytes in the unprocessed - * partial block in \p ctx (`0 <= p <= BS - 1`) and - * `BS` is the block size. + * \param output The buffer where the output is written. It must be + * at least `BS * floor((p + input_length) / BS)` bytes + * long, where `p` is the number of bytes in the + * unprocessed partial block in \p ctx (with + * `0 <= p <= BS - 1`) and `BS` is the block size. * \param output_length On success, the number of bytes written to \p output. * \c 0 on error. * From d337fbc4cb1ded1d58a1c4fe92aa9988d68ec1f3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Sep 2021 00:13:05 +0200 Subject: [PATCH 1063/1065] x86_64 MULADDC assembly: add missing constraints about memory MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is repeated up to 16 times, and %%rsi and %%rdi are s and d on entry respectively. Hence the complete asm statement reads 16 64-bit words from memory starting at s, and writes 16 64-bit words starting at d. Without any declaration of modified memory, Clang 12 and Clang 13 generated non-working code for mbedtls_mpi_mod_exp. The constraints make the unit tests pass with Clang 12. Signed-off-by: Gilles Peskine --- ChangeLog.d/muladdc-amd64-memory.txt | 3 +++ library/bn_mul.h | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/muladdc-amd64-memory.txt diff --git a/ChangeLog.d/muladdc-amd64-memory.txt b/ChangeLog.d/muladdc-amd64-memory.txt new file mode 100644 index 0000000000..1803e423d8 --- /dev/null +++ b/ChangeLog.d/muladdc-amd64-memory.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix missing constraints on x86_64 assembly code for bignum multiplication + that broke some bignum operations with (at least) Clang 12. Fixes #4786. diff --git a/library/bn_mul.h b/library/bn_mul.h index 6ddffc4765..328e765008 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -225,9 +225,9 @@ "addq $8, %%rdi\n" #define MULADDC_STOP \ - : "+c" (c), "+D" (d), "+S" (s) \ - : "b" (b) \ - : "rax", "rdx", "r8" \ + : "+c" (c), "+D" (d), "+S" (s), "+m" (*(uint64_t (*)[16]) d) \ + : "b" (b), "m" (*(const uint64_t (*)[16]) s) \ + : "rax", "rdx", "r8" \ ); #endif /* AMD64 */ From 5b1df10470f901a8cc2855f74137959176e0f2e2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 Sep 2021 17:04:31 +0200 Subject: [PATCH 1064/1065] Update the list of issues fixed This had actually been reported multiple times. Signed-off-by: Gilles Peskine --- ChangeLog.d/muladdc-amd64-memory.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/muladdc-amd64-memory.txt b/ChangeLog.d/muladdc-amd64-memory.txt index 1803e423d8..b834331671 100644 --- a/ChangeLog.d/muladdc-amd64-memory.txt +++ b/ChangeLog.d/muladdc-amd64-memory.txt @@ -1,3 +1,4 @@ Bugfix * Fix missing constraints on x86_64 assembly code for bignum multiplication - that broke some bignum operations with (at least) Clang 12. Fixes #4786. + that broke some bignum operations with (at least) Clang 12. + Fixes #4116, #4786, #4917. From 133740b74e0cbdb078c1194bf7271e413d645bf7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 17 Sep 2021 09:38:07 +0200 Subject: [PATCH 1065/1065] tests: Improve incomplete then overflow tests Signed-off-by: Ronald Cron --- tests/suites/test_suite_ccm.function | 34 ++++++++-------------------- 1 file changed, 10 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 472be64540..e48b1f990a 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -646,16 +646,10 @@ void mbedtls_ccm_incomplete_ad_and_overflow( int cipher_id, int mode, data_t * add ) { mbedtls_ccm_context ctx; + uint8_t add_second_buffer[2]; - /* New auth buffer containing same data as original one, - * with added extra byte at the end */ - uint8_t* add_extended = NULL; - ASSERT_ALLOC( add_extended, add->len + 1 ); - if( add_extended ) - { - memcpy( add_extended, add->x, add->len ); - add_extended[add->len] = 0xAB; // some magic value - } + add_second_buffer[0] = add->x[ add->len - 1 ]; + add_second_buffer[1] = 0xAB; // some magic value mbedtls_ccm_init( &ctx ); TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); @@ -664,11 +658,10 @@ void mbedtls_ccm_incomplete_ad_and_overflow( int cipher_id, int mode, TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) ); // pass incomplete auth data - TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add_extended, add->len - 1) ); + TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len - 1) ); // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte) - TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add_extended + add->len - 1, 2) ); + TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add_second_buffer, 2) ); exit: - mbedtls_free( add_extended ); mbedtls_ccm_free( &ctx ); } /* END_CASE */ @@ -775,16 +768,10 @@ void mbedtls_ccm_incomplete_update_overflow( int cipher_id, int mode, mbedtls_ccm_context ctx; uint8_t *output = NULL; size_t olen; + uint8_t msg_second_buffer[2]; - /* New plaintext/ciphertext buffer containing same data as original one, - * with added extra byte at the end */ - uint8_t* msg_extended = NULL; - ASSERT_ALLOC( msg_extended, msg->len + 1 ); - if( msg_extended ) - { - memcpy( msg_extended, msg->x, msg->len ); - msg_extended[msg->len] = 0xAB; // some magic value - } + msg_second_buffer[0] = msg->x[ msg->len - 1 ]; + msg_second_buffer[1] = 0xAB; // some magic value mbedtls_ccm_init( &ctx ); TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 ); @@ -796,12 +783,11 @@ void mbedtls_ccm_incomplete_update_overflow( int cipher_id, int mode, ASSERT_ALLOC( output, msg->len + 1 ); // pass incomplete text - TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg_extended, msg->len - 1, output, msg->len + 1, &olen ) ); + TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len - 1, output, msg->len + 1, &olen ) ); // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte) TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \ - mbedtls_ccm_update( &ctx, msg_extended + msg->len - 1, 2, output + msg->len - 1, 2, &olen ) ); + mbedtls_ccm_update( &ctx, msg_second_buffer, 2, output + msg->len - 1, 2, &olen ) ); exit: - mbedtls_free( msg_extended ); mbedtls_free( output ); mbedtls_ccm_free( &ctx ); }